CyberSecurity News
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
AI summary
Threat actors linked to the Anubis ransomware operation are exploiting the Citrix Bleed 2 vulnerability to gain initial access. These actors are using various tactics, but common patterns have emerged, including the use of legitimate Remote Management and Monitoring tooling and credential access. Hands-on-keyboard procedures are also being used for lateral movement. The exploitation of Citrix Bleed 2 is part of a broader set of techniques that include Bring Your Own Vulnerable Driver (BYOVD) and the use of supply chain credentials.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

