A free tool for detecting Shitrix-related compromises on your business network

Citrix hasn’t quite finished releasing patches for all of its products which are vulnerable to the so-called Shitrix vulnerability that has been actively exploited by hackers in the last couple of weeks, but it’s good to see them do something for those businesses patiently waiting for a fix.

In a press release and blog post published today, Citrix announced that it had teamed up with security researchers at FireEye to produce a free forensic tool which can help provide “a rapid assessment of potential Indicators of Compromise based on known attacks and exploits.”

Of course, when patches do become available from Citrix (the company says they should all be out by January 27th) they should be applied at the earliest opportunity, and in the meantime businesses would be wise to apply the recommended mitigation steps.

The tool, which goes by the less-than-catchy but definitely technically accurate name of “Indicator of Compromise Scanner for CVE-2019-19781”, has been made available in the GitHub repositories of both Citrix and FireEye.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.