Lex Crumpton

The exploitation of critical zero-day vulnerabilities in Microsoft SharePoint highlights that adversaries don’t always need new tools to succeed. By chaining familiar techniques with newly discovered flaws, they can bypass defenses without deploying novel malware or infrastructure. Sometimes, all it …

Infiltrating Defenses: Abusing VMware in MITRE's Cyber Intrusion

By Lex Crumpton, Charles Clancy in Blog,

May 22, 2024

This is the third and final blog post in a series detailing MITRE’s encounter with a state-sponsored cyber threat actor in our research and experimentation network, NERVE. It builds upon the insights shared in our April 19, 2024 post, “Advanced Cyber Threats Impact Even the Most Prepared” and May 3, …

Can You Detect What You Can’t Predict? Lessons from SharePoint Vulnerability CVE-2025-53770

Infiltrating Defenses: Abusing VMware in MITRE's Cyber Intrusion

Categories

Tags

About the Center

Get Involved

Member Resources

Public Resources

Blog Contributor

Can You Detect What You Can’t Predict? Lessons from SharePoint Vulnerability CVE-2025-53770

Infiltrating Defenses: Abusing VMware in MITRE's Cyber Intrusion

Categories

Tags