Tag: ROOTROT

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
News

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion

Further information about the previously publicized cyberattack has been provided by the MITRE Corporation, which claims that the first indication of the infiltration now dates back to December 31, 2023. This attack was discovered a month ago and targeted MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE) by taking use of two zero-day vulnerabilities in Ivanti Connect Secure, which are identified as CVE-2023–46805 and CVE–2024–21887, respectively. Using a hacked administrator account, the attacker moved about the research network via VMware infrastructure. To stay persistent and obtain credentials, the attacker used a mix of web shells and backdoors, according to MITRE. Although the organization had previously revealed that the attackers began con...