Thursday, March 28, 2024

Citrix Hacked – Terabytes of Sensitive data Stolen by Iranian Hackers

Citrix hacked, Yes, Citrix suffered a massive data breach and the company believes that the attackers may have stolen atleast 6 TB to 10 TB of data by compromise the Citrix internal systems.

Citrix Systems, Inc.a well-known software company that provides server, application and desktop virtualization, networking, software as a service, and cloud computing technologies for NASA, FBI etc.

FBI claimed that Citrix Hacked by international cybercriminals who have gained access to the internal system and stole the sensitive business documents.

Citrix said, “it was unclear about the specific documents that were stolen,
Despite this incident, there was no further indication that we encountered any Citrix product or service was compromised.”

Researchers believe that Citrix hacked by Iran-base organized cybercrime group called Iridium who may have stolen atleast 6-10 TB of highly sensitive data that belongs to the project data of aerospace industry, the FBI, NASA and Saudi Arabia’s state-owned oil company.

IRIDIUM has already hit record of more than 200 government agencies, oil and gas companies, and technology companies including Citrix.

Threat actors leveraged a combination of tools, techniques and procedures, allowing them to conduct targeted network intrusion to access The internal network.

FBI made a statement that the attackers used a tactic known as password spraying, a technique used for a cyber attack against the weak password to compromise the first level of security then they move ahead and work to break the aditional security layers.

Accodring to the Citrix statement, Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.

Citrix also deployed a forensic investigation team to involve with this incident and let them protect the internal data and also and continue to cooperate with the FBI and other law enforcement authorities.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

5 Best Workplace Practices To Prevent Data Breach

Houzz Suffers a Data Breach, Alerts Users to Change Password

Airbus Data Breach – Hackers Stolen Employee Sensitive & Personal Data

773 Million Credentials of Email & Password leaked in Massive Data Breach – Biggest Data Dump Ever Found on a Decade

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles