The Public Prosecution Service (OM) is not the only one confronted with the aftermath of a major security hole in popular Citrix software. The Dutch Ministry of Justice & Security's National Cyber Security Center (NCSC) said the same vulnerability was exploited to compromise several high-value organizations in the Netherlands.
3 months Ago
Sophisticated Zero-Day Exploit
The NCSC said the attack was a "sophisticated attack" that exploited a zero-day vulnerability, or flaw previously unknown to developers.
Once inside, the hackers were moving quickly to scrub evidence of their presence in the affected networks.
Breach Details Unavailable for Now
That level of confusion remains over which organizations are hit and if attackers hold on to control over their systems.
Although Citrix did issue patches for the flaw, "spoofing" attackers can circumvent or exploit patched systems.
Warning Issued in June
Citrix's NetScaler ADC and NetScaler Gateway services have already been flagged as problematic: last June, the NCSC issued a warning.
These tools are often used as enablers of remote work by organizations.
This flaw was being used by cybercriminals to gain unauthorized access to the system.
The most recent advisory says one of those vulnerabilities is still being "actively exploited.
Public Prosecution Service Disconnects Systems
In the middle of July, the OM pulled all its systems offline when it detected unauthorized access.
It is unclear how much information the attackers were able to glean from the systems and databases they were able to breach.
To see to it that client trust .
Copyright @ 2024 IBRA Digital