tldr - powered by Generative AI

• MITRE Corporation disclosed cyber attack evidence dating back to December 31, 2023
• Attack targeted MITRE's NERVE network through Ivanti Connect Secure zero-day vulnerabilities
• Adversary used backdoors and web shells to maintain persistence and harvest credentials
• Adversary dropped ROOTROT web shell for initial access, linked to China-nexus cyber espionage cluster UNC5221
• Threat actor deployed additional web shells like BRICKSTORM, BEEFLUSH, WIREFIRE for communication and data exfiltration