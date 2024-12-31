Identity, Governance, Risk and Compliance, Threat Intelligence

BeyondTrust breach hits US Treasury Department

United States Department of the Treasury seal

(Adobe Stock)

The U.S. Treasury Department was confirmed to have its computers and documents compromised by Chinese state-backed advanced persistent threat hackers in an attack targeted at its BeyondTrust Remote Support software-as-a-service instance just over a week after the BeyondTrust breach was initially reported, reports BleepingComputer.

Attacks conducted by the Chinese threat actors involved the exploitation of an exfiltrated Remote Support API key, as well as a pair of zero-days, tracked as CVE-2024-12356 and CVE-2024-12686, to facilitate Remote Support hijacking, according to BeyondTrust, which also proceeded to takedown all affected instances.

BeyondTrust's shutdown of impacted Remote Support implementations has already removed Chinese hackers' access to the Treasury Department's computers, said the department in a letter to lawmakers, which noted a probe into the incident conducted alongside the Cybersecurity and Infrastructure Security Agency and the FBI.

Such a development comes as Chinese state-sponsored threat operation Salt Typhoon was confirmed to have targeted nine U.S. telecommunications firms as part of a widespread cyberespionage campaign.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Related

Unregistered data brokers flagged by Texas

Texas has alerted half a dozen companies — including Affinity Solutions, Fifty Technology, HubSpot Inc., LoopMe Limited, Spectrum Mailing Lists, and ZenLeads Inc. — to immediately register to the state's data broker registries to avoid daily fines of at least $100 for each day that they are unregistered, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Challenge-Handshake Authentication Protocol (CHAP)CorruptionCovert ChannelsDNS SpoofingDigest AuthenticationDigital CertificateDistributed ScansDomain HijackingDrive-by DownloadDumpster Diving

You can skip this ad in 5 seconds