The MITRE Corporation was a victim of a cyber attack in late December 2023. It exploited zero-day flaws in Ivanti Connect Secure and created rogue virtual machines (VMs) within the VMware environment. This maneuver enabled them to avoid detection while maintaining persistent access. The attackers also deployed a web shell to launch a Python-based tunneling tool. Effective countermeasures suggested include enabling secure boot and using certain scripts to identify potential threats.
How HHS helps track and arrest ransomware suspects – Healthcare IT News
The U.S. Department of Health and Human Services (HHS) plays a crucial role in tracking and arresting ransomware suspects by providing technical support in investigations,