Cisco has rushed a patch for a brute-force denial-of-service (DoS) vulnerability in its VPN that’s being actively exploited in the wild. The medium-severity bug (CVE-2024-20481, CVSS 5.8) resides in the Remote Access VPN (RAVPN) found in the Cisco… Article Source https://www.darkreading.com/application-security/cisco-asa-ftd-software-active-vpn-exploitation
Citrix has issued warnings about two zero-day vulnerabilities affecting its customer-managed Netscaler Application Delivery Controller and Netscaler Gateway appliances, with reports of active exploitation in a limited number of cases. The vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, could result in remote code execution and denial of service attacks, respectively. These vulnerabilities come more than three … Read more
Researchers have recently uncovered that the LockBit ransomware gang is behind the exploitation of a massive Citrix bug. This revelation comes as a result of an investigation conducted by CyberNews.com. The researchers identified a connection between the ransomware gang and the exploitation of the vulnerability in Citrix, a software company that provides server, networking, and … Read more
Citrix has warned its customers about two zero-day vulnerabilities affecting Netscaler ADC and Gateway appliances that expose them to remote code execution and denial-of-service attacks. To exploit these vulnerabilities, attackers need access to low-privileged accounts and specific network configurations. Only customer-managed Netscaler appliances are affected, not Citrix-managed cloud services. The affected product versions include Netscaler … Read more
UnitedHealth is set to testify about a cybersecurity breach that occurred on February 12, where hackers gained access to a Citrix portal of its Change Healthcare unit using compromised credentials. CEO Andrew Witty mentioned that the threat actor moved within the systems and exfiltrated data. On February 21, a ransomware attack by a cybercriminal known … Read more