Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
citrix netscaler gateway |
||
citrix netscaler application delivery controller |
Ransomware payments drop to record low of 28% in Q1 2024 By Bill Toulas April 21, 2024 10:21 AM 0 Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show companies are increasingly refusing to pay extortion demands, leading to a record low of 28% of companies paying ransom in the first quarter of 2024. This figure was 29% in Q4 2023, and Coveware's stats show that diminishing payments have remained steady since early 2019. This decrease is due to o...
Available evidence suggests vulnerability exploitation has replaced botnets as a prime infection vector.
Posted: 12 Mar, 20244 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinRansomware: Attacks Continue to Rise as Operators Adapt to DisruptionAvailable evidence suggests vulnerability exploitation has replaced botnets as a prime infection vector.Ransomware activity remains on an upward trend despite the number of attacks claimed by ransomware actors decreasing by slightly more than 20% in the fourth quarter of 2023. Attackers have co...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources At this point, just assume your kit is compromised
Citrix has urged admins to "immediately" apply a fix for CVE-2023-4966, a critical information disclosure bug that affects NetScaler ADC and NetScaler Gateway, admitting it has been exploited. Plus, there's a proof-of-concept exploit, dubbed Citrix Bleed, now on GitHub. So if you are using an affected build, at this point assume you've been compromised, apply the update, and then kill all active sessions per Citrix's advice from Monday. The company's first issued a patch for compromised devices ...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Happy Halloween! Security bugs under attack squashed, more flaws fixed Farewell WordPad, we hardly knew ye
Patch Tuesday Microsoft on Tuesday issued more than 100 security updates to fix flaws in its products, including two bugs that are already under active attack, as well as addressing an HTTP/2 weakness that has also been exploited in the wild. That last one – tracked as CVE-2023-44487 aka Rapid Reset – is an HTTP/2 protocol vulnerability that has been abused since August to launch massive distributed denial of service (DDoS) attacks. Microsoft, Amazon, Google, and Cloudflare all released miti...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources CitrixBleed patch has been available for around a month
China's largest bank, ICBC, was hit by ransomware that resulted in disruption of financial services (FS) systems on Thursday Beijing time, according to a notice on its website. "Immediately upon discovering the incident, ICBC FS disconnected and isolated impacted systems to contain the incident," said the bank’s financial services division, which added that it was both investigating and progressing recovery efforts. ICBC detailed that its FS business and email systems operate independently fro...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources At least two extortion gangs abusing CVE-2023-4966, we're told
Citrix Bleed, the critical information-disclosure bug that affects NetScaler ADC and NetScaler Gateway, is now under "mass exploitation," as thousands of Citrix NetScaler instances remain vulnerable, according to security teams. As of October 30, Shadowserver spotted just over 5,000 vulnerable servers on the public internet. And in the past week, GreyNoise observed 137 individual IP addresses attempting to exploit this Citrix vulnerability. Citrix disclosed and issued a patch for the flaw ...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources One of US's largest underwriters forced to shut down a number of key systems
Fortune 500 insurance biz Fidelity National Financial (FNF) has confirmed that it has fallen victim to a "cybersecurity incident." The announcement came in the form of an 8-K filing with the Securities and Exchange Commission (SEC) on Tuesday, saying it had been forced to shut down a number of systems, disrupting various areas of the business. "For example, the services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, and technology t...