Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 33 – 2023

Publication date

18.08.2023

Featured Story

Thousands of Citrix ADC and Gateways Still Backdoored Despite Patching

Nearly 1,900 Citrix NetScaler ADC and Gateway devices remain compromised after attackers exploited CVE-2023-3519 to install persistent web shells, even after administrators patched the vulnerability. Fox-IT and Mandiant recommend checking systems retroactively for signs of compromise using their IoC Scanner script.

SOC Analysis:
Patching does not retroactively remove implants. Organizations should:
  • Run Mandiant’s scanner to detect backdoors
  • Audit NetScaler logs for suspicious behavior
  • Reset credentials and review admin access

Need support? Our SOC team is here to help assess and contain exposure.

Other Stories

Cyber Alert: Global Campaign Targets LinkedIn Accounts

LinkedIn users are facing a surge in account takeovers via brute-force and credential stuffing. Attackers are locking victims out by changing recovery emails and demanding ransom for access restoration.

SOC Analysis:
Secure your LinkedIn account:
  • Use a strong, unique password
  • Enable MFA
  • Regularly verify recovery email address

Our SOC can assist with digital hygiene training and breach monitoring.

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

Aqua Nautilus discovered vulnerabilities in PowerShell Gallery that enable typosquatting, metadata spoofing, and exposure of unlisted packages—posing a risk for supply chain attacks.

SOC Analysis:
We recommend:
  • Enforcing signed PowerShell module policies
  • Using trusted private repositories
  • Implementing monitoring of script sources and downloads

Contact us to assess your PowerShell and cloud automation hygiene.

New QwixxRAT Trojan Spreads Through Messaging Apps

QwixxRAT, a new Remote Access Trojan, is distributed through Telegram and Discord. Once installed, it exfiltrates browser data, credentials, and payment info, and performs keylogging. It communicates with attackers via Telegram bots to evade detection.

SOC Analysis:
Mitigate threats like QwixxRAT:
  • Deploy EDR with behavioral detection
  • Restrict app installations and enforce app allow-listing
  • Educate users on avoiding untrusted

OTHER STORIES

Weekly Digest Week 11 – 2025

Weekly Digest Week 10 – 2025

Weekly Digest Week 8 – 2025

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?

info@approach-cyber.com

Facebook-f Linkedin-in Youtube

Our certifications & labels

Facebook-f Linkedin-in Youtube