Search for an article

Select a plan

Choose a plan from below, subscribe, and get access to our exclusive articles!

Monthly plan

$
13
$
0
billed monthly

Yearly plan

$
100
$
0
billed yearly

All plans include

  • Donec sagittis elementum
  • Cras tempor massa
  • Mauris eget nulla ut
  • Maecenas nec mollis
  • Donec feugiat rhoncus
  • Sed tristique laoreet
  • Fusce luctus quis urna
  • In eu nulla vehicula
  • Duis eu luctus metus
  • Maecenas consectetur
  • Vivamus mauris purus
  • Aenean neque ipsum
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

HomeCyber BalkansCISA: BeyondTrust breach impacted Treasury Department solely

CISA: BeyondTrust breach impacted Treasury Department solely

Published on

spot_img

The recent breach of the U.S. Treasury Department through the BeyondTrust service has raised concerns about the security of federal agencies. The incident, which was disclosed on Dec. 30, revealed that Chinese nation-state threat actors had gained access to user workstations and unclassified documents within the Treasury Department.

In a letter to members of the U.S. Senate Committee on Banking, Housing and Urban Affairs, the Treasury Department confirmed that BeyondTrust’s compromised cloud service was used as a vector for the breach. Since then, the department has been working closely with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to investigate the incident.

According to a recent update from CISA, the breach was contained within the Treasury Department and did not extend to any other federal agencies. The agency assured the public that they are monitoring the situation closely and coordinating with relevant federal authorities to ensure a comprehensive response.

BeyondTrust, the vendor of the compromised service, also provided an update on the breach. The company identified suspicious activity on Dec. 2 and later discovered that attackers had compromised an API key, granting them access to a limited number of customers’ instances. The Treasury Department was notified on Dec. 8 that the API key had been used to remotely access their workstations.

While the exact method of how the attackers compromised the key remains unclear, BeyondTrust disclosed two vulnerabilities in its Remote Support and Privileged Remote Access SaaS products. The company has since mitigated these vulnerabilities and confirmed that no additional victims have been discovered.

In a security bulletin, BeyondTrust stated that all SaaS instances of Remote Support have been patched against the vulnerabilities and that no new customers have been identified as victims beyond those previously informed. However, it is still uncertain whether the Treasury Department was the only customer affected by the breach.

At present, BeyondTrust has not responded to requests for comment. The forensic investigation into the breach is ongoing, and both the Treasury Department and BeyondTrust are working together to address the security issues that led to the breach.

Overall, the breach serves as a reminder of the importance of cybersecurity measures for all organizations, especially those that handle sensitive government information. As authorities continue to investigate the incident, it is crucial for all involved parties to remain vigilant and take proactive steps to prevent future breaches.

Source link

Latest articles

Signalgate resolved? Report alleges journalist’s phone number mistakenly saved as Trump official – Source: go.theregister.com

In a recent news article from The Guardian, it was revealed that US national...

Over 70% of executives in Hong Kong anticipate a rise in cybercrime in 2025: Kroll

A recent report from Kroll, a financial and risk advisory firm, has revealed that...

Protect Yourself from WhatsApp OTP Hijack Scam: Stay Alert and Prevent Hackers from Stealing Your Account

In a recent wave of WhatsApp scams, attackers have found a way to prey...

Expert uses ChatGPT-4 to replicate passport in 5 minutes, bypassing KYC – Source: securityaffairs.com

In a groundbreaking demonstration of the capabilities of artificial intelligence, Polish researcher Borys Musielak...

More like this

Signalgate resolved? Report alleges journalist’s phone number mistakenly saved as Trump official – Source: go.theregister.com

In a recent news article from The Guardian, it was revealed that US national...

Over 70% of executives in Hong Kong anticipate a rise in cybercrime in 2025: Kroll

A recent report from Kroll, a financial and risk advisory firm, has revealed that...

Protect Yourself from WhatsApp OTP Hijack Scam: Stay Alert and Prevent Hackers from Stealing Your Account

In a recent wave of WhatsApp scams, attackers have found a way to prey...