{"vulnerability": "cve-2023-3519", "sightings": [{"uuid": "79f2a7b1-3458-47ae-b0a9-695cfe5e8a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "30ce132b-a573-43c1-b43e-767e5adc327b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-07-19T18:10:02.000000Z"}, {"uuid": "a4e10b38-35d9-45d8-8472-5989f5c6ed07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/dcf911ee-17b3-4902-aa15-4ecabf2e40ce", "content": "", "creation_timestamp": "2024-09-12T10:33:13.000000Z"}, {"uuid": "6b6ed535-6937-4863-b3cb-42f1ec472208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/3ea5ea81-d0a5-4c30-ab26-cd3f9ce5780f", "content": "", "creation_timestamp": "2023-09-07T12:16:11.000000Z"}, {"uuid": "ecf77910-7b42-4247-8228-e55e8504539d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2024-10-15T11:38:15.000000Z"}, {"uuid": "c6c216c4-4755-41e3-8fdf-300b2e40d509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/2998c4f4-f167-42ad-9181-29bfb97ea11d", "content": "", "creation_timestamp": "2023-10-10T18:35:45.000000Z"}, {"uuid": "b6b93ff2-f1d3-41d3-8319-1e30c66ecbb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971859", "content": "", "creation_timestamp": "2024-12-24T20:34:55.450061Z"}, {"uuid": "65560efc-2ba2-4b58-9a83-ee786d5f562a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "f35f3f3d-d6e6-4a69-9887-5d003bc6d583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}, {"uuid": "cda6b206-b2c0-4a37-b033-55b7fb7d869e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://bsky.app/profile/hacktoria.bsky.social/post/3ljsak3ey5h2s", "content": "", "creation_timestamp": "2025-03-07T14:42:02.152308Z"}, {"uuid": "88b5b7ae-d360-4c08-a197-42ef4b3f277c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-3519", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lqxvow6v2z2q", "content": "", "creation_timestamp": "2025-06-06T22:40:13.309177Z"}, {"uuid": "b91ce3f5-4a0f-4bb9-b21b-8bed6576605a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:44.000000Z"}, {"uuid": "f423b247-c813-4ac4-a37a-33abb9ccd8a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-3519", "type": "seen", "source": "https://bsky.app/profile/o-p.bsky.social/post/3lne3qbyyih2c", "content": "", "creation_timestamp": "2025-04-21T21:19:31.742684Z"}, {"uuid": "64618104-b8fe-4653-97c6-f6917753642e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-3519", "type": "seen", "source": "https://bsky.app/profile/o-p.bsky.social/post/3lne3qc5va42u", "content": "", "creation_timestamp": "2025-04-21T21:19:32.454416Z"}, {"uuid": "82e7380a-1de0-49a5-9198-84b58806e4d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-3519", "type": "seen", "source": "https://bsky.app/profile/o-p.bsky.social/post/3lne3qccsfk2h", "content": "", "creation_timestamp": "2025-04-21T21:19:33.093428Z"}, {"uuid": "1c45f1bb-eae6-4b74-beca-12ad83566d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-3519", "type": "seen", "source": "https://bsky.app/profile/o-p.bsky.social/post/3lne3qdobgd24", "content": "", "creation_timestamp": "2025-04-21T21:19:34.883304Z"}, {"uuid": "0872ee60-a673-4cc6-b74f-64df49485b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e1523a5c-9dce464b104523e0", "content": "", "creation_timestamp": "2025-06-26T08:53:34.754117Z"}, {"uuid": "7fd2fb37-0ce4-4c0d-aae4-1d3956bbc768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/dcf911ee-17b3-4902-aa15-4ecabf2e40ce", "content": "", "creation_timestamp": "2025-06-19T23:26:58.000000Z"}, {"uuid": "f94066cb-36da-4229-8244-da01cd2ad5c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://gist.github.com/Darkcrai86/793b28548698866fb28e74cb6ef2a1c8", "content": "", "creation_timestamp": "2025-09-26T09:15:04.000000Z"}, {"uuid": "297aacb0-7ab9-4c68-910f-251212dd3bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-85aeda5d-3a0884ef4e0bac3a", "content": "", "creation_timestamp": "2025-07-23T06:09:00.836422Z"}, {"uuid": "844ba1ed-68bf-4455-a337-c33535de3496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "941627bc-9980-4bc6-a145-a2307ef11e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/7/sicherheitslucken-teil-kritisch-in-citrixnetscaler-adc-und-gateway-updates-verfugbar", "content": "", "creation_timestamp": "2023-07-18T13:18:11.000000Z"}, {"uuid": "30ebfd0e-19a6-4f25-a77e-c58d8307b5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3l76g4tfd2i", "content": "", "creation_timestamp": "2025-10-19T21:02:29.221600Z"}, {"uuid": "c838e751-0fc6-4872-a7d6-fd6deb649b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-3519.yaml", "content": "", "creation_timestamp": "2025-10-17T11:52:20.000000Z"}, {"uuid": "f528c63e-08d0-4262-ad57-d4706fa9b2ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:56.000000Z"}, {"uuid": "0c64e631-7ece-4f60-93a4-d3b5a0c13c29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/freebsd/http/citrix_formssso_target_rce.rb", "content": "", "creation_timestamp": "2023-08-03T17:27:01.000000Z"}, {"uuid": "a741f040-b7ca-4546-93ee-815af3931b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "3201c1f8-9ae8-4ff6-8af8-bf208130c5c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4778", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAccurately fingerprint and detect vulnerable versions of Netscaler / Citrix ADC to CVE-2023-3519\nURL\uff1ahttps://github.com/securekomodo/citrixInspector\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-20T16:13:17.000000Z"}, {"uuid": "43a9cb37-d470-4893-9ed9-fa7b96c28753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1069", "content": "", "creation_timestamp": "2023-07-14T04:00:00.000000Z"}, {"uuid": "8ad93f0c-dd31-452e-8d82-312f63cfa1b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_11/2023", "content": "", "creation_timestamp": "2023-07-19T06:17:05.000000Z"}, {"uuid": "e63b67bc-7396-466e-b16e-06e0694e1077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1dc57b8d-60ca-4a5b-b6dd-b5ffe274915d", "content": "", "creation_timestamp": "2026-02-02T12:26:54.641910Z"}, {"uuid": "37df52dc-490c-48b0-82cc-b204dfee9e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5873e633-6601-4ca3-a6df-21ceb6144ce2", "content": "", "creation_timestamp": "2026-02-02T12:25:27.219076Z"}, {"uuid": "dfe9d911-d7f9-4f5c-9c56-61b6f6a3d209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/5173f9f4-ea67-4808-bc29-f6632db842b7", "content": "", "creation_timestamp": "2026-04-19T17:50:51.000000Z"}, {"uuid": "848007cc-ff9d-4e58-a84f-59c42ecec19a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4958", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRCE exploit for CVE-2023-3519\nURL\uff1ahttps://github.com/BishopFox/CVE-2023-3519\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-21T19:08:52.000000Z"}, {"uuid": "5ee589eb-730e-42a1-add4-0218abb4091e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2026-01-09T20:17:30.000000Z"}, {"uuid": "14c38ef2-cdc2-43df-a98e-00126fc529b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "8acc8438-2cd1-4fb1-95bf-4c190283d46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4775", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCitrix Scanner for CVE-2023-3519\nURL\uff1ahttps://github.com/telekom-security/cve-2023-3519-citrix-scanner\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-20T14:21:53.000000Z"}, {"uuid": "3e6376c1-dc16-4b5f-b9b8-08aea91dccfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4788", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-3519 vuln for nuclei scanner\nURL\uff1ahttps://github.com/SalehLardhi/CVE-2023-3519\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-08T02:25:07.000000Z"}, {"uuid": "137e196f-7248-4655-928a-f9b4a16f23fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4959", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRCE exploit for CVE-2023-3519\nURL\uff1ahttps://github.com/BishopFox/CVE-2023-3519\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-21T19:08:52.000000Z"}, {"uuid": "e82b717d-067b-4199-adac-e0b51aa4cfa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4961", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRCE exploit for CVE-2023-3519\nURL\uff1ahttps://github.com/abrahim7112/hackers_CVE_2023_poc\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-27T12:13:48.000000Z"}, {"uuid": "ed1a5351-b82f-496d-96b2-e35a2b7b59fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4960", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRCE exploit for CVE-2023-3519\nURL\uff1ahttps://github.com/abrahim7112/hackers_CVE_2023_poc\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-21T19:12:33.000000Z"}, {"uuid": "a405d674-8cf2-4761-80b4-df875d51f0ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/itsec_news/3102", "content": "\u200b\u26a1\ufe0f\u0425\u0430\u043a\u0435\u0440\u0441\u0442\u0432\u043e \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043a\u0435: \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0448\u043b\u0438 \u0431\u044d\u043a\u0434\u043e\u0440 \u0432 1952 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Citrix NetScaler.\n\n\ud83d\udcac \u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f NCC Group \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0432 \u0441\u0432\u043e\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435, \u0447\u0442\u043e \u043f\u043e\u0447\u0442\u0438 2000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Citrix NetScaler \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519. \u041f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043f\u043e\u043b\u0435\u0437\u043d\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0438\u0441\u043a \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0442\u0430\u043a \u043a\u0430\u043a \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043c\u043e\u0433\u0443\u0442 \u0432\u0435\u0441\u0442\u0438 \u043a \u0446\u0435\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0435\u0442\u0443, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0438\u043b\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0447\u0435\u0440\u0435\u0437 \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u044b. \u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438 \u0441\u043b\u0435\u0434\u043e\u0432 \u0432\u0437\u043b\u043e\u043c\u0430 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f NCC Group \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e, \u0447\u0442\u043e \u043e\u043a\u043e\u043b\u043e 1828 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 NetScaler \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043f\u0430\u0442\u0447\u0435\u0439.\n\n\u0412\u0441\u0435\u0433\u043e \u043d\u0430 1952 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0431\u044b\u043b \u043d\u0430\u0439\u0434\u0435\u043d 2491 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b. \u0411\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0430 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u0424\u0440\u0430\u043d\u0446\u0438\u0438, \u0428\u0432\u0435\u0439\u0446\u0430\u0440\u0438\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u0440\u0435\u0433\u0438\u043e\u043d\u0430.\n\n\u0424\u043e\u043d\u0434 Shadowserver \u0443\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-3519 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Citrix. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043d\u0430\u0441\u0447\u0438\u0442\u0430\u043b\u0438 \u043e\u043a\u043e\u043b\u043e 7000 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 NetScaler \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435.\n\n\u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c, \u0442\u0435\u043a\u0443\u0449\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 6,3% \u0438\u0437 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 30 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043d\u0430 21 \u0438\u044e\u043b\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Mandiant \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0441\u043b\u0435\u0434\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE-2023-3519. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0432\u044b\u044f\u0432\u043b\u044f\u0442\u044c \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0442\u044c \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-08-16T12:45:43.000000Z"}, {"uuid": "0d0e1b07-ce7c-481e-87e6-943d529e8839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/itsec_news/3935", "content": "\u200b\u26a1\ufe0f\u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u043d\u0430 \u0434\u043e\u0447\u0435\u0440\u043d\u044e\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e Xerox \u043f\u0440\u0438\u0432\u0435\u043b\u0430 \u043a \u043a\u0440\u0430\u0436\u0435 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\ud83d\udcac \u041a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u044f Xerox \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u0441\u0432\u043e\u044e \u0434\u043e\u0447\u0435\u0440\u043d\u044e\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e XBS, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u043f\u043e\u0445\u0438\u0449\u0435\u043d\u0430 \u043b\u0438\u0447\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 INC \u0432\u0437\u044f\u043b\u0430 \u043d\u0430 \u0441\u0435\u0431\u044f \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043a\u0438\u0431\u0435\u0440\u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Xerox, \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0441\u0432\u043e\u0438\u043c \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043b\u044c\u043d\u044b\u043c \u0438 \u043f\u0440\u043e\u0447\u0438\u043c \u043e\u0444\u0438\u0441\u043d\u044b\u043c \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435\u043c, \u0447\u044c\u0438 \u0434\u043e\u0445\u043e\u0434\u044b \u0437\u0430 \u043f\u043e\u0437\u0430\u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0433\u043e\u0434 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u0438 7 \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u043e\u0432 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 , \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u0447\u0430\u0435\u0442 \u0441 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0430\u043c\u0438 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f. \u041f\u043e \u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u043c, \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043d\u0435 \u043f\u043e\u0432\u043b\u0438\u044f\u043b \u043d\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u043b\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 Xerox, \u043e\u0434\u043d\u0430\u043a\u043e \u0431\u044b\u043b\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u0430\u044f \u043b\u0438\u0447\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 XBS.\n\n\u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e XBS \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043c\u0430\u043b\u043e\u043c\u0443 \u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u043c\u0443 \u0431\u0438\u0437\u043d\u0435\u0441\u0443 \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b, \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u044b \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u0442\u044c \u0432\u0441\u0435\u0445, \u043a\u043e\u0433\u043e \u043a\u043e\u0441\u043d\u0443\u043b\u0430\u0441\u044c \u0443\u0442\u0435\u0447\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 SentinelOne \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0433\u0440\u0443\u043f\u043f\u0430 INC, \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0430\u044f \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Citrix, \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u0438\u044e\u043b\u0435 \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0446\u0435\u043b\u044b\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0439, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0435, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u0412 2023 \u0433\u043e\u0434\u0443 \u0433\u0440\u0443\u043f\u043f\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u043b\u0430 \u0440\u044f\u0434 \u0433\u0440\u043e\u043c\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u044f\u043f\u043e\u043d\u0441\u043a\u0443\u044e Yamaha Motor \u0438 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0443\u044e WellLife Network.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e \u0443\u0436\u0435 \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u0441\u0442\u043e\u043b\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f Xerox \u0441 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c\u0438 \u0431\u0430\u043d\u0434\u0430\u043c\u0438. \u0422\u0430\u043a, \u0432 2020 \u0433\u043e\u0434\u0443 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 Maze \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 25,8 \u0413\u0411 \u0434\u0430\u043d\u043d\u044b\u0445 Xerox. \u0422\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u0430\u0441\u044c \u0432 \u0443\u0442\u0435\u0447\u043a\u0435 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0438 Conti \u0432 2022 \u0433\u043e\u0434\u0443, \u043e\u0434\u043d\u0430\u043a\u043e \u0442\u043e\u0447\u043d\u044b\u0435 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u0442\u043e\u0433\u043e \u0441\u043b\u0443\u0447\u0430\u044f \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-03T11:31:37.000000Z"}, {"uuid": "3de97a23-0515-437d-b7ba-aa76fb042470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5051", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aScript for checking CVE-2023-3519 for Backdoors\nURL\uff1ahttps://github.com/JonaNeidhart/CVE-2023-3519-BackdoorCheck\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-31T09:16:09.000000Z"}, {"uuid": "07969e6e-38be-4f0a-a09d-8610b35cbd99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4789", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aNetScaler (Citrix ADC) CVE-2023-3519 Scanner\nURL\uff1ahttps://github.com/KR0N-SECURITY/CVE-2023-3519\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-21T23:50:44.000000Z"}, {"uuid": "236cf533-dea6-4f05-a75d-ec73110ce11a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4786", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1anse script to identify server vulnerable to CVE-2023-3519\nURL\uff1ahttps://github.com/dorkerdevil/CitrixFall\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-21T16:00:55.000000Z"}, {"uuid": "ab9634dc-7be9-4a43-81b3-e2bf2a972c5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4783", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-3519\nURL\uff1ahttps://github.com/d0rb/CVE-2023-3519\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-21T11:07:25.000000Z"}, {"uuid": "8a95cf9d-11ac-4c86-9fb3-463911ef2cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/itsec_news/3438", "content": "\u200b\u26a1\ufe0f\u041d\u0443 \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0436\u043d\u043e? \u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Citrix \u0443\u0433\u0440\u043e\u0436\u0430\u0435\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0434\u044b\u0440\u0430 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udcac \u041f\u0440\u043e\u0434\u0443\u043a\u0442\u044b NetScaler ADC \u0438 NetScaler Gateway \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Citrix \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043f\u0430\u0440\u0435 \u043d\u043e\u0432\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (Denial of Service, DoS-\u0430\u0442\u0430\u043a\u0430).\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-4966 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c CVSS 9.4. \u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0431\u0435\u0437 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u0427\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0431\u044b\u043b\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c, \u043e\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043e \u043a\u0430\u043a \u0448\u043b\u044e\u0437 (\u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 VPN, ICA-\u043f\u0440\u043e\u043a\u0441\u0438, CVPN, RDP-\u043f\u0440\u043e\u043a\u0441\u0438) \u0438\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 AAA.\n\n\u0425\u043e\u0442\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u00ab\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438\u00bb, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a\u0430\u044f \u0438\u043c\u0435\u043d\u043d\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u0432 \u0442\u043e\u043c \u0436\u0435 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2023-4967 , \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8.2), \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0430\u044f \u0442\u0435\u0445 \u0436\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u0439, \u0447\u0442\u043e \u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. CVE-2023-4967 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Citrix \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f:\n\nNetScaler ADC \u0438 NetScaler Gateway 14.1 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 14.1-8.50\nNetScaler ADC \u0438 NetScaler Gateway 13.1 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 13.1-49.15\nNetScaler ADC \u0438 NetScaler Gateway 13.0 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 13.0-92.19\nNetScaler ADC 13.1-FIPS \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 13.1-37.164\nNetScaler ADC 12.1-FIPS \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 12.1-55.300\nNetScaler ADC 12.1-NDcPP \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 12.1-55.300\n\nCitrix \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439. \u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u0422\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Citrix 12.1 \u0434\u043e\u0441\u0442\u0438\u0433\u043b\u0430 \u0434\u0430\u0442\u044b \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0441\u0432\u0435\u0436\u0435\u0439, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Citrix \u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u0441\u043f\u0440\u043e\u0441\u043e\u043c \u0443 \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u0446\u0435\u043d\u043d\u044b\u043c\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u043c\u0438.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u0438\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u043e\u043c \u0442\u0430\u043a\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2023-3519 , \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Citrix \u0445\u043e\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 \u0438\u044e\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043e\u043d\u0430 \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u041f\u041e.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-11T10:17:06.000000Z"}, {"uuid": "8e156e37-8e8d-4146-b8ab-b80805bb900b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17650", "content": "Latest news and stories from BleepingComputer.com\nOver 640 Citrix servers backdoored with web shells in ongoing attacks\n\nHundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting a critical remote code execution (RCE) vulnerability tracked as CVE-2023-3519. [...]", "creation_timestamp": "2023-08-02T20:39:52.000000Z"}, {"uuid": "cb9645fc-de51-4c2e-b34e-260982fcc59c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/itsec_news/3670", "content": "\u200b\u26a1\ufe0f\u0413\u043e\u0434 \u0440\u0435\u043a\u043e\u0440\u0434\u043e\u0432: \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u044b \u0432 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0438\u0433\u043b\u0438 \u0438\u0441\u0442\u043e\u0440\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043c\u0430\u043a\u0441\u0438\u043c\u0443\u043c\u0430\n\n\ud83d\udcac \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u041d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0446\u0435\u043d\u0442\u0440\u0430 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (National Cyber Security Centre, NCSC) \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438, \u0441\u0442\u0440\u0430\u043d\u0430 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0430\u0441\u044c \u0441 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u043c \u0447\u0438\u0441\u043b\u043e\u043c \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0433\u043e\u0434. \u0418\u0437 2005 \u0434\u043e\u0431\u0440\u043e\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439, \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u0432\u0448\u0438\u0445 \u043e\u0442 \u0436\u0435\u0440\u0442\u0432, \u0447\u0442\u043e \u043d\u0430 64% \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, 371 \u0441\u043b\u0443\u0447\u0430\u0439 \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c, \u0447\u0442\u043e \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 NCSC.\n\n\u041e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0438 62 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430, \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u043d\u044b\u0445 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u043c\u0438, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 4 \u0431\u044b\u043b\u0438 \u043e\u0434\u043d\u0438\u043c\u0438 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0432 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0440\u0430\u0431\u043e\u0442\u044b NCSC. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441\u043e \u0432\u0437\u043b\u043e\u043c\u043e\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 13 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u043d\u0430 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u0435, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e ( CVE-2023-3519 ) \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Citrix NetScaler.\n\n\u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u041f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0438\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c.\n\nNCSC \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043f\u043b\u043e\u0445\u0443\u044e \u043a\u0438\u0431\u0435\u0440\u0433\u0438\u0433\u0438\u0435\u043d\u0443 \u043a\u0430\u043a \u043e\u0434\u043d\u0443 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u043e\u0437\u0440\u043e\u0441\u0448\u0435\u0439 \u0443\u0433\u0440\u043e\u0437\u0435 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0441\u0442\u0440\u0430\u043d\u044b. \u041e\u0441\u043e\u0431\u0443\u044e \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0437 \u041a\u0438\u0442\u0430\u044f, \u0418\u0440\u0430\u043d\u0430 \u0438 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044e \u0438 \u0435\u0451 \u0441\u043e\u044e\u0437\u043d\u0438\u043a\u043e\u0432. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430, \u0442\u0430\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0433\u043e\u0442\u043e\u0432\u044b \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0430 \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u0434\u0435\u0444\u0435\u0439\u0441 \u0441\u0430\u0439\u0442\u043e\u0432 \u0438\u043b\u0438 \u043d\u0435\u0434\u043e\u043b\u0433\u043e\u0432\u0435\u0447\u043d\u044b\u0435 DDoS-\u0430\u0442\u0430\u043a\u0438.\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0434\u0435\u043c\u043e\u043a\u0440\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0441\u0432\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u044f\u0449\u0438\u0445 \u0432\u044b\u0431\u043e\u0440\u043e\u0432 \u0432 \u0421\u0428\u0410 \u0438 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438. NCSC \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0440\u0438\u0441\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0418\u0418 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0435\u0437\u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0430\u0443\u0434\u0438\u043e \u0438 \u0432\u0438\u0434\u0435\u043e \u0437\u0430\u043f\u0438\u0441\u0435\u0439.\n\n\u0412 \u043f\u0440\u0435\u0434\u0434\u0432\u0435\u0440\u0438\u0438 \u0432\u044b\u0431\u043e\u0440\u043e\u0432 \u0432 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438 \u0432\u043b\u0430\u0441\u0442\u0438 \u0443\u0436\u0435 \u0433\u043e\u0442\u043e\u0432\u044f\u0442\u0441\u044f \u043a \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043b\u0438\u044f\u043d\u0438\u044f \u043d\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u0432\u044b\u0431\u043e\u0440\u044b \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445. NCSC \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u0430\u0449\u0438\u0442\u0430 \u0434\u0435\u043c\u043e\u043a\u0440\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u0431\u0443\u0434\u0435\u0442 \u0432 \u0446\u0435\u043d\u0442\u0440\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u043a\u0430\u043a \u0432 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438, \u0442\u0430\u043a \u0438 \u0443 \u043c\u0438\u0440\u043e\u0432\u044b\u0445 \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 \u0441\u0442\u0440\u0430\u043d\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-14T11:17:56.000000Z"}, {"uuid": "12146f48-38e6-4fdc-886d-be6ac3f9a864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/YAH_Channel/683", "content": "#infodigest\n\n\u0421\u043e\u0431\u0440\u0430\u043b\u0438 \u0434\u043b\u044f \u0432\u0430\u0441 \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0438\u0437 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0439.\n\n\ud83e\udeb2 Bugs & Exploits\n1. WordPress \u00abWooCommerce Payments\u00bb plugin CVE-2023-28121\n2. Why ORMs and Prepared Statements Can't (Always) Win\n3. Exploiting XSS in hidden inputs and meta tags\n4. Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)\n5. Exploiting Incorrectly Configured Load Balancer with XSS to Steal Cookies\n6. Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)\n7. Reversing Citrix Gateway for XSS\n8. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 1)\n9. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)\n10. HTML Over the Wire\n\n\ud83d\udee0 Tools\n11. CVSS Advisor (Escalation Techniques)\n12. shortscan\n\n\ud83d\udcd1 Burp extensions & tricks\n13. Improve your API Security Testing with Burp BCheck Scripts\n14. The top 10 community-created BChecks\n\n\ud83d\udcb0 Bug Bounty reports\n15. Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API\n16. Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability", "creation_timestamp": "2023-08-01T05:27:29.000000Z"}, {"uuid": "88d8324e-3703-4965-b23a-6f4563426a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17483", "content": "\u200aCISA: Citrix RCE bug exploited to breach critical infrastructure org\n\nThreat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that\u00a0Citrix patched this week. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisa-citrix-rce-bug-exploited-to-breach-critical-infrastructure-org/", "creation_timestamp": "2023-07-21T15:05:51.000000Z"}, {"uuid": "50895f62-7c75-43d4-b67c-61e66200f75f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17439", "content": "Latest news and stories from BleepingComputer.com\nNew critical Citrix ADC and Gateway flaw exploited as zero-day\n\nCitrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and \"strongly urges\" to install updated versions without delay. [...]", "creation_timestamp": "2023-07-19T00:10:51.000000Z"}, {"uuid": "26460632-6e63-477b-8292-9cde43179ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17648", "content": "\u200aOver 640 Citrix servers backdoored with web shells in ongoing attacks\n\nHundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting a critical remote code execution (RCE) vulnerability tracked as CVE-2023-3519. [...]\n\nhttps://www.bleepingcomputer.com/news/security/over-640-citrix-servers-backdoored-with-web-shells-in-ongoing-attacks/", "creation_timestamp": "2023-08-02T19:51:07.000000Z"}, {"uuid": "97870020-5c7f-4293-aaf2-666a8c4dfa90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17502", "content": "Latest news and stories from BleepingComputer.com\nOver 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks\n\nThousands of\u00a0Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as a zero-day. [...]", "creation_timestamp": "2023-07-23T16:13:35.000000Z"}, {"uuid": "8f7e3fb9-181d-42da-b030-c501ea47cd39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17496", "content": "\u200aOver 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks\n\nThousands of\u00a0Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as a zero-day. [...]\n\nhttps://www.bleepingcomputer.com/news/security/over-15k-citrix-servers-likely-vulnerable-to-cve-2023-3519-attacks/", "creation_timestamp": "2023-07-23T16:21:45.000000Z"}, {"uuid": "1b136fe0-8917-4f5a-99ec-d1567c707538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17494", "content": "Latest news and stories from BleepingComputer.com\nOver 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks\n\nThousands of\u00a0Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as a zero-day. [...]", "creation_timestamp": "2023-07-22T20:12:54.000000Z"}, {"uuid": "9205b6a5-6672-409f-aff7-499838d95d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17489", "content": "Latest news and stories from BleepingComputer.com\nNetscaler ADC bug exploited to breach US critical infrastructure org\n\nThe US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]", "creation_timestamp": "2023-07-21T20:17:17.000000Z"}, {"uuid": "ba76e91b-e454-4c3e-81d0-0fc235209306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17810", "content": "\u200aAlmost 2,000 Citrix NetScaler servers backdoored in hacking campaign\n\nA threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519. [...]\n\nhttps://www.bleepingcomputer.com/news/security/almost-2-000-citrix-netscaler-servers-backdoored-in-hacking-campaign/", "creation_timestamp": "2023-08-15T20:46:20.000000Z"}, {"uuid": "3f1ac989-5e99-473b-bf61-666b95c28e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17808", "content": "\u200aNew CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices\n\nMandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.\u00a0 [...]\n\nhttps://www.bleepingcomputer.com/news/security/new-cve-2023-3519-scanner-detects-hacked-citrix-adc-gateway-devices/", "creation_timestamp": "2023-08-15T20:46:19.000000Z"}, {"uuid": "6b816d97-7e66-49ee-9a34-978602df7f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17435", "content": "Latest news and stories from BleepingComputer.com\nNew critical Citrix ADC and Gateway flaw exploited as zero-days\n\nCitrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and \"strongly urges\" to install updated versions without delay. [...]", "creation_timestamp": "2023-07-18T20:08:57.000000Z"}, {"uuid": "497a3846-cdd9-4a19-b649-806c3ce6d17d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17434", "content": "\u200aCitrix ADC and Gateway zero-day actively exploited in attacks\n\nCitrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and \"strongly urges\" to install updated versions without delay. [...]\n\nhttps://www.bleepingcomputer.com/news/security/citrix-adc-and-gateway-zero-day-actively-exploited-in-attacks/", "creation_timestamp": "2023-07-18T18:04:19.000000Z"}, {"uuid": "5b36943d-09fe-4cdb-bd1d-21613f00e86c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17812", "content": "Latest news and stories from BleepingComputer.com\nAlmost 2,000 Citrix NetScaler servers backdoored in hacking campaign\n\nA threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519. [...]", "creation_timestamp": "2023-08-15T21:41:40.000000Z"}, {"uuid": "6209641f-4a21-4bca-91e1-394abf1196d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/62", "content": "\u041a\u0441\u0442\u0430\u0442\u0438, \u043f\u0440\u043e Offzone \ud83d\ude42\n\n\u041e\u0431\u0435\u0449\u0430\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u0432 \u043a\u0430\u043d\u0430\u043b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u0441 \u0434\u043e\u043a\u043b\u0430\u0434\u0430 \u043f\u0440\u043e \u043c\u0430\u043d\u0435\u0432\u0440\u044b ExCobalt \u2014 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u043c \ud83e\udd1d\n\n\u0412 \u043d\u0435\u0439 \u2014 \u043f\u0440\u043e \u0444\u0438\u0448\u0438\u043d\u0433, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2023-38831 \u0438 CVE-2023-3519, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 PT ESC, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u0434\u043e\u043a\u043b\u0430\u0434\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u0412\u043b\u0430\u0434\u0438\u0441\u043b\u0430\u0432 \u041b\u0443\u043d\u0438\u043d \u0438 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0411\u0430\u0434\u0430\u0435\u0432.\n\n\u041f\u0440\u0438\u044f\u0442\u043d\u043e\u0433\u043e \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u0438 happy hunting!\n\n#ti #ir #hunt #detect #cve #malware #exCobalt #APT\n@ptescalator", "creation_timestamp": "2024-08-23T14:07:13.000000Z"}, {"uuid": "8554c226-b32c-4057-8daa-0d7d47b7fb89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17484", "content": "Latest news and stories from BleepingComputer.com\nCISA: Citrix RCE bug exploited to breach critical infrastructure org\n\nThreat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that\u00a0Citrix patched this week. [...]", "creation_timestamp": "2023-07-21T16:16:51.000000Z"}, {"uuid": "069666de-1f98-4227-9be1-ebebe929123b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17958", "content": "Latest news and stories from BleepingComputer.com\nAttacks on Citrix NetScaler systems linked to ransomware actor\n\nA threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks. [...]", "creation_timestamp": "2023-08-29T01:53:34.000000Z"}, {"uuid": "644399a4-1624-4522-a82a-466a269beee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17957", "content": "\u200aAttacks on Citrix NetScaler systems linked to ransomware actor\n\nA threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks. [...]\n\nhttps://www.bleepingcomputer.com/news/security/attacks-on-citrix-netscaler-systems-linked-to-ransomware-actor/", "creation_timestamp": "2023-08-28T23:47:44.000000Z"}, {"uuid": "8141a8bd-82d4-46f1-aba2-1d7c7773d4ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/18466", "content": "\u200aHackers hijack Citrix NetScaler login pages to steal credentials\n\nHackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/", "creation_timestamp": "2023-10-09T17:45:05.000000Z"}, {"uuid": "bb53f4b2-548d-4644-b1ae-327432b7be20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/18461", "content": "Latest news and stories from BleepingComputer.com\nHackers hijack Citrix NetScaler login pages to steal credentials\n\nHackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials. [...]", "creation_timestamp": "2023-10-09T16:31:00.000000Z"}, {"uuid": "82b0ba94-5e97-4c43-b449-ad279016f7cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/BleepingComputer/17805", "content": "Latest news and stories from BleepingComputer.com\nNew CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices\n\nMandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.\u00a0 [...]", "creation_timestamp": "2023-08-15T17:39:36.000000Z"}, {"uuid": "55c8699d-8f6d-46e9-ba42-606a725fea6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3043", "content": "#infodigest\n\n\u0421\u043e\u0431\u0440\u0430\u043b\u0438 \u0434\u043b\u044f \u0432\u0430\u0441 \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0438\u0437 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0439.\n\n\ud83e\udeb2 Bugs & Exploits\n1. WordPress \u00abWooCommerce Payments\u00bb plugin CVE-2023-28121\n2. Why ORMs and Prepared Statements Can't (Always) Win\n3. Exploiting XSS in hidden inputs and meta tags\n4. Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)\n5. Exploiting Incorrectly Configured Load Balancer with XSS to Steal Cookies\n6. Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)\n7. Reversing Citrix Gateway for XSS\n8. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 1)\n9. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)\n10. HTML Over the Wire\n\n\ud83d\udee0 Tools\n11. CVSS Advisor (Escalation Techniques)\n12. shortscan\n\n\ud83d\udcd1 Burp extensions & tricks\n13. Improve your API Security Testing with Burp BCheck Scripts\n14. The top 10 community-created BChecks\n\n\ud83d\udcb0 Bug Bounty reports\n15. Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API\n16. Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability", "creation_timestamp": "2023-08-02T15:22:57.000000Z"}, {"uuid": "41324ec5-5979-4b49-b5c1-83d9fbd87e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/Cyber_Watch_insider/28", "content": "New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices\nhttps://www.bleepingcomputer.com/news/security/new-cve-2023-3519-scanner-detects-hacked-citrix-adc-gateway-devices/\n\nMandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.\u00a0 [...]", "creation_timestamp": "2023-08-16T10:08:21.000000Z"}, {"uuid": "bee74f89-63a2-4fb6-8fdf-c9c88cfe6cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4796", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aexploit tool, write webshell\nURL\uff1ahttps://github.com/sanmasa3/citrix_CVE-2023-3519\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-01T05:38:27.000000Z"}, {"uuid": "11aac39d-3f67-400a-95c1-037445099841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/142131", "content": "https://ift.tt/9qUZLpa\nUnpacking the Citrix NetScaler Vulnerability: A Deep Dive into CVE-2023-3519", "creation_timestamp": "2023-10-10T03:51:54.000000Z"}, {"uuid": "2016b977-b224-4972-b880-4e6a6ea77780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/kasperskyb2b/756", "content": "\u26a1\ufe0f Citrix \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Citrix ADC and Citrix Gateway (\u043d\u044b\u043d\u0435 Nescaler ADC \u0438 NetScaler Gateway). CVE-2023-3519 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c CVSS 9.8 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0433\u0435\u0439\u0442\u0432\u0435\u044f \u0438\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438  (\u0410\u0410\u0410).\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430: \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e nsroot (CVE-2023-3467, CVSS 8) \u0438 XSS (CVE-2023-3466, CVSS 8.3.)\n\nNetScaler ADC \u0438  NetScaler Gateway\u202f \u043b\u0438\u043d\u0435\u0439\u043a\u0438 13.1\u202f \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u043e \u202f13.1-49.13, \u0430 \u043b\u0438\u043d\u0435\u0439\u043a\u0438  13.0 \u2014 \u0434\u043e  13.0-91.13. \u0412\u0435\u0440\u0441\u0438\u044f 12.0 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-07-19T18:03:43.000000Z"}, {"uuid": "5f0ace35-485f-4be9-a881-39ae2e29b7db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/kasperskyb2b/825", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u0418\u0411-\u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udcf8 \u0424\u0438\u0448\u0435\u0440\u044b \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0441\u0441\u044b\u043b\u043e\u043a \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 QR-\u043a\u043e\u0434\u043e\u0432. \u0412 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u0441\u0441\u044b\u043b\u043a\u0430, \u043f\u043e \u043b\u0435\u0433\u0435\u043d\u0434\u0435, \u043d\u0443\u0436\u043d\u0430 \u0434\u043b\u044f \u00ab\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f 2FA\u00bb.\n\n\u041a\u0440\u0430\u0434\u0435\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0443\u044e \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044e \u0430\u0437\u0430\u0440\u0442\u043d\u044b\u0445 \u0438\u0433\u0440. \u041e\u0434\u043d\u0430 \u0438\u0437 \u043a\u0438\u0442\u0430\u0435\u0433\u043e\u0432\u043e\u0440\u044f\u0449\u0438\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e Bronze Starlight, \u043f\u0440\u043e\u0432\u0435\u043b\u0430 \u0441\u0435\u0440\u0438\u044e \u0430\u0442\u0430\u043a \u043d\u0430 \u0438\u0433\u043e\u0440\u043d\u044b\u0435 \u0431\u0438\u0437\u043d\u0435\u0441\u044b \u042e\u0412\u0410, \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u044f \u0441\u0432\u043e\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u044b \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c \u043c\u0435\u0441\u0442\u043d\u043e\u0433\u043e VPN-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430. \u0422\u0430\u043a\u0436\u0435 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f DLL Adobe CC, MS Edge \u0438 McAfee \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u0430\u044f\u0447\u043a\u0430 Cobalt Strike. \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0446\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436, \u0430 \u043d\u0435 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0430\u044f \u0432\u044b\u0433\u043e\u0434\u0430. \u041f\u043e \u043c\u0435\u0440\u0435 \u0440\u043e\u0441\u0442\u0430 \u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0432\u044f\u0437\u0435\u0439 \u0441 \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0438\u043c\u0438 \u0441\u0442\u0440\u0430\u043d\u0430\u043c\u0438, \u043e\u0442\u0435\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u0441\u0442\u0430\u043b\u043a\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c\u0438 \u00ab\u0433\u043e\u0441\u0442\u044f\u043c\u0438\u00bb.\n\n\ud83d\udc31 \u0412\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Blackcat \u0440\u0430\u0437\u0434\u0430\u043b\u0438 \u0441\u0432\u043e\u0435\u0439 \u043f\u0430\u0440\u0442\u043d\u0451\u0440\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0412\u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u044d\u0432\u043e\u043b\u044e\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0438\u0437 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 \u0432 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0439. \u041e\u043d\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 Impacket \u0434\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0432 \u0441\u0435\u0442\u0438 \u0438 \u0448\u0435\u043b\u043b Remcom. \n\n\u0410\u043d\u0430\u043b\u0438\u0437 Abyss Locker, \u0412\u041f\u041e \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 ESXi. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u043d \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u0431\u043e\u043b\u0435\u0435 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0435\u043c \u0430\u043d\u0430\u043b\u043e\u0433\u0438,\u0432  \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u043c\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u044d\u043a\u0441\u043a\u043b\u044e\u0437\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0434\u043b\u044f \u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u043e\u0441\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u0438 \u0434\u0440\u0443\u0433\u043e\u0435 \u0438\u0437\u0434\u0435\u043b\u0438\u0435 \u0434\u043b\u044f ESXi, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e Monti.\n\n\ud83d\ude31 \u0414\u044b\u0440\u0443 \u0432 Citrix NetScaler (CVE-2023-3519), \u0437\u0430\u043a\u0440\u044b\u0442\u0443\u044e 18 \u0438\u044e\u043b\u044f, \u0443\u0441\u043f\u0435\u043b\u0438 \u043a\u0430\u043a \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. \u0412\u0435\u0431-\u0448\u0435\u043b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 2000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u0434\u0432\u0435 \u0442\u0440\u0435\u0442\u0438 \u0438\u0437 \u043d\u0438\u0445 \u0443\u0436\u0435 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b, \u043d\u043e, \u0432\u0438\u0434\u0438\u043c\u043e, \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043f\u043e\u0437\u0434\u043d\u043e. \n\n\ud83d\udcf1 \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 APK \u0443\u0432\u043e\u0434\u044f\u0442 \u0438\u0437-\u043f\u043e\u0434 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0441\u0442\u043e\u0433\u043e \u0442\u0440\u044e\u043a\u0430 \u2014 \u0437\u0430\u043c\u0435\u043d\u044b \u0444\u043b\u0430\u0433\u0430 \u043c\u0435\u0442\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0440\u0435\u0441\u0441\u0438\u0438 \u0432 ZIP-\u0444\u0430\u0439\u043b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f APK. \u0423\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043a\u0430\u043a \u043c\u043d\u043e\u0433\u043e \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446 \u0438 \u0434\u0435\u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0441\u043f\u043e\u0442\u044b\u043a\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u0442\u0430\u043a\u043e\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0432\u0435\u0449\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 WinRAR. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows-\u0432\u0435\u0440\u0441\u0438\u0439 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e 6.22 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u0440\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0430\u0440\u0445\u0438\u0432\u0430 (CVE-2023-40477).  \u0411\u0430\u0433 \u043d\u0430\u0448\u043b\u0438 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043d\u043e \u043e\u043d \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u043f\u043e\u043d\u0440\u0430\u0432\u0438\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c. \u0422\u043e \u0436\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u043a\u0440\u044b\u043b\u043e \u0435\u0449\u0451 \u043e\u0434\u043d\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n#\u0434\u0430\u0439\u0436\u0434\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2023-08-21T10:01:01.000000Z"}, {"uuid": "27978852-3547-430b-9574-014560b71a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/142119", "content": "https://ift.tt/cyLTnQ9\nLarge-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519", "creation_timestamp": "2023-10-10T00:56:17.000000Z"}, {"uuid": "40cd794a-c6f6-43cb-9288-5a4f60ee13da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125444", "content": "https://ift.tt/Ci27Ytg\nCVE-2023-3519: A quick Overview", "creation_timestamp": "2023-07-21T16:47:33.000000Z"}, {"uuid": "37fe2934-9169-4646-a7ff-326918a26742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125543", "content": "https://ift.tt/BLl1wYm\nCISA: You've got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519", "creation_timestamp": "2023-07-22T02:11:52.000000Z"}, {"uuid": "c31a1a25-a43e-4824-a97c-4dd592a6be78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/ctinow/128012", "content": "https://ift.tt/nOQ1bd4\nHackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks", "creation_timestamp": "2023-08-02T23:18:16.000000Z"}, {"uuid": "36b22400-85d0-4e09-8297-4a11f0fd8307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/130742", "content": "https://ift.tt/kj8XVy6\nNew CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices - BleepingComputer", "creation_timestamp": "2023-08-15T19:58:03.000000Z"}, {"uuid": "4d86f112-a84c-4730-87b3-38b6b4798c25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/130719", "content": "https://ift.tt/kj8XVy6\nNew CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices", "creation_timestamp": "2023-08-15T17:36:55.000000Z"}, {"uuid": "cdf8e244-741a-486f-a7e0-87058693f666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "Telegram/a0DtFtRmP5aBP5O58H-Gn5cRebtNGLaQ7RTSIbsqlJ3nRQ", "content": "", "creation_timestamp": "2023-11-07T23:19:58.000000Z"}, {"uuid": "29bb5eb9-3bee-4100-a384-2753e10d1b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/ctinow/125521", "content": "https://ift.tt/isUz5pF\nCISA Advisory: Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells", "creation_timestamp": "2023-07-21T22:42:07.000000Z"}, {"uuid": "fc1c3242-6138-4ee4-b547-dc761263c6c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/129395", "content": "https://ift.tt/vScZP1U\nSecurity Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)", "creation_timestamp": "2023-08-09T14:18:04.000000Z"}, {"uuid": "ded17c3e-f2aa-417f-b401-b428bc846efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125666", "content": "https://ift.tt/A2OtT34\nShadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519", "creation_timestamp": "2023-07-23T16:11:58.000000Z"}, {"uuid": "17cf6283-1457-45a4-8e52-242cc8e7c108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125592", "content": "https://ift.tt/EmZPcji\nOver 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks", "creation_timestamp": "2023-07-22T20:26:38.000000Z"}, {"uuid": "9c7d3e58-5761-497a-a1df-c10aa816d475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125575", "content": "https://ift.tt/EmZPcji\nOver 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks - BleepingComputer", "creation_timestamp": "2023-07-22T16:43:05.000000Z"}, {"uuid": "6255a7d9-9372-4de3-b8cc-1f249ac901c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125669", "content": "https://ift.tt/7gaeimL\nOver 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks", "creation_timestamp": "2023-07-23T17:11:42.000000Z"}, {"uuid": "d035fa8a-5dd2-4c7c-bb82-7c6e405852c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/124903", "content": "https://ift.tt/iJDkXK3\nCitrix ADC Vulnerability CVE-2023-3519, 3466 and 3467 - Patch Now!, (Wed, Jul 19th)", "creation_timestamp": "2023-07-19T18:41:07.000000Z"}, {"uuid": "660612f3-de2c-41fa-afbd-4640cac02f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/ctinow/124778", "content": "https://ift.tt/G9TVtXD\nCitrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)", "creation_timestamp": "2023-07-19T13:21:55.000000Z"}, {"uuid": "e39b32ee-3a32-45bd-8d23-34ab2e44a3d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/ctinow/125395", "content": "https://ift.tt/1XGaSHA\nCitrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)", "creation_timestamp": "2023-07-21T13:42:42.000000Z"}, {"uuid": "f2a7e9fe-ec41-45a9-9d15-7f8973ce1a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "Telegram/919nRi5cA7CaaKHtpiN2IuVKsJbhE_C6GD7xypFqmGYPHA", "content": "", "creation_timestamp": "2023-08-16T06:55:05.000000Z"}, {"uuid": "6e7f99f8-1d82-4779-a209-cc7eaec5861a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "Telegram/DC_YW45dtlBo-CKymsuATwlD2wRuG78TcUZgUvy8wA1MQao", "content": "", "creation_timestamp": "2023-07-21T14:22:29.000000Z"}, {"uuid": "912fedd4-9563-4ff8-a00b-77dc8ccada73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "Telegram/dZb02P9SwfbiWL2M6e8NDJ_rjC4LlU7fW0hnDXmCnw4nvQ", "content": "", "creation_timestamp": "2023-10-10T08:19:42.000000Z"}, {"uuid": "ed3763f3-3fca-44e9-bdad-b1d1ce7d5ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/862", "content": "\ud83d\udd12 Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks. \n \nPatch your systems ASAP! Read more: https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html", "creation_timestamp": "2023-10-10T17:17:50.000000Z"}, {"uuid": "2e14987d-4378-43c6-ae01-cbed0db1bb90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/arpsyndicate/1876", "content": "#ExploitObserverAlert\n\nCVE-2023-3519\n\nDESCRIPTION: Exploit Observer has 100 entries related to CVE-2023-3519. Unauthenticated remote code execution\n\nFIRST-EPSS: 0.890420000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T00:58:21.000000Z"}, {"uuid": "0532ee45-8928-4f87-846a-c23338fcf983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "Telegram/GNlBzJynPtHWsMeoDQyetx2B201ZqC8stthonARABcTB0w", "content": "", "creation_timestamp": "2023-08-29T16:23:04.000000Z"}, {"uuid": "1ddd6feb-fd10-486f-a8a0-1735c0d4af2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "Telegram/UlQeB2zp03cu9bgOklnRN_Ia92qTtA8SC0T_Kw6YSDwfBA", "content": "", "creation_timestamp": "2023-08-03T19:22:03.000000Z"}, {"uuid": "f5f51f63-4074-44ef-b06d-956aa77d5da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "Telegram/CoJVkJiX0S1hR-_II9EjqbBpWd20MkdUAcMqOgtRCCRb_Q", "content": "", "creation_timestamp": "2023-07-19T07:02:25.000000Z"}, {"uuid": "4622c9d5-c162-4406-902b-be5608e5f3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/KomunitiSiber/659", "content": "Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability\nhttps://thehackernews.com/2023/08/nearly-2000-citrix-netscaler-instances.html\n\nNearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as part of a large-scale attack.\n\"An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing web shells on vulnerable NetScalers to gain persistent access,\" NCC Group\u00a0said\u00a0in an advisory released Tuesday.\n\"The adversary can", "creation_timestamp": "2023-08-16T07:11:22.000000Z"}, {"uuid": "665ff369-7507-4234-a005-4e5f5a81f21c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/37", "content": "\ud83d\udd12 Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks. \n \nPatch your systems ASAP! Read more: https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html", "creation_timestamp": "2023-10-10T17:17:50.000000Z"}, {"uuid": "d6137871-45af-4c00-a4ed-234e766a91e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/integral_security/513", "content": "\u27a1\ufe0f\u0414\u0430\u0439\u0434\u0436\u0435\u0441\u0442 9 \u2014 13 \u043e\u043a\u0442\u044f\u0431\u0440\u044f\n\n\u0424\u0421\u0422\u042d\u041a \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u0438 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 40 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u041a\u0418\u0418 \u0432 2023 \u0433\u043e\u0434\u0443\n\u041f\u043e\u0441\u043b\u0435 \u0432\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u0438\u043b\u0443 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0430\u0432\u0438\u043b \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u041a\u0418\u0418 \u0438 \u043f\u0435\u0440\u0435\u0447\u043d\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439 \u043a\u0440\u0438\u0442\u0435\u0440\u0438\u0435\u0432 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0430 \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0430.\n\n\u0414\u0435\u0444\u0435\u043a\u0442 \u0432 \u041f\u041e Citrix \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043a\u0440\u0430\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435\n\u0425\u0430\u043a\u0435\u0440\u044b \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519 \u0432 \u0448\u043b\u044e\u0437\u0430\u0445 Citrix NetScaler, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0435\u0435 \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 JavaScript \u0438 \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\nGoogle \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0430 \u043e \u0441\u0430\u043c\u043e\u0439 \u043c\u043e\u0449\u043d\u043e\u0439 DDoS-\u0430\u0442\u0430\u043a\u0435 \u0432 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u2014 398 \u043c\u043b\u043d \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e HTTP/2 Rapid Reset, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0443\u044e \u043d\u0430 \u043c\u0443\u043b\u044c\u0442\u0438\u043f\u043b\u0435\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u043e\u0442\u043e\u043a\u043e\u0432.\n\nHuawei \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u00ab\u043f\u0435\u0440\u0432\u044b\u0445 \u0432 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438\u00bb \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f 5.5G\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u0433\u0430\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0441\u0432\u044f\u0437\u0438 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f 5.5G \u0441\u0440\u0435\u0434\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0432 \u043c\u0430\u0442\u0435\u0440\u0438\u043a\u043e\u0432\u043e\u043c \u041a\u0438\u0442\u0430\u0435, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435.\n\n\u041a\u0440\u0443\u043f\u043d\u044b\u0435 \u0432\u0435\u0434\u043e\u043c\u0441\u0442\u0432\u0430 \u0421\u0428\u0410 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e \u0432\u043e\u0437\u044c\u043c\u0443\u0442\u0441\u044f \u0437\u0430 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043c\u0435\u0441\u0442\u043d\u044b\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439\nCISA, FBI, NSA \u0438 \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432 \u0421\u0428\u0410 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 OT \u0438 ICS.\n\n\u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0443\u0447\u0435\u043d\u044b\u0435 \u0437\u0430\u044f\u0432\u0438\u043b\u0438 \u043e \u043f\u0440\u043e\u0440\u044b\u0432\u0435 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043a\u0432\u0430\u043d\u0442\u043e\u0432\u044b\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439\n\u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439  \u043a\u0432\u0430\u043d\u0442\u043e\u0432\u044b\u0439 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0440\u0435\u0448\u0438\u043b \u0441\u043b\u043e\u0436\u043d\u0443\u044e \u043c\u0430\u0442\u0435\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443 \u0437\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043d\u0443\u044e \u0434\u043e\u043b\u044e \u0441\u0435\u043a\u0443\u043d\u0434\u044b.\n\nGNOME \u0443\u044f\u0437\u0432\u0438\u043c \u043f\u0435\u0440\u0435\u0434 RCE-\u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0438\u0437-\u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 libcue\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-43641 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 Linux-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0441\u0440\u0435\u0434\u0443 \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 GNOME.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b 404 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u0445 \u043a\u0430\u0440\u0442\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f Magecart-\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f, \u0432 \u0445\u043e\u0434\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u043e\u0440\u0443\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0430\u0439\u0442\u0430\u0445 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432.\n \n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Shield AI \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043a \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044e \u0440\u043e\u044f \u0434\u0440\u043e\u043d\u043e\u0432 V-Bat Teams \n\u0422\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e\u043c \u043e\u0431\u043e\u0440\u043e\u043d\u044b \u0421\u0428\u0410 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Replicator.", "creation_timestamp": "2023-10-13T11:17:40.000000Z"}, {"uuid": "a47a61dd-6f48-43c7-af94-3804171e7955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/KomunitiSiber/596", "content": "Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack\nhttps://thehackernews.com/2023/08/hundreds-of-citrix-netscaler-adc-and.html\n\nHundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation.\nThe non-profit\u00a0said\u00a0the attacks take advantage of\u00a0CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution.\nThe flaw, patched by Citrix last month, carries a CVSS score of 9.8.\nThe\u00a0", "creation_timestamp": "2023-08-03T17:27:32.000000Z"}, {"uuid": "a2c72b7e-71c4-41c1-86fd-4d27890f530b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35193", "type": "seen", "source": "https://t.me/cibsecurity/72129", "content": "\u203c CVE-2023-35193 \u203c\n\nAn OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability is specifically for the `system` call in the file `/web/MANGA/cgi-bin/api.cgi` for firmware version 6.3.5 at offset 0x4bddb8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T20:18:00.000000Z"}, {"uuid": "fb528918-3d1d-4a95-b08a-6618da7a5f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/KomunitiSiber/908", "content": "Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials\nhttps://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html\n\nA recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign.\nIBM X-Force, which uncovered the activity last month,\u00a0said\u00a0adversaries exploited \"CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user", "creation_timestamp": "2023-10-10T08:22:10.000000Z"}, {"uuid": "5dabd9a2-bf6e-4fd9-8bf0-cdc7cca20341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/M_3_7_1/23566", "content": "\u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 CVE-2023-3519 \u0641\u064a Citrix NetScaler \u062a\u0645 \u062a\u0635\u0646\u064a\u0641\u0647\u0627 \u0639\u0644\u0649 \u0623\u0646\u0647\u0627 \u062b\u063a\u0631\u0629 \u062e\u0637\u064a\u0631\u0629 \u0628\u062a\u0635\u0646\u064a\u0641 9.8\u060c \u0648\u0647\u064a \u062a\u0624\u062b\u0631 \u0639\u0644\u0649 Citrix ADC \u0648 NetScaler Gateway. \u062a\u0633\u0645\u062d \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u062d\u0643\u0645 \u0643\u0648\u062f \u0639\u0646 \u0628\u064f\u0639\u062f (RCE) \u0639\u0644\u0649 \u0627\u0644\u062e\u0627\u062f\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641.\n\n\u0641\u064a \u062d\u0627\u0644\u0629 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0635\u062d\u064a\u062d \u0644\u0644\u062b\u063a\u0631\u0629\u060c \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0625\u0646\u0634\u0627\u0621 webshell \u0639\u0644\u0649 \u0627\u0644\u062e\u0627\u062f\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 \u0648\u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0628\u0634\u0643\u0644 \u0643\u0627\u0645\u0644. \u0639\u0627\u062f\u0629\u064b \u0645\u0627 \u064a\u062a\u0645 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0644\u062a\u062c\u0633\u0633 \u0639\u0644\u0649 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a\u060c \u0623\u0648 \u0627\u0644\u0642\u064a\u0627\u0645 \u0628\u0623\u0639\u0645\u0627\u0644 \u062a\u062f\u0645\u064a\u0631\u064a\u0629\u060c \u0623\u0648 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0646\u0638\u0627\u0645 \u0628\u0637\u0631\u0642 \u0623\u062e\u0631\u0649 \u0648\u0641\u0642\u064b\u0627 \u0644\u0623\u0647\u062f\u0627\u0641 \u0627\u0644\u0645\u0647\u0627\u062c\u0645.\n\n\u0645\u0639 \u0630\u0644\u0643\u060c \u0641\u0642\u062f \u062a\u0645 \u0625\u0635\u062f\u0627\u0631 \u062a\u0635\u062d\u064a\u062d \u0644\u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0641\u064a \u0627\u0644\u0634\u0647\u0631 \u0627\u0644\u0645\u0627\u0636\u064a\u060c \u0648\u064a\u062c\u0628 \u062a\u0646\u0632\u064a\u0644 \u0648\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u062a\u0635\u062d\u064a\u062d \u0628\u0623\u0633\u0631\u0639 \u0648\u0642\u062a \u0645\u0645\u0643\u0646 \u0644\u062a\u0642\u0644\u064a\u0644 \u062e\u0637\u0631 \u0627\u0644\u062a\u0639\u0631\u0636 \u0644\u0644\u062b\u063a\u0631\u0629. \u0648\u0628\u0627\u0644\u0625\u0636\u0627\u0641\u0629 \u0625\u0644\u0649 \u0630\u0644\u0643:\n\n- \u062a\u0634\u064a\u0631 \u0628\u0639\u0636 \u0627\u0644\u062a\u0642\u0627\u0631\u064a\u0631 \u0625\u0644\u0649 \u0623\u0646 \u062d\u0648\u0627\u0644\u064a 69% \u0645\u0646 \u0627\u0644\u062e\u0648\u0627\u062f\u0645 \u0627\u0644\u0645\u062a\u0636\u0631\u0631\u0629 \u0642\u062f \u062a\u0645 \u062a\u062d\u062f\u064a\u062b\u0647\u0627 \u0628\u0627\u0644\u0641\u0639\u0644 \u0648\u0644\u064a\u0633\u062a \u0639\u0631\u0636\u0629 \u0644\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644.\n- \u0642\u0627\u0645\u062a \u0634\u0631\u0643\u0629 MANDIANT \u0628\u0625\u0635\u062f\u0627\u0631 \u0623\u062f\u0627\u0629 \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631 \u062a\u0633\u0627\u0639\u062f \u0641\u064a \u0627\u0643\u062a\u0634\u0627\u0641 \u0645\u0627 \u0625\u0630\u0627 \u062a\u0645 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0641\u064a \u0634\u0628\u0643\u062a\u0643 \u0623\u0648 \u062e\u0648\u0627\u062f\u0645\u0643.\n- \u064a\u0645\u0643\u0646\u0643 \u0623\u064a\u0636\u064b\u0627 \u0627\u0644\u0627\u0633\u062a\u0641\u0627\u062f\u0629 \u0645\u0646 \u0642\u0627\u0626\u0645\u0629 \u0627\u0644\u0645\u0624\u0634\u0631\u0627\u062a \u0627\u0644\u062a\u064a \u0646\u0634\u0631\u062a\u0647\u0627 CISA \u0644\u0641\u062d\u0635 \u0648\u062a\u0642\u064a\u064a\u0645 \u0646\u0638\u0627\u0645\u0643 \u0644\u0644\u062a\u0623\u0643\u062f \u0645\u0646 \u0639\u062f\u0645 \u062a\u0648\u0627\u062c\u062f \u0627\u0644\u062b\u063a\u0631\u0629.", "creation_timestamp": "2024-01-06T18:19:36.000000Z"}, {"uuid": "1505c568-9570-44f9-9d48-209fcbac9987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/KomunitiSiber/509", "content": "Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway\nhttps://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html\n\nCitrix is\u00a0alerting\u00a0users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway that it said is being actively exploited in the wild.\nTracked as\u00a0CVE-2023-3519\u00a0(CVSS score: 9.8), the issue relates to a case of\u00a0code injection\u00a0that could result in unauthenticated remote code execution. It impacts the following versions -\n\nNetScaler ADC and NetScaler Gateway 13.1", "creation_timestamp": "2023-07-19T06:07:34.000000Z"}, {"uuid": "ccecace6-6782-46b3-959e-344336f2ad94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/KomunitiSiber/715", "content": "Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability\nhttps://thehackernews.com/2023/08/citrix-netscaler-alert-ransomware.html\n\nUnpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what's suspected to be a ransomware attack.\nCybersecurity company Sophos is\u00a0tracking\u00a0the activity cluster under the moniker\u00a0STAC4663.\nAttack chains involve the exploitation of\u00a0CVE-2023-3519, a critical code injection vulnerability impacting NetScaler ADC and Gateway servers that could", "creation_timestamp": "2023-08-29T12:18:33.000000Z"}, {"uuid": "e2c33285-090c-42b3-8033-250768df22a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/ashaburroyah313/920", "content": "CVE-2023-3519: Threat Actors Exploits the Citrix Zero-Day Vulnerability for Remote Code Execution\nhttps://www.picussecurity.com/resource/blog/cve-2023-3519-threat-actors-exploits-the-citrix-zero-day-vulnerability-for-remote-code-execution", "creation_timestamp": "2024-04-01T01:21:42.000000Z"}, {"uuid": "e2949daa-a9da-429b-a44d-ad6d5fe8fd53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/JerusalemElectronicArmy/542", "content": "#\u0623\u062e\u0628\u0627\u0631_\u0627\u0644\u0633\u0627\u064a\u0628\u0631 \n \u0643\u0634\u0641\u062a \u0645\u062c\u0645\u0648\u0639\u0629 \u064a\u0637\u0644\u0642 \u0639\u0644\u064a\u0647\u0627 \"NCC Group\" \u0639\u0646 \u0623\u0643\u0628\u0631 \u0639\u0645\u0644\u064a\u0629 \u0627\u0633\u062a\u063a\u0644\u0627\u0644  \u0644\u062b\u063a\u0631\u0629 \u0623\u0646\u0638\u0645\u0629 \"Citrix NetScaler\" \u0648\u062a\u062d\u0645\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0631\u0642\u0645\"CVE-2023-3519\" \n\u0627\u0644\u0627\u062e\u062a\u0631\u0627\u0642 \u0637\u0627\u0644 \u0623\u0643\u062b\u0631  \u0645\u0646 \u0648\u0627\u062c\u0647\u0629 2000 \"Citrix NetScaler\" \u0648\u0639\u062b\u0631 \u0627\u0644\u0645\u062d\u0644\u0644\u0648\u0646 \u0639\u0644\u0649 \u0623\u062f\u0648\u0627\u062a \u0645\u062a\u0637\u0648\u0631\u0629 \u062a\u0645 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627 \u0641\u064a \u0627\u0644\u0647\u062c\u0648\u0645 ...\n\u0641\u064a \u0627\u0644\u0635\u0648\u0631 \u0623\u0643\u062b\u0631 \u0627\u0644\u062f\u0648\u0644 \u062a\u0623\u062b\u0631\u0627\u064b \u0628\u0627\u0644\u0647\u062c\u0648\u0645...\n\u0627\u0644\u0645\u0635\u062f\u0631:\u0631\u0627\u0628\u0637 \u0627\u0644\u062e\u0628\u0631 \n#\u062c\u064a\u0634_\u0627\u0644\u0642\u062f\u0633_\u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-08-16T08:20:17.000000Z"}, {"uuid": "6c87a352-4449-4484-b611-d703fe113d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/rrv_ru/170", "content": "\ud83d\udca5Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)\nThis writeup includes the correct vulnerable endpoint that is exploitable without any special configuration.", "creation_timestamp": "2023-07-24T18:04:49.000000Z"}, {"uuid": "90153be3-1f4e-471f-abaf-90ec1bc98b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35194", "type": "seen", "source": "https://t.me/cibsecurity/72126", "content": "\u203c CVE-2023-35194 \u203c\n\nAn OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability is specifically for the `system` call in the file `/web/MANGA/cgi-bin/api.cgi` for firmware version 6.3.5 at offset `0x4bde44`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T20:17:57.000000Z"}, {"uuid": "4d1b2d49-a2f7-48ca-ad27-548c54e5cb9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/hunter4good/218", "content": "https://twitter.com/HunterMapping/status/1681604793721298948\n\ud83d\udea8Alert\ud83d\udea8 CVE-2023-3519 Zero-Day #Citrix ADC and #Citrix Gateway Unauthenticated #RCE CVSS 9.8\ud83d\udd25 exploited in the wild\n\n\ud83d\udcce https://hunter.how/list?searchValue=product.name%3D%22NetScaler%20AAA%22%7C%7Cproduct.name%3D%22Citrix%20Access%20Gateway%22\n\nRefer to: https://twitter.com/BushidoToken/status/1681314564162588672 \nhttps://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html\n#infosec #CyberSecurity #CTI #ThreatIntel #OSINT #intelligence", "creation_timestamp": "2023-07-20T08:17:58.000000Z"}, {"uuid": "5845832f-cfae-4386-9e55-46b68b0b4cb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3126", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory\n\n\u200b\u200bTor / Darknet Links\n\nVerified darknet market and darknet service links on the Tor Network.\n\nhttps://github.com/DarkNetEye/tor-links\n\nWeb:\nhttps://darkneteye.com/\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bDragondoom\n\nThe PAKE Dragonfly is used as SAE in WPA3 authentication. A critical point during the authentication is when the password needs to be derived into an elliptic curve point.\n\nhttps://gitlab.inria.fr/ddealmei/artifact_dragondoom\n\n#cybersecurity #infosec\n\n\u200b\u200bwhatlicense\n\nFull tool chain to extract WinLicense secrets from a protected program then launch it bypassing all verification steps, utlizing an Intel PIN tool and license file builder.\n\nhttps://github.com/charlesnathansmith/whatlicense\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2022-44875\n\nTesting CVE-2022-44875\n\nhttps://github.com/c0d30d1n/CVE-2022-44875-Test\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bWiFi-OSINT\n\nSome great Wifi, resources, tools and blogs if Wi-Fi #OSINT is your thing.\n\nhttps://github.com/cqcore/WiFi-OSINT\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-35885\n\nCloudpanel 0-day Exploit\n\nhttps://github.com/datackmy/FallingSkies-CVE-2023-35885\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3519\n\nThis script is a basic Citrix Scanner for CVE-2023-3519. We try to identify vulnerable Citrix Gateways/ADCs by looking at the HTTP headers.\n\nhttps://github.com/telekom-security/cve-2023-3519-citrix-scanner\n\n#cve #infosec #pentesting\n\n\u200b\u200bvala-vala-hey\n\nThis is a 0day root LPE for latest #Manjaro distro, tested on embedded ARM and x86_64 desktop installs.\n\nhttps://github.com/c-skills/vala-vala-hey\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2020-1472\n\nA Python script that uses the Impacket library to test vulnerability for the Zerologon exploit (CVE-2020-1472).\n\nhttps://github.com/SecuraBV/CVE-2020-1472\n\n#cve #cybersecurity #infosec\n\nEX-SQLi\n\nA tool for scanning and exploiting the famous SQL injection vulnerability in more than millions of sites. The exploit was programmed by the TYG team.\n\nhttps://github.com/mr-sami-x/SQLi\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-38632\n\nAsync-sockets-cpp <0.3.1 TCP Packet tcpsocket.hpp Stack-based Overflow\n\nhttps://github.com/Halcy0nic/CVE-2023-38632\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3519\n\nThis Nuclei template checks for the presence of the CVE-2023-3519 vulnerability in a target web server.\n\nhttps://github.com/SalehLardhi/CVE-2023-3519\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-28121\n\nWooCommerce Payments: Unauthorized Admin Access #Exploit.\n\nhttps://github.com/gbrsh/CVE-2023-28121\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bVanMoof Encryption Key Exporter\n\nExport all bike details (such as encryption key) of your VanMoof bikes.\n\nhttps://github.com/grossartig/vanmoof-encryption-key-exporter\n\nWeb:\nhttps://keyexporter.grossartig.io/\n\n#cybersecurity #infosec\n\n\u200b\u200bPowershellKerberos\n\nSome scripts to abuse kerberos using Powershell.\n\nhttps://github.com/MzHmO/PowershellKerberos\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-23T12:08:55.000000Z"}, {"uuid": "41ac8c9b-4c4a-4faf-bd70-4ce90b6086be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3153", "content": "Hackers Factory \n\nBlack Hat USA 2023\nDefender-Pretender: When Windows Defender Updates Become a Security Risk\n\nhttps://github.com/SafeBreach-Labs/wd-pretender\n\n#BlackHat #blackhat23 #Infosec #Windows #Security #cyberattacks\n\nRCE exploit for CVE-2023-3519\n\nhttps://github.com/BishopFox/CVE-2023-3519\n\nCVE-2023-37979\n\nhttps://github.com/Fire-Null/CVE-2023-37979\n\nGolang client for querying SecurityTrails API data\n\nhttps://github.com/hakluke/haktrails\n\nExtract URLs, paths, secrets, and other interesting bits from JavaScript\n\nhttps://github.com/BishopFox/jsluice\n\nCVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC\n\nhttps://github.com/vchan-in/CVE-2023-35078-Exploit-POC\n\nSub-Domain TakeOver Vulnerability Scanner\n\nhttps://github.com/m4ll0k/takeover\n\nCloudpanel 0-day Exploit\n\nhttps://github.com/datackmy/FallingSkies-CVE-2023-35885\n\nnse script to identify server vulnerable to CVE-2023-3519\n\nhttps://github.com/dorkerdevil/CitrixFall\n\nCVE-2023-34960 Chamilo PoC\n\nhttps://github.com/Aituglo/CVE-2023-34960/blob/master/poc.py\n\nVMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887\n\nhttps://github.com/projectdiscovery/nuclei-templates/pull/7405\n\nKeyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.\n\nhttps://github.com/streaak/keyhacks\n\n#Infosec #cybersec #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-14T01:40:46.000000Z"}, {"uuid": "dd741f37-efd5-4e45-aa08-7a85211d8c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3127", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  -  Hackers Factory\n\n\u200b\u200bFirefox Decrypt\n\nA tool to extract passwords from Mozilla (Firefox\u2122, Waterfox\u2122, Thunderbird\u00ae, SeaMonkey\u00ae) profiles.\n\nhttps://github.com/unode/firefox_decrypt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bmutation fuzzer\n\nMutate a binary to identify potential #exploit candidates.\n\nhttps://github.com/demetriusford/mutation-fuzzer\n\n#cybersecurity #infosec\n\n\u200b\u200bmasm32-kernel-programming\n\nmasm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)\n\nhttps://github.com/therealdreg/masm32-kernel-programming\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bXSS-Bypass-Filters\n\nhttps://github.com/Edr4/XSS-Bypass-Filters\n\n#infosec #bugbounty \n\n\u200b\u200bCVE-2023-3519\n\nThis #Nmap NSE script checks for the CVE-2023-3519 vulnerability in Citrix Gateway and Citrix AAA.\n\nhttps://github.com/dorkerdevil/CitrixFall\n\n#infosec \n\n\u200b\u200bCVE-2023-3519\n\nThe cve_2023_3519_inspector.py is a Python-based vulnerability scanner for detecting the CVE-2023-3519 vulnerability in Citrix Gateways. It performs a passive analysis and fingerprinting of target websites to assess their vulnerability based on a series of checks.\n\nhttps://github.com/securekomodo/citrixInspector\n\n#cve\n\n\u200b\u200bCVE-2023-28121\n\nWooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]\n\nhttps://github.com/im-hanzou/Mass-CVE-2023-28121\n\n#cve\n\n\u200b\u200bCVE-2023-32681\n\nVulnerability in python-requests affects IBM InfoSphere Information Server.\n\nhttps://github.com/hardikmodha/POC-CVE-2023-32681\n\n#cve #poc #cybersecurity #infosec\n\n\u200b\u200bCloudflare Origin ip\n\nThis Python tool compares the HTTP response of the given subdomain to HTTP responses of a list of IPs addresses. This list is based on:\n\n\u2022 subdomains supplied by the user\n\u2022 subdomains found on external sources\n\u2022 IPs found external sources\n\nhttps://github.com/gwen001/cloudflare-origin-ip\n\n\u200b\u200bBucketLoot\n\nBucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.\n\nhttps://github.com/redhuntlabs/BucketLoot\n\n\u200b\u200bHtmlSmuggling\n\nit is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page.\n\nhttps://github.com/De3vil/HtmlSmuggling\n\n\u200b\u200bTGSThief\n\nI think a lot of people have seen the project GIUDA. It is an interesting way to get the TGS of a user whose logon session is just present on the computer. The problem is that its code is written in Pascal (the last time I wrote in Pascal was at school), so I had to rewrite the project in C++.\n\nhttps://github.com/MzHmO/TGSThief\n\n\u200b\u200bCVE-2023-28467\n\nCross-site scripting (XSS) vulnerability in the User CP module allows remote authenticated users to inject HTML via the user email field, triggered on the User CP Home page.\n\nAfter registration, the e-mail address is changed and the XSS payload is placed. Then, when \"User CP\" is entered, the vulnerability is triggered.\n\nhttps://github.com/ahmetaltuntas/CVE-2023-28467\n\n\u200b\u200bRandomTSScripts\n\nRandom collection of scripts useful for engagements, which don't really need their own repo.\n\nhttps://github.com/xpn/RandomTSScripts\n\n\u200b\u200bCVE-2023-38408 \n\nRemote Code Execution in OpenSSH's forwarded ssh-agent\n\nhttps://github.com/snowcra5h/CVE-2023-38408\n\n\u200b\u200bcombine\n\nRust in-memory dumper. Check your windows local security authority credential's safety with this awesome tool.\n\nhttps://github.com/m3f157O/combine_harvester\n\n\u200b\u200bTokenTactics v2\n\nA fork of the great TokenTactics with support for CAE and token endpoint v2.\n\nhttps://github.com/f-bader/TokenTacticsV2\n\n\u200b\u200bDeepCamera\n\nOpen-Source #AI #Camera. Empower any camera/CCTV with state-of-the-art AI, including facial recognition, person recognition(RE-ID) car detection, fall detection and more...\n\nhttps://github.com/SharpAI/DeepCamera\n\n\u200b\u200bAnalytics & AdBlocker\n\nProtect your #privacy while browsing the web.\n\nhttps://github.com/con-schy1/Analytics_AdBlocker\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-25T11:56:20.000000Z"}, {"uuid": "6fd69372-3731-4f45-b4bb-2d58efd15286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/breachdetector/346447", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"What is CVE-2023-3519 RCE Security Vulnerability ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"26 Sep 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-09-26T18:54:37.000000Z"}, {"uuid": "793643f1-7631-471f-b449-8bdac624a7a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3142", "content": "Hackers Factory \n\nUnveiling the hidden depths of \n#DarkGate!\n\nMy latest blog post deep dive into its obfuscation techniques, decrypting deception of the DarkGate malware.\n\nThrough the blog you'll find about the campaign execution chain, what happens upon a double click from the user and leads to a sophisticated multi staged malware execution chain.\n\nSome key takeaways from the blog:\n\u25fe\ufe0f Usage CallWindowProc for injection\n\u25fe\ufe0f Custom base64 decoding routine\n\u25fe\ufe0f XOR loop encryption\n\u25fe\ufe0f Executable loading from stack-strings\n\nSo what are you waiting for? \nDive into the blog right now: https://0xtoxin.github.io/threat%20breakdown/DarkGate-Camapign-Analysis/\n\nGitHub - osintambition/Social-Media-OSINT-Tools-Collection: A collection of most useful osint tools for SOCINT.\n\nhttps://github.com/osintambition/Social-Media-OSINT-Tools-Collection\n\nCitrix ADC RCE CVE-2023-3519\nThis exploit uses addresses and shellcode for Citrix VPX 13.1-48.47.\n\nhttps://github.com/BishopFox/CVE-2023-3519\n\nDaProfiler is an OSINT tool allowing you to collect certain information about yourself in order to rectify by rgpd requests the traces you may have left on the net. DaProfiler is indeed able to recover: Addresses, Social media accounts, e-mail addresses, mobile / landline number, jobs. On a specified subject in a limited time. \n\nhttps://github.com/daprofiler/DaProfiler\n\nandroidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.\n\nhttps://github.com/botherder/androidqf\n\nKnowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.\n\nhttps://github.com/nccgroup/exploit_mitigations\n\nAiCEF\n\nhttps://github.com/grazvan/AiCEF\n\nLLM vulnerability scanner\n\nhttps://github.com/leondz/garak\n\nDOM XSS scanner for Single Page Applications\n\nhttps://github.com/fcavallarin/domdig\n\njSQL Injection is a Java application for automatic SQL database injection\n\nhttps://github.com/ron190/jsql-injection\n\nmassive SQL injection vulnerability scanner\n\nhttps://github.com/the-robot/sqliv\n\nA friend of SQLmap which will do what you always expected from SQLmap.\n\nhttps://github.com/s0md3v/sqlmate\n\n#cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-09T03:37:49.000000Z"}, {"uuid": "30091971-65e9-47c4-a131-470189209961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/breachdetector/346224", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-3519 RCE G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"26 Sep 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-09-26T10:14:33.000000Z"}, {"uuid": "f0b8496a-5720-4b74-9b2e-88ed2f09284b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/breachdetector/332350", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-3519 Kod Y\u00fcr\u00fctme A\u00e7\u0131\u011f\u0131 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"06 Sep 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-09-06T22:27:13.000000Z"}, {"uuid": "6bcae76c-cff0-4796-9f98-4c9129ec3bed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/breachdetector/352716", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"What is CVE-2023-3519 NetScaler Code Execution Vulnerability?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"05 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-05T16:11:26.000000Z"}, {"uuid": "3b9ed2c3-fa6e-493c-abb2-51e09a3d10eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/breachdetector/352667", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-3519 NetScaler Kod Y\u00fcr\u00fctme G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"05 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-05T14:53:53.000000Z"}, {"uuid": "263ddcd8-cf02-4f76-9ce0-79ad70e31820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/756", "content": "CVE-2023-3519 : Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability (Part 1,2)\n\nBlog : https://www.mandiant.com/resources/blog/citrix-zero-day-espionage\n\nInspector : https://github.com/securekomodo/citrixInspector & https://github.com/telekom-security/cve-2023-3519-citrix-scanner\n\nPOC : https://github.com/BishopFox/CVE-2023-3519\n\nPOC 2 : https://github.com/rwincey/cve-2023-3519 (Verified : N/A)\n\nShodan : https://www.shodan.io/search?query=http.favicon.hash%3A-1292923998%2C-1166125415\n\nLink : https://blog.assetnote.io/2023/07/21/citrix-CVE-2023-3519-analysis/\n\nLink : https://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/", "creation_timestamp": "2023-08-25T13:10:21.000000Z"}, {"uuid": "4312c439-94ab-4e65-83d8-dc9f89fce6a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "Telegram/y8jGFE4uP4YyNc8vPyGLwMhtNTGizOrTAjwTc9Y6noe9osk", "content": "", "creation_timestamp": "2023-07-23T09:43:26.000000Z"}, {"uuid": "cac8bd73-d836-433c-87c7-c1ca77a48f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "Telegram/5VCeDYux6j_FxAveDcIWZi1TNFdS_hezhY9XnEhBhd491AU", "content": "", "creation_timestamp": "2023-08-31T17:11:36.000000Z"}, {"uuid": "09f43d9a-d452-41e8-9f07-1ff4d5561bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_TM/768", "content": "Tools\nBlue Team Techniques\nBasic Citrix Scanner for CVE-2023-3519\n\nhttps://github.com/telekom-security/cve-2023-3519-citrix-scanner\n\nhttps://github.com/SalehLardhi/CVE-2023-3519\n\n- - - - - - - - - - - - - - - - - - - -\n-=[ @ZeroDay_TM ]=-", "creation_timestamp": "2023-07-22T14:12:03.000000Z"}, {"uuid": "2baf3e61-69f3-45b5-9fd2-a1418d5b6ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/CyberSecurityIL/25674", "content": "\u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05db\u05d1\u05e8 \u05e9\u05ea\u05dc\u05d5 \u05e0\u05d5\u05d6\u05e7\u05d4 \u05d1-640 \u05e9\u05e8\u05ea\u05d9\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05d5\u05ea \u05d5\u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05dd \u05d4\u05e2\u05d5\u05e9\u05d9\u05dd \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1- Citrix Netscaler ADC.\n\n\u05d0\u05e8\u05d2\u05d5\u05df Shadowserver \u05de\u05d3\u05d5\u05d5\u05d7 \u05db\u05d9 \u05d4\u05de\u05e1\u05e4\u05e8 \u05db\u05e0\u05e8\u05d0\u05d4 \u05d2\u05d1\u05d5\u05d4 \u05d9\u05d5\u05ea\u05e8 \u05de\u05d0\u05d7\u05e8 \u05d5\u05de\u05e1\u05e4\u05e8 \u05e8\u05d1 \u05e9\u05dc \u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05dd \u05e2\u05d5\u05d3 \u05dc\u05d0 \u05e2\u05d3\u05db\u05e0\u05d5 \u05d0\u05ea \u05d4\u05de\u05d5\u05e6\u05e8, \u05db\u05e9\u05d4\u05dd \u05d7\u05e9\u05d5\u05e4\u05d9\u05dd \u05dc\u05d7\u05d5\u05dc\u05e9\u05d4 CVE-2023-3519.\n\n(\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e4\u05d5\u05e8\u05e1\u05de\u05d4 \u05d1\u05e4\u05d9\u05d3 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d4\u05d6\u05de\u05d9\u05df \u05dc\u05ea\u05d5\u05de\u05db\u05d9 \u05d4\u05e2\u05e8\u05d5\u05e5 \u05db\u05d1\u05e8 \u05d1-19.7)\n\nhttps://t.me/CyberSecurityIL/3470\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2023-08-03T08:21:26.000000Z"}, {"uuid": "689d22cc-3116-4267-8301-e415838ce056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/true_secator/4736", "content": "\u041f\u043e\u0447\u0442\u0438 2000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix NetScaler \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-3519 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0431\u043e\u043b\u0435\u0435 1200 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0435\u0449\u0435 \u0434\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0445 18 \u0438\u044e\u043b\u044f, \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0442\u044c\u0441\u044f \u0440\u0438\u0441\u043a\u0443, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u044b \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0428\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Fox-IT (\u0432\u0445\u043e\u0434\u0438\u0442 \u0432 NCC) \u0438 \u0413\u043e\u043b\u043b\u0430\u043d\u0434\u0441\u043a\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0438\u0442\u0443\u0442\u0430 DIVD, \u0430 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0440\u0430\u043d\u0435\u0435 \u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0438 \u0431\u043e\u043b\u0435\u0435 640 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix NetScaler \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438 The Shadowserver Foundation.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0434\u0432\u0430 \u043c\u0435\u0441\u044f\u0446\u0430 Fox-IT \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u0430 \u0431\u044b\u043b\u0430 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2023-3519, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u0430\u043c\u0438.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430\u0445, Fox-IT \u0438 DIVD \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u043e\u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u043d\u0430\u0448\u043b\u043e\u0441\u044c 1952 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 NetScaler, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043c\u0435\u0442\u043e\u0434\u0430 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0430\u0445.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0437\u0430\u0440\u0430\u0437\u0438\u0442\u044c \u0431\u043e\u043b\u0435\u0435 6% \u0438\u0437 31 127 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Citrix NetScaler, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u043b\u044f CVE-2023-3519.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix NetScaler \u0434\u0438\u0441\u043b\u043e\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u0424\u0440\u0430\u043d\u0446\u0438\u0438 \u0438 \u0428\u0432\u0435\u0439\u0446\u0430\u0440\u0438\u0438.\n\nFox-IT \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043c\u0430\u0441\u0441\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0430 \u0415\u0432\u0440\u043e\u043f\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u041a\u0430\u043d\u0430\u0434\u0435, \u0420\u043e\u0441\u0441\u0438\u0438 \u0438 \u0421\u0428\u0410 \u043d\u0430 21 \u0438\u044e\u043b\u044f \u0431\u044b\u043b\u0438 \u0442\u044b\u0441\u044f\u0447\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 NetScaler, \u043f\u043e\u0447\u0442\u0438 \u043d\u0438 \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u043d\u0438\u0445 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u044b \u0430\u0442\u0430\u043a.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 NetScaler \u0432\u0441\u0435 \u0435\u0449\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0435\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440 \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e\u00a0\u0441\u043a\u0440\u0438\u043f\u0442\u0430 Python \u0438 \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432\u00a0Dissect.\n\nMandiant \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u0441\u043a\u0430\u043d\u0435\u0440 \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 CVE-2023-3519.", "creation_timestamp": "2023-08-16T14:11:59.000000Z"}, {"uuid": "1a3beb8e-cde1-4ed5-aa70-d2c6cb9c9ff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/true_secator/4688", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Shadowserver Foundation \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u0432\u0437\u043b\u043e\u043c\u0435 \u0431\u043e\u043b\u0435\u0435 640 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix Netscaler ADC \u0438 Gateway \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0430\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-3519, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0430\u043d\u0435\u0435 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a 0-day \u0434\u043b\u044f \u0441\u0435\u0442\u0438 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432 \u0421\u0428\u0410.\n\n\u0412 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 China Chopper, \u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432. \n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0432 Shadowserver, \u043e \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u043c \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0435\u0449\u0435 20 \u0438\u044e\u043b\u044f. \u041f\u0440\u0438\u0447\u0435\u043c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0447\u0438\u0441\u043b\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u0430\u043c\u0438 \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0431\u043e\u043b\u044c\u0448\u0435, \u043d\u0435\u0436\u0435\u043b\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 30 \u0438\u044e\u043b\u044f 640. \n\n\u0412\u0435\u0434\u044c \u043e\u043a\u043e\u043b\u043e \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0435\u043b\u044c \u043d\u0430\u0437\u0430\u0434 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Citrix, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u043b\u044f \u0430\u0442\u0430\u043a CVE-2023-3519,\u00a0\u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u043e \u043e\u043a\u043e\u043b\u043e 15\u00a0000, \u0438 \u0441 \u0442\u0435\u0445 \u043f\u043e\u0440 \u0445\u043e\u0442\u044c \u0438 \u0443\u043f\u0430\u043b\u043e \u0434\u043e \u043c\u0435\u043d\u0435\u0435 10 000, \u043d\u043e \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0440\u043e\u0441\u0442\u043e\u0440 \u0434\u043b\u044f \u043c\u0430\u043d\u0435\u0432\u0440\u043e\u0432.\n\n\u041d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 18 \u0438\u044e\u043b\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Citrix \u0443\u0436\u0435 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0430\u0441\u044c \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Netscaler, \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u0430\u043a \u0448\u043b\u044e\u0437\u044b (\u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 VPN, \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 ICA, CVPN, \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 RDP) \u0438\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 (\u0441\u0435\u0440\u0432\u0435\u0440 AAA).\n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e CVE-2023-3519, Citrix \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438,\u00a0CVE-2023-3466 \u0438 CVE-2023-3467, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f XSS-\u0430\u0442\u0430\u043a \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0431\u0435\u0437 \u043f\u0440\u043e\u043c\u0435\u0434\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432 \u043d\u0435\u0434\u0430\u043b\u0435\u043a\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0431\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 REvil \u0438 DoppelPaymer, \u0443\u0436\u0435 \u043e\u0431\u0440\u0430\u0449\u0430\u043b\u0438\u0441\u044c \u043a \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c Citrix Netscaler ADC \u0438 Gateway \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439.", "creation_timestamp": "2023-08-03T13:19:37.000000Z"}, {"uuid": "6ff07a09-1c3c-4a48-91c8-4a88b98ec283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/true_secator/4635", "content": "Citrix \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 NetScaler Application Delivery Controller (ADC) \u0438 Gateway, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-3519, \u0438\u043c\u0435\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 9.8 \u043f\u043e CVSS \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0446\u0435\u043b\u044b\u0439 \u0440\u044f\u0434 \u0432\u0435\u0440\u0441\u0438\u0439 NetScaler ADC \u0438 NetScaler Gateway.\n\n\u0427\u0442\u043e\u0431\u044b \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u043e\u0433\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043e \u043a\u0430\u043a \u0448\u043b\u044e\u0437 (\u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 VPN, \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 ICA, CVPN, \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440 RDP) \u0438\u043b\u0438 \u043a\u0430\u043a \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (\u0442\u0430\u043a \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 AAA).\n\n\u041f\u043e\u043a\u0430 \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0435 \u0434\u0430\u043b\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 CVE-2023-3519, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Citrix \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0430 \"\u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445\".\n\n\u041d\u0430 \u043a\u0430\u043a\u0438\u0445 \u0438 \u0433\u0434\u0435 \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 CVE-2023-3519 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0435\u0449\u0435 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 CVE-2023-3466 \u0438 CVE-2023-3467 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 8,3 \u0438 8 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0412 \u043f\u0435\u0440\u0432\u0443\u044e \u043d\u0435\u0434\u0435\u043b\u044e \u0438\u044e\u043b\u044f \u043d\u0435\u043a\u0442\u043e \u0440\u0435\u043a\u043b\u0430\u043c\u0438\u0440\u043e\u0432\u0430\u043b \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u0444\u043e\u0440\u0443\u043c\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0434\u043b\u044f Citrix ADC.\n\n\u0414\u0435\u0442\u0430\u043b\u0435\u0439 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043c\u0430\u043b\u043e, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043b\u0438 \u044d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c \u043e\u0442 Citrix, \u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0432\u044b\u0432\u043e\u0434\u044b \u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0441\u0442\u043e\u0438\u0442.", "creation_timestamp": "2023-07-19T17:30:05.000000Z"}, {"uuid": "37192686-6d31-4228-bc90-1ae100fd0572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/cibsecurity/67016", "content": "\u203c CVE-2023-3519 \u203c\n\nUnauthenticated remote code execution\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T22:21:57.000000Z"}, {"uuid": "7faca6fe-dbfe-4f96-8240-76a6c93870e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/true_secator/4780", "content": "Sophos X-Ops \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u043a\u0430\u043a STAC4663 \u0438, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0441 \u0443\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 FIN8, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519 \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Citrix NetScaler \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0434\u043e\u043c\u0435\u043d\u0430.\n\nCVE-2023-3519 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 9,8, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Citrix NetScaler ADC \u0438 NetScaler Gateway, \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0430\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f 0-day \u0435\u0449\u0435 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0438\u044e\u043b\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u0412\u0435\u043d\u0434\u043e\u0440 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u0435 18 \u0438\u044e\u043b\u044f. \u041e\u0434\u043d\u0430\u043a\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 6 \u0438\u044e\u043b\u044f 2023 \u0433\u043e\u0434\u0430.\n\n2 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Shadowserver \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 640 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Citrix, \u0430 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u0441\u043f\u0443\u0441\u0442\u044f Fox-IT \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430 \u044d\u0442\u043e \u0447\u0438\u0441\u043b\u043e \u0434\u043e 1952.\n\n\u041a \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0431\u043e\u043b\u0435\u0435 31 000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Citrix NetScaler \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f CVE-2023-3519, \u0442\u043e \u0435\u0441\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u043b\u0430\u043d\u0435 \u0430\u0442\u0430\u043a.\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Sophos, \u043d\u043e\u0432\u0430\u044f \u0441\u0435\u0440\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0430 Citrix NetScaler \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0442\u043e\u0439 \u0436\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Fox-IT \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\nSophos \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0443 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u0441 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u044b \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0438 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 BlueVPS, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u043f\u0443\u0442\u0430\u043d\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 PowerShell \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u044b PHP \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b \u0436\u0435\u0440\u0442\u0432.\n\n\u0421\u0445\u043e\u0434\u0441\u0442\u0432\u043e \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0430\u0442\u0430\u043a\u043e\u0439, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 Sophos \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043b\u0435\u0442\u043e\u043c, \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u043e\u0432 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u044d\u0442\u0438 \u0434\u0432\u0435 \u0432\u043e\u043b\u043d\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u043c\u0435\u0436\u0434\u0443 \u0441\u043e\u0431\u043e\u0439.\n\n\u041f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 \u0445\u043e\u0434\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u0430\u044f \u0432 wuauclt.exe \u0438\u043b\u0438 wmiprvse.exe, \u0432\u0441\u0435 \u0435\u0449\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f.\u00a0\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0441\u0443\u0434\u044f \u043f\u043e \u043f\u0440\u043e\u0444\u0438\u043b\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, Sophos \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0447\u0430\u0441\u0442\u044c \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c ransomware BlackCat/ALPHV.\n\n\u0412\u044b\u0432\u043e\u0434\u044b \u043e \u0441\u0432\u044f\u0437\u0438 \u0441 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0434\u043e\u043c\u0435\u043d\u043e\u0432, plink, BlueVPS, \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u0445 PowerShell \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u043c \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 PuTTY.\n\n\u041d\u0430\u043a\u043e\u043d\u0435\u0446, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 IP-\u0430\u0434\u0440\u0435\u0441 C2 (45.66.248[.]189) \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u0432\u0442\u043e\u0440\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441 C2 (85.239.53[.]49), \u0447\u0442\u043e \u0438 \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\nSophos \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 IoC \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 GitHub \u0434\u043b\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0443\u0433\u0440\u043e\u0437\u044b, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 Citrix ADC \u0438 Gateway \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.", "creation_timestamp": "2023-08-29T15:53:12.000000Z"}, {"uuid": "a6bad0ae-0e3c-47ef-bbfe-8d2bb2b854c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35191", "type": "seen", "source": "https://t.me/ctinow/208008", "content": "https://ift.tt/kJPTLYQ\nCVE-2023-35191", "creation_timestamp": "2024-03-14T18:22:42.000000Z"}, {"uuid": "1f8f834f-e42b-4d38-980d-6a9862c191d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35191", "type": "seen", "source": "https://t.me/ctinow/208025", "content": "https://ift.tt/kJPTLYQ\nCVE-2023-35191", "creation_timestamp": "2024-03-14T18:26:57.000000Z"}, {"uuid": "7cbb07c7-b518-4aaf-aeae-3b1d6668ba96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/information_security_channel/50799", "content": "Credential Harvesting Campaign Targets Unpatched NetScaler Instances\nhttps://www.securityweek.com/credential-harvesting-campaign-targets-unpatched-netscaler-instances/\n\nThreat actors are targeting Citrix NetScaler instances unpatched against CVE-2023-3519 to steal user credentials.\nThe post Credential Harvesting Campaign Targets Unpatched NetScaler Instances (https://www.securityweek.com/credential-harvesting-campaign-targets-unpatched-netscaler-instances/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-09T17:52:39.000000Z"}, {"uuid": "6bf4eca0-cf70-4aae-8719-9ee6ee0a19c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/information_security_channel/50297", "content": "Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned\nhttps://www.securityweek.com/exploitation-of-new-citrix-zero-day-likely-to-increase-organizations-warned/\n\nCitrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks.\nThe post Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned (https://www.securityweek.com/exploitation-of-new-citrix-zero-day-likely-to-increase-organizations-warned/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-07-19T14:24:13.000000Z"}, {"uuid": "affdd020-120d-41f2-a188-5feffd25da88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/information_security_channel/50310", "content": "Citrix Zero-Day Exploited Against Critical Infrastructure Organization\nhttps://www.securityweek.com/citrix-zero-day-exploited-against-critical-infrastructure-organization/\n\nCISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.\nThe post Citrix Zero-Day Exploited Against Critical Infrastructure Organization (https://www.securityweek.com/citrix-zero-day-exploited-against-critical-infrastructure-organization/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-07-21T14:14:01.000000Z"}, {"uuid": "e72a0443-f144-4ed2-ac60-1b7b391b260e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/information_security_channel/50319", "content": "Over 20,000 Citrix Appliances Vulnerable to New Exploit\nhttps://www.securityweek.com/over-20000-citrix-appliances-vulnerable-to-new-exploit/\n\nOver 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519.\nThe post Over 20,000 Citrix Appliances Vulnerable to New Exploit (https://www.securityweek.com/over-20000-citrix-appliances-vulnerable-to-new-exploit/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-07-24T17:13:01.000000Z"}, {"uuid": "fabe58f0-5233-4c82-b816-12122f5ae568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/thehackernews/3984", "content": "\ud83d\udd12 Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks. \n \nPatch your systems ASAP! Read more: https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html", "creation_timestamp": "2023-10-10T10:50:33.000000Z"}, {"uuid": "6fee35fc-4316-4301-9a19-fa77d2c80e35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/information_security_channel/50459", "content": "2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability\nhttps://www.securityweek.com/2000-citrix-netscaler-instances-backdoored-via-recent-vulnerability/\n\nA threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor.\nThe post 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability (https://www.securityweek.com/2000-citrix-netscaler-instances-backdoored-via-recent-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-08-15T18:51:38.000000Z"}, {"uuid": "c4bd1c8d-5f3e-4386-b429-81cf23f0bf1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/thehackernews/3614", "content": "ALERT: Critical security flaw in Citrix NetScaler ADC and Gateway being actively exploited! CVE-2023-3519 allows unauthenticated remote code execution. \n \nRead: https://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html", "creation_timestamp": "2023-07-19T05:29:51.000000Z"}, {"uuid": "4ec6e2fa-0131-44c4-bbc9-88b2587126a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/thehackernews/3627", "content": "U.S. cybersecurity agency warns of a critical flaw (CVE-2023-3519) in Citrix NetScaler ADC and Gateway devices being exploited by hackers to drop web shells on vulnerable systems.  \n \nLearn more: https://thehackernews.com/2023/07/citrix-netscaler-adc-and-gateway.html", "creation_timestamp": "2023-07-21T07:49:19.000000Z"}, {"uuid": "74a8111c-c5ed-4630-83cc-234670e25b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/thehackernews/3799", "content": "\ud83d\udea8 Unpatched Citrix systems under attack! Unknown threat actors are exploiting a critical vulnerability (CVE-2023-3519) for #ransomware attacks. \n \nRead details: https://thehackernews.com/2023/08/citrix-netscaler-alert-ransomware.html", "creation_timestamp": "2023-08-29T11:23:51.000000Z"}, {"uuid": "69594a1d-d136-4e5d-a3ca-708355bd3f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/thehackernews/3692", "content": "\ud83d\udd12 Urgent Alert: Hundreds of Citrix NetScaler ADC and Gateway servers breached! Malicious actors exploit CVE-2023-3519 #vulnerability to deploy web shells. \n \nRead more about this threat: https://thehackernews.com/2023/08/hundreds-of-citrix-netscaler-adc-and.html", "creation_timestamp": "2023-08-03T16:26:24.000000Z"}, {"uuid": "48bcbc82-af91-4748-9c92-d98ab07866f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/xakep_ru/14382", "content": "0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Citrix ADC \u0438 Gateway \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Citrix \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2023-3519) \u0432 NetScaler ADC \u0438 NetScaler Gateway (\u0440\u0430\u043d\u0435\u0435 Citrix ADC \u0438 Gateway), \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u00ab\u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442\u00bb \u0431\u0435\u0437\u043e\u0442\u043b\u0430\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\nhttps://xakep.ru/2023/07/19/citrix-0day/", "creation_timestamp": "2023-07-19T17:20:46.000000Z"}, {"uuid": "ef3bbd38-4cb3-4253-8962-0e0b6091419f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/xakep_ru/14819", "content": "\u0421\u0432\u0435\u0436\u0438\u0439 \u0431\u0430\u0433 \u0432 Citrix NetScaler \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519 \u0432 \u0448\u043b\u044e\u0437\u0430\u0445 Citrix NetScaler, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0435\u0435 \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 JavaScript \u0438 \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\nhttps://xakep.ru/2023/10/10/cve-2023-3519-attacks/", "creation_timestamp": "2023-10-10T21:13:40.000000Z"}, {"uuid": "60e65d2a-847a-4374-903e-8195affd8d06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/xakep_ru/14468", "content": "\u0421\u043e\u0442\u043d\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0432\u0435\u0436\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Shadowserver Foundation \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u043a\u043e\u043b\u043e 640 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix Netscaler ADC \u0438 Gateway \u0443\u0436\u0435 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0431\u044d\u043a\u0434\u043e\u0440\u0430\u043c\u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\nhttps://xakep.ru/2023/08/04/citrix-under-attack/", "creation_timestamp": "2023-08-04T10:49:32.000000Z"}, {"uuid": "52b76a1a-85e6-4cd3-ba4e-8dd7285343f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/xakep_ru/14525", "content": "\u0411\u043e\u043b\u0435\u0435 2000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix NetScaler \u0437\u0430\u0440\u0430\u0437\u0438\u043b\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c\n\n\u0412 \u0445\u043e\u0434\u0435 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u043a\u043e\u043b\u043e 2000 \u0442\u044b\u0441\u044f\u0447 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Citrix NetScaler, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-3519. \u0411\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u043e\u0442 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u0435\u0432\u0440\u043e\u043f\u0435\u0439\u0441\u043a\u0438\u0435 \u0441\u0442\u0440\u0430\u043d\u044b.\n\nhttps://xakep.ru/2023/08/16/citrix-netscaler-attacks/", "creation_timestamp": "2023-08-16T10:40:51.000000Z"}, {"uuid": "913eb229-de63-4425-91e8-1165ffba1c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/777", "content": "https://www.lmboke.com/archives/lou-dong-su-di-cve-2023-3519rce-lou-dong--fu-poc.html\ncve-2023-3519", "creation_timestamp": "2023-07-27T15:09:19.000000Z"}, {"uuid": "ab847d16-ab8e-4adf-bd6f-cec9c534e18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7639", "content": "Finding and Exploiting Citrix NetScaler Buffer Overflow (CVE-2023-3519) (Part 3)\n\nhttps://blog.assetnote.io/2023/08/09/exploiting-citrix-netscaler-cve-2023-3519/", "creation_timestamp": "2023-08-10T12:27:05.000000Z"}, {"uuid": "c76db44e-e7f6-42fa-994a-accb2b68965d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/thebugbountyhunter/7551", "content": "Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway\n\nhttps://blog.assetnote.io/2023/07/21/citrix-CVE-2023-3519-analysis/", "creation_timestamp": "2023-07-21T12:27:02.000000Z"}, {"uuid": "0c04a10d-4153-4be2-a6d9-9951b2c62525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7567", "content": "Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)\n\nhttps://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/", "creation_timestamp": "2023-07-25T12:27:06.000000Z"}, {"uuid": "b562b035-2aa2-4b9e-8061-9cbe63e919dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/745", "content": "https://github.com/SalehLardhi/CVE-2023-3519\n#github", "creation_timestamp": "2023-07-23T08:04:18.000000Z"}, {"uuid": "54924039-491e-49ae-97ce-cb35611d6fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8855", "content": "#tools\n#Blue_Team_Techniques\nIndicators of Compromise Scanner for Citrix ADC Zero-Day (CVE-2023-3519)\nhttps://www.mandiant.com/resources/blog/citrix-adc-vulnerability-ioc-scanner", "creation_timestamp": "2023-08-16T13:07:27.000000Z"}, {"uuid": "7e96759f-092d-45cf-9fd0-6fd9247ab62f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8721", "content": "#Blue_Team_Techniques\nAccurately fingerprint/detect vulnerable (and patched) versions of Netscaler/Citrix ADC to CVE-2023-3519\nhttps://github.com/securekomodo/citrixInspector", "creation_timestamp": "2023-07-23T19:34:54.000000Z"}, {"uuid": "77f0b16f-e40a-43fa-bf6f-b6dacb51e514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/8729", "content": "#DFIR\n\"Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. Technical Details\".\n]-> https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a", "creation_timestamp": "2023-07-25T11:01:23.000000Z"}, {"uuid": "b15d9092-a6ff-49fd-811e-f573275c6a60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3519", "type": "seen", "source": "https://t.me/secmedia/1253", "content": "\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Citrix \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e \u0440\u0438\u0441\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f NetScaler Application Delivery Controller \u0438 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 SSL VPN \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Citrix Access Gateway. \u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-3519 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.", "creation_timestamp": "2023-07-20T15:22:25.000000Z"}]}