A known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as an initial foothold into enterprise networks. “Our data indicates strong similarity between attacks using CVE-2023-3519 and previous attacks using a number of the same TTPs,” Sophos researchers shared. Citrix systems under attack In mid-July 2023, a zero-day remote code execution (RCE) vulnerability (CVE-2023-3519) started getting exploited in the wild. … More
The post Ransomware group exploits Citrix NetScaler systems for initial access appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: