Breach cyber

US Treasury Department

Jan 1, 2025 1 min read
US Treasury Department

A breach in early December 2024 at the US Treasury Department involved remote access by hackers to Treasury computers, compromising certain unclassified documents. By exploiting vulnerabilities in remote support software from BeyondTrust, identified as CVE-2024-12356 and CVE-2024-12686, attackers stole an authentication key, enabling system access. Despite the breach being attributed to a Chinese state-sponsored APT actor, no ongoing access was found. The incident sparked collaborations with FBI, CISA, and intelligence agencies for a comprehensive evaluation.

Source: https://www.wired.com/story/us-treasury-hacked-by-china/

"id": "us-000010125",
"linkid": "us-treasury",
"type": "Breach",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Microsoft

public 1 min read
Microsoft faced privacy concerns regarding their newly launched AI feature named Recall. Recall captures screenshots every five seconds to assist…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.