CISA urges action to protect against Citrix vulnerability

Jul 25, 2023 - 04:02 PM
Symantic cyberattack

Malicious actors recently exploited a Citrix vulnerability to steal active directory data from a critical infrastructure organization, the Cybersecurity and Infrastructure Security Agency reported recently, urging organizations to take certain steps to detect a potential system compromise and apply patches.

“This serious vulnerability in the very commonly used Citrix/Netscaler Application Delivery Controller was unknown prior to exploitation,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “According to security researchers, the vulnerability may be associated with a Chinese government espionage campaign targeting critical infrastructure and allows hackers to access key network resources, such as active directory, and remotely execute malicious code. It is recommended that organizations using this service upgrade to the latest version of Netscaler ADC and Netscaler Gateway and patch according to bulletin CVE-2023-3467. The implementation of phishing-resistant multi-factor authentication also is highly recommended as a baseline security practice to help mitigate the risk of this and all other cyberattacks.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
Agencies issue guidance on mitigating cyberthreats with limited resources 
The Cybersecurity and Infrastructure Security Agency along with international agencies May 14 released guidance for high-risk nonprofit and other resource-…
Headline
Report: Delayed or missing payments increased for hospitals in first quarter
Hospitals and health systems nationwide saw a sizable increase in delayed or missing payments in first quarter 2024, according to a report released May 10 by…
Headline
Agencies warn of accelerating attacks on health care by Black Basta ransomware group
The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and Multi-State Information…
Headline
DOJ charges Russian national with developing, operating LockBit ransomware
The Department of Justice May 7 announced more than two dozen criminal charges against Dimitry Yuryevich Khoroshev, 31, of Voronezh, Russia, for his alleged…
Headline
AHA, other hospital groups urge UHG to formalize breach notification plans following Change Healthcare cyberattack 
The AHA and other national hospital groups May 8 sent a letter to UnitedHealth Group, urging the organization to formally accept responsibility for issuing…
Headline
CISA extends comment period for proposed rule on cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 3 extended the comment period to July 3 for the April 4 proposed rule that would implement cyber…