Citrix Systems

Citrix, also known as Citrix Systems, has its headquarters located in the United States of America. The organization has been referenced in multiple public security incidents over the years. These incidents include a DDoS attack in December 2020 that exploited DTLS amplification against NetScaler ADCs with EDT enabled. Another incident in March 2019 involved a breach of its corporate network attributed to password-spraying attacks. In October 2018, password spraying was again used to access its network and exfiltrate employee personal information. Earlier, in October 2015, a Russian hacker using the alias "W0rm" compromised its content management system via weak credentials.

The summaries of these events describe the nature of the attacks and the company's responses. The 2020 DDoS attack was said to affect a small number of customers and involved overwhelming DTLS throughput without exploiting vulnerabilities, with a feature enhancement under development. The 2019 breach resulted in unauthorized access and exfiltration of business documents, though no evidence indicated direct impact on its products or services. The 2018 incident led to the theft of employee names, Social Security numbers, and financial data, while a separate third-party provider incident involved business contact information. The 2015 compromise gave the attacker administrative access and remote support capabilities, with potential for malware distribution across its client base.