Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
31 December 2024
The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents.
"On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based