FlagThis

CyberSecurity updates
2025-01-07 19:57:10 Pacfic
djohnson @
China Hack US Treasury via BeyondTrust - 7d
Read more: cyberscoop.com

The US Treasury Department has confirmed a major cyber incident involving Chinese state-sponsored hackers who gained unauthorized access to employee workstations and unclassified documents. The breach occurred after a third-party software provider, BeyondTrust, was compromised, allowing the attackers to obtain a security key used for remote technical support. This key enabled the hackers to bypass security measures and remotely access Treasury systems and exfiltrate sensitive information. The Treasury was notified of the breach on December 8th and has been working with the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and other agencies to investigate the full impact of the incident.

The compromised BeyondTrust service has since been taken offline, and there is currently no evidence to suggest the threat actors still have access to Treasury systems. The Treasury Department has classified the incident as a “major incident” and has reaffirmed its commitment to bolstering cybersecurity defenses, highlighting the importance of addressing third-party vulnerabilities. The breach follows a series of other recent cyberattacks linked to China, further raising concerns about the security posture of the US government.

References:
  • CyberScoop - Treasury workstations hacked by China-linked threat actors - 7d
  • Federal News Network - Treasury says Chinese hackers remotely accessed workstations, documents in ‘major’ cyber incident - 7d
  • siliconangle.com - Third-party provider hack exposes US Treasury Department unclassified documents - 7d
  • Techmeme - Letter: the US Treasury says China-backed hackers gained access to some Treasury workstations and unclassified docs; a vendor notified it of the hack on Dec. 8 (Zack Whittaker/TechCrunch) - 7d
  • @joetidy.bsky.social - Joe Tidy BBC News - Chinese state-sponsored hackers broke into the U.S. Treasury Department this month and stole documents from its workstations, according to a letter to lawmakers - 7d
  • @cdarwin - US treasury’s workstations breached in cyber-attack by China – report A Chinese state-sponsored actor broke into the US treasury department earlier this month and stole documents from its workstat - 7d
  • www.theguardian.com - US treasury’s workstations breached in cyber-attack by China – report - 7d
  • TechCrunch - US Treasury says China accessed government documents in ‘major’ cyberattack - 7d
  • cyberscoop.com - Treasury workstations hacked by China-linked threat actors - 7d
  • techcrunch.com - Letter: the US Treasury says China-backed hackers gained access to some Treasury workstations and unclassified docs; a vendor notified it of the hack on Dec. 8 (Zack Whittaker/TechCrunch) - 7d
  • International homepage - ‘In a letter to 🇺🇸 Senate banking committee seen by the Financial Times, the department said it had been informed on December 8 by software company BeyondTrust that a hacker had breached sever - 7d
  • Benzinga - Stock Market Quotes, Business News, Financial News, Trading Ideas, and Stock Research by Professionals - China-Linked Hackers Breach US Department Of Treasury - 7d
  • Malware Analysis, News and Indicators - Latest topics - Chinese-sponsored hackers accessed Treasury documents in ‘major incident’ - 7d
  • www.cnn.com - CNN: China-backed hackers breached US Treasury workstations. - 7d
  • Michael West - Treasury says Chinese hackers accessed workstations - 7d
  • SiliconANGLE - Third-party provider hack exposes US Treasury Department unclassified documents - 7d
  • www.pymnts.com - Treasury Department Workstations Breached by Hackers via Third-Party Vendor - 7d
  • www.engadget.com - The US Treasury Department says it was hacked in a China-linked cyberattack - 7d
  • federalnewsnetwork.com - Treasury says Chinese hackers remotely accessed workstations, documents in ‘major’ cyber incident - 7d
  • WIRED - US Treasury Department confirms hack by China-backed group. - 7d
  • @lukaszolejnik.bsky.social - Lukasz Olejnik - The U.S. Treasury announced a major cyberattack linked to a compromised API key from its contractor, BeyondTrust. - 7d
  • securityonline.info - Treasury Department Hit by Major Cybersecurity Incident, China Suspected - 7d
  • PYMNTS.com - Treasury Department Workstations Breached by Hackers via Third-Party Vendor - 7d
  • san.com - Chinese-sponsored hackers behind ‘major’ breach: Treasury Department - 7d
  • Security Archives - Security Affairs - China-linked threat actors breached the U.S. Treasury Department by hacking a remote support platform used by the agency. - 7d
  • Hong Kong Free Press HKFP - US Treasury says was targeted by China state-sponsored cyberattack. - 7d
  • The Hacker News - The United States Treasury Department said it suffered a 'major cybersecurity incident' that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. - 7d
  • Fortune | FORTUNE - Treasury Department says a China state-sponsored cyberattack gained access to workstations and documents - 7d
  • Cybersecurity News - Treasury Department Hit by Major Cybersecurity Incident, China Suspected - 7d
  • GBHackers Security | #1 Globally Trusted Cyber Security News Platform - US Treasury Department Breach, Hackers Accessed Workstations. - 7d
  • SAN - Investigators accuse China of hacking U.S. Treasury Department computers. - 7d
  • GitGuardian Blog - Take Control of Your Secrets Security - What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary. - 7d
  • DataBreaches.Net - Chinese hackers breached Treasury Department workstations, documents in ‘major cybersecurity incident’. - 7d
  • go.theregister.com - US Treasury Department outs the blast radius of BeyondTrust's key leak - 6d
  • www.wired.com - US Department Admits It Got by Treasury says accessed “certain documents” in a “major” breach, but experts believe the attack’s impacts could prove to be more significant as new details emer - 6d
  • www.bleepingcomputer.com - US Treasury Department breached through remote support platform L: C: posted on 2024.12.31 at 21:39:28 (c=2, p=3) - 6d
  • @hkrn - US Treasury Department breached through remote support platform L: C: posted on 2024.12.31 at 21:39:28 (c=2, p=3) - 6d
  • OODAloop - What to know about string of US hacks blamed on China - 5d
  • @Techmeme - Sources: Chinese government hackers breached the US Treasury Department's OFAC, which administers economic sanctions, and two other Treasury offices (Washington Post) - 5d
  • Dataconomy - According to the Washington Post Chinese government hackers compromised the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) in December, targeting intelligence related to economic - 5d
  • @carlypage - China-backed hackers reportedly compromised the US Treasury’s highly sensitive sanctions office during December cyberattack - 5d
  • TechCrunch - Chinese government hackers targeted the U.S. Treasury’s highly sensitive sanctions office during a December cyberattack, according to reports. - 5d
  • techcrunch.com - Chinese government hackers targeted US Treasury’s sanctions office during December cyberattack - 4d
  • @cybernews - On Thursday, it was revealed that PRC-backed hackers behind last month’s US Treasury hack accessed some senior officials' laptops. - 4d
  • Bloomberg Technology - Sources: China-backed hackers accessed the computers of senior US Treasury officials; the department's email system and classified data were not breached (Bloomberg) - 4d
  • www.techmeme.com - Sources: China-backed hackers accessed the computers of senior US Treasury officials; the department's email system and classified data were not breached (Bloomberg) - 4d
  • @Techmeme - Sources: China-backed hackers accessed the computers of senior US Treasury officials; the department's email system and classified data were not breached (Bloomberg) - 4d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.