​CISA tagged a vulnerability in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. [...]

BleepingComputer

CISA orders agencies to patch BeyondTrust bug exploited in attacks

Two BeyondTrust bugs have made it into CISA's KEV after being abused in the wild.

Tech Radar

Future plc

United Kingdom

CISA tells agencies to patch BeyondTrust bug now

Media Bias/Fact Check

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:… Read more → The post U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog appeared…

IT Security News - cybersecurity, infosecurity news

U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could

The Hacker News

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks

The US Cybersecurity & Infrastructure Security Agency (CISA) has published IT sector-specific goals (IT SSGs) to protect against cyber threats, including 11 software development process goals and seven product design goals. Published January 7, the Information Technology (IT) Sector-Specific Goals were based on CISA operational data and research on the current threat landscape. The IT SSGs are additional voluntary practices with high-impact secu…

InfoWorld

CISA publishes security goals for software development process, product design

Federal authorities are still working with the company to investigate a hack of Treasury Department workstations, but have not yet explained the CVEs’ specific roles in the attacks.

Cybersecurity Dive

CISA adds second BeyondTrust CVE to known exploited vulnerabilities list

CISA asks agencies to patch vulnerability in BeyondTrust software exploited in attack

CISA 要求机构修补 BeyondTrust 软件中遭攻击利用的漏洞

buaq.net

The Cybersecurity and Infrastructure Security Agency has reported significant progress in improving critical infrastructure cybersecurity and resilience since the implementation of its cross-sector Cybersecurity Performance Goals. The agency on Friday published the results of its analysis of 7,791 critical infrastructure organizations enrolled in its vulnerability scanning service from 2022 through 2024. The CPG, issued in October 2022, is a set…

Executive Gov

New CISA Report Reveals Improved Cybersecurity Across CI Sector

CISA Adds Four Known Exploited Vulnerabilities to Catalog aschloder Jan 14, 2025 
Release DateJanuary 14, 2025 
DescriptionCISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2024-55591 Fortinet FortiOS Authorization Bypass VulnerabilityCVE-2025-21333 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow VulnerabilityCVE-2025-21334 Microsoft Win…

CISA orders agencies to patch BeyondTrust bug exploited in attacks

Coverage Details

Bias Distribution

Ownership

Similar News Topics

Similar News Topics