CVE-2024-12356 - Geek Feed

PostgreSQL flaw exploited as zero-day in BeyondTrust breach

February 17, 2025February 17, 2025 geekfeed0Tagged BeyondTrust, Breach, CVE-2024-12356, CVE-2024-12686, PostgreSQL, Rapid7, SQL Injection, Zero-Day

Rapid7’s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. Less than one […]

3 mins read

BeyondTrust says hackers breached Remote Support SaaS instances

December 20, 2024December 20, 2024 geekfeed0Tagged BeyondTrust, Customer Data, CVE-2024-12356, CVE-2024-12686, Remote Support, SaaS, Security Breach

Story updated with statement from BeyondTrust. Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. BeyondTrust is a cybersecurity company specializing in Privileged Access Management (PAM) and secure remote access solutions. Their products are used by government agencies, tech firms, retail and e-commerce entities, […]

3 mins read