image credit: Unsplash

Threat actors hacked US Census Bureau in 2020 by exploiting a Citrix flaw

August 19, 2021

A report published by the US Office of Inspector General (OIG) revealed that threat actors breached the servers of US Census Bureau on January 11, 2020, exploiting an unpatched Citrix ADC zero-day flaw.

The servers were used to provide the Bureau with remote-access capabilities for its enterprise staff to access the production, development, and lab networks. The report states that the servers did not provide access to 2020 decennial census networks, this means that the attacker did not interfere with the results of the census.

Read More on Security Affairs