Unpatched Citrix NetScaler Devices Targeted by Ransomware Group FIN8


The danger of opportunistic attacks by a ransomware organization likely connected to the commercially driven FIN8 threat actor is increased against Citrix NetScaler ADC and NetScaler Gateway. Citrix’s application delivery, load balancing, and remote access technologies are all affected by the significant code injection vulnerability, which is tracked as CVE-2023-3519 and impacts several versions of these products.

Because they grant extremely privileged access to targeted networks, NetScaler devices are frequently targeted by attackers. Such gateway solutions have been implemented by many organizations to provide remote workers with secure access to enterprise applications and data.

Read More…