Security News > 2020 > June > Business Services Provider Conduent Hit by Ransomware
Business process services provider Conduent has been the victim of a ransomware attack that appears to be the work of Maze operators.
The attackers deployed ransomware onto compromised systems, and while Conduent said it was able to restore everything fast, some services were still impacted.
Conduent did not provide information on the ransomware used in the attack, but the operators behind the Maze ransomware have claimed the attack and also started posting on the Dark Web data allegedly stolen during the attack.
No information on how the attackers might have breached Conduent has been provided, but the Maze group is known for lingering in the breached networks for weeks before actually deploying ransomware, and threat intelligence firm Bad Packets suggests that the Citrix ADC vulnerability tracked as CVE-2019-19781 might have been abused for initial access.
In April, professional services company Cognizant, which ranked 193 on the Fortune 500 list in 2019, fell victim to the Maze ransomware.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-27 | CVE-2019-19781 | Path Traversal vulnerability in Citrix products An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. | 9.8 |