Security News > 2020 > July > Citrix denies dark web claim of network compromise and ransomware attack
Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised.
A Wednesday post penned by CISO Fermin J Serna says the company is aware of a "Threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network, exfiltration of data, and attempts to escalate privileges to launch a ransomware attack."
Serna said Citrix is investigating the claims but has found "No evidence that the threat actor compromised the Citrix network."
"Once that action was complete, the author of the threat intelligence report reported that the threat actor's unauthorized access was terminated. The third party is now conducting its own investigation and remediation, and is committed to keeping Citrix advised of any developments, and Citrix is ready to assist as necessary."
"As recently as today, there are reports of Citrix data for sale on the dark web," the CISO added, before reinforcing that "Based on our investigation, the source of this data is the same third party referenced above. Many of these reports today erroneously imply a Citrix compromise." .
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/15/citrix_denies_new_network_compromise/
Related news
- Companies mentioned on the dark web at higher risk for cyber attacks (source)
- Surge in Magniber ransomware attacks impact home users worldwide (source)
- Keytronic reports losses of over $17 million after ransomware attack (source)
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)