Chinese threat actors breached the US Treasury in 'major incident' - here's what you need to know
Briefly

from ITPro2 months ago
Chinese threat actors accessed sensitive US Treasury information by compromising a third-party IT support service using a stolen API key, highlighting vulnerabilities in cybersecurity.
ITProhttps://www.itpro.com/security/cyber-attacks/chinese-threat-actors-breached-the-us-treasury-in-major-incident-heres-what-you-need-to-know
BeyondTrust's investigation showed two significant vulnerabilities in their tools. CVE-2024-12356 is a critical command injection flaw, while CVE-2024-12686 has a medium severity rating.
ITProhttps://www.itpro.com/security/cyber-attacks/chinese-threat-actors-breached-the-us-treasury-in-major-incident-heres-what-you-need-to-know
The US Treasury Department called the cyber attack a 'major incident' and noted that hackers accessed workstations and certain unclassified data related to users.
ITProhttps://www.itpro.com/security/cyber-attacks/chinese-threat-actors-breached-the-us-treasury-in-major-incident-heres-what-you-need-to-know
BeyondTrust emphasized its commitment to thorough investigation and communication with affected customers, acknowledging the need for enhanced security measures following the breach.
ITProhttps://www.itpro.com/security/cyber-attacks/chinese-threat-actors-breached-the-us-treasury-in-major-incident-heres-what-you-need-to-know
Read at ITPro
#cybersecurity #data-breach #chinese-hackers #us-treasury #remote-it-support
[
|
]