CyberSecurityBoard
Sponsor Register Login

The Fallout from "CitrixBleed"

On December 18, 2023, Comcast Xfinity filed a notice to the Attorney General of Maine disclosing an exploited vulnerability in one of Xfinity's software providers, Citrix, that has jeopardized almost 36 million customers' sensitive information.
While the vulnerability was made in August of 2023, the telecommunications solutions provider announced patches in October, but it already had mass exploitation weeks after the patch was reported.
Kiran Chinnagangannagari, CTO, CPO & co-founder, Securin, shares how a vulnerability like this causes so much damage.
Chinnagangannagari implores companies to look for ways to mitigate risk.


This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Thu, 21 Dec 2023 03:13:08 +0000


Cyber News related to The Fallout from "CitrixBleed"

Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability - Comcast's Xfinity is informing customers that their information has been compromised in a cyberattack that involved exploitation of the vulnerability known as CitrixBleed. CitrixBleed, officially tracked as CVE-2023-4966, is a critical vulnerability ...
1 year ago Securityweek.com CVE-2023-4966
Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability - Comcast's Xfinity is informing customers that their information has been compromised in a cyberattack that involved exploitation of the vulnerability known as CitrixBleed. CitrixBleed, officially tracked as CVE-2023-4966, is a critical vulnerability ...
1 year ago Packetstormsecurity.com CVE-2023-4966
"CitrixBleed 2" Vulnerability PoC Released - Warns of Potential Widespread Exploitation - A new critical vulnerability in Citrix NetScaler devices has security experts warning of potential widespread exploitation, drawing alarming parallels to the devastating “CitrixBleed” attacks that plagued organizations in 2023. The ...
1 week ago Cybersecuritynews.com CVE-2025-5777
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch - The first warning of CitrixBleed 2 being exploited came from ReliaQuest on June 27. On July 7, security researchers at watchTowr and Horizon3 published proof-of-concept exploits (PoCs) for CVE-2025-5777, demonstrating how the flaw can ...
4 days ago Bleepingcomputer.com CVE-2025-5777
Teens with "digital bazookas" are winning the ransomware war, researcher laments - What do Boeing, an Australian shipping company, the world's largest bank, and one of the world's biggest law firms have in common? All four have suffered cybersecurity breaches, most likely at the hands of teenage hackers, after failing to patch a ...
1 year ago Arstechnica.com LockBit
Comcast Xfinity Breached via CitrixBleed; 35M Customers Affected - The now-infamous CitrixBleed vulnerability has claimed possibly its biggest kill yet: 35 million customers of Comcast Xfinity. Since at least August, attackers have been exploiting CVE-2023-4966, a 7.5 high-severity vulnerability affecting Citrix ...
1 year ago Darkreading.com CVE-2023-4966 LockBit
BlackCat claims attack on Fidelity National Financial The Register - Fortune 500 insurance biz Fidelity National Financial has confirmed that it has fallen victim to a "Cybersecurity incident." The services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, ...
1 year ago Theregister.com CVE-2023-4966 LockBit
Xfinity Data Breach Impacts 36 Million Individuals - The data breach disclosed recently by Comcast's Xfinity impacts nearly 36 million individuals, the company told US authorities. The incident was disclosed by the telecommunications and smart home solutions provider on December 18, when it admitted ...
1 year ago Securityweek.com CVE-2023-4966
Public exploits released for CitrixBleed 2 NetScaler flaw, patch now - Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session ...
1 week ago Bleepingcomputer.com CVE-2025-5777
CVE-2018-8933 - The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3. ...
5 years ago
CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. - Credit union technology firm Trellance own Ongoing Operations LLC, and provide a platform called Fedcomp - used by double digit number of other credit unions across the United States. A ransomware group gained entry to Trellance via Ongoing ...
1 year ago Doublepulsar.com
Hackers Actively Exploiting CitrixBleed 2 Vulnerability in the Wild - This pre-authentication flaw enables attackers to craft malicious requests that leak uninitialized memory from affected NetScaler ADC and Gateway devices, potentially exposing sensitive data, including session tokens, passwords, and configuration ...
4 days ago Cybersecuritynews.com CVE-2025-5777
The Fallout from "CitrixBleed" - On December 18, 2023, Comcast Xfinity filed a notice to the Attorney General of Maine disclosing an exploited vulnerability in one of Xfinity's software providers, Citrix, that has jeopardized almost 36 million customers' sensitive information. While ...
1 year ago Cybersecurity-insiders.com
SW Ontario hospitals confirm patient data compromised in cyberattack - As the fallout from last week's cyberattack against five southwestern Ontario hospitals continues to spread, the organizations confirmed Tuesday that patient information was stolen and they now fear the blackmailers might publish it online. TransForm ...
1 year ago Windsorstar.com
Ex-Uber CSO: Lessons Learned from the Breach and Legal Case - BLACK HAT EUROPE 2023 - London - Former Uber CISO Joe Sullivan last week shared new details about the 2016 data breach at the company that led to his firing from Uber and, later, felony charges. The Uber Breach Sullivan was in his second year as CISO ...
1 year ago Darkreading.com
Leak of Greek Diaspora Emails Shakes Government: A Closer Look - The recent leak of Greek diaspora emails has sent shockwaves through the conservative government of Prime Minister Kyriakos Mitsotakis. The scandal, which unfolded in March 2024, has raised questions about privacy, data protection, and political ...
1 year ago Cysecurity.news
citrixbleed - ...
1 year ago
Comcast's Xfinity customer data exposed after CitrixBleed attack - We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience ...
1 year ago Securityaffairs.com
Industrial and Commercial Bank of China dealing with LockBit ransomware attack - One of the world's largest banks is dealing with a ransomware attack, according to media reports on Thursday. The Financial Times first reported that the state-owned Industrial and Commercial Bank of China - China's biggest, with revenues of $214.7 ...
1 year ago Therecord.media CVE-2023-4966 LockBit
Toyota Germany Says Customer Data Stolen in Ransomware Attack - Toyota Germany is notifying customers that their personal information was compromised in a ransomware attack last month. Initially disclosed in mid-November, the incident impacted the systems of Toyota Financial Services Europe & Africa, a subsidiary ...
1 year ago Securityweek.com Medusa
Toyota Germany Says Customer Data Stolen in Ransomware Attack - Toyota Germany is notifying customers that their personal information was compromised in a ransomware attack last month. Initially disclosed in mid-November, the incident impacted the systems of Toyota Financial Services Europe & Africa, a subsidiary ...
1 year ago Packetstormsecurity.com Medusa
Remote-access tools the intrusion point to blame for most ransomware attacks - Dive Brief: Remote-access tools were the primary intrusion point for ransomware attacks, accounting for 3 in 5 attacks last year, cybersecurity insurance firm At-Bay said Wednesday in a report. Attackers primarily targeted perimeter-access tools in ...
1 year ago Cybersecuritydive.com
Christie disclosed a data breach after RansomHub attack - MUST READ. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach after the 2023 Cactus ransomware attack. City of Wichita disclosed a data breach after the recent ransomware attack. Australian Firstmac Limited ...
1 year ago Securityaffairs.com Cactus Ransomhub
Over 1,200 Citrix servers unpatched against critical auth bypass flaw - While Citrix has yet to confirm that this security flaw is being exploited in the wild, saying that "currently, there is no evidence to suggest exploitation of CVE-2025-5777," cybersecurity firm ReliaQuest reported on Thursday with medium confidence ...
2 weeks ago Bleepingcomputer.com CVE-2025-5777
CISA Warns of CitrixBleed 2 Vulnerability Exploited in Attacks - The vulnerability, tracked as CVE-2025-5777, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog with an immediate remediation deadline of July 11, 2025. The vulnerability specifically affects deployments where NetScaler ...
3 days ago Cybersecuritynews.com CVE-2025-5777

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)