Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
cyberplace.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Cybersecurity, fandom, video games, technology, dog photos and most importantly, you.

Administered by:

Server stats:

939
active users

cyberplace.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Kevin Beaumont

Quick update on - tracking just over 20k exploited Netscaler servers so far today, where session tokens have been stolen.

How? Have a honeypot running to gather data on attackers, then compare with Netflow via industry friends. Two TCP connections (first large) plus Shodan cross reference to validate Netscaler victim.

Also it turns out in March of this year somebody documented how to replay the session token to bypass MFA/login: vulnerability-db.com/?q=articl

www.vulnerability-db.comCitrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability | Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research
Oct 28, 2023, 04:30 PM·Public
14boosts·22favorites
ExploreLive feeds
About