CxoToday
CxoToday
HomePress ReleaseComment on CitrixBleed: Satnam Narang, Senior Staff Research Engineer, Tenable
Press Release

Comment on CitrixBleed: Satnam Narang, Senior Staff Research Engineer, Tenable

CXOtoday News DeskCXOtoday News Desk

“Mass exploitation of CVE-2023-4966, a critical sensitive information disclosure vulnerability in Citrix’s NetScaler ADC and Gateway products, has been ongoing since October 30. Dubbed “CitrixBleed” by researchers, at the time, there were estimates of 30,000 internet-facing assets that were vulnerable to this flaw. Recent analysis suggests that the number has decreased to over 10,000 assets with the majority located in the United States.

“With publicly available proof-of-concept exploit code, a variety of threat actors have been leveraging this flaw as part of their attacks over the last few weeks, including affiliates of the infamous LockBit ransomware group and Medusa. Ransomware groups are mostly indiscriminate in their attacks, motivated by profits over anything else.

“Organisations that use Netscaler ADC and Gateway products must prioritise patching these systems immediately as the threat of exploitation is extremely high, especially by ransomware groups.”—Satnam Narang, Senior Staff Research Engineer, Tenable

Tags :Tenable
add a comment

You Might Also Like

CxoToday
CXOtoday is a premier resource on the world of IT, relevant to key business decision makers. We offer IT perspective & news to the C-suite audience. We also provide business and technology news to those who evaluate, invest, and manage the IT infrastructure of organizations. CXOtoday has a well-networked and strong community that encourages discussions on what’s happening in the world of IT and its impact on businesses.

Useful Links

Information

Connect

Facebook Twitter Linkedin

Copyright © 2024 Trivone. All Rights Reserved.

channeltimes
Techtree
SupportBiz
khelnama