Communications of the ACM
Hackers Are Exploiting a Flaw in Citrix Software Despite Fix
The Citrix Bleed flaw was abused by hackers in secret for weeks before it was found and a fix was issued last month. Since then, researchers say, hackers have been targeting customers that have not yet applied the patch.
Credit: Citrix
Citrix Bleed, a critical flaw in Citrix Systems software, is being exploited by government-backed hackers and critical groups, including the notorious hacking gang LockBit, with a focus on the thousands of users that have yet to apply a patch that was released by the firm last month.
U.S. Cybersecurity and Infrastructure Security Agency's Eric Goldstein said the agency is assisting the unidentified victims.
Unit 42, the research arm of the cybersecurity firm Palo Alto Networks, said the bug can leak sensitive information, including "session tokens," from a device's memory.
Unit 42 noted that at least 6,000 IP addresses, mainly in the U.S., remained vulnerable as of Nov. 1.
In addition to patching the flaw, Citrix recommended users kill "all active and persistent sessions."
From Bloomberg
View Full Article - May Require Paid Subscription
Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA
No entries found