La pandemia di backdoor su Citrix NetScaler non accenna a diminuire. 2000 sono i server infetti e molti anche in Italia
Durante una #campagna su larga scala, gli #hacker criminali hanno compromesso circa 2.000 server #Citrix #NetScaler utilizzando la #vulnerabilità #RCE critica CVE-2023-3519 (9,8 punti sulla scala CVSS). I paesi europei hanno sofferto maggiormente di questi attacchi compresa l'Italia.
Condividi questo post se hai trovato la news interessante.
#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity
#campagna #hacker #citrix #netscaler #vulnerabilità #rce #redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #CyberSecurityAwareness #cybersecuritytraining #CyberSecurityNews #infosecurity
Man mag es kaum glauben, aber wenn Mails schon so anfangen... #NetScaler #ADC #Citrix
Deutschland ist in einem Thema aus der IT auch mal weltweit führend
#respekt #Deutschland #citrix #netscaler
Citrix nel mirino del cybercrime. 640 server Citrix Netscaler ADC e Gateway espongono una webshell
Gli #esperti di sicurezza hanno avvertito che circa 640 #server #Citrix #Netscaler ADC e Gateway sono già stati violati e infettati da #backdoor a seguito di attacchi che hanno usato la #vulnerabilità #RCE critica CVE-2023-3519 (9,8 punti sulla scala CVSS), scoperta e corretta il mese scorso.
#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity
#esperti #server #citrix #netscaler #backdoor #vulnerabilità #rce #redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #CyberSecurityAwareness #cybersecuritytraining #CyberSecurityNews #infosecurity
Another successful #NetScaler migration to new hardware this evening after an all day troubleshooting call that may have been caused by our storage team saturating an inter-data-center link with unexplained ECS replication. We shall see what tomorrow brings. Now I’m just lying here in my work clothes tired but not sleepy. :/
Happy Friday, I guess! 🥳 🥱
Successfully used the HA failover process to migrate some #NetScaler VPX instances off old SDX 11520 hardware to shiny new 9100Z hardware. It took some prework but otherwise went butta smoov. Client connections never even know it was happening. :3 #IT #infrastructure
#netscaler #it #infrastructure
Running a #Citrix #NetScaler? You might want to check your appliance for IOCs because of CVE-2023-3519 #InfoSec https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/
For any other enterprise #IT peeps out there, I’ve spent most of today getting new #NetScaler firmware rolled out to our live environment for this one. It’s a doozy! 😬
#infosec #cve20233519 #cve20233466 #cve20233467 #patchYourSystems
#it #netscaler #infosec #cve20233519 #cve20233466 #cve20233467 #patchyoursystems
Ars Technica: Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns https://arstechnica.com/?p=1954819 #Tech #arstechnica #IT #Technology #vulnerability #ColdFusion #netscaler #Security #exploit #Biz&IT #citrix #Adobe
#Tech #arstechnica #it #technology #vulnerability #coldfusion #netscaler #security #exploit #biz #citrix #adobe
Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns - Enlarge (credit: Getty Images)
Organizations big and small are... - https://arstechnica.com/?p=1954819 #vulnerability #coldfusion #netscaler #security #exploit #biz #citrix #adobe
#adobe #citrix #biz #exploit #security #netscaler #coldfusion #vulnerability
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519 (CVSS 8.3), CVE-2023-3466 (CVSS 8.0), CVE-2023-3467 (CVSS 9.8)
Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
...
#sysadmin #citrix #netscaler #adc #gateway #security #vulnerability
#sysadmin #citrix #netscaler #adc #gateway #security #vulnerability
Patch now. Not later, now. RCE score 9.8.
Okay, I think if you use Citrix ADC (netscaler) you should update immediately most probably.
https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
#InfoSec #citrix #netscaler #ADC
#infosec #citrix #netscaler #adc
So I figured out Rate Limiting on our #NetScaler platform today (finally) and a question comes to me: what questions of devs and software vendors and app teams does one ask in order to get the data points needed to establish baseline RL configurations? Or is broad-strokes rate limiting even a thing we should try to do? Curious how any firewall or #infoSec peeps out there approach this with customers or colleagues when onboarding new services. 🤔 #IT #AppDelivery #infrastructure #ITSecurity
#netscaler #infosec #it #appdelivery #infrastructure #itsecurity
I have a new article published in the #Cisco Community. It covers the #Citrix #Netscaler CLI configuration for Cisco #ISE RADIUS and TACACS+ load balancing. Let me know if I missed anything or tweaks that can be made.
#ISE #netscaler #citrix #cisco
I have a new article published in the #Cisco Community. It covers the #Citrix #Netscaler CLI configuration for Cisco #ISE RADIUS and TACACS load balancing. Let me know if I missed anything or tweaks that can be made.
#ISE #netscaler #citrix #cisco
Same procedure as every year... #Citrix published an advisory about an actively exploited vulnerability in ADC / #netscaler. Patch now!
https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518
https://www.helpnetsecurity.com/2022/12/13/cve-2022-27518-exploited/
Why not flag a valid license file as invalid when you upgrade to #Citrix ADC 13.1 GA firmware.. and yeah dont show any information popup after the first login. #NetScaler #ADC #Network
Upgraded from 12.1 because i need client authentication with 4096-bit public keys which is only possible with 13.1.. damn governments.
#citrix #netscaler #adc #network