Monday, June 24, 2024

Citrix Hacked – Terabytes of Sensitive data Stolen by Iranian Hackers

Citrix hacked, Yes, Citrix suffered a massive data breach and the company believes that the attackers may have stolen atleast 6 TB to 10 TB of data by compromise the Citrix internal systems.

Citrix Systems, Inc.a well-known software company that provides server, application and desktop virtualization, networking, software as a service, and cloud computing technologies for NASA, FBI etc.

FBI claimed that Citrix Hacked by international cybercriminals who have gained access to the internal system and stole the sensitive business documents.

Citrix said, “it was unclear about the specific documents that were stolen,
Despite this incident, there was no further indication that we encountered any Citrix product or service was compromised.”

Researchers believe that Citrix hacked by Iran-base organized cybercrime group called Iridium who may have stolen atleast 6-10 TB of highly sensitive data that belongs to the project data of aerospace industry, the FBI, NASA and Saudi Arabia’s state-owned oil company.

IRIDIUM has already hit record of more than 200 government agencies, oil and gas companies, and technology companies including Citrix.

Threat actors leveraged a combination of tools, techniques and procedures, allowing them to conduct targeted network intrusion to access The internal network.

FBI made a statement that the attackers used a tactic known as password spraying, a technique used for a cyber attack against the weak password to compromise the first level of security then they move ahead and work to break the aditional security layers.

Accodring to the Citrix statement, Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.

Citrix also deployed a forensic investigation team to involve with this incident and let them protect the internal data and also and continue to cooperate with the FBI and other law enforcement authorities.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

5 Best Workplace Practices To Prevent Data Breach

Houzz Suffers a Data Breach, Alerts Users to Change Password

Airbus Data Breach – Hackers Stolen Employee Sensitive & Personal Data

773 Million Credentials of Email & Password leaked in Massive Data Breach – Biggest Data Dump Ever Found on a Decade

Website

Latest articles

Threat Actor Claiming a 0-day in Linux LPE Via GRUB bootloader

A new threat actor has emerged, claiming a zero-day vulnerability in the Linux GRUB...

LockBit Ransomware Group Claims Hack of US Federal Reserve

The notorious LockBit ransomware group has claimed responsibility for hacking the U.S. Federal Reserve,...

Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying...

Consulting Companies to Pay $11 Million Failing Cybersecurity Requirements

Two consulting companies, Guidehouse Inc. and Nan McKay and Associates, have agreed to pay...

New RAT Malware SneakyChef & SugarGhost Attack Windows Systems

Talos Intelligence has uncovered a sophisticated cyber campaign attributed to the threat actor SneakyChef....

Chinese Winnti Group Intensifies Financially Motivated Attacks

Hackers are increasingly executing financially motivated attacks and all due to the lucrative potential...

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from Promokit.eu for...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles