Category: data breach

On December 18, 2023, Comcast Xfinity filed a notice to the Attorney General of Maine disclosing an exploited vulnerability in one of Xfinity’s software providers, Citrix, that has jeopardized almost 36 million customers’ sensitive information. While the vulnerability was made in August of 2023, the telecommunications solutions provider announced patches in October, but it already had mass exploitation weeks after the patch was reported.   

Kiran Chinnagangannagari, CTO, CPO & co-founder, Securin, shares how a vulnerability like this causes so much damage. 

“CVE-2023-4966, more commonly known as “CitrixBleed,” is a vulnerability within the Citrix NetScaler ADC and Gateway software that could allow a cyber bad actor to take control of an affected system,” Chinnagangannagari elaborated.

He went on to say that “At the time of the patch release, Citrix had no evidence of the vulnerability being exploited in the wild. However, Securin observed exploitation just a week later, including ransomware groups LockBit and Medusa leveraging this vulnerability. Securin also observed mentions of this vulnerability in deep, dark web and hacker forums.”

“Vulnerabilities within commonly used software are extremely dangerous because they can be replicated across other companies that might not have patched it either, which we have seen in the case of CitrixBleed, as it is being linked to many incidents in 2023, including Boeing, ICBC, DP World, Allen & Overy, and thousands of other organizations. These big-name victims emphasize ransomware gangs’ ongoing commitment to crippling and disrupting operations that could affect the security of everyday people and even U.S. critical infrastructures.” 

“While large-scale companies have been facing ever-evolving and continuous threats to their cybersecurity, it’s important to remember that these vulnerabilities are all too common and risk exploiting data like names, contact information, the last four digits of social security numbers, dates of birth, and answers to secret questions on the site. This particular vulnerability leaks the content of system memory to the attacker, allowing the attacker to impersonate a different authenticated user. This exploit poses a grave threat to system security and user integrity, emphasizing the critical need for immediate attention and remediation. CWE-119 is the weakness associated with this vulnerability and Securin is tracking 14,231 additional vulnerabilities associated with this weakness with quite a few of them being exploited by ransomware and APT groups.”

Chinnagangannagari implores companies to look for ways to mitigate risk. 

“Companies must look at leveraging a framework like Continuous Threat Exposure Management (CTEM) to prioritize and mitigate risks. In addition to multi-factor authentication (MFA), cybersecurity teams must implement and update basic security practices with routine scans of their attack surface, consolidating third-party applications, updating access controls, systems, and routine updates to complex passwords.” 

The post To Xfinity’s Breach and Beyond – The Fallout from “CitrixBleed” appeared first on Cybersecurity Insiders.

A hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.
Hacking fears are raised at Western Europe's most hazardous building, why porn sites might soon be scanning your face, and our guest narrowly avoids a Facebook Marketplace scammer. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Dinah Davis.

A technology service provider named ‘Zeroed-In’ Technologies fell victim to a cyber attack, resulting in the exposure of employee information from the Dollar Tree and Family Dollar stores chain. The breach is estimated to have granted unauthorized access to sensitive data concerning employees across more than 23,000 locations in both Canada and the United States.

Dollar Tree issued a press release acknowledging the potential impact on over 2 million individuals, with a subset belonging to the Dollar Tree workforce. The compromised information encompasses names, dates of birth, Social Security Numbers, and various Human Resources data.

All affected individuals have been, or will soon be, notified via email about the data breach. They will be offered complimentary identity protection and credit monitoring services for a duration of 12 months. This protective measure extends not only to the general public but also to employees of both Dollar Tree and Family Dollar.

For those unfamiliar with this business, it operates as a discount store chain spanning the United States and Canada. The stores retail a wide array of products, including seasonal décor, food items, beauty products, health supplies, party essentials, houseware, glassware, cleaning products, toys, gifts, stationery, crafts, electronics, automotive items, pet supplies, and books—catering to diverse daily needs and personal styles.

Despite facing occasional controversies related to faulty products due to its extensive inventory, the retail chain continues to dominate the market with its competitive pricing, reinforcing its position as a leading player in the industry.

The post Data Breach leaks employee data of Dollar Tree and Family Dollar appeared first on Cybersecurity Insiders.

Don’t minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams? All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Jane Wakefield. Plus – don’t miss our featured interview with Push Security founder and CEO Adam Bateman.