Search
1000 results for “neoscaler”
-
CitrixBleed II – kolejny błąd powodujący, że serwer zwraca więcej danych niż powinien
Większość naszych Czytelników zapewne kojarzy krytyczną podatność OpenSSL – Heartbleed, która stała się niemal książkowym przykładem błędu, który dotyka bardzo szerokiego grona użytkowników. Za sprawą błędnej obsługi rozmiaru przesyłanego bufora w nowo dodanym rozszerzeniu TLS/DTLS Heartbeat, możliwe było zdalne odczytanie aż do 64k bajtów pamięci klienta lub serwera. Zdarzało się,...
#WBiegu #Citrix #Heartbleed #Netscaler #OutOfBoundRead #Podatność
-
CitrixBleed II – kolejny błąd powodujący, że serwer zwraca więcej danych niż powinien
Większość naszych Czytelników zapewne kojarzy krytyczną podatność OpenSSL – Heartbleed, która stała się niemal książkowym przykładem błędu, który dotyka bardzo szerokiego grona użytkowników. Za sprawą błędnej obsługi rozmiaru przesyłanego bufora w nowo dodanym rozszerzeniu TLS/DTLS Heartbeat, możliwe było zdalne odczytanie aż do 64k bajtów pamięci klienta lub serwera. Zdarzało się,...
#WBiegu #Citrix #Heartbleed #Netscaler #OutOfBoundRead #Podatność
-
CitrixBleed 2 might be actively exploited (CVE-2025-5777) https://www.helpnetsecurity.com/2025/06/30/citrixbleed-2-might-be-actively-exploited-cve-2025-5777/ #vulnerability #enterprise #ReliaQuest #Don'tmiss #NetScaler #Hotstuff #Censys #Citrix #News
-
Первый российский аппаратный балансировщик нагрузки DS Proxima
Цифровизация перестала быть выбором — теперь это вопрос конкурентоспособности. Российский финтех, госуслуги и ритейл не просто догоняют мировых лидеров — они формируют новые стандарты цифровой зрелости, на которые ориентируются и другие сектора экономики. Однако за внешней эффективностью цифровых сервисов скрывается серьёзный технологический вызов — инфраструктура не всегда успевает за взрывным ростом нагрузки. В этих условиях балансировщики нагрузки превращаются из вспомогательного инструмента в критический компонент инфраструктуры — они становятся ключевым элементом системы масштабирования.
https://habr.com/ru/companies/dsol/articles/899268/
#импортозамещение #балансировщик_нагрузки #масштабирование #аппаратная_архитектура #f5 #citrix_netscaler #балансировщик
-
Первый российский аппаратный балансировщик нагрузки DS Proxima
Цифровизация перестала быть выбором — теперь это вопрос конкурентоспособности. Российский финтех, госуслуги и ритейл не просто догоняют мировых лидеров — они формируют новые стандарты цифровой зрелости, на которые ориентируются и другие сектора экономики. Однако за внешней эффективностью цифровых сервисов скрывается серьёзный технологический вызов — инфраструктура не всегда успевает за взрывным ростом нагрузки. В этих условиях балансировщики нагрузки превращаются из вспомогательного инструмента в критический компонент инфраструктуры — они становятся ключевым элементом системы масштабирования.
https://habr.com/ru/companies/dsol/articles/899268/
#импортозамещение #балансировщик_нагрузки #масштабирование #аппаратная_архитектура #f5 #citrix_netscaler #балансировщик
-
Первый российский аппаратный балансировщик нагрузки DS Proxima
Цифровизация перестала быть выбором — теперь это вопрос конкурентоспособности. Российский финтех, госуслуги и ритейл не просто догоняют мировых лидеров — они формируют новые стандарты цифровой зрелости, на которые ориентируются и другие сектора экономики. Однако за внешней эффективностью цифровых сервисов скрывается серьёзный технологический вызов — инфраструктура не всегда успевает за взрывным ростом нагрузки. В этих условиях балансировщики нагрузки превращаются из вспомогательного инструмента в критический компонент инфраструктуры — они становятся ключевым элементом системы масштабирования.
https://habr.com/ru/companies/dsol/articles/899268/
#импортозамещение #балансировщик_нагрузки #масштабирование #аппаратная_архитектура #f5 #citrix_netscaler #балансировщик
-
Cloud Software Group, owner of Citrix, Tibco, NetScaler, and XenServer, confirms global layoffs, with LinkedIn posts revealing cuts to engineers, technical account managers, and other roles. #CloudSoftwareGroup #Citrix #Tibco #NetScaler #XenServer #Layoffs #TechNews #JobCuts #WorkforceChanges
-
Cloud Software Group, owner of Citrix, Tibco, NetScaler, and XenServer, confirms global layoffs, with LinkedIn posts revealing cuts to engineers, technical account managers, and other roles. #CloudSoftwareGroup #Citrix #Tibco #NetScaler #XenServer #Layoffs #TechNews #JobCuts #WorkforceChanges
-
Cloud Software Group, owner of Citrix, Tibco, NetScaler, and XenServer, confirms global layoffs, with LinkedIn posts revealing cuts to engineers, technical account managers, and other roles. #CloudSoftwareGroup #Citrix #Tibco #NetScaler #XenServer #Layoffs #TechNews #JobCuts #WorkforceChanges
-
Cloud Software Group, owner of Citrix, Tibco, NetScaler, and XenServer, confirms global layoffs, with LinkedIn posts revealing cuts to engineers, technical account managers, and other roles. #CloudSoftwareGroup #Citrix #Tibco #NetScaler #XenServer #Layoffs #TechNews #JobCuts #WorkforceChanges
-
Cloud Software Group, owner of Citrix, Tibco, NetScaler, and XenServer, confirms global layoffs, with LinkedIn posts revealing cuts to engineers, technical account managers, and other roles. #CloudSoftwareGroup #Citrix #Tibco #NetScaler #XenServer #Layoffs #TechNews #JobCuts #WorkforceChanges
-
"Actuellement, le BSI -allemand- reçoit de plus en plus de rapports faisant état d’attaques par force brute contre les passerelles Citrix Netscaler de la part de divers secteurs d’infrastructures critiques ainsi que de partenaires internationaux"
👇
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-298922-1032.html"These types of attacks by "probing" Citrix Netscaler Gateway instances accessible on the Internet are not new. But it is also known that this is how the cyberattacks of the past began. The reader also writes that there have also been some much more targeted attempts with domain-specific emails on the Citrix Netscaler Gateway of the company I know. For example, the term "Baustoffzentrum" (related to the company) was also attempted as a user name when logging in. Other German blog readers confirmed this observations in the comments here."
👇
https://borncity.com/win/2024/12/07/massive-wave-of-attacks-on-citrix-netscaler-gateways-since-5-and-6-dec-2024/"In recent weeks, Cyderes has observed a significant uptick in brute force attacks targeting Citrix NetScaler devices, across multiple client environments."
👇
https://www.cyderes.com/blog/mitigating-brute-force-attacks-on-netscaler-devices -
"Actuellement, le BSI -allemand- reçoit de plus en plus de rapports faisant état d’attaques par force brute contre les passerelles Citrix Netscaler de la part de divers secteurs d’infrastructures critiques ainsi que de partenaires internationaux"
👇
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-298922-1032.html"These types of attacks by "probing" Citrix Netscaler Gateway instances accessible on the Internet are not new. But it is also known that this is how the cyberattacks of the past began. The reader also writes that there have also been some much more targeted attempts with domain-specific emails on the Citrix Netscaler Gateway of the company I know. For example, the term "Baustoffzentrum" (related to the company) was also attempted as a user name when logging in. Other German blog readers confirmed this observations in the comments here."
👇
https://borncity.com/win/2024/12/07/massive-wave-of-attacks-on-citrix-netscaler-gateways-since-5-and-6-dec-2024/"In recent weeks, Cyderes has observed a significant uptick in brute force attacks targeting Citrix NetScaler devices, across multiple client environments."
👇
https://www.cyderes.com/blog/mitigating-brute-force-attacks-on-netscaler-devices -
"Actuellement, le BSI -allemand- reçoit de plus en plus de rapports faisant état d’attaques par force brute contre les passerelles Citrix Netscaler de la part de divers secteurs d’infrastructures critiques ainsi que de partenaires internationaux"
👇
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-298922-1032.html"These types of attacks by "probing" Citrix Netscaler Gateway instances accessible on the Internet are not new. But it is also known that this is how the cyberattacks of the past began. The reader also writes that there have also been some much more targeted attempts with domain-specific emails on the Citrix Netscaler Gateway of the company I know. For example, the term "Baustoffzentrum" (related to the company) was also attempted as a user name when logging in. Other German blog readers confirmed this observations in the comments here."
👇
https://borncity.com/win/2024/12/07/massive-wave-of-attacks-on-citrix-netscaler-gateways-since-5-and-6-dec-2024/"In recent weeks, Cyderes has observed a significant uptick in brute force attacks targeting Citrix NetScaler devices, across multiple client environments."
👇
https://www.cyderes.com/blog/mitigating-brute-force-attacks-on-netscaler-devices -
"Actuellement, le BSI -allemand- reçoit de plus en plus de rapports faisant état d’attaques par force brute contre les passerelles Citrix Netscaler de la part de divers secteurs d’infrastructures critiques ainsi que de partenaires internationaux"
👇
https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-298922-1032.html"These types of attacks by "probing" Citrix Netscaler Gateway instances accessible on the Internet are not new. But it is also known that this is how the cyberattacks of the past began. The reader also writes that there have also been some much more targeted attempts with domain-specific emails on the Citrix Netscaler Gateway of the company I know. For example, the term "Baustoffzentrum" (related to the company) was also attempted as a user name when logging in. Other German blog readers confirmed this observations in the comments here."
👇
https://borncity.com/win/2024/12/07/massive-wave-of-attacks-on-citrix-netscaler-gateways-since-5-and-6-dec-2024/"In recent weeks, Cyderes has observed a significant uptick in brute force attacks targeting Citrix NetScaler devices, across multiple client environments."
👇
https://www.cyderes.com/blog/mitigating-brute-force-attacks-on-netscaler-devices -
#Citrix has fixed two critical security vulnerbilities in #CitrixADC and Gateway.
Check your ns.conf for the following configuration settings. If they are set, you should update immediately.
enable ns feature.*rdpproxy
add rdp serverprofile <RDP_server_name>
add vpn vserver <vserver_name> -rdpServerProfileName <RDP_server_name>
enable ns feature.*rdpproxy
add authentication vserver
add vpn vserver -
#Citrix has fixed two critical security vulnerbilities in #CitrixADC and Gateway.
Check your ns.conf for the following configuration settings. If they are set, you should update immediately.
enable ns feature.*rdpproxy
add rdp serverprofile <RDP_server_name>
add vpn vserver <vserver_name> -rdpServerProfileName <RDP_server_name>
enable ns feature.*rdpproxy
add authentication vserver
add vpn vserver -
#Citrix has fixed two critical security vulnerbilities in #CitrixADC and Gateway.
Check your ns.conf for the following configuration settings. If they are set, you should update immediately.
enable ns feature.*rdpproxy
add rdp serverprofile <RDP_server_name>
add vpn vserver <vserver_name> -rdpServerProfileName <RDP_server_name>
enable ns feature.*rdpproxy
add authentication vserver
add vpn vserver -
Die Stadt #Itzehoe beschloss im Juli 2023 das #Outsourcing der #IT an Dataport. Im November 2023 wurde #NetScaler kompromittiert. Bis März 2024 war das Outsourcing abgeschlossen. Im April 2024 informierte man über den #ITSicherheitsvorfall.
https://kommunaler-notbetrieb.de/2023/11/08/stadtverwaltung-itzehoe/ -
“This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard - Enlarge (credit: Getty Images)
A vulnerability that allows att... - https://arstechnica.com/?p=1979860 #netscalerapplicationdeliverycontroller #netscalergateway #vulnerability #security #biz #citrix
-
"⚠️ #Updated: Citrix CVE-2023-3519 Exploitation - Webshells Implanted! ⚠️"
Initial Release Date: July 20, 2023
The CISA has updated the alarm on CVE-2023-3519, a severe RCE vulnerability in NetScaler (Citrix) ADC & Gateway. In June 2023, threat actors exploited this as a zero-day, compromising a critical infrastructure organization. They planted a webshell, enabling AD reconnaissance & data exfiltration. Thankfully, network-segmentation controls halted their lateral movement. Citrix has since released a patch. Stay vigilant!
Summary:
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding the exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC) and NetScaler Gateway. Threat actors exploited this vulnerability as a zero-day in June 2023, compromising a critical infrastructure organization's non-production environment NetScaler ADC appliance. The attackers planted a webshell, enabling them to perform Active Directory (AD) reconnaissance and data exfiltration. Although they attempted lateral movement to a domain controller, network-segmentation controls prevented their progress. Citrix released a patch on July 18, 2023.Technical Details:
- CVE-2023-3519: This unauthenticated RCE vulnerability impacts various versions of NetScaler ADC and NetScaler Gateway. The affected appliance must be configured as a Gateway or for authentication, authorization, and auditing (AAA) to be exploited.
Threat Actor Activity (Victim 1):
- Initial exploit chain involved uploading a TGZ file containing a webshell, discovery script, and setuid binary.
- The webshell was used for AD enumeration and data exfiltration.
- NetScaler configuration files and decryption keys were accessed.
- Actors queried AD data and encrypted discovery data for exfiltration.
- Attempts to move laterally and delete artifacts were blocked by network-segmentation controls.
Update September 6, 2023: Victim 2:
- Actors uploaded a PHP webshell, gained root access, and conducted AD queries.
- Exfiltrated data and deleted files and logs.
- Used compromised pfSense devices for command and control (C2).
Additional Observed Activity:
- Actors leveraged open source webshells and tools for various purposes, including exfiltration, persistence, and tampering with monitoring tools.
- Modified open-source tools to capture and exfiltrate credentials.
- Deployed tunnellers for encrypted reverse TCP/TLS connections.
- Employed Sysinternals ADExplorer for AD reconnaissance.
Update September 6, 2023:
The advisory was updated with additional techniques, including infrastructure compromise, tool acquisition, scripting interpreter usage, autostart execution, multi-hop proxying, file deobfuscation, permissions modification, defense impairment, indicator removal, masquerading, data staging, and protocol tunneling.Organizations are urged to apply the provided patches by Citrix and implement the detection guidance to identify potential system compromises. Incident response recommendations are included in the advisory for confirmed compromises, while vigilant monitoring and security measures are advised to prevent further exploitation.
Source: CISA Advisory - AA23-201A
Tags: #Cybersecurity #Citrix #CVE20233519 #NetScaler #ZeroDay #Webshell #DataExfiltration #PatchNow #StaySafe
-
One intrusion detected in mid-August 2023 involved the use of this security flaw to conduct a domain-wide attack.
-
#Citrix is urging organizations that uses #CitrixADC & #CitrixGateway to patch immediately as threat actors are actively exploiting these #vulnerabilities in the wild.
#infosec #cybersecurity #patchnow
https://www.darkreading.com/remote-workforce/attackers-exploit-zero-day-bug-in-netscaler-adc-and-gateway-products -
#Citrix is urging organizations that uses #CitrixADC & #CitrixGateway to patch immediately as threat actors are actively exploiting these #vulnerabilities in the wild.
#infosec #cybersecurity #patchnow
https://www.darkreading.com/remote-workforce/attackers-exploit-zero-day-bug-in-netscaler-adc-and-gateway-products -
#Citrix is urging organizations that uses #CitrixADC & #CitrixGateway to patch immediately as threat actors are actively exploiting these #vulnerabilities in the wild.
#infosec #cybersecurity #patchnow
https://www.darkreading.com/remote-workforce/attackers-exploit-zero-day-bug-in-netscaler-adc-and-gateway-products -
#Citrix is urging organizations that uses #CitrixADC & #CitrixGateway to patch immediately as threat actors are actively exploiting these #vulnerabilities in the wild.
#infosec #cybersecurity #patchnow
https://www.darkreading.com/remote-workforce/attackers-exploit-zero-day-bug-in-netscaler-adc-and-gateway-products -
#Citrix is urging organizations that uses #CitrixADC & #CitrixGateway to patch immediately as threat actors are actively exploiting these #vulnerabilities in the wild.
#infosec #cybersecurity #patchnow
https://www.darkreading.com/remote-workforce/attackers-exploit-zero-day-bug-in-netscaler-adc-and-gateway-products -
Citrix, war da was?
Bei derartigen "Sicherheitslücken" in amerikanischen Geräten am Netzwerk-Perimeter kann ich nur noch zynisch reagieren. Das gilt für die Platzhirsche Cisco und Citrix sowie für alle anderen. Die können das nämlich auch. Wieder einmal musste Citrix Notfall-Updates für seine "Netscaler ADC" Geräte-Serie veröffentlichen. Weniger als eine Woche nach Veröffentlichung der beiden Sicherheitslücken wurden bereits erste Angriffe (exploits) darauf beobachtet. Citrix hat die Updates am 23. März veröffentlicht und sein Bulletin zuletzt am 27. März aktualisiert (heute schreiben wir den
https://www.pc-fluesterer.info/wordpress/2026/04/04/citrix-war-da-was/
#Allgemein #Empfehlung #Hintergrund #Warnung #closedsource #cybercrime #exploits #firewall #hersteller #hintertür #router #spionage #UnplugTrump #usa #vorbeugen #wissen
-
Citrix, war da was?
Bei derartigen "Sicherheitslücken" in amerikanischen Geräten am Netzwerk-Perimeter kann ich nur noch zynisch reagieren. Das gilt für die Platzhirsche Cisco und Citrix sowie für alle anderen. Die können das nämlich auch. Wieder einmal musste Citrix Notfall-Updates für seine "Netscaler ADC" Geräte-Serie veröffentlichen. Weniger als eine Woche nach Veröffentlichung der beiden Sicherheitslücken wurden bereits erste Angriffe (exploits) darauf beobachtet. Citrix hat die Updates am 23. März veröffentlicht und sein Bulletin zuletzt am 27. März aktualisiert (heute schreiben wir den
https://www.pc-fluesterer.info/wordpress/2026/04/04/citrix-war-da-was/
#Allgemein #Empfehlung #Hintergrund #Warnung #closedsource #cybercrime #exploits #firewall #hersteller #hintertür #router #spionage #UnplugTrump #usa #vorbeugen #wissen
-
Citrix, war da was?
Bei derartigen "Sicherheitslücken" in amerikanischen Geräten am Netzwerk-Perimeter kann ich nur noch zynisch reagieren. Das gilt für die Platzhirsche Cisco und Citrix sowie für alle anderen. Die können das nämlich auch. Wieder einmal musste Citrix Notfall-Updates für seine "Netscaler ADC" Geräte-Serie veröffentlichen. Weniger als eine Woche nach Veröffentlichung der beiden Sicherheitslücken wurden bereits erste Angriffe (exploits) darauf beobachtet. Citrix hat die Updates am 23. März veröffentlicht und sein Bulletin zuletzt am 27. März aktualisiert (heute schreiben wir den
https://www.pc-fluesterer.info/wordpress/2026/04/04/citrix-war-da-was/
#Allgemein #Empfehlung #Hintergrund #Warnung #closedsource #cybercrime #exploits #firewall #hersteller #hintertür #router #spionage #UnplugTrump #usa #vorbeugen #wissen