Conduent is a IT sector giant and has recently been attacked by ransomware leading to data breach.
Conduent is a $4.4 Billion revenue organization providing services to a majority of Fortune 100 companies and over 500 governments, was hit on Friday, May 29. The organization however claims that they were able to restore all the compromised systems within 8 hours of the attack.
Conduent European services were interrupted on May 29 around 12:45 AM CET and were back to functioning around 10:00 AM CET. The organization has also claimed that they are reviewing their European infrastructure for loopholes and security issues.
Maze ransomware has posted the stolen data of the organization to their dark web page. Conduent was found using unpatched Citrix VPNs, which lead to the data breach. The similar unpatched VPNs were found to be used by more than 10,000 organizations.
The organizations using these VPNs include, military, federal, state, and city government agencies, public universities and schools, hospitals and healthcare providers, electric utilities and cooperatives, major financial and banking institutions, numerous Fortune 500 companies.
The malware used by Maze actors is a 32 bit binary file packed as an EXE or DLL file. The threat posers just wait for the right time and keep seeking for organizations which have certain vulnerability either in their network or any tool that can be exploited.
NPAV recommends organization to keep all the aspects of cyber security and every exploitable sector in check and properly protected. There must be proper patched tools and modules which don’t have vulnerabilities.
Use NPAV and join us on a mission to secure the cyber world.