Credential Harvesting Campaign Targets Unpatched NetScaler Instances

According to IBM, a credential harvesting campaign is targeting Citrix NetScaler gateways that haven’t been patched against a recent vulnerability. The vulnerability, tracked as CVE-2023-3519 (CVSS score of 9.8), was announced in July but has been exploited from June 2023, with some assaults targeting critical infrastructure companies.

By mid-August, threat actors had exploited this vulnerability as part of an automated effort, backdooring around 2,000 NetScaler instances. According to the Shadowserver Foundation, at least 1,350 NetScaler instances compromised in earlier assaults were detected in scans last week.x000D In September, IBM discovered a new malicious campaign targeting unpatched NetScaler devices in order to inject a script on the authentication screen and steal user credentials.

Credential Harvesting Campaign Targets Unpatched NetScaler Instances

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Credential Harvesting Campaign Targets Unpatched NetScaler Instances

09-Oct-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address