Xfinity Breach and BlackCat Ransomware


Xfinity Data Breach

by Artie Kaye

The Comcast division released a notice to their customers informing them of a data security incident.  The breach happened in mid October and leveraged the CitrixBleed vulnerability.  Citrix released a patch on October 10 to address this flaw.  Xfinity’s database was discovered to have been accessed between October 16 and 19.  Over 35 million customers were affected.  The company has forced password changes for their users.  Information which was taken may include, but is not limited to, names, birthdates, and secret questions and answers.  After incidents like this, updating passwords and the security questions would be advised, and if possible, adding two factor authentication.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


Decryptor for BlackCat Ransomware

by Artie Kaye

The FBI has seized websites related to the ransomware group’s operations after many months of investigation and infiltration.  Anyone who has been affected by the malware is instructed to contact the nearest FBI office for information on how to get and use the decryptor.  The ransomware group has not been eliminated and after this incident they altered the restrictions for use of their malware to allow targeting of previously banned targets like hospitals.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)