Citrix Archives - Page 2 of 2

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / October 10, 2020 / BIG-IP, CISA, Citrix, CVE-2018-13379, CVE-2019-11510, CVE-2019-19781, CVE-2020-1472, CVE-2020-15505, CVE-2020-2021, CVE-2020-5902, F5, FortiGuard, FortiOS, MobileIron, Netscaler, Palo Alto Networks, Pulse Secure, Zerologon

Advanced persistent threat actors (APTs) are exploiting multiple legacy vulnerabilities in combination with newer “Zerologon” to target government networks, critical infrastructure, and elections organizations.

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations Read More »

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / September 15, 2020 / BIG-IP, Citrix, CVE-2019-11510, CVE-2019-19781, CVE-2020-0688, CVE-2020-5902, DHS, Exchange, F5, Microsoft, MSS, Pulse Secure, VPN

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Chinese threat actors targeting U.S. government agencies and these 4 CVEs Read More »

Patch these 10 most commonly exploited vulnerabilities

Cybersecurity Articles, Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 20, 2020 / Apache, Citrix, CVE-2012-0158, CVE-2015-1641, CVE-2017-0143, CVE-2017-0199, CVE-2017-11882, CVE-2017-5638, CVE-2017-8759, CVE-2018-4878, CVE-2018-7600, CVE-2019-0604, CVE-2019-11510, CVE-2019-19781, Drupalgeddon2, Flash, Gafgyt, JexBoss, Kitty, LinkedIn, LokiBot, Mirai, Pulse Secure, ROKRAT, SMBGhost, Struts, Zyklon

U.S. government cybersecurity experts are providing guidance on the “top 10” most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.

Patch these 10 most commonly exploited vulnerabilities Read More »

APT41 launches broad cyber campaign with multiple exploits

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 1, 2020 / APT41, Citrix, CVE-2019-1652, CVE-2019-1653, CVE-2019-19781, CVE-2020-10189, RV320, RV325, Zoho

Researchers from FireEye have discovered Chinese cyber threat group APT41 carry out a broad cyber campaign between January 20 and March 11, 2020. The actors have attempted to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central products against 75 FireEye customers.

APT41 launches broad cyber campaign with multiple exploits Read More »

Citrix patches Critical vulnerability exploited in the wild (updated)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 25, 2020 / ADC, Citrix, CVE-2019-19781, Gateway, SD-WAN, Vulnerabilities, WANOP

Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.

Citrix patches Critical vulnerability exploited in the wild (updated) Read More »

Critical Citrix SD-WAN vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 13, 2019 / Citrix, SD-WAN

Security researchers have discovered critical vulnerabilities in Citrix SD-WAN appliance. Hackers could remotely exploit the vulnerabilities without authentication and gain root access.

Critical Citrix SD-WAN vulnerabilities Read More »

Citrix warns of data breach

Cybersecurity Attacks, Data Breach / Frank Crast / March 11, 2019 / Citrix, Data Breach, hacking, Iran, IRIDIUM

Citrix warned it was a victim of a cyberattack whereby hackers gained unauthorized access to large amounts of internal data. The company is actively cooperating with the FBI and have launched a forensics investigation into the breach.

Citrix warns of data breach Read More »

Citrix security updates for XenServer

Leave a Comment / Security Updates & Patches / Frank Crast / March 21, 2018 / Citrix, Vulnerabilities, XenServer

Citrix has released patches for Citrix XenServer that address several vulnerabilities. If exploited, an attacker or malicious administrator of a guest VM could crash or compromise certain XenServer hosts.

Citrix security updates for XenServer Read More »