September 5, 2024 at 06:05AM The Transport for London (TfL) “cyber incident” enters its third day, with suspicions that a popular appliance served as the access point for hackers. TfL, while tight-lipped, denies evidence of customer data compromise. Reports point to a potential breach through a Cisco VPN or Netscaler appliance. TfL’s containment measures hint … Read more
May 6, 2024 at 08:20PM Citrix quietly addressed a vulnerability in its NetScaler ADC and Gateway appliances, similar to “CitrixBleed” but less serious. The flaw allowed attackers to occasionally capture sensitive information, although Citrix didn’t assign a CVE identifier. Bishop Fox reported the issue to Citrix in January, urging affected organizations to update their systems. … Read more
January 17, 2024 at 01:36PM CISA has directed U.S. federal agencies to secure their systems against recently patched Citrix NetScaler and Google Chrome zero-days. The urgency is due to active exploitation of the vulnerabilities. The agencies have specific timelines for patching, with the most critical CVE-2023-6548 vulnerability requiring resolution within a week. CISA urges all … Read more
January 17, 2024 at 05:06AM Citrix published a security bulletin revealing that two zero-day vulnerabilities in NetScaler ADC and Gateway products are being exploited. CVE-2023-6548 allows remote execution of code, and CVE-2023-6549 enables DoS attacks. Citrix advises immediate patch installation. The vulnerabilities may be exploited in targeted attacks but are not expected to have significant … Read more
November 22, 2023 at 07:12AM Authorities in Australia, the US, and tech company Citrix have issued warnings about a critical vulnerability in the NetScaler product. Dubbed CitrixBleed, the bug allows information disclosure and affects Netscaler ADC and Gateway appliances configured as a gateway or AAA server. The flaw, which has been exploited since August and … Read more
November 21, 2023 at 05:39PM LockBit 3.0 ransomware affiliates are targeting the “Citrix Bleed” security vulnerability, prompting warnings from CISA and Citrix. The bug allows authentication bypass, giving threat actors access to user sessions and credentials. Citrix’s patch is not sufficient to protect against compromise. Organizations are advised to upgrade immediately and assess vulnerability. Thousands … Read more
November 21, 2023 at 11:41AM Admins who have patched their NetScaler appliances against the Citrix Bleed vulnerability must take additional measures to secure their devices. Citrix advises wiping all previous user sessions and terminating active ones to prevent attackers from accessing compromised devices. The flaw has been actively exploited since late August, and compromised sessions … Read more
October 23, 2023 at 02:22PM Citrix warns admins to immediately secure NetScaler ADC and Gateway appliances against ongoing attacks exploiting the CVE-2023-4966 vulnerability. The vulnerability allows unauthenticated attackers to remotely exploit systems without user interaction. Mandiant reported that threat actors have been using this zero-day vulnerability to steal authentication sessions and hijack accounts since late … Read more
October 18, 2023 at 07:00AM A critical vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway has been exploited as a zero-day since August, according to Google’s Mandiant cybersecurity unit. The flaw allows attackers to leak sensitive information without authentication. Citrix released patches on October 10 and updated their advisory to warn customers of the observed … Read more
October 11, 2023 at 10:07AM Citrix has released patches for a critical vulnerability in NetScaler Application Delivery Controller (ADC) and NetScaler Gateway. The vulnerability, CVE-2023-4966, could lead to sensitive information disclosure and can be exploited without authentication. Citrix advises customers to upgrade their appliances to the supported versions. The company has also addressed a denial-of-service … Read more