BeyondTrust - Security Ticks

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

0-day, APT, BeyondTrust, Don't miss, Hot stuff, News, PostgreSQL, Rapid7 / SecurityTicks

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) 2025-02-17 at 15:49 By Zeljka Zorz The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the […]

React to this headline:

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) Read More »

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

BeyondTrust, CVE-2024-12356, CVE-2025-1094, Nation-State, Rapid7, Treasury, Vulnerabilities / SecurityTicks

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation 2025-02-13 at 22:20 By Ryan Naraine Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product. The post Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation appeared first on SecurityWeek. This article is an

React to this headline:

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation Read More »

CISA says Treasury was the only US agency breached via BeyondTrust

BeyondTrust, CISA, Don't miss, government-backed attacks, Hot stuff, News, USA / SecurityTicks

CISA says Treasury was the only US agency breached via BeyondTrust 2025-01-07 at 14:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving compromised BeyondTrust Remote Support SaaS instances. On the same

React to this headline:

CISA says Treasury was the only US agency breached via BeyondTrust Read More »

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)

BeyondTrust, CVE, Don't miss, enterprise, Hot stuff, News, remote access, vulnerability / SecurityTicks

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) 2024-12-18 at 11:48 By Zeljka Zorz BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement

React to this headline:

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) Read More »

Okta breach post mortem reveals weaknesses exploited by attackers

1Password, account hijacking, BeyondTrust, Cloudflare, Don't miss, Hot stuff, Incident Response, News, Okta / SecurityTicks

Okta breach post mortem reveals weaknesses exploited by attackers 06/11/2023 at 17:18 By Zeljka Zorz The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified that an employee

React to this headline:

Okta breach post mortem reveals weaknesses exploited by attackers Read More »

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop

BeyondTrust, CISO Strategy, cloud security, Cloudflare, Data Breaches, HAR files, Identity & Access, Okta / SecurityTicks

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop 04/11/2023 at 19:31 By Ryan Naraine Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop. The post Okta Hack Blamed on Employee Using Personal Google Account on Company

React to this headline:

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop Read More »

1Password also affected by Okta Support System breach

1Password, authentication, BeyondTrust, CISO, Cloudflare, cybersecurity, Don't miss, Hot stuff, identity protection, News, Okta, privileged identity / SecurityTicks

1Password also affected by Okta Support System breach 24/10/2023 at 13:50 By Zeljka Zorz Following in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. “On September 29, we detected suspicious activity on our Okta instance that we use to manage our employee-facing apps,”

React to this headline:

1Password also affected by Okta Support System breach Read More »

Okta Support System Hacked, Sensitive Customer Data Stolen

BeyondTrust, Data Breaches, Identity & Access, Lapsus$, Okta, Ransomware / SecurityTicks

Okta Support System Hacked, Sensitive Customer Data Stolen 21/10/2023 at 00:46 By Ryan Naraine Okta warns that hackers broke into its support case management system and stole sensitive data that can be used to impersonate valid users. The post Okta Support System Hacked, Sensitive Customer Data Stolen appeared first on SecurityWeek. This article is an

React to this headline:

Okta Support System Hacked, Sensitive Customer Data Stolen Read More »