Conclusion Attackers are increasingly leveraging cloud services and features to further their malicious activities. In this blog, we analyzed a Golang ransomware that abuses Amazon S3’s Transfer Acceleration feature to upload victim files to… Article Source https://www.trendmicro.com/en_us/research/24/j/fake-lockbit-real-damage-ransomware-samples-abuse-aws-s3-to-stea.html
Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a critical security flaw in Citrix NetScaler ADC and Gateway appliances. The vulnerability, known as Citrix Bleed (CVE-2023-4966), allows attackers to bypass password requirements and MFA, gaining access to user sessions and elevated permissions. Despite Citrix addressing the issue, it became a zero-day exploit as … Read more
Researchers have recently uncovered that the LockBit ransomware gang is behind the exploitation of a massive Citrix bug. This revelation comes as a result of an investigation conducted by CyberNews.com. The researchers identified a connection between the ransomware gang and the exploitation of the vulnerability in Citrix, a software company that provides server, networking, and … Read more
Cybersecurity agencies have issued a warning about a critical vulnerability in Citrix application delivery controllers and gateways known as CVE-2023-4966 or “Citrix Bleed.” This vulnerability allows attackers to bypass authentication and gain deep access to networks, making it easy for them to deploy ransomware and extract sensitive data. Affected versions of Citrix software include NetScaler … Read more