JD Supra23h
Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident
In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks.
CyberArk Stock Rises After Treasury Department Hack Hits Rival
CyberArk Software shares rose Monday as Morgan Stanley analysts said the company stands to benefit after competitor BeyondTrust was hacked by a Chinese state-sponsored actor seeking to access Treasury ...
Treasury Department hack shows no signs of broader impact, says US cyber watchdog
Late last month the US Treasury reported that an unspecified number of computers had been compromised by Chinese hackers ...
Chinese hackers infiltrated US Treasury Secretary's PC — attackers had access to over 400 PCs
Chinese hackers accessed over 400 computers and over 3,000 unclassified files when they infiltrated the U.S. Treasury.
Bleeping Computer18d
CISA orders agencies to patch BeyondTrust bug exploited in attacks
In early January, the Treasury Department disclosed that its network was breached by attackers who used a stolen Remote Support SaaS API key to compromise a BeyondTrust instance used by the agency.
Forbes29d
FBI Investigates As U.S. Treasury Attack Confirmed
According to the U.S. Treasury itself, the compromised service from BeyondTrust has been taken offline and, as far as the investigation from CISA and the FBI can determine at this stage ...
CSOonline16d
CISA warns second BeyondTrust vulnerability also exploited in the wild
The Treasury said the access occurred through a cloud-based remote support service operated by BeyondTrust. The vendor then confirmed that an API key for its Remote Support SaaS service was ...
Yahoo Finance24d
CISA says hack targeting Treasury Department did not impact other federal agencies
CISA said it is working closely with officials at the Treasury Department and BeyondTrust to fully mitigate and understand the impact of the attack, which has been attributed to threat actors ...
Yahoo Finance17d
CISA adds second BeyondTrust CVE to known exploited vulnerabilities list
That vulnerability has a CVSS score of 9.8. Federal authorities and the company have yet to explicitly tie the BeyondTrust CVEs to the Treasury Department hack or explain exactly what role they ...
CISA tells agencies to patch BeyondTrust bug now
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two recently-discovered BeyondTrust bugs to its ...
TechRepublic29d
China-Linked Cyber Threat Group Hacks US Treasury Department
Threat actors entered Treasury Department systems through BeyondTrust. The breach may be related to the Salt Typhoon attacks reported throughout the year. A Chinese-state-sponsored cyberattack ...
JD Supra29d
U.S. Treasury Targeted in Cyberattack Stemming from Vulnerability in BeyondTrust’s Remote Support Service
Evidently, the U.S. Treasury cyberattack was related to the Treasury’s use of BeyondTrust, a cloud-based service used to provide remote technical support for Treasury offices. The incident is ...