Attackers who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access and Remote Support products in December likely also exploited a previously unknown SQL injection flaw in ...

BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key.

Updated Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing ...

Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product. Security researchers at Rapid7 on Thursday flagged the discovery ...

Remote IT support was the original core use case of ... Key competitors are BeyondTrust (private) and LogMeIn. However, BeyondTrust’s core business is privileged access management and LogMeIn ...

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a ...

and BeyondTrust Remote Support (RS), Rapid7’s principal security researcher, Stephen Fewer, discovered an SQL injection vulnerability affecting the interactive tool of PostgreSQL. The high-severity ...

Other key enhancements included the addition of one-click recovery capabilities for reducing dependence on IT support. Key prod­ucts from BeyondTrust ... capabilities for remote, edge and on ...

BeyondTrust said it once becoming aware of the breach, "immediately revoked the API key, notified known impacted customers, and suspended those instances the same day while providing alternative ...

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a ...