Comcast’s disclosure is the latest damage from the Citrix Bleed vulnerability. If you’re not familiar with Citrix Bleed, this will get you up to speed. Now back to Comcast getting pwned.
Comcast just disclosed that a breach in their network between October 16 and October 19 disclosed the PII of over 35 million customers. A reading of the Comcast Customer Notice appears to show the breach was just two weeks after Citrix had released a patch for the critical zero-day Citrix Bleed vulnerability (CVE-2023-4966) and before they had applied the patch.
The company said “Xfinity concluded on December 6, 2023, that the customer information in scope included” the following
- Usernames
- hashed passwords
- names
- contact information
- last four digits of social security numbers
- dates of birth
- secret questions and answers
HYAS CEO David Ratner said:
“The criminals are literally waiting for each new zero-day to be discovered because they can pounce faster than patches can be applied. While an efficient and effective patch strategy is critical for any organization today, it’s also quite simply not enough — operational resiliency must be added at all layers, which includes having the visibility to detect anomalies inside the organization and discover breaches in near real time, so they can be shut down and stopped before data is stolen and damage ensues.”
This is not Comcastic, it’s craptastic. And the thing is that you can expect a lot more of this over the holidays and into the new year. And that’s frightening.
UPDATE: Darren Williams, CEO and Founder, BlackFog had this comment:
“Third-party vulnerabilities can often result in delayed patching for the company which holds customer data. While Comcast is insisting that no customers have been directly affected or ‘attacked’, this is unlikely as customer data was actively exfiltrated. This breach highlights that any company – small, medium or large – can quickly become a victim of a cyber incident. The key consideration is not “if” a breach will happen, but “when.” This makes it essential to have the proper safeguards in place to prevent data exfiltration. Stopping cybercriminals in their tracks and preventing them from obtaining the one thing they are there for: your data, is the only way to prevent a breach. Additionally, this attack brings emphasis on the need for businesses to strongly consider and assess the security measures of the vendors they work with. With this mindset, companies can better prepare for the inevitable attack.”
Like this:
Like Loading...
Related
This entry was posted on December 19, 2023 at 3:31 pm and is filed under Commentary with tags Citrix, Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Comcast Pwned Via Citrix Bleed Vulnerability… And We’re Talking Epic Pwnage
Comcast’s disclosure is the latest damage from the Citrix Bleed vulnerability. If you’re not familiar with Citrix Bleed, this will get you up to speed. Now back to Comcast getting pwned.
Comcast just disclosed that a breach in their network between October 16 and October 19 disclosed the PII of over 35 million customers. A reading of the Comcast Customer Notice appears to show the breach was just two weeks after Citrix had released a patch for the critical zero-day Citrix Bleed vulnerability (CVE-2023-4966) and before they had applied the patch.
The company said “Xfinity concluded on December 6, 2023, that the customer information in scope included” the following
HYAS CEO David Ratner said:
“The criminals are literally waiting for each new zero-day to be discovered because they can pounce faster than patches can be applied. While an efficient and effective patch strategy is critical for any organization today, it’s also quite simply not enough — operational resiliency must be added at all layers, which includes having the visibility to detect anomalies inside the organization and discover breaches in near real time, so they can be shut down and stopped before data is stolen and damage ensues.”
This is not Comcastic, it’s craptastic. And the thing is that you can expect a lot more of this over the holidays and into the new year. And that’s frightening.
UPDATE: Darren Williams, CEO and Founder, BlackFog had this comment:
“Third-party vulnerabilities can often result in delayed patching for the company which holds customer data. While Comcast is insisting that no customers have been directly affected or ‘attacked’, this is unlikely as customer data was actively exfiltrated. This breach highlights that any company – small, medium or large – can quickly become a victim of a cyber incident. The key consideration is not “if” a breach will happen, but “when.” This makes it essential to have the proper safeguards in place to prevent data exfiltration. Stopping cybercriminals in their tracks and preventing them from obtaining the one thing they are there for: your data, is the only way to prevent a breach. Additionally, this attack brings emphasis on the need for businesses to strongly consider and assess the security measures of the vendors they work with. With this mindset, companies can better prepare for the inevitable attack.”
Share this:
Like this:
Related
This entry was posted on December 19, 2023 at 3:31 pm and is filed under Commentary with tags Citrix, Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.