Corporate ADMINs should be vigilant for new attacks for any Citrix based applications hosted, using previously shared workarounds & preliminary patching by Microsoft. This is one of most serious vulnerabilities for Citrix in years

I am summarizing the current state of attacks exploiting the Citrix ADC vulnerability (CVE-2019-19781). During this time, we registered more than 550,000 attack attempts to our honeypots. The highest volume was registered on Jan 12, just two days after the first exploit: 290,000 attack attempts, generated by 532 IP addresses located in 42 countries. Regarding the payloads used by the attackers, we observed 141 variants. Given the command issued on the victim’s machine, we could infer that most of them are part of automated attacks to download and execute scripts