Malicious actors recently exploited a Citrix vulnerability to steal active directory data from a critical infrastructure organization, the Cybersecurity and Infrastructure Security Agency reported recently, urging organizations to take certain steps to detect a potential system compromise and apply patches.

“This serious vulnerability in the very commonly used Citrix/Netscaler Application Delivery Controller was unknown prior to exploitation,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “According to security researchers, the vulnerability may be associated with a Chinese government espionage campaign targeting critical infrastructure and allows hackers to access key network resources, such as active directory, and remotely execute malicious code. It is recommended that organizations using this service upgrade to the latest version of Netscaler ADC and Netscaler Gateway and patch according to bulletin CVE-2023-3467. The implementation of phishing-resistant multi-factor authentication also is highly recommended as a baseline security practice to help mitigate the risk of this and all other cyberattacks.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations. The incidents have not…
Headline
In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and…
AHA Cyber Intel
In today’s heightened threat environment, driven by domestic and geopolitical issues, it is more critical than ever for hospitals to prepare for and mitigate…
Headline
In a statement submitted to the Senate Health, Education, Labor and Pensions Committee for a hearing today on health care cybersecurity and patient privacy,…
Headline
Cyberattacks on hospitals are urgent threats to patient safety, care delivery and public trust. In this conversation, Ajay Gupta, board chair of Trinity Health…
Headline
The Food and Drug Administration yesterday released a safety notice announcing a software patch is available to address cybersecurity vulnerabilities in…