How LockBit used Citrix Bleed to breach Boeing and other targets

CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted third parties have observed similar activity impacting their organization,” cybersecurity and law enforcement officials have confirmed on Tuesday. In a joint cybersecurity advisory, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and officials from the Australian Cyber Security Center (ACSC) have shared the tactics, techniques, and procedures and indicators of compromise (IoCs) shared … More →

The post …

acsc advisory boeing breach business cisa citrix citrix bleed cve cve-2023-4966 cybersecurity cybersecurity advisory distribution don't miss enforcement exploited fbi hot stuff infrastructure infrastructure security law law enforcement lockbit lockbit 3.0 netscaler officials organization parts ransomware security third third parties tuesday vulnerability