Saturday, January 16, 2021
Primarius Group
No Result
View All Result
PG-Intel
Advertisement
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management
PG-Intel
No Result
View All Result

Citrix Updates ADC Products to Help Block DDoS Attacks

2 weeks ago
in Risk Management
0
Citrix Updates ADC Products to Help Block DDoS Attacks
Share on FacebookShare on TwitterShare on LinkedIn


DDoS Protection
,
Governance & Risk Management
,
IT Risk Management

Firm Says Enhancement Will Block Attackers From Abusing DTLS

Prajeet Nair (@prajeetspeaks) •
January 5, 2021    

Citrix Updates ADC Products to Help Block DDoS Attacks
(Photo: Citrix through Wikipedia/CC)

Citrix is urging clients to implement a newly supplied enhancement to its ADC and Gateway gadgets that’s designed to dam attackers from abusing the Datagram Transport Layer Safety, or DTLS, protocol to amplify distributed denial-of-service assaults.

In December, safety researchers warned attackers had began to abuse the protocol within the Citrix gadgets to amplify DDoS assaults (see: Citrix Warns Its ADC Products Are Being Used in DDoS Attacks).

See Additionally: The Ultimate Checklist for Identifying the Right Security Vendor

When the amplified DDoS assaults had been first disclosed, Citrix famous that these assaults affected a “restricted” variety of clients. And whereas there isn’t any recognized vulnerability at this level, the corporate continues to be engaged on a everlasting repair for its ADC and Gateway merchandise that will not be obtainable till later this month, in line with an organization alert.

The abuse of the Citrix ADC and Gateway merchandise to amplify DDoS assaults was first observed in December by impartial safety researchers in addition to Marco Hofmann, an IT administrator for the German software program agency ANAXCO GmbH. He discovered the assault focusing on port UDP:443, which is utilized by Citrix merchandise.

Different safety researchers additionally observed comparable patterns beginning round Dec. 21.

Enhancements

The safety challenge that the researchers discovered seems to have an effect on the DTLS protocol used with these Citrix merchandise. DTLS – a communication protocol primarily based on the Transport Layer Safety, or TLS, protocol – is designed to make sure that functions can talk with each other with out third events eavesdropping on these communications or intercepting messages.

Usually, DTLS makes use of the Consumer Datagram Protocol, and menace actors are recognized to make use of this to spoof the IP packet datagram deal with, which might then rapidly overwhelm the community with junk web site visitors and amplify a DDoS assault, in line with a warning beforehand issued by the Cybersecurity and Infrastructure Security Agency.

The Citrix enhancements provides a “HelloVerifyRequest” setting in every profile that ought to block attackers from abusing the protocol, in line with the corporate alert.

Citrix clients that do not use the DTLS protocol will not be in danger. So they don’t must allow the enhancement or they’ll disable DTLS, which additionally stops the amplification assaults, in line with the alert.

The enhancement is now obtainable for these Citrix merchandise:

  • Citrix ADC and Citrix Gateway 13.0-71.44 and later releases;
  • NetScaler ADC and NetScaler Gateway 12.1-60.19 and later releases;
  • NetScaler ADC and NetScaler Gateway 11.1-65.16 and later releases.

Citrix recommends that clients who imagine they’ve been affected by these amplified DDoS assaults examine their merchandise for uncommon site visitors patterns.

“To find out if a Citrix ADC or Citrix Gateway is being focused by this assault, monitor the outbound site visitors quantity for any vital anomaly or spikes,” Citrix says.

DDoS Amplification

Authorities companies and safety researchers have warned during the last six months that DDoS assaults have gotten extra highly effective as a result of amplification methods.

In July, the FBI warned that it had seen a gradual improve within the variety of DDoS assaults affecting U.S. organizations (see: FBI Alert Warns of Increase in Disruptive DDoS Attacks).

The FBI warned menace actors had been trying to make use of built-in community protocols, that are designed to scale back overhead and operational prices, to conduct bigger and extra damaging DDoS assaults. This method helps amplify the assault with out utilizing as many assets however can even create a way more disruptive cyberthreat.

CISA additionally issued a warning about DDoS assaults in September in response to an incident in August by which the New Zealand Inventory Change was disrupted by a DDoS assault that stopped buying and selling for a number of days (see: CISA Warns of Increased DDoS Attacks ).



ShareTweetShare

Related Posts

Hacker Blows Chance at Early Release By Hacking More
Risk Management

Hacker Blows Chance at Early Release By Hacking More

January 16, 2021
Joker’s Stash Reportedly Shutting Down Operations
Risk Management

Joker’s Stash Reportedly Shutting Down Operations

January 16, 2021
Iranian APT Group Revived Phishing Activities Over Holidays
Risk Management

Iranian APT Group Revived Phishing Activities Over Holidays

January 16, 2021
Magecart Groups Hide Behind ‘Bulletproof’ Hosting Service
Risk Management

Magecart Groups Hide Behind ‘Bulletproof’ Hosting Service

January 16, 2021
Biden Inauguration: Defending Against Cyberthreats
Risk Management

Biden Inauguration: Defending Against Cyberthreats

January 15, 2021
Capitol Riot Suspects Identify Themselves
Risk Management

Capitol Riot Suspects Identify Themselves

January 15, 2021
Next Post
Chinese PLA Navy Develops New Submarine Escape Immersion Equipment

Chinese PLA Navy Develops New Submarine Escape Immersion Equipment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Updates

Army showcased intent to use ‘drone swarms’ in offensive operations in future – Indian Defence Research Wing

Army showcased intent to use ‘drone swarms’ in offensive operations in future – Indian Defence Research Wing

18 mins ago
Troops at Inauguration Pre-Screened for Extremism, Says DC Guard Commander

Troops at Inauguration Pre-Screened for Extremism, Says DC Guard Commander

50 mins ago
Hacker Blows Chance at Early Release By Hacking More

Hacker Blows Chance at Early Release By Hacking More

60 mins ago
French forces get new batch of micro-drones for recon missions

French forces get new batch of micro-drones for recon missions

1 hour ago
Joker’s Stash Reportedly Shutting Down Operations

Joker’s Stash Reportedly Shutting Down Operations

2 hours ago
Theodore Roosevelt Carrier Strike Group Conducts Bilateral Exercise with JMSDF

Theodore Roosevelt Carrier Strike Group Conducts Bilateral Exercise with JMSDF

2 hours ago
Doval’s Playground | Pak Media

Was Indian NSA Kabul Visit Meant To Undermine Peace? Pak Media

3 hours ago
IAF says Astra officially inducted, Next in Mirage-2000, Tejas and MiG-29 fleet – Indian Defence Research Wing

IAF says Astra officially inducted, Next in Mirage-2000, Tejas and MiG-29 fleet – Indian Defence Research Wing

3 hours ago
Load More
PG-Intel

© 2020 All Rights Reserved .

Brought to you by Primarius Group

  • Disclaimer
  • Privacy Policy
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Follow Us

No Result
View All Result
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management

© 2020 All Rights Reserved .