Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

What are they looking for? Scans for OpenID Connect Configuration (Update: CitrixBleed), (Tue, Dec 19th)

published on 2023-12-19 18:32:21 UTC by
Content:
Update: Thanks to our reader Dustin Decker for pointing out that these scans are likely looking for Citrix devices. The recent "CitrixBleed" vulnerability is exploited using the OpenID connect URL (%%cve:2023-4966%%, %%cve:2023-4967%%). An attack would also include an oversized Host header in a request to the OpenID URL. The scans I have observed do not appear to include this oversized Host header. Looks like they are just looking for possible targets to exploit later.
Article: What are they looking for? Scans for OpenID Connect Configuration (Update: CitrixBleed), (Tue, Dec 19th) - published 11 months ago.

https://isc.sans.edu/diary/rss/30498   
Published: 2023 12 19 18:32:21
Received: 2023 12 19 19:15:38
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 1

Custom HTML Block

Click to Open Code Editor