Citrix Discloses Data Breach By International Cyber Criminals


An enormous data breach by "international cyber criminals" of the famous enterprise software company Citrix was unveiled a weekend ago, reporting the breach of its internal network.

The software company which is known to provide its services, especially to the U.S. military, the FBI, numerous U.S. organizations, and different U.S. government offices was cautioned by the FBI of foreign hackers compromising its IT systems and sneak "business documents," likewise including that the company did not know exactly which records and documents the hackers acquired nor how they even got in, in the first place.

In a blog post Citrix says that, “While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security...”
"Password spraying” is an attack where the attackers surmise weak passwords to pick up an early toehold in the company's system in order to launch more extensive attacks.

The enormous data breach at Citrix has been distinguished as a part of "a sophisticated cyber espionage campaign supported by nation-state due to strong targeting on government, military-industrial complex, energy companies, financial institutions and large enterprises involved in critical areas of the economy," said Rescurity, an infosec firm in a blog post.

The researchers at Resecurity shed all the more light on the episode when Citrix refused to disclose the numerous insights regarding the breach, guaranteeing that it had prior cautioned the Feds and Citrix about the "targeted attack and data breach."

In spite of the fact that Resecurity says that the Iranian-backed IRIDIUM hacker group hit Citrix in December a year ago and yet again on Monday i.e. the 4th of March and purportedly stole approximately 6 terabytes of sensitive internal files including messages, emails, blueprints and various other documents as well.

While this Florida-based company focused on the fact that there was no sign that the hackers bargained any Citrix product or service, and that it propelled a "forensic investigation," procured the best cyber security company, and took "actions" to skilfully secure its internal network.


Since the consequences of the Citrix 'security incident' are grave and they could influence a more extensive scope of targets, as the company holds sensitive data on other companies as well, including critical infrastructure, government and enterprises, therefore,  strict measures will be thusly taken to secure it inside-out.


Malware Attack Compromises Titan’s System and Steals Customer Data


Titan Manufacturing and Distribution  Inc. and its computer framework was reported to be compromised by a malware that too for about a year around from November 23, 2017 until October 25, 2018 as per an IT security expert.

Given the fact that the company expressed that it doesn't store customer data, the malware installed in the company's framework could have gained access to the users' shopping cart including their data, for example, the users' full names, billing addresses, contact numbers, payment card details, like the card numbers, termination dates, as well as verification codes.

After finding out about the episode, Titan advised its customers about the occurrence and unveiled in a notice for the customers who have had purchased products from its online stores between November 23, 2017 and October 25, 2018, that they might have been influenced by the said incident.

 “Titan Manufacturing and Distributing, Inc. (“Titan”) values your business and recognizes the importance of the security of your information. For these reasons, we are writing to let you know, as a precautionary measure, that Titan has been the victim of a data security incident that may involve your information,” the notice read.

Titan is now working intimately with a 'third-party' IT security expert so as to research and investigate the incident carefully and is all set to provide one-year complimentary identity theft protection for all conceivably influenced customers.

By finding a way to upgrade their security framework and moving its computer framework to another server, deleting and resetting all authoritative login credentials the company has additionally asked for its users to remain cautious by frequently monitoring their financial records for any suspicious exercises and take immediate measures by reporting them.