Wednesday March 27, 2019
Home Lead Story Iran-based Ha...

Iran-based Hackers Steal Data From Citrix

"Citrix deeply regrets the impact this incident may have on affected customers,"

0
//
Iran-based hackers have stolen terabytes of data from desktop virtualisation leader Citrix, with the company admitting that the cyber criminals may have accessed and downloaded business documents.
“The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised,” Citrix Chief Information Security Officer Stan Black said in a blog post.
According to a report in The Registrar on Sunday, the Federal Bureau of Investigation (FBI) last week warned Citrix about the data hack.
According to cyber security firm Resecurity, at least six terabytes of sensitive internal files were stolen by the Iranian-backed IRIDIUM hacker gang.
Cloudhopper, cyberattacks
Alister Shepherd, the director of a subsidiary of the cybersecurity firm FireEye, gestures during a presentation about the APT33 hacking group, which his firm suspects are Iranian government-aligned hackers, in Dubai, United Arab Emirates. VOA
The researchers said they had alerted Citrix as early as December 28 last year about the ongoing attack.
“Citrix has taken action to contain the incident. We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI,” Black wrote.
The hackers probably used a tactic known as “password spraying”, which exploits weak passwords. Once they gain a foothold with limited access, they worked to circumvent additional layers of security.
“Citrix deeply regrets the impact this incident may have on affected customers,” he said. (IANS)

Next Story

Hackers Win Tesla Car For Exposing System Error

The EV-maker was fairly quick to fix vulnerabilities exposed by white hat hackers

0
Tesla CEO Elon musk, board
Tesla CEO Elon Musk. (VOA)

Electric Vehicle (EV)-maker Tesla had to give away one of their Model 3 cars and $35,000 prize money to a group of hackers after they managed to crack its system during a hacking event.

Amat Cama and Richard Zhu of team Fluoroacetate exposed a vulnerability in the vehicle system during the Pwn2Own 2019 hacking competition, organised by Trend Micro’s “Zero Day Initiative (ZDI)”, held here this week.

The hackers targeted the infotainment system on the Tesla Model 3 and used a “JIT bug in the renderer” to take control of the system, Electrek reported on Saturday.

Charging problems with electric car
Tesla cars recharge at a Tesla station at a shopping center in Charlotte, N.C., June 24, 2017. Buyers of Tesla’s luxury models have access to a company-funded Supercharger network. VOA

“Since launching our bug bounty programme in 2014, we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community,” the report quoted David Lau, Vice President of Vehicle Software at Tesla as saying.

Also Read- Smokers Notice Health Warnings More on Plain-Packaged Cigarettes

As part of Tesla’s bug bounty programme, the company had given away hundreds of thousands of dollars in rewards to hackers who exposed vulnerabilities in its systems.

The EV-maker was fairly quick to fix vulnerabilities exposed by white hat hackers, the report said. (IANS)