Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
On BeyondTrust I have experience for decade as admin. But essentially regardless of vendor anything hosting persistent remote access to internal assets needs to be behind a VPN or some kind of TCP/IP allowlisting. You can't do the Internet raw. This scenario was threat modeled.
I have experience going back a decade on BeyondTrust but essentially regardless of vendor anything hosting persistent remote access to internal assets needs to be behind a VPN or some kind of TCP/IP allowlisting. You can't do the internet raw. This scenario was threat modeled.
Threat actor was able to override security via a key used by a third-party service provider that offers remote technical support to its employees. The compromised third-party service - called BeyondTrust - has since been taken offline https://t.co/4bVY7vnHiT
A security breach involving the third-party software provider BeyondTrust has raised concerns about the integrity of remote access systems. Hackers reportedly stole a key from BeyondTrust, allowing them to override security measures and gain remote access to multiple employee workstations. The specific product exploited in this incident is believed to be either Remote Support or Privileged Remote Access, with the latter posing greater risks. In response to the breach, BeyondTrust has taken its compromised service offline. Experts emphasize the need for stringent security measures, such as using a VPN or TCP/IP allowlisting, to protect internal assets from persistent remote access vulnerabilities.