Security News

(Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise
2023-08-16 10:43

Administrators of Citrix NetScaler ADC and Gateway appliances should check for evidence of installed webshells even if they implemented fixes for CVE-2023-3519 quickly: A recent internet scan by Fox-IT researchers has revealed over 1,800 backdoored NetScaler devices, 69% of which have been patched for the flaw. CVE-2023-3519 exploited to drop webshells on NetScaler devices.

New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices
2023-08-15 15:32

Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability. The critical CVE-2023-3519 Citrix flaw was discovered in mid-July 2023 as a zero-day, with hackers actively exploiting it to execute code remotely without authentication on vulnerable devices.

Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
2023-08-03 14:20

Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution.

Netscaler ADC bug exploited to breach US critical infrastructure org
2023-07-21 12:51

The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. Because the targeted NetScaler ADC appliance was in a segregated environment on the network, the hackers were not able to move laterally to a domain controller, CISA says.

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)
2023-07-21 11:07

The exploitation of the Citrix NetScaler ADC zero-day vulnerability was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency. "In June 2023, threat actors exploited this vulnerability as a zero-day to drop a webshell on a critical infrastructure organization's non-production environment NetScaler ADC appliance. The webshell enabled the actors to perform discovery on the victim's active directory and collect and exfiltrate AD data. The actors attempted to move laterally to a domain controller but network-segmentation controls for the appliance blocked movement," the agency shared in an advisory published on Thursday.

Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action
2023-07-21 05:26

The U.S. Cybersecurity and Infrastructure Security Agency issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller and Gateway devices is being abused to drop web shells on vulnerable systems. "In June 2023, threat actors exploited this vulnerability as a zero-day to drop a web shell on a critical infrastructure organization's non-production environment NetScaler ADC appliance," the agency said.

Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway
2023-07-19 03:21

Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller and Gateway that it said is being actively exploited in the wild.The company did not give further details on the flaw tied to CVE-2023-3519 other than to say that exploits for the flaw have been observed on "Unmitigated appliances." However, successful exploitation requires the device to be configured as a Gateway or authorization and accounting virtual server.

New critical Citrix ADC and Gateway flaw exploited as zero-day
2023-07-18 18:00

Citrix today is alerting customers of a critical-severity vulnerability in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "Strongly urges" to install updated versions without delay. Formerly Citrix ADC and Citrix Gateway, the two NetScaler products received new versions today to mitigate a set of three vulnerabilities.

New critical Citrix ADC and Gateway flaw exploited as zero-days
2023-07-18 18:00

Citrix today is alerting customers of a critical-severity vulnerability in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "Strongly urges" to install updated versions without delay. Formerly Citrix ADC and Citrix Gateway, the two NetScaler products received new versions today to mitigate a set of three vulnerabilities.

Citrix ADC and Gateway zero-day actively exploited in attacks
2023-07-18 18:00

Citrix today is alerting customers of a critical-severity vulnerability in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "Strongly urges" to install updated versions without delay. Formerly Citrix ADC and Citrix Gateway, the two NetScaler products received new versions today to mitigate a set of three vulnerabilities.