Twitter | Search | |
Search Refresh
Daniel Weppeler Sep 17
It is September 2020 and many / are still not patched for the December 2019 . Please check your systems and patch it asap‼️
Reply Retweet Like
Tyler Hudak Jan 13
Looking over honeypot logs...attacker used their backdoor to inadvertently delete /netscaler/portal/{templates,scripts}. Yes, the blue box are the backdoor IP addresses.
Reply Retweet Like
Steve Noel Nov 18
The 'Rise of nFactor: Episode IX' Wanted to showcase the power that nFactor brings to the table. I've featured 9 factors, but there are certainly many more with all sorts of different variations. Blog to follow...
Reply Retweet Like
Tyler Hudak Jan 20
Got hit with a new backdoor on the CVE-2019-19781 honeypot last night. Its a DDoS bot that comms over...IRC πŸ˜‚ Watch out for conns to 50.71.90.246:4545 and files named /tmp/.perl
Reply Retweet Like
Gadi Feldman Nov 6
Reply Retweet Like
Ben Whitmore | byteben.com πŸ‡¬πŸ‡§ Mar 19
Looking for a Expert with knowledge of for immediate engagement. RT and DM me, thanks.
Reply Retweet Like
Johannes Ullrich Jan 11
ADC Exploits are Public / Heavily Used (some attempt to install ).
Reply Retweet Like
Florian Roth β›° Jan 16
404 Exploit Not Found: Vigilante Deploying Mitigation for Vulnerability While Maintaining Backdoor |Β 
Reply Retweet Like
Anton van Pelt Nov 19
[ Blogged: ] ReName and ReOrder all Citrix ADC objects!
Reply Retweet Like
TrustedSec Jan 13
IR practice lead reveals the results from a honeypot deployed following the release of
Reply Retweet Like
Matt Heldstab Jan 19
Vulnerability Update: First permanent fixes available, timeline accelerated
Reply Retweet Like
lc4m Jan 12
exploiting activities on the rise.. Tele a look to the workaround until patches are not out ->
Reply Retweet Like
SANS ISC Jan 12
And of course... the cryptocoin minders latched on to the vulnerability. But wait. They claim to be the "good guys" ??? CVE-2019-19781
Reply Retweet Like
Johannes Ullrich Jan 10
A public exploit for cve-2019-19781 is out, and exploit attempts are streaming in quickly. If you didn't patch before leaving work today: Monday will be incident response day!
Reply Retweet Like
SANS ISC Jan 12
Citrix ADC Vulnerability Actively Exploited
Reply Retweet Like
Mads Petersen Sep 8
Did you know that if you do a packet capture on the using the .cap format, the ADC will insert it's own header? Where you can filter Client <> VIP and Backend traffic easy? Using the nstrace.pdevno and nstrace.l_pdevno filter option?
Reply Retweet Like
Anton van Pelt Jan 11
Citrix updated the CVE-2019-19781 article with expected dates to have a patch available. . While waiting apply the mitigation as recommended in ASAP!
Reply Retweet Like
Markus Zehnle Sep 17
If you are going to analyse your Gateway in regards of you should use the ioc-scanner-CVE-2019-19781 script from repository b/c since v1.3 the script in Citrix' repo is faulty "[erro]: missing script: /var/tmp/version.sh"
Reply Retweet Like
Scott Bollinger Jan 28
Anyone seeing rebooting 12.1 since applying latest patch? Also seeing disconnects in Citrix
Reply Retweet Like
Ori πŸ–€ Jan 9
Current status. 🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚🐚
Reply Retweet Like