Tag: citrix
-
Die 10 häufigsten IT-Sicherheitsfehler
by
in SecurityNewsVon ungepatchten Sicherheitslücken bis hin zu unzureichenden Backups: Lesen Sie, wie sich die häufigsten IT-Sicherheitsfehler vermeiden lassen. Verschlüsselte Dateien und eine Textdatei mit einer Erpresser-Nachricht zeigen klar und deutlich: Ein Unternehmen ist einer Cyberattacke zum Opfer gefallen. Dabei ist das nur das Ende einer langen Angriffskette. Die Tätergruppe bewegt sich oft seit mehreren Wochen oder Monaten…
-
Unpatched Citrix NetScaler Devices Targeted by Ransomware Group FIN8
by
in SecurityNewsCitrix issued a patch for the critical remote code execution bug in July for its NetScaler devices. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/unpatched-citrix-devices-targeted-by-ransomware-group-fin8
-
Chinese APT Silk Typhoon exploits IT supply chain weaknesses for initial access
by
in SecurityNews
Tags: access, apt, attack, authentication, china, citrix, cloud, control, corporate, credentials, data, detection, email, exploit, firewall, github, government, group, hacker, identity, Internet, ivanti, least-privilege, microsoft, network, password, service, software, supply-chain, threat, update, vpn, vulnerability, zero-dayTwo-way lateral movement: Aside from abusing cloud assets and third-party services and software providers to gain access to local networks, the Silk Typhoon attackers are also proficient in jumping from on-premise environments into cloud environments. The group’s hackers regularly target Microsoft AADConnect (now Entra Connect) servers which are used to synchronize on-premise Active Directory deployments…
-
Black Basta ransomware leak sheds light on targets, tactics
by
in SecurityNewsVulnCheck found the ransomware gang targeted CVEs in popular enterprise products from Microsoft, Citrix, Cisco, Fortinet, Palo Alto Networks, Confluence Atlassian and more. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619641/Black-Basta-ransomware-leak-sheds-light-on-targets-tactics
-
Citrix addressed NetScaler console privilege escalation flaw
by
in SecurityNewsCitrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. The vulnerability is an improper privilege management that could allow attackers to escalate privileges…
-
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
by
in SecurityNewsCitrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions.The vulnerability, tracked as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0It has been described as a case of improper…
-
CISA, FBI call software with buffer overflow issues ‘unforgivable’
by
in SecurityNewsMicrosoft, VMWare, Ivanti flaws called out: The feds highlighted a list of buffer overflow bugs affecting leading vendors like Microsoft, Ivanti, VMWare, Citrix and RedHat, ranging from high to critical severity, and some already having in-the-wild exploits.The list included two Microsoft flaws that could allow, local attackers in container-based environments to gain system privileges (CVE-2025-21333),…
-
DOGE latest: Citrix supremo has ‘read-only’ access to US Treasury payment system
by
in SecurityNewsCEO of Cloud Software a ‘special government employee’ probing through IT for Elon Musk’s DOGE First seen on theregister.com Jump to article: www.theregister.com/2025/02/05/tom_krause_treasury_read_only_access/
-
Citrix Buys Unicon to Bolster Endpoint Security for Users, MSPs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/citrix-buys-unicon-to-bolster-endpoint-security-for-users-msps
-
Citrix Aims for Improved Endpoint Security with Unicorn Purchase
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/citrix-aims-for-improved-endpoint-security-with-unicorn-purchase
-
Improved endpoint security aimed by Citrix with Unicon purchase
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/improved-endpoint-security-aimed-by-citrix-with-unicon-purchase
-
Windows Patch Tuesday hits snag with Citrix software, workarounds published
Microsoft starts 2025 as it hopefully doesn’t mean to go on First seen on theregister.com Jump to article: www.theregister.com/2025/01/15/windows_patch_tuesday_citrix/
-
SEC rule confusion continues to put CISOs in a bind a year after a major revision
by
in SecurityNews
Tags: attack, breach, business, ciso, citrix, compliance, control, cyber, cyberattack, cybersecurity, data, government, incident, incident response, law, network, privacy, regulation, risk, security-incident, software, strategy, supply-chainConfusion around when and how to report cybersecurity breaches continues to plague companies a year after revised US Securities and Exchange Commission (SEC) cybersecurity breach reporting rules came into effect, experts say.As the agency that regulates and enforces federal US securities laws continues to flex its enforcement muscles against organizations that violate the strict rules,…
-
7 biggest cybersecurity stories of 2024
by
in SecurityNews
Tags: access, ai, alphv, at&t, attack, authentication, breach, business, china, cio, ciso, citrix, cloud, credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, detection, email, espionage, exploit, extortion, finance, google, government, group, hacking, healthcare, incident response, infection, insurance, intelligence, international, jobs, lockbit, malicious, malware, mandiant, mfa, microsoft, network, nis-2, north-korea, office, phishing, phone, privacy, ransomware, regulation, risk, risk-management, scam, service, software, strategy, tactics, technology, threat, ukraine, update, vulnerability, windowsCybersecurity headlines were plenty this year, with several breaches, attacks, and mishaps drawing worldwide attention.But a few incidents in particular had far-reaching consequences, with the potential to reshape industry protections, shake up how vendors secure customers’ systems, or drive security leaders to reassess their strategies.Longer-term trends such as increased cybersecurity regulations and the impact of…
-
Citrix acquisitions poised to enhance zero-trust security
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/citrix-acquisitions-poised-to-enhance-zero-trust-security
-
Citrix NetScaler devices targeted with password spraying attacks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/citrix-netscaler-devices-targeted-with-password-spraying-attacks
-
Citrix Warns of Password Spraying Attacks Targeting NetScaler Appliances
by
in SecurityNewsCitrix issues warning on password spraying attacks targeting NetScaler and NetScaler Gateway appliances deployed by organizations worldwide. The post Citrix Warns of Password Spraying Attacks Targeting NetScaler Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/citrix-warns-of-password-spraying-attacks-targeting-netscaler-appliances/
-
Angriffe auf Citrix Netscaler Gateway: Hersteller gibt Hinweise zum Schutz
by
in SecurityNewsSeit Dezember 2024 gibt es ja massiven Angriffswellen Citrix Netscaler Gateways. Ich hatte im Blog gewarnt und das BSI hat im Nachgang ebenfalls eine Warnung veröffentlicht. Nun hat Citrix reagiert, und gibt Tipps, wie sich Netscaler Gateways gegen die Angriffe … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/15/angriffe-auf-citrix-netscaler-gateway-hersteller-gibt-hinweise-zum-schutz/
-
Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances
by
in SecurityNewsCitrix has issued an advisory highlighting an increase in password spraying attacks aimed at NetScaler appliances worldwide. These attacks exploit authentication endpoints, causing significant operational disruptions for targeted organizations. Unlike... First seen on securityonline.info Jump to article: securityonline.info/citrix-alerts-on-global-password-spraying-campaigns-targeting-netscaler-appliances/
-
Citrix shares mitigations for ongoing Netscaler password spray attacks
by
in SecurityNewsCitrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/citrix-shares-mitigations-for-ongoing-netscaler-password-spray-attacks/
-
Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed
by
in SecurityNewsA significant increase in brute-force attacks targeting outdated and misconfigured Citrix NetScaler devices has been observed in Germany, prompting warnings from cybersecurity experts and organizations, including CERT Germany and the... First seen on securityonline.info Jump to article: securityonline.info/citrix-netscaler-under-siege-significant-increase-in-brute-force-attacks-observed/
-
NY Health Group Fined $550K in Unpatched Vulnerability Hack
by
in SecurityNewsAG Says HealthAlliance Tried But Failed to Fix Zero-Day Flaw That Led to Exploit. New York State has levied a $550,000 fine against a healthcare group that tried – but failed – to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data…
-
Security researchers find deep flaws in CVSS vulnerability scoring system
by
in SecurityNewsThe industrywide method for assessing the severity of vulnerabilities in software and hardware needs to be revised because it provides potential misleading severity assessment, delegates at Black Hat Europe were told Thursday.The Common Vulnerability Scoring System (CVSS) makes use of various metrics to quantify vulnerability severity. A presentation at Black Hat by cybersecurity experts from…
-
Citrix goes shopping in Europe and returns with gifts for security-conscious customers
by
in SecurityNews
Tags: citrixAcquires two companies that help those on the nice list keep naughty list types at bay First seen on theregister.com Jump to article: www.theregister.com/2024/12/12/citrix_acquires_devicetrust_strong_network/
-
Citrix NetScaler devices targeted in brute force campaign
by
in SecurityNews
Tags: citrixCitrix advised NetScaler customers to ensure that their devices are fully updated and properly configured to defend against the recent spike in brute force attacks. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617152/Citrix-NetScaler-devices-targeted-in-brute-force-campaign
-
Citrix Acquisitions Boost Zero-Trust Defense for Hybrid Work
by
in SecurityNewsdeviceTrust, Strong Network Acquisitions Improve Zero Trust, Developer Protections. Citrix enhances its security for hybrid work by acquiring deviceTrust and Strong Network. Purchasing these European startups boosts protection for VDI, DaaS and cloud development, empowering organizations to enforce zero-trust principles and reduce risks across their hybrid environments. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/citrix-acquisitions-boost-zero-trust-defense-for-hybrid-work-a-27019
-
BSI warnt nun auch vor massiver Angriffswelle auf Citrix Netscaler Gateways (Dez. 2024)
by
in SecurityNewsVor einigen Tagen hatte ich hier im Blog vor einer massiven Welle von Angriffsversuchen auf Citrix Netscaler Gateways im Einsatz seit ca. 5. Dez. 2024 gewarnt. Eine Leser haben das bestätigt, andere als “nichts neues” abgetan. Nun warnt auch das … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/10/bsi-warnt-nun-auch-vor-massiver-angriffswelle-auf-citrix-netscaler-gateways/
-
Massive Angriffswelle auf Citrix Netscaler Gateways (5.12.2024)?
by
in SecurityNews
Tags: citrixKurze Frage bzw. Information an die Leserschaft des Blogs, die Citrix Netscaler Gateways im Einsatz haben. Konntet ihr am gestrigen Abend eine massive Zunahme der Angriffsversuche auf diese Instanzen beobachten. Ein Blog-Leser hat mich gerade über eine entsprechende Beobachtung per … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/06/massive-angriffswelle-auf-citrix-netscaler-gateways-5-12-2024/