U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

FBI informed software giant Citrix of a security breach

The American multinational software company Citrix disclosed a security breach, according to the firm an international cyber criminals gang gained access to its internal network. The American multinational software company Citrix is the last victim of a security breach, according to the company an international cyber criminal gang gained access to its internal network, Hackers […]

Citrix NetScaler

The American multinational software company Citrix disclosed a security breach, according to the firm an international cyber criminals gang gained access to its internal network.

The American multinational software company Citrix is the last victim of a security breach, according to the company an international cyber criminal gang gained access to its internal network,

Hackers were able to steal business documents, but its products or services were not impacted by the attack.

Citrix discovered the intrusion after being notified by the FBI on March 6, 2019, the company announced to have secured its network and hired a forensic firm to assist with a forensic investigation of the inciden.

“On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cyber criminals gained access to the internal Citrix network.” reads a statement published by the company.

“Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.”

FBI believes attackers used the password spraying technique to access the network and once inside, they worked to obtain more privileges, the company confirmed that an investigation is still ongoing.

“While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security,” continues the statement.

“Citrix deeply regrets the impact this incident may have on affected customers. Citrix is committed to updating customers with more information as the investigation proceeds, and to continuing to work with the relevant law enforcement authorities.”

The security breach doesn’t appear to be linked to the recent wave of attacks against cloud service providers that were attributed to China-linked APT groups (Operation Cloudhopper).

According to a report published by NBC, the software company was hacked by the Iran-linked APT group Iridium that penetrated the company years ago and have remained inside its computer network ever since.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – data breach, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]