US Census Bureau hacked in January 2020 using Citrix exploit

US Census Bureau servers were breached on January 11, 2020, by hackers who exploited a Citrix ADC zero-day vulnerability as the US Office of Inspector General (OIG) disclosed in a recent report. “The purpose of these servers was to provide Read More …

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently Read More …

Hacking isn’t canceled: Chinese group attacked Citrix and Zoho during coronavirus lockdown

A prolific state-backed Chinese cyber espionage operation started 2020 with one of its largest hacking campaigns – even though the coronavirus lockdown in China appeared to have an impact on the group’s output. The global operation by hacking group APT 41 – Read More …

Nice Try: 501 (Ransomware) Not Implemented

Since January 10, 2020, FireEye has tracked extensive global exploitation of CVE-2019-19781, which continues to impact Citrix ADC and Gateway instances that are unpatched or do not have mitigations applied. We previously reported on attackers’ swift attempts to exploit this vulnerability and the post-compromise deployment Read More …