077-5509948 Contact Us Under cyber attacks?

Cyber News 22 Jan 2024

Last week cyber news

The Lockbit attack group announces that it hacked the Subway fast food chain. Subway is an American fast food chain, with branches all over the world. According to the company’s website, the chain has 36,821 restaurants in 102 countries and as of 2010 it is ranked as the largest fast food chain in the world. The Lockbit Group claims to have stolen hundreds of GB of data, which it will sell to competitors if Subway does not meet their demands.
Microsoft reports that hackers from Russia managed to break into some of the company’s systems and access the email accounts of senior executives, including those in the cyber field. Microsoft emphasizes that the attackers were not exposed to the information of the company’s customers

Recruitment and exits in Israel

The cyber company Vicarious, which develops software for the automatic correction of security weaknesses, reports raising $30 million.

Israeli domestic exit – Snyk company acquires Cyber Helios for an estimated amount of 25-30 million dollars.

The National Cyber Array

Vulnerabilities in Citrix/Netscaler ADC and Gateway servers – the vulnerabilities are in NetScaler ADC and Netscaler Gateway products, in the following versions:

1. NetScaler ADC and NetScaler Gateway14.1before14.1-12.35
2. NetScaler ADC and NetScaler Gateway13.1before13.1-51.15
3. NetScaler ADC and NetScaler Gateway13.0 before 13.0-92.21
4. NetScaler ADC 13.1-FIPS before 13.1-37.176
5. NetScaler ADC 12.1-FIPS before 12.1-55.302
6. NetScaler ADC 12.1-NDcPP before 12.1-55.302

One of the vulnerabilities (CVE-2023-6548) could allow an authenticated attacker to run remote code on the management interface. Access to NSIP, CLIP or SNIP is required in addition to access to the management interface.

The second vulnerability (CVE-2023-6549) could allow an attacker to perform a denial of service attack on the equipment. The equipment should be configured as: Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAAvirtualserver.

Attention that version 12.1 of the products is no longer supported (EOL) and is explicitly stated to be vulnerable!

Mitigation

It is recommended to test and install the following versions as soon as possible:

1. NetScaler ADC and NetScaler Gateway 14.1-12.35 and later releases
2. NetScaler ADC and NetScaler Gateway 13.1-51.15 and later releases of 13.1
3. NetScaler ADC and NetScaler Gateway 13.0-92.21 and later releases of 13.0
4. NetScaler ADC 13.1-FIPS 13.1-37.176 and later releases of 13.1-FIPS
5. NetScaler ADC 12.1-FIPS 12.1-55.302 and later releases of 12.1-FIPS
6. NetScaler ADC 12.1-NDcPP 12.1-55.302 and later releases of 12.1-NDcPP

Users of version 12.1 or earlier, it is highly recommended to update to a supported version of the product. The CVE-2023-6548 vulnerability originates in the management interface of the equipment. The company strongly recommends not to expose the management interface to the Internet, and to separate the traffic to the management interface by physical or logical means from normal network traffic. It is recommended to apply the company’s instructions for secure installation of the equipment.

 

 

Cybersecurity services in CyberSafe

Accessibility Toolbar

Upgrate your cyber security according to ISO27001:2022

The ISO27001:2022 standard brings with it new requirements to improve protection and security. This step strengthens the protection of your information and brings us to new levels of information protection, quality and services.