MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs

The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months. [TechWeb]( Follow Dark Reading: [RSS]( April 23, 2024 LATEST SECURITY NEWS & COMMENTARY [MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs]( The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months. [Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs]( State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices. [ToddyCat APT Is Stealing Data on 'Industrial Scale']( The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data. [Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar]( An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials. [Zero Trust Takes Over: 63% of Orgs Implementing Globally]( Though organizations are increasingly incorporating zero-trust strategies, for many, these strategies fail to address the entirety of an operation, according to Gartner. [Where Hackers Find Your Weak Spots]( The five intelligence sources that power social engineering scams. [(Sponsored Article) Commercial WebApp Security Tools Are Too Restrictive]( Limits imposed by commercial WebApp dynamic application security testing (DAST) tools are counterproductive because they treat security as a luxury. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [FBI Director Wray Issues Dire Warning on China's Cybersecurity Threat]( Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said. [AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election]( Securing the presidential election requires vigilance and hardened cybersecurity defenses. ['MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity]( Malformed DOS paths in file-naming nomenclature in Windows could be used to conceal malicious content, files, and processes. [Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware]( It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine. [MORE]( PRODUCTS & RELEASES [Miggo Launches Application Detection and Response (ADR) Solution]( [Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center]( [Redgate Launches Enterprise Edition of Redgate Monitor]( [BeyondTrust Acquires Entitle, Strengthening Privileged Identity Security Platform]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam]( CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials. LATEST FROM THE EDGE [Countering Voice Fraud in the Age of AI]( Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools that help organizations and people protect themselves against the devious combination. LATEST FROM DR TECHNOLOGY [Open Source Tool Looks for Signals in Noisy AWS Cloud Logs]( Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks. LATEST FROM DR GLOBAL [Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros]( Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some cases, individual consultants — to obtain licenses to do business, but concerns remain. WEBINARS - [Finding Your Way on the Path to Zero Trust]( - [Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Application Security's New Mandate in a DevOps World]( - [How Enterprises Secure Their Applications]( - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [Understanding Today's Threat Actors]( - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [A Solution Guide to Operational Technology Cybersecurity]( - [Demystifying Zero Trust in OT]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123003&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_04.23.24&sp_cid=53153&utm_content=DR_NL_Dark%20Reading%20Daily_04.23.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#73 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)