Citrix News Articles

Recent news articles refferecing the vendors vulnerabilities.

Hackers Attack Unpatched Citrix NetScaler Systems to Deploy Ransomware

Threat actors targeting unpatched Citrix NetScaler systems exposed to the internet are being tracked by Sophos X-Ops. 

Cybersecurity Advisory: Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells | AHA

The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC)...

Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance

In a co-authored advisory, the agencies list the top 15 most routinely exploited vulnerabilities of 2023, with CVE-2023-3519 — an issue affecting Citrix’s networking product NetScalers — being the most widely used.

Unveiling CVE-2023-3519 : Citrix ADC & Gateway Vulnerability Analysis - CYFIRMA

Published On : 2023-08-25 EXECUTIVE SUMMARY A critical unauthenticated remote code execution vulnerability, denoted as CVE- 2023-3519, has been exposed within the architecture of Citrix ADC and...

New critical Citrix ADC and Gateway flaw exploited as zero-day

Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and

Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials

Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks.

Attacks on Citrix NetScaler systems linked to ransomware actor

A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.

X-Force uncovers global NetScaler Gateway credential harvesting campaign

IBM X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials.

Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks

Thousands of Citrix Netscaler ADC and Gateway servers exposed online are vulnerable to attacks exploiting a critical remote code execution (RCE) bug that was previously abused in the wild as a zero-day.

Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway

Critical security flaw in Citrix NetScaler ADC and Gateway being actively exploited! CVE-2023-3519 allows unauthenticated remote code execution.

New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices

Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability. 

Citrix Virtual Apps & Desktops RCE Vulnerability, PoC Exploitation Underway

Security researchers have disclosed critical vulnerabilities in Citrix Virtual Apps and Desktops that could allow remote code execution (RCE) attacks.

Citrix Bleed: PoC Released Citrix NetScaler Zero-Day Vulnerability

Two vulnerabilities were disclosed by Citrix Bleed which were CVE-2023-4966 and CVE-2023-4967 with critical and high severities respectively.

Threat Brief: RCE Vulnerability CVE-2023-3519 on Customer-Managed Citrix Servers

RCE vulnerability CVE-2023-3519 affects Citrix NetScaler products. This threat brief examines the current evidence, attack scope and interim guidance.

Threat Brief: Citrix Bleed CVE-2023-4966

Threat brief on CVE-2023-4966 (aka Citrix Bleed) affecting multiple Netscaler products covers attack scope, threat hunting queries and interim guidance.

Comcast Xfinity Breached via CitrixBleed; 35M Customers Affected

A trove of personal data belonging to millions of Americans is just the latest bullet point in a bad year for Citrix customers.

Citrix Bleed Threat Looms, Patch CVE-2023-4966 Promptly!

Stay informed on the latest cyber threats as CISA adds CVE-2023-29552 to its catalog and ongoing concerns surrounding Citrix Bleed exploitation.

Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519

IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability.

Citrix ShareFile vulnerability actively exploited (CVE-2023-24489) - Help Net Security

CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers.