WASHINGTON—Several government and private organizations said they are working together in response to the latest ransomware incident.
Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) said it has joined with the Securities Industry and Financial Markets Association (SIFMA) and the Financial Sector Information Sharing and Analysis Center (FS-ISAC) and other regulatory agencies to respond to a ransomware incident targeting a financial institution.
OCCIP said it is encouraging all financial services providers to review the relevant alerts and to take proper mitigation actions to ensure they are prepared to address the challenges posed by these threats.
Three Vulnerabilities
OCCIP noted Treasury said the ransomware attack appears to stem from three previously flagged threats and/or vulnerabilities:
- Lockbit 3.0 ransomware
- The “Citrix Bleed” Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)
- Denial of Service in NetScaler ADC and NetScaler Gateway (CVE-2023-4967)
Ongoing Assessment
According to OCCIP, the two Citrix vulnerabilities are still being assessed by incident response teams and will take several days to confirm but are worth noting based on current information available to the Treasury.
The Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a joint Cybersecurity Advisory that similarly highlighted the threat posed by Lockbit 3.0 in March.
CISA noted it also released products examining the “Citrix Bleed” vulnerability, including guidance alerting the public to active, targeted exploitation of a vulnerability (CVE-2023-4966) affecting Citrix NetScaler ADC and NetScaler Gateway.
The affected products contain a buffer overflow vulnerability that allows for sensitive information disclosure, according to OCCIP.
As Winter Approaches, the Price for the Best Daily News Update in Credit Remains a Nice, Cozy Free!
The biggest, best and freshest news reporting in credit unions remains free! Each morning CUToday.info delivers its daily Fresh Today news update offering the latest headlines and breaking news right to your email, with the easy-to-read headlines format allowing you to click on the stories that interest you most in order to learn more. So stop paying those bank-fee-like subscription prices from other so-called “news” publications!
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties, and we will not be contacting you to sell you an extended warranty or sending you any links so you may cash in on an inheritance you didn’t know was coming.
And did we mention it’s free?