back to article 'Mass exploitation' of Citrix Bleed underway as ransomware crews pile in

Citrix Bleed, the critical information-disclosure bug that affects NetScaler ADC and NetScaler Gateway, is now under "mass exploitation," as thousands of Citrix NetScaler instances remain vulnerable, according to security teams. As of October 30, Shadowserver spotted just over 5,000 vulnerable servers on the public internet. …

  1. zerotonin

    Token from memory theft

    Stealing session tokens out of memory seems like a neat (new? new-old?) trick, the kind of thing CPU side-channel attacks wish they could do in the real world.

    I wonder how many other vulnerabilities on the outset look like simple memory reads that don't turn up anything useful, only for someone to use them to scan RAM for login tokens. Like Windows hash theft but... easier.

  2. Anonymous Coward
    Anonymous Coward

    Does Citrix still have an engineering group?

    Have they actually released a new version of anything in 10 years? I thought they had been sold and were just pulling in licensing fees...

    1. Hanin Elias

      Re: Does Citrix still have an engineering group?

      They seem to have changed their focus to their Xen product lineup and relegated Citrix remote desktop to an afterthought. Pretty much they switched to a Virtual Machine and SaaS model like the rest of the industry seem to be doing and raking in that sweet licensing loot.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like