BeyondTrust says hackers hit its remote support products
Posted by:
James Thompson
BeyondTrust, a provider of Privileged Access Management (PAM) solutions, revealed a recent cyberattack on their network, where threat actors compromised some Remote Support SaaS instances. The attackers gained unauthorized access using an API key to reset account passwords, prompting BeyondTrust to take immediate action by revoking the key, notifying affected customers, and switching to alternative instances. Although two vulnerabilities were discovered and patched during the investigation, it does not appear that these flaws were exploited in the attack. The company deals with a critical command injection flaw (CVE-2024-12356) and a medium-severity vulnerability (CVE-2024-12686) that allows command injection by users with admin privileges. BeyondTrust’s cloud-hosted solutions cater to IT professionals for remote support and troubleshooting while ensuring strict security measures. While no confirmation exists whether customers were affected, BeyondTrust took preventive action by updating defenses for Secure Remote Access Cloud customers. The nature of the attack remains undisclosed, with the company confirming it was not ransomware.
Recent Posts1
12 Days of OpenAI ends with a new model for the new year
December 22, 2024
Only 15% of Steam users have played games released in 2024, but why?
December 22, 2024
