Summary: A new ransomware campaign is targeting unpatched Citrix NetScaler systems, exploiting a critical remote code execution vulnerability. The attacks show similarities to previous incidents and have raised concerns about an organized and experienced threat group. The attackers used the NetScaler vulnerability to initiate a comprehensive domain-wide assault, injecting harmful software and employing intricate scripts. It is recommended that organizations not only apply the patch but also thoroughly inspect their networks for compromise. Sophos X-Ops suspects the involvement of a well-known ransomware threat actor, known as Threat Activity Cluster STAC4663.

Hashtags: #Ransomware #Citrix #NetScaler #Cybersecurity #Sophos #ThreatActor

https://www.infosecurity-magazine.com/news/ransomware-targets-citrix/