November 22, 2023 at 12:36AM LockBit ransomware affiliates are actively exploiting a critical security flaw in Citrix NetScaler appliances to gain initial access to target environments. The flaw, known as Citrix Bleed, allows threat actors to bypass password requirements and multifactor authentication, enabling session hijacking and unauthorized access to data. The vulnerability, tracked as CVE-2023-4966, … Read more
November 17, 2023 at 06:29PM Ransomware gangs are targeting vulnerable Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. The threat actors exploit the Citrix Bleed vulnerability (CVE-2023-4966). Many recent victims, including Toyota Financial Services, ICBC, DP World, Allen & Overy, and Boeing, were found to have … Read more
November 1, 2023 at 02:49PM Threat actors are targeting government, technical, and legal organizations globally by exploiting the ‘Citrix Bleed’ vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway appliances. The attacks have been ongoing since August 2023 and involve credential theft and lateral movement. The attacks are difficult to detect due to limited forensic evidence. … Read more
November 1, 2023 at 10:23AM Thousands of Citrix NetScaler ADC and Gateway instances are vulnerable to a critical flaw, dubbed ‘Citrix Bleed’, that allows unauthenticated attackers to leak sensitive information. The vulnerability is actively being exploited by threat actors, including ransomware groups. Citrix has released patches, but roughly half of NetScaler customers have yet to … Read more
October 25, 2023 at 04:08PM A critical security update has been released for the Citrix NetScaler vulnerability, but an exploit is also available. The exploit is simpler to use and allows attackers to read session tokens and gain access to environments. Patching may not be enough as hijacked sessions can persist even after applying patches. … Read more
October 18, 2023 at 02:52PM There is an active attack targeting a critical security vulnerability in Citrix NetScaler that was patched last week. The vulnerability allows cyber attackers to hijack authenticated sessions, potentially bypassing multifactor authentication. While the patch helps mitigate the issue, organizations are advised to terminate all active sessions to fully remediate the … Read more
October 18, 2023 at 08:02AM A critical vulnerability, known as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August. The issue allows attackers to access secrets in gateways configured as authentication, authorization, and accounting (AAA) virtual servers. Citrix has released a fix and urges customers to install the … Read more