Security News > 2023 > December > US Health Dept urges hospitals to patch critical Citrix Bleed bug
The U.S. Department of Health and Human Services warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler vulnerability actively exploited in attacks.
"The Citrix Bleed vulnerability is being actively exploited, and HC3 strongly urges organizations to upgrade to prevent further damage against the Healthcare and Public Health sector. This alert contains information on attack detection and mitigation of the vulnerability," HC3 warned.
Beaumont revealed on Friday that a U.S.-based managed service provider suffered a ransomware attack by a group exploiting a Citrix Bleed vulnerability over a week ago.
In mid-November, Japanese threat researcher Yutaka Sejiyama told BleepingComputer that over 10,000 Citrix servers were still vulnerable to Citrix Bleed attacks, more than one month after the critical flaw was patched.
"This urgent warning by HC3 signifies the seriousness to the Citrix Bleed vulnerability and the urgent need to deploy the existing Citrix patches and upgrades to secure our systems," said John Riggi, a cybersecurity and risk advisor for the American Hospital Association, a healthcare industry trade group that represents 5,000 hospitals and healthcare providers across the U.S. "This situation also demonstrates the aggressiveness by which foreign ransomware gangs, primarily Russian-speaking groups, continue to target hospitals and health systems. Ransomware attacks disrupt and delay health care delivery, placing patient lives in danger."
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately.
News URL
Related news
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software (source)
- You probably want to patch this critical GitHub Enterprise Server bug now (source)
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
- Patch now: Critical Nvidia bug allows container escape, complete host takeover (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-4966 | Unspecified vulnerability in Citrix products Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | 7.5 |