Cyber security news for all

More

    Vulnerability Discovered In Numerous Citrix Networks

    The network manufacturer Citrix has now published the first security patches for a massive vulnerability discovered in Citrix ADC. The Citrix Application Delivery Controller and the Citrix Gateway are used by numerous companies around the world to reduce network delays and to utilize their infrastructure more evenly. Due to the vulnerability, attackers can use it to remotely inject and execute malicious code, numerous security providers warn.

    It Actually Started Quite Unspectacular

    A security vulnerability was found in a Citrix network balancer in mid-December. This software is used both in companies and by network operators worldwide and ensures an even distribution of network utilization there to avoid delays due to peak loads. Among other things, web services are less susceptible to DDoS attacks. The vulnerability, however, allows any application to be run remotely and is therefore highly critical.

    Citrix Networks

    Citrix ADC Is Used By A Large Number Of Companies

    Until the weekend, there was still no program code with which the vulnerability could have been exploited. Therefore, criminals initially limited themselves to looking for systems that were potentially vulnerable. An attack can be carried out with relatively little effort. Experts speak of one of the most dangerous vulnerabilities in recent years. Because Citrix ADC and NetScaler Gateways are used by a large number of companies and network providers worldwide, it didn’t take long for attackers to start looking for vulnerable systems. Citrix quickly compiled a list of immediate measures for operators of affected systems and became strongly advised to implement them. A secure version of Citrix ADC is expected shortly – the most up-to date information is also available on the Citrix website, including the dates on which patches will be available.

    Citrix recommends that administrators update the products with firmware that has been corrected. However, this is not yet available. As soon as this is the case, registered customers will be notified accordingly. Until then, those affected can take some measures to mitigate the vulnerability. According to Positive Technologies, the vulnerability enables attackers to access local corporate networks without the need for an account. At least 75,000 companies in 150 countries are potentially at risk. With a share of 37 percent, above all US companies worldwide are affected by the vulnerability. However, companies in Australia and the UK are also at risk from the vulnerability.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox