NSA says hackers are targeting Citrix networking gear

Share post:

A U.S. National Security Agency update has disclosed the activity of APT5, a presumed Chinese hacking group, which is looking to exploit a vulnerability in networking gear from U.S. technology company Citrix Systems Inc to spy on targets. It also asked that victims who find additional evidence of a cyber attack contact the NSA’s Cybersecurity Collaboration Center.

According to the agency’s notice, a group known as Advanced Persistent Threat 5, or APT5, a security designation for a Chinese state-backed hacking group known to target telecommunications companies, is operating against a Citrix software known as application delivery controllers (ADCs). Citrix ADC targeting can “facilitate illegitimate access to targeted organizations by bypassing normal authentication controls,” according to the agency.

Meanwhile, Citrix issued software patches to its customers on Tuesday to address what analysts call a “zero-day” security flaw in its software that, if left unpatched, could be exploited by Chinese hackers to gain unauthorized computer network access.

Citrix said “a vulnerability has been discovered in Citrix Gateway and Citrix ADC … that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.”

The sources for this piece include an article in Reuters.


Related articles

Cyber Security Today, May 20, 2024 -Ransomware gang claims it hit a Canadian internet provider

A ransomware gang claims it hit a Canadian internet provider. Welcome to Cyber Security Today. It's Monday May 20th,...

Cyber Security Today, Week in Review for week ending Friday May 17, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, May 17th,...

Cyber Security Today, May 17, 2024 – Malware hiding in Apache Tomcat servers

Malware hiding in Apache Tomcat servers, new backdoors found, and more Welcome to Cyber Security Today. It's Friday, May...

MIT students exploit blockchain vulnerability to steal 25 million dollars

Two MIT students have been implicated in a highly sophisticated cryptocurrency heist, where they reportedly exploited a vulnerability...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways