#PatchAlert

🛡 H3lium@infosec.exchange/:~# :blinking_cursor:​H3liumb0y@infosec.exchange
2023-10-24

" Urgent Patch Alert: Citrix NetScaler CVE-2023-4966 "

Citrix has issued an urgent warning for admins to patch the NetScaler CVE-2023-4966 vulnerability immediately. This critical flaw, rated 9.4/10 in severity, allows remote exploitation without user interaction. The vulnerability affects NetScaler appliances configured as a Gateway or an AAA virtual server. Although Citrix initially had no evidence of exploitation in the wild, Mandiant disclosed ongoing attacks a week later. Threat actors have been leveraging this zero-day since late August 2023 to hijack authentication sessions, potentially bypassing multifactor authentication. Mandiant also reported instances where the vulnerability was used to infiltrate government and tech corporation infrastructures. Admins are strongly advised to patch and kill all active sessions.

Source: BleepingComputer

Tags: #Citrix #NetScaler #CVE20234966 #CyberSecurity #PatchAlert #ZeroDay #Mandiant #AuthenticationHijack 🛡️🔐🌐

Author: Sergiu Gatlan - :birdsite:​ Twitter

Michael Lopezpenquester
2023-10-11

🚨 Major attacks hit Cloudflare, Google, AWS via a zero-day in HTTP/2 (CVE-2023-44487). The HTTP/2 Rapid Reset exploit caused chaos, with attacks reaching 201M RPS and a staggering 398M RPS! Quick mitigations were applied, but the urgency to patch systems remains critical.

See how it works below!


Mustafa Kaan Demirhanmstfknn
2023-04-28

⚠️ Critical vulnerability in firewalls (CVE-2023-28771) allows remote command execution. Update your firmware ASAP! Full details: securityweek.com/critical-vuln

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst