BeyondTrust Breach: When Cybersecurity Experts Get Hacked!

BeyondTrust, a privileged access management company, faced a cyberattack when hackers breached Remote Support SaaS instances. The attack exploited two vulnerabilities, one critical and one medium-severity, affecting their products. While cloud instances got automatic patches, self-hosted users must DIY. Investigations continue, so stay tuned for updates.

3P
Published: December 19, 2024 3:50 pmAdded: December 19, 2024 at 8:21 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like BeyondTrust trusted a little too much and went a bit “Beyond” their comfort zone! Who knew that even the gatekeepers of cybersecurity could leave their keys lying around?

Key Points:

  • BeyondTrust, a PAM specialist, faced a cyberattack after hackers breached its Remote Support SaaS instances.
  • Hackers got hold of an API key, allowing them to reset passwords for local accounts.
  • BeyondTrust discovered two vulnerabilities during its investigation, one critical and one medium-severity.
  • Patches for the vulnerabilities were automatically applied to cloud instances; manual updates are needed for self-hosted ones.
  • Ongoing investigations are in place, with BeyondTrust promising updates as more information becomes available.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?