MastodonTech.de

IT NewsThis Week in Security: Bitchat, CitrixBleed Part 2, Opossum, and TSAs - @jack is back with a weekend project. Yes, that Jack. [Jack Dorsey] spent last wee... - <a href="https://hackaday.com/2025/07/11/this-week-in-security-bitchat-citrixbleed-part-2-opossum-and-tsas/" rel="nofollow noopener" translate="no" target="_blank">https://hackaday.com/2025/07/11/this-week-in-security-bitchat-citrixbleed-part-2-opossum-and-tsas/</a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#thisweekinsecurity</a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#hackadaycolumns</a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityhacks</a> <a href="https://schleuss.online/tags/citrixbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#citrixbleed</a> <a href="https://schleuss.online/tags/bitchat" class="mention hashtag" rel="nofollow noopener" target="_blank">#bitchat</a> <a href="https://schleuss.online/tags/opossum" class="mention hashtag" rel="nofollow noopener" target="_blank">#opossum</a> <a href="https://schleuss.online/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#mcp</a>

IT NewsCritical CitrixBleed 2 vulnerability has been under active exploit for weeks - A critical vulnerability allowing hackers to bypass multifac... - <a href="https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/</a> <a href="https://schleuss.online/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerabilities</a> <a href="https://schleuss.online/tags/citrixbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#citrixbleed</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://schleuss.online/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#biz</a>⁢ <a href="https://schleuss.online/tags/citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#citrix</a>

The New OilPublic exploits released for <a href="https://mastodon.thenewoil.org/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> 2 <a href="https://mastodon.thenewoil.org/tags/NetScaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetScaler</a> flaw, patch now<a href="https://www.bleepingcomputer.com/news/security/public-exploits-released-for-citrixbleed-2-netscaler-flaw-patch-now/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/public-exploits-released-for-citrixbleed-2-netscaler-flaw-patch-now/</a><a href="https://mastodon.thenewoil.org/tags/cyberscurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cyberscurity</a> <a href="https://mastodon.thenewoil.org/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrix</a>

Marcel SIneM(S)US"CitrixBleed 2": <a href="https://social.tchncs.de/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrix</a> <a href="https://social.tchncs.de/tags/Netscaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#Netscaler</a>-Lücken gravierender | Security <a href="https://www.heise.de/news/CitrixBleed-2-Citrix-Netscaler-Luecken-gravierender-10460208.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/CitrixBleed-2-Citrix-Netscaler-Luecken-gravierender-10460208.html</a> <a href="https://social.tchncs.de/tags/CitrixNetscaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixNetscaler</a> <a href="https://social.tchncs.de/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> <a href="https://social.tchncs.de/tags/CitrixBleed2" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed2</a> <a href="https://social.tchncs.de/tags/Patchday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Patchday</a>

The New OilNew '<a href="https://mastodon.thenewoil.org/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> 2' <a href="https://mastodon.thenewoil.org/tags/NetScaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetScaler</a> flaw let hackers hijack sessions<a href="https://www.bleepingcomputer.com/news/security/new-citrixbleed-2-netscaler-flaw-let-hackers-hijack-sessions/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/new-citrixbleed-2-netscaler-flaw-let-hackers-hijack-sessions/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrix</a> <a href="https://mastodon.thenewoil.org/tags/NetScaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetScaler</a>

securityaffairsCitrixBleed 2: The nightmare that echoes the '<a href="https://infosec.exchange/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a>' flaw in <a href="https://infosec.exchange/tags/NetScaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetScaler</a> devices <a href="https://securityaffairs.com/179339/hacking/citrixbleed-2-the-nightmare-that-echoes-the-citrixbleed-flaw-in-netscaler-devices.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/179339/hacking/citrixbleed-2-the-nightmare-that-echoes-the-citrixbleed-flaw-in-netscaler-devices.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

Kevin BeaumontPrior recaps on <a href="https://cyberplace.social/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> and LockBit by me: <a href="https://doublepulsar.com/lockbit-ransomware-group-assemble-strike-team-to-breach-banks-law-firms-and-governments-4220580bfcee" rel="nofollow noopener" translate="no" target="_blank">https://doublepulsar.com/lockbit-ransomware-group-assemble-strike-team-to-breach-banks-law-firms-and-governments-4220580bfcee</a><a href="https://doublepulsar.com/mass-exploitation-of-citrixbleed-vulnerability-including-a-ransomware-group-1405cbb9de18" rel="nofollow noopener" translate="no" target="_blank">https://doublepulsar.com/mass-exploitation-of-citrixbleed-vulnerability-including-a-ransomware-group-1405cbb9de18</a><a href="https://doublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4f" rel="nofollow noopener" translate="no" target="_blank">https://doublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4f</a>

Kevin BeaumontThe Boeing <a href="https://cyberplace.social/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> incident led to a $200m ransom demand: <a href="https://cyberscoop.com/boeing-confirms-attempted-200-million-ransomware-extortion-attempt/" rel="nofollow noopener" translate="no" target="_blank">https://cyberscoop.com/boeing-confirms-attempted-200-million-ransomware-extortion-attempt/</a>

Kevin BeaumontAnother <a href="https://cyberplace.social/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a>, this one from mid November. 200k people impacted. HT <a href="https://infosec.exchange/@euroinfosec" class="u-url mention" rel="nofollow noopener" target="_blank">@euroinfosec</a> <a href="https://apps.web.maine.gov/online/aeviewer/ME/40/5f9aa393-9c7a-49e0-855f-5e36adfb9e6c.shtml" rel="nofollow noopener" translate="no" target="_blank">https://apps.web.maine.gov/online/aeviewer/ME/40/5f9aa393-9c7a-49e0-855f-5e36adfb9e6c.shtml</a>

Hugo Tunius :rust:The Church of Sweden(Svenska Kyrkan) was ransomwared on the 23rd of November. This is now being attributed to BlackCat.Here's a <a href="https://infosec.exchange/tags/Citrixbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrixbleed</a> vulnerable server serving a wildcard cert for *.svenskakyrkan.se, last scanned by Shodan on the 23rd. Probably not related at all

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> erst nach zwei Wochen gepatcht: 36 Millionen Kundendaten abgegriffen | Security <a href="https://www.heise.de/news/CitrixBleed-erst-nach-zwei-Wochen-gepatcht-36-Millionen-Kundendaten-abgegriffen-9579227.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/CitrixBleed-erst-nach-zwei-Wochen-gepatcht-36-Millionen-Kundendaten-abgegriffen-9579227.html</a>

Marcus "MajorLinux" SummersLike I always say, update yo stuff!Comcast held a virtual door open for thieves to steal data - Desk Chair Analysts <a href="https://dcanalysts.net/comcast-held-a-virtual-door-open-for-thieves-to-steal-data/" rel="nofollow noopener" translate="no" target="_blank">https://dcanalysts.net/comcast-held-a-virtual-door-open-for-thieves-to-steal-data/</a><a href="https://toot.majorshouse.com/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrix</a> <a href="https://toot.majorshouse.com/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> <a href="https://toot.majorshouse.com/tags/Comcast" class="mention hashtag" rel="nofollow noopener" target="_blank">#Comcast</a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://toot.majorshouse.com/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://toot.majorshouse.com/tags/Xfinity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Xfinity</a> <a href="https://toot.majorshouse.com/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechNews</a> <a href="https://toot.majorshouse.com/tags/DCA" class="mention hashtag" rel="nofollow noopener" target="_blank">#DCA</a>

Avoid the Hack! :donor:<a href="https://infosec.exchange/tags/Comcast" class="mention hashtag" rel="nofollow noopener" target="_blank">#Comcast</a> Xfinity data breach affects over 35 million peopleA <a href="https://infosec.exchange/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> fatality.Data accessed includes customer usernames and hashed* passwords. Xfinity is forcing password changes next time you sign into an account.In some cases data accessed may include:- Last 4 of SSN - DOBs - Secret Questions / Answers exposed<a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/xfinity" class="mention hashtag" rel="nofollow noopener" target="_blank">#xfinity</a><a href="https://www.theverge.com/2023/12/18/24007082/xfinity-data-breach-hack-notice-citrix" rel="nofollow noopener" translate="no" target="_blank">https://www.theverge.com/2023/12/18/24007082/xfinity-data-breach-hack-notice-citrix</a>

IT NewsXfinity waited 13 days to patch critical Citrix Bleed 0-day. Now it’s paying the price - Enlarge / A Comcast Xfinity service van in San Ramon, California on Feb... - <a href="https://arstechnica.com/?p=1992160" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/?p=1992160</a> <a href="https://schleuss.online/tags/networkbreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#networkbreach</a> <a href="https://schleuss.online/tags/citrixbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#citrixbleed</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://schleuss.online/tags/comcast" class="mention hashtag" rel="nofollow noopener" target="_blank">#comcast</a> <a href="https://schleuss.online/tags/xfinity" class="mention hashtag" rel="nofollow noopener" target="_blank">#xfinity</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#biz</a>&it

securityaffairs<a href="https://infosec.exchange/tags/Comcast" class="mention hashtag" rel="nofollow noopener" target="_blank">#Comcast</a>’s <a href="https://infosec.exchange/tags/Xfinity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Xfinity</a> customer data exposed after <a href="https://infosec.exchange/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> attack <a href="https://securityaffairs.com/156147/data-breach/comcasts-xfinity-customer-data-exposed-after-citrixbleed-attack.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/156147/data-breach/comcasts-xfinity-customer-data-exposed-after-citrixbleed-attack.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrix</a>

Kevin BeaumontCTS, a cloud provider for legal firms in the UK, who were late patching <a href="https://cyberplace.social/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a>, have appeared on Cactus ransomware's portal today.They're offering downloads of CTS customer data. <a href="https://cyberplace.social/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#threatintel</a>

ITSEC NewsSupply-chain ransomware attack causes outages at over 60 credit unions - Ransomware hits firm that providing cloud services to credit unions in order ensure that ... <a href="https://www.tripwire.com/state-of-security/supply-chain-ransomware-attack-causes-outages-over-60-credit-unions" rel="nofollow noopener" translate="no" target="_blank">https://www.tripwire.com/state-of-security/supply-chain-ransomware-attack-causes-outages-over-60-credit-unions</a> <a href="https://schleuss.online/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://schleuss.online/tags/citrixbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#citrixbleed</a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://schleuss.online/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://schleuss.online/tags/guestblog" class="mention hashtag" rel="nofollow noopener" target="_blank">#guestblog</a> <a href="https://schleuss.online/tags/dataloss" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataloss</a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

Graham CluleySupply-chain ransomware attack causes outages at over 60 credit unions.Read more in my article on the Tripwire blog: <a href="https://www.tripwire.com/state-of-security/supply-chain-ransomware-attack-causes-outages-over-60-credit-unions" rel="nofollow noopener" translate="no" target="_blank">https://www.tripwire.com/state-of-security/supply-chain-ransomware-attack-causes-outages-over-60-credit-unions</a><a href="https://mastodon.green/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.green/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://mastodon.green/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://mastodon.green/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://mastodon.green/tags/citrixbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#citrixbleed</a>

Matthew Skelton"Payments to ransomware and extortion groups need to be outlawed. I know, I know, it will be hard and there’s a million reasons to argue against it and lots of vested interests who don’t want this. ... I mean it — ransomware payments to these groups need to be outlawed, internationally." - Kevin Beaumont (aka <a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@GossiTheDog</a> )<a href="https://mastodon.social/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://mastodon.social/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://doublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4f" rel="nofollow noopener" translate="no" target="_blank">https://doublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4f</a>

Kevin BeaumontHTC Global Services aka HTC Inc aka Caretech, a healthcare MSP with 11k staff and access to hospitals across the US are still dealing with a ransomware group. They failed to patch for <a href="https://cyberplace.social/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a>. <a href="https://cyberplace.social/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#threatintel</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#citrixbleed