LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

A recently discovered serious security vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances is being aggressively used by a number of threat actors, including affiliates of the LockBit ransomware, in order to gain early access to target environments. The Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have all contributed to the joint advice.

“Citrix Bleed, known to be leveraged by LockBit 3.0 affiliates, allows threat actors to bypass password requirements and multifactor authentication (MFA), leading to successful session hijacking of legitimate user sessions on Citrix NetScaler web application delivery control (ADC) and Gateway appliances,” the agencies stated.

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

22-Nov-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address