BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

which they used to reset local app account passwords. "BeyondTrust immediately revoked the API key, notified known impacted customers, and suspended those instances the same day while providing ...

Late last month the U.S. Treasury reported that an unspecified number of computers had been compromised by Chinese hackers following a breach at contractor BeyondTrust, which provides ...

The China-linked breach is tied to the compromise of BeyondTrust’s remote support tool and reportedly led to the breach of multiple offices within the Treasury Department. New details have ...

BeyondTrust determined 17 customers were impacted in a December attack spree related to the compromise of a Remote Support SaaS API key. The attack, attributed to a state-linked threat actor ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities a second vulnerability by BeyondTrust, which was patched in December.

BeyondTrust, a Johns Creek-based software vendor, notified Treasury on Dec. 8 that a threat actor had obtained access to a digital key BeyondTrust uses to provide remote tech support for the ...

Chinese government hackers breached the U.S. Treasury office that administers economic sanctions, the Washington Post reported on Wednesday, identifying targets of a cyberattack Treasury disclosed ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two recently-discovered BeyondTrust bugs to its Known Exploited Vulnerabilities (KEV) catalog. The move means CISA has seen ...

CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the ...