January 18, 2024 at 10:38AM Two vulnerabilities in Citrix’s NetScaler ADC and Gateway products, CVE-2023-6548 and CVE-2023-6549, have been patched. The first allows remote code execution with authentication and access to specific IPs, while the second can lead to a denial-of-service attack. Customers are advised to update their affected products promptly to prevent exploitation. Key … Read more
December 20, 2023 at 07:51AM Comcast’s Xfinity recently disclosed a data breach affecting approximately 36 million individuals to US authorities. Hackers accessed customer data, including personal details and hashed passwords. The breach possibly impacts all Xfinity customers and employees. The attack exploited a Citrix Netscaler ADC and Gateway vulnerability named CitrixBleed, despite Xfinity’s prompt patch … Read more
December 19, 2023 at 06:00PM 35 million customers of Comcast Xfinity have been affected by the CitrixBleed vulnerability, leading to a breach of customer data, including sensitive information. Although Comcast promptly patched and mitigated the vulnerability, attackers were still able to exfiltrate a large amount of data over a three-day period. The ongoing threat of … Read more
December 19, 2023 at 06:51AM Comcast’s Xfinity informed customers of a cybersecurity breach due to the CitrixBleed vulnerability, compromising usernames, passwords, and personal information. Despite promptly patching the flaw in its systems, the breach was confirmed, prompting password resets and multi-factor authentication. The CitrixBleed vulnerability has been implicated in numerous global attacks, affecting various organizations. … Read more
December 18, 2023 at 07:04PM Xfinity, the subsidiary of Comcast Cable Communications, reported a security breach where attackers stole sensitive customer information after exploiting a Citrix server. The breach, discovered in November, resulted in the exfiltration of customer data, including usernames, hashed passwords, contact information, and partial social security numbers. Xfinity has proactively reset affected … Read more
December 12, 2023 at 06:00AM Toyota Germany informed customers of a ransomware attack compromising personal information. The incident affected Toyota Financial Services Europe & Africa and Medusa ransomware gang claimed responsibility. Stolen data includes corporate documents, passport copies, and personal information. Toyota is gradually restoring systems and potential initial access was through the CitrixBleed vulnerability. … Read more
December 2, 2023 at 11:54AM The HHS alerted U.S. healthcare organizations to patch the ‘Citrix Bleed’ vulnerability (CVE-2023-4966), as it’s actively exploited by ransomware gangs, bypassing security controls. Citrix and federal agencies urged immediate action. Despite a fix released in October, over 10,000 servers remain at risk, threatening the Health sector. Meeting Takeaways: 1. **Urgent … Read more
November 22, 2023 at 07:12AM Authorities in Australia, the US, and tech company Citrix have issued warnings about a critical vulnerability in the NetScaler product. Dubbed CitrixBleed, the bug allows information disclosure and affects Netscaler ADC and Gateway appliances configured as a gateway or AAA server. The flaw, which has been exploited since August and … Read more
November 21, 2023 at 05:39PM LockBit 3.0 ransomware affiliates are targeting the “Citrix Bleed” security vulnerability, prompting warnings from CISA and Citrix. The bug allows authentication bypass, giving threat actors access to user sessions and credentials. Citrix’s patch is not sufficient to protect against compromise. Organizations are advised to upgrade immediately and assess vulnerability. Thousands … Read more
November 21, 2023 at 11:41AM Admins who have patched their NetScaler appliances against the Citrix Bleed vulnerability must take additional measures to secure their devices. Citrix advises wiping all previous user sessions and terminating active ones to prevent attackers from accessing compromised devices. The flaw has been actively exploited since late August, and compromised sessions … Read more