Security News > 2024 > December > Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
2024-12-31 05:42
The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based
News URL
https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html
Related news
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems (source)
- Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan (source)