Kevin Beaumont writes:
How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023.
Credit union technology firm Trellance owns Ongoing Operations LLC, and provides a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler patches had been applied since May 2023:
A ransomware group gained entry to Trellance via Ongoing Operations. You can read about some of the fallout here. Ongoing Operations’ two Netscaler devices remain offline. This is disrupting operations in a way which impacts millions of Americans.
HTC Global Services, aka HTC Inc, aka Caretech — a large MSP for the US healthcare sector with remote access to hospitals across the US, did not patch Netscaler since July 2023…
Read more at Pulsar.