Citrix hasn’t quite finished releasing patches for all of its products which are vulnerable to the so-called Shitrix vulnerability that has been actively exploited by hackers in the last couple of weeks, but it’s good to see them do something for those businesses patiently waiting for a fix.
In a press release and blog post published today, Citrix announced that it had teamed up with security researchers at FireEye to produce a free forensic tool which can help provide “a rapid assessment of potential Indicators of Compromise based on known attacks and exploits.”
Of course, when patches do become available from Citrix (the company says they should all be out by January 27th) they should be applied at the earliest opportunity, and in the meantime businesses would be wise to apply the recommended mitigation steps.
The tool, which goes by the less-than-catchy but definitely technically accurate name of “Indicator of Compromise Scanner for CVE-2019-19781”, has been made available in the GitHub repositories of both Citrix and FireEye.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.