Skip to main content
    Ransomware Gangs Using Multiple New Methods to Break Into Businesses
    Cybersecurity
    Important
    2 min read

    Ransomware Gangs Using Multiple New Methods to Break Into Businesses

    The Anubis ransomware group is exploiting a new Citrix security flaw to break into companies. They use legitimate remote access tools to avoid detection.

    Source

    The Hacker News

    Original headline: Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

    Plain-English summary by GetCyberRight. Read the full report at the source above.

    Published Thursday, July 2, 2026Updated Friday, July 3, 20262 min read
    Share:

    Ransomware criminals linked to the Anubis operation are using a newly discovered security flaw in Citrix software to break into businesses. Citrix makes software that allows people to access their work computers remotely from home or other locations. Once inside, the attackers use legitimate remote management tools that IT departments normally use. This helps them blend in and avoid detection. They steal login credentials and move through company networks looking for valuable data to lock up or steal. This primarily affects people who work for companies that use Citrix software for remote access. If you log in to work systems from home using Citrix, your employer's network could be vulnerable. The attack targets businesses, not home users directly. However, your personal information stored at work could be compromised if your employer is attacked. This includes your employee records, contact details, banking information for payroll, and any other data your employer keeps about you.

    Take these steps right away if you use Citrix or any remote access tool for work. First, contact your IT department to confirm they are aware of this vulnerability and have applied security updates. Second, change your work login passwords now. Use strong passwords that are different from passwords you use anywhere else. Third, enable two-factor authentication on all work accounts that support it. This requires both your password and a second form of verification. Fourth, be extremely careful about emails asking you to log in to work systems. Verify requests directly with your IT department before clicking any links. Protect yourself long term by using unique passwords for every account. Install a password manager to help create and store these passwords securely. Always turn on two-factor authentication wherever possible. Watch for suspicious activity on your work accounts and report it immediately to your IT team. Keep your personal and work digital lives separate. Use different email addresses and passwords for personal versus professional accounts. This limits the damage if one account is compromised.

    Protect Yourself

    Use our Cyber Threat Radar to check if you're affected and take action.

    Found this useful?

    Share it with someone who could use a heads-up.

    Share:

    Curated from trusted cybersecurity sources by GetCyberRight

    Source: The Hacker News

    Discussion

    0

    Sign in to join the discussion.

    Stay ahead of cyber threats

    Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.