Found 5 bookmarks
Custom sorting
Cyber experts and officials raise alarms about exploits against Citrix and Apache productsoited vulnerability (KEV) list.
Cyber experts and officials raise alarms about exploits against Citrix and Apache productsoited vulnerability (KEV) list.
Several new vulnerabilities with critical severity scores are causing alarm among experts and cyber officials. Zero-day bugs affecting products from Citrix and Apache have recently been added to the Cybersecurity and Infrastructure Security Agency’s (CISA) known exploited vulnerability (KEV) list. Incident responders at the cybersecurity company Rapid7 warned of hackers connected to the HelloKitty ransomware exploiting a vulnerability affecting Apache ActiveMQ, classified as CVE-2023-46604. Apache ActiveMQ is a Java-language open source message broker that facilitates communication between servers.
#therecord#EN#2023#CVE-2023-46604#Apache#ActiveMQ#Citrix
·therecord.media·
Cyber experts and officials raise alarms about exploits against Citrix and Apache productsoited vulnerability (KEV) list.
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Fox-IT (part of NCC Group) has uncovered a large-scale exploitation campaign of Citrix NetScalers in a joint effort with the Dutch Institute of Vulnerability Disclosure (DIVD). An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing webshells on vulnerable NetScalers to gain persistent access. The adversary can execute arbitrary commands with this webshell, even when a NetScaler is patched and/or rebooted. At the time of writing, more than 1900 NetScalers remain backdoored. Using the data supplied by Fox-IT, the Dutch Institute of Vulnerability Disclosure has notified victims.
#fox-it#EN#2023#CVE-2023-3519#citrix#NetScalers#backdoored
·blog.fox-it.com·
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign