September 22, 2023

Citrix has released a patch for a critical flaw affecting Citrix ADC and Citrix Gateway, and it is aware of attacks against the vulnerability in the wild.

The vulnerability, tracked under CVE-2022-27518, affects Citrix ADC and Citrix Gateway versions 12.1 (including FIPS and NDcPP) and 13.0 before 13.0-58.32.

NSA issued its own warning that the China-linked APT5 threat group has been actively targeting Citrix ADCs to bypass authentication controls to breach organizations. It also provided threat hunting guidance for security teams and asked for intelligence sharing among the public and private sectors.

Advertisements

APT5, which has been active since at least 2007, has largely conducted cyber espionage campaigns and has a history of targeting tech companies, including those building military applications and regional telecommunication providers.

Last year, APT5 exploited a zero-day vulnerability in Pulse Secure VPN, another networking product often targeted by hackers to breach the U.S. networks involved in defense research and development.

Tags:

Leave a Reply

You may have missed

T-Mobile and Data Breach tightly coupled

September 21, 2023

Cisco Acquires Splunk in a blockbuster deal

September 21, 2023

Atlassian BitBucket and Confluence Vulnerabilities

September 21, 2023

Snatch ransomware Dissection

September 21, 2023

Fortinet Fixes Vulnerabilities in FortiOS

September 20, 2023

Trend Micro Endpoint Vulnerability – CVE-2023-41179

September 20, 2023
%d bloggers like this: