How cybercriminals make their honey from the Citrix Bleed flaw
It has now been more than six weeks since virtualization and cloud services provider Citrix reported the existence of a particularly critical vulnerability in two of its products, NetScaler ADC and NetScaler Gateway. But, as often happens, equipped organizations are slow to apply the patches. Which delights cybercriminals of all kinds. According to data from Shadowserver , a foundation dedicated to researching malicious activities, there are still around 91 vulnerable instances in France. This is much less than when the flaw was announced on October 10, when 813 instances were identified, but it is still far too many. “These are the most common attacks observed on our honeypots,” warns the foundation.