all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Citrix NetScaler takeovers possible with new exploit

Add to bookmarks
Oct. 26, 2023, 7:46 p.m. | SC Staff

SC Magazine feed for Strategy www.scmagazine.com

Vulnerable Citrix NetScaler Application Delivery Controller and NetScaler Gateway instances impacted by the recently remediated critical severity Citrix Bleed information disclosure bug, tracked as CVE-2023-4966, could have their authentication session cookies stolen and be hijacked through a new proof-of-concept exploit discovered by Assetnote researchers, reports BleepingComputer.

application application delivery application delivery controller assetnote authentication bleepingcomputer bug citrix citrix netscaler concept controller cookies critical cve delivery disclosure endpointdevice-security exploit gateway hijacked information information disclosure netscaler netscaler gateway proof proof-of-concept reports researchers security-staff-acquisition-development session severity stolen takeovers vulnerability management vulnerable

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

RSA Conference 2024: What to expect 4 hours ago | www.scmagazine.com
aiml art cloud security conference +12
Smoke and (screen) mirrors: A strange signed backdoor 2 days, 12 hours ago | www.scmagazine.com
backdoor masquerading network security ops +6
Attackers evade detection by leveraging Microsoft Graph API 2 days, 14 hours ago | www.scmagazine.com
api api security application security attackers +14
Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 2 days, 19 hours ago | www.scmagazine.com
cloud cloud security collaboration customers +10
US arrests ex-cyber consultant accused of IT firm extortion 2 days, 19 hours ago | www.scmagazine.com
address arrest arrests bleepingcomputer +21
Accelerated patching found with CISA KEV catalog-listed flaws 2 days, 19 hours ago | www.scmagazine.com
agency catalog cisa cisa kev +24
Path traversal vulnerability elimination in software sought by feds 2 days, 19 hours ago | www.scmagazine.com
agency bleepingcomputer cybersecurity devsecops +17
New AI security bill unveiled in Senate 2 days, 19 hours ago | www.scmagazine.com
act ai act aiml ai security +14
Data breach impacts Airsoft community site 2 days, 19 hours ago | www.scmagazine.com
breach cloud cloud storage community +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com
View more jobs