Security News > 2023 > November > Hackers use Citrix Bleed flaw in attacks on govt networks worldwide
2023-11-01 18:46
Researchers from Mandiant report that four ongoing campaigns target vulnerable Citrix NetScaler ADC and Gateway appliances, with attacks underway since late August 2023.
The Citrix Bleed CVE-2023-4966 vulnerability was disclosed on October 10 as a critical severity flaw impacting Citrix NetScaler ADC and NetScaler Gateway, allowing access to sensitive information on the devices.
New critical Citrix NetScaler flaw exposes 'sensitive' data.
Citrix Bleed exploit lets hackers hijack NetScaler accounts.
Hackers hijack Citrix NetScaler login pages to steal credentials.
Hackers exploit recent F5 BIG-IP flaws in stealthy attacks.
News URL
Related news
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-4966 | Unspecified vulnerability in Citrix products Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | 7.5 |