Unpatched Citrix NetScaler systems are being targeted by unknown threat actors in what’s suspected to be a ransomware attack.
The attacks reportedly involve the exploitation of CVE-2023-3519, a critical code injection vulnerability.
This vulnerability allows attackers to gain remote code execution.
Sophos said the modus operandi aligns closely with that of an attack campaign that NCC Group Fox-IT previously disclosed earlier this month in which nearly 2,000 Citrix netscaler systems were breached.
The attacks are also said to be linked to an earlier incident that used the same techniques minus the Citrix vulnerability.
Users of the affected products are advised to apply the patches and update their software to protect against future threats.
Sophos says the attacks are similar to those that took place earlier in the month in relation to a similar incident
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply