BeyondTrust SaaS instances breached in cyber attack

1 day, 17 hours ago searchsecurity.techtarget.com

BeyondTrust, a privileged access management vendor, patched two vulnerabilities this week after attackers compromised SaaS instances for a "limited" number of customers.

Share this item with your network:

Arielle Waldman, News Writer

BeyondTrust disclosed that attackers breached instances of its Remote Support and Privileged Remote Access SaaS products earlier this month.

On Dec. 8, the privileged access management vendor published a security bulletin warning it detected suspicious activity tied to "a limited number of Remote Support SaaS customer." During a root cause analysis on Dec. 5, BeyondTrust found that an API key for its remote support SaaS tools had been compromised. Subsequently, BeyondTrust revoked the key, notified affected customers and suspended the compromised instances.

"A compromised Remote Support SaaS API key was identified, which allowed for password resets of local application accounts, and was promptly revoked," the security bulletin said.

In updates published earlier this week, BeyondTrust disclosed two vulnerabilities ...

Copyright of this story solely belongs to searchsecurity.techtarget.com . To see the full text click HERE

BeyondTrust, a privileged access management vendor, patched two vulnerabilities this week after attackers compromised SaaS instances for a "limited" number of customers.

Share:

More related news