Suspected Chinese Hacking Group Exploited a Flaw in Citrix Gear to Spy on Targets
Cuba ransomware gang used signed Microsoft drivers, Apple patched actively exploited zero-day flaw, India blames hospital attack on China, InfraGard member database is for sale on dark web, much more
Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
The National Security Agency (NSA) warned that a hacking group named APT5, suspected to be Chinese, has exploited a vulnerability in networking gear from U.S. technology company Citrix Systems to spy on targets.
In an advisory, the NSA reported the activity and requested that victims who discover additional evidence of an attack reach out to the NSA's Cybersecurity Collaboration Center, a unique division of the spy agency opened in 2021 with the mission of public-private sector collaboration.
Citrix said it was "aware of a small number of targeted attacks in the wild using this vulnerability." The company has already released a fix for the vulnerability that customers can download. The NSA alert did not say that APT5 is Chinese, but security researchers have reported this suspected link previously. APT5 is known for breaking into telecommunications provider…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.