Dark Reading8 Jan 2025
CISA: Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user.
BeyondTrust ยท Privileged Remote Access (PRA) and Remote Support (RS)
Known ransomware use: Unknown
Follow the source advisory and validate exposure in your environment.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Recent reporting that mentions CVE-2024-12356.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.