A Google Photos flaw could expose your location

A Google Photos flaw could expose your location

A vulnerability in Google Photos, discovered by Imperva, a cyber-security software company, allows ...
Read More
infosec tweaks

What is spear phishing and how can we protect it

In our time, phishing attacks, also known as "phishing," are emerging as a growing threat. So it's very ...
Read More

Hackers-creators of famous Banking Trojans work together for the perfect attack!

Banking Trojans are popular in criminal systems, given the valuable data and financial service credentials that can ...
Read More

What are DoS attacks and what tools are being implemented?

Before the DDoS attacks occur, their predecessors, known as Denial of Service attacks (DoS), formed the ...
Read More
infosec rapidshare

NordVPN: The most reliable VPN service provider

Find Out the Best VPN Service on the Market What is a VPN A Virtual Private Network or VPN,
Read More
Latest Posts

Citrix admits that intruders have violated her network


On Friday, Citrix issued a short one announcement, in which she admits that recently hackers managed to invade the internal network.

According to an announcement by the head of data security, Stan Black, the company was first informed about the FBI attack on March 6 when it was found that the attackers had access to "business documents."

It was not mentioned when the attackers had access to the company's network, nor how long it had been.

If you are a Citrix customer, in addition to losing some data, there are two other issues that should worry you: firstly, attackers have been able to bypass the 'extra layers of security' into a major technology company, and secondly that the company has not even discovered the incident until he contacted the FBI.

In a blog post, a notorious company, Resecurity reported that an attack by an Iranian team, known as Iridium, had stolen "at least" 6TB sensitive data from Citrix, along with emails and recordsdata.

Separately, NBC News reported that he had spoken to Resecurity chairman Charles Yoo, who informed them that the attackers had accessed the Citrix network using two accounts of employees whom they violated.

Resecurity's allegations have not been presented because they have been resolved with some caution until further evidence is released. At this point however, Citrix has not denied them.

For Citrix customers and the broader business, the importance of this story lies in the data. For example, Resecurity claims that the attackers have discovered two-factor authentication techniques (2FA) for "critical applications and services for further unauthorized access to Virtual Private Networks (VPN) and SSO (Single Sign-On).

If it is correct, how serious this is, depends on the format of the 2FA reported. If OTP passwords are sent using SMS or created through an application, it may be associated with numerous violations reported in recent months.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *