Hackers Are Targeting US Critical Infrastructure Using This Citrix Zero-day

[ad_1]

Hackers have been observed exploiting a zero-day vulnerability in a Citrix product to target at least one critical infrastructure organization in the United States.

The news, reported by Tech C runch, has since been confirmed by the US Cybersecurity and Infrastructure Security Agency (CISA), as well as several cybersecurity firms.

As per the report, unnamed hackers used a flaw in NetScaler ADC and NetScaler Gateway tracked as CVE-2023-3519. It has a severity rating of 9.8, making it a critical flaw. They used it to run arbitrary code on the devices as unauthenticated users. NetScaler ADC and NetScaler Gateway are enterprise-grade products built for secure application delivery and VPN services.

Citrix zero-day threat

A few days after Citrix released a fix and urged users to apply it immediately as the flaw was being used in the wild, CISA came forward saying it had observed the flaw abused in June, against an unnamed US critical infrastructure organization.

According to CISA, the attackers used the flaw to deliver a webshell on NetScaler ADC, which allowed them to steal sensitive data from the firm’s Active Directory. The good news is that the appliance was isolated inside the network, preventing the attackers from moving laterally and wreaking even more damage.

This firm might have walked away with a scratch, but others might get seriously hurt, the publication states, there are reprotedly more than 15,000 Citrix servers worldwide yet to be patched, and as such are vulnerable to this flaw. Most of them are in the United States (5,700), with significant numbers also in Germany (1,500), and the UK (1,000).

Citrix says it doesn’t know who’s exploited the flaw so far, but suspects both financially-motivated actors and state-sponsored ones. China is being mentioned again. Researchers from Mandiant were on the same vein, saying the activity was “consistent with previous operations by China-nexus actors based on known capabilities and actions against Citrix ADC’s in 2022.”

[ad_2]
#Hackers #targeting #critical #infrastructure #Citrix #zeroday

Hackers are targeting US critical infrastructure using this Citrix zero-day

Leave a Comment Cancel reply

Product Highlight

Recent Posts

SSC all exams, links is here

Beat the blackout: A citizen`s guide to load management as extreme heatwaves overload India`s power transformers

Calcutta HC orders fresh CBI SIT probe into RG Kar rape case `cover-up` claims

Forget just water: The AYUSH guide to `electrolyte-rich`, cooling and hydrating foods for 45°C summer

IMD heatwave alert: 45°C temperature to grip north and east India for next 7 days

Punjab govt`s Sehat Yojana saves woman in critical diabetic emergency

2019 Pulwama terror attack mastermind Hamza Burhan killed by unknown gunmen in PoK

`Cockroaches don`t die!`: Viral Cockroach Janta Party launches defiant new handle after original account withheld by X

Essel Group will remain dedicated to nation for next 100 years, says Dr. Subhash Chandra on 100th Anniversary of Essel Group

Ebola outbreak scare: Delhi airport issues urgent travel advisory; India-Africa summit postponed

Jagan Mohan Reddy accuses CM Chandrababu Naidu of misleading people over Amaravati

Welcome

Categorys

Site Links