Skip to content

Cybersecurity Musings

Cybersecurity and everything else!

  • home
  • detection
  • lab
  • ir
topics
  • all
  • Detection 6
  • Network & Logging
  • Endpoint
  • Cloud
  • Incident Response 1
  • Identity & Hardening 2
  • Vuln Mgmt
  • Lab Notes 5
  • Office 365 1
  • logs 1

Category: Incident Response

Public CVE playbooks, email/malware triage, and post-incident process.

Citrix Bleed (CVE-2023-4966): Patch Is Not Enough — Kill the Sessions

Jan 9, 2024 Incident Response

Citrix Bleed — CVE-2023-4966 — is one of those bugs where the CVSS number under-sold how people were actually getting ransomed. Memory disclosure on NetScaler ADC / Gateway-style …

Continue reading →

Browse

  • Detection 6
  • Network & Logging 0
  • Endpoint 0
  • Cloud 0
  • Incident Response 1
  • Identity & Hardening 2
  • Vuln Mgmt 0
  • Lab Notes 5
  • Office 365 1
  • logs 1

Series of writeups from labs, detections, and hardening notes.

echo "© 2026 Cybersecurity Musings — lab notes & detection writeups" ~/ · rss