News & Insights

Shadowserver issued a report to inform government leaders, policymakers, and other key stakeholders in ECOWAS Member States in West Africa on the following: a) The ECOWAS region’s cyber threat landscape and attack surface using Shadowserver’s free, actionable cyber threat intelligence, technical analysis, and expert insights b) The region’s institutional and operational cybersecurity deficiencies (“gaps”) that make it increasingly vulnerable to cyber threats c) Recommended actions that can be undertaken at the national and regional levels to address the identified gaps, improve digital security, and enhance cyber resilience in the region d) The potential economic and societal impact should the identified institutional and operational cybersecurity gaps remain unaddressed.

A review of Shadowserver’s 20th year as the world’s largest provider of free, timely, actionable, daily cyber threat intelligence. Covering the latest improvements in our public benefit services, responses to emerging cyber threats, and detection and reporting of the latest vulnerabilities to National CSIRTs and system defenders globally. We provide highlights of our cybersecurity capacity building efforts, plus successful outcomes from our free support to Law Enforcement in major cybercrime disruption operations.

The Shadowserver Foundation and trusted partners have observed three different malicious campaigns that have exploited CVE-2023-3519, a code injection vulnerability rated CVSS 9.8 critical in Citrix NetScaler ADC and NetScaler Gateway. The summary below is based on collaboration with the individual compromised organizations, as well as their commercial incident response teams. All timestamps in this write-up are in UTC timezone, and they have all been slightly adjusted to not disclose the actual times. If you own a Citrix NetScaler or have those in your constituency, please follow the detection and hunting advice for signs of compromise and webshells!

We are happy to announce the addition of the support for multiple languages in our public Dashboard. Five different languages have been added: Arabic, Indonesian (Bahasa Indonesia), Malaysian (Bahasa Melayu), Filipino (Tagalog), Thai. This work was kindly supported by the UK Foreign, Commonwealth & Development Office (FCDO). If you are a National CSIRT or network owner who would like to see your own language added, please contact us to discuss helping to make that happen. Likewise, if you are a user with language/technical feedback on these translations, please do get in touch with suggestions and improvements.