BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

The Treasury said the access occurred through a cloud-based remote support service operated by BeyondTrust. The vendor then confirmed that an API key for its Remote Support SaaS service was ...

BeyondTrust says it spotted an attack in early December 2024 It found some of its Remote Support SaaS instances were compromised It also found and patched two zero-day flaws BeyondTrust has ...

used a stolen Remote Support SaaS API key to compromise a BeyondTrust instance. Silk Typhoon is perhaps best known for targeting some 68,500 servers in early 2021 using Microsoft Exchange Server ...

BeyondTrust found both vulnerabilities while investigating the breach of some of its Remote Support SaaS instances in early December. The attackers stole an API key, which they later used to reset ...

The breach was first discovered on 2 nd December, stemming from the compromise of a remote support API key used by third-party software service provider, BeyondTrust. BeyondTrust notified the ...

The US security authority CISA warns of attacks on remote access software from BeyondTrust and the data analysis solution Qlik Sense Enterprise. In the latter case, remote attacks are possible ...