Showing only posts tagged citrix. Show all posts.

“This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard

Source

Enlarge (credit: Getty Images) A vulnerability that allows attackers to bypass multifactor authentication and access enterprise networks using hardware sold by Citrix is under mass exploitation by ransomware hackers despite a patch being available for three weeks. Citrix Bleed, the common name for the vulnerability, carries a severity rating …

The latest high-severity Citrix vulnerability under attack isn’t easy to fix

Source

Enlarge (credit: Getty Images) A critical vulnerability that hackers have exploited since August, which allows them to bypass multifactor authentication in Citrix networking hardware, has received a patch from the manufacturer. Unfortunately, applying it isn’t enough to protect affected systems. The vulnerability, tracked as CVE-2023-4966 and carrying a …

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Source

Enlarge (credit: Getty Images) Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and nation-state spies. The exploited vulnerabilities—one in Adobe ColdFusion and the other in various Citrix NetScaler …