Cisa: No Federal Agency Beyond Treasury Impacted By Beyondtrust Incident
Thumbnail
Summary: The US cybersecurity agency CISA reported that the recent cybersecurity incident involving a BeyondTrust service primarily affected the Department of the Treasury, with no other federal agencies impacted. The attack, attributed to Chinese state-sponsored hackers, exploited a compromised API key, leading to unauthorized access to Treasury workstations and documents.

Threat Actor: Chinese state-sponsored hackers | Chinese state-sponsored hackers
Victim: Department of the Treasury | Department of the Treasury

Key Point :

  • CISA confirmed that only the Treasury was affected by the incident involving BeyondTrust.
  • The attack exploited a compromised API key for a remote management service, leading to unauthorized access.
  • BeyondTrust has issued patches for critical vulnerabilities identified during the investigation.
  • Over 13,500 BeyondTrust instances are accessible from the internet, raising concerns about potential vulnerabilities.
  • CISA continues to monitor the situation and coordinate with federal authorities for a comprehensive response.

Source: https://www.securityweek.com/cisa-no-federal-agency-beyond-treasury-impacted-by-beyondtrust-incident/