Security News > 2020 > December > Citrix confirms ongoing DDoS attack impacting NetScaler ADCs
Citrix has confirmed today that an ongoing 'DDoS attack pattern' using DTLS as an amplification vector is affecting Citrix Application Delivery Controller networking appliances with EDT enabled.
Reports of the attack have started trickling in on December 21st, with customers reporting an ongoing DDOS amplify attack over UDP/443 against Citrix Gateway devices.
The scope of the attack is limited to just "a small number of customers" at the moment according to Citrix and it impacts all ADCs with Enlightened Data Transport UDP Protocol enabled.
Based on current evidence there are no known Citrix vulnerabilities being actively exploited in this ongoing attack.
If information on products vulnerable to DDoS attacks due to software bugs is discovered during this investigation, it will be published by the Citrix Security Response Team in a separate security advisory.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)
- New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration (source)