Tag: citrix
-
Active exploitation of Citrix ADC and Gateway Critical Remote Code Execution Vulnerability by Suspected Chinese APT5 (CVE-2022-27518)
by
in SecurityNewsWritten by Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On December 13, 2022, The U.S. National Security Agency … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/12/15/advisory-active-exploitation-of-citrix-adc-and-gateway-critical-remote-code-execution-vulnerability-by-suspected-chinese-apt5/
-
Citrix ADC/Gateway Triple Threat
by
in SecurityNewsWritten by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary Citrix recently released a handful of vul… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/18/citrix-adc-gateway-triple-threat/
-
Angriffe auf Citrix-Sicherheitslücke beobachtet
by
in SecurityNewsIn der vergangenen Woche hat Citrix Sicherheitslücken im Session Recording geschlossen. Nun haben IT-Forscher Angriffe darauf beobachtet. First seen on heise.de Jump to article: www.heise.de/news/Angriffe-auf-Citrix-Sicherheitsluecke-beobachtet-10100614.html
-
Exploitation Attempts Target Citrix Session Recording Vulnerabilities
by
in SecurityNewsExploitation attempts seen for two recently patched Citrix Session Recording vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069. The post Exploitation Attempts Target Citrix Session Recording Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/exploitation-attempts-target-citrix-session-recording-vulnerabilities/
-
Citrix Virtual Apps Desktops Zero-Day Vulnerability Exploited in the Wild
by
in SecurityNewsA critical new vulnerability has been discovered in Citrix’s Virtual Apps and Desktops solution, which is widely used to facilitate secure remote access to desktop applications now exploited in the wild. The vulnerability, which remains unpatched, was detailed last week by Watchtowr Labs in a blog post . This flaw poses a significant threat, as…
-
Citrix Session Recording users warned of CVEs that allow hackers to gain control
by
in SecurityNewsSecurity researchers at watchTowr discovered the flaw and claim attackers can gain access without authentication, a finding which Citrix disputes. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/citrix-session-recording-cves-hackers/732794/
-
Zero-Days Win the Prize for Most Exploited Vulns
by
in SecurityNewsAmong the top exploited zero-day vulnerabilities were bugs found in systems from Citrix and Cisco. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/zero-days-wins-superlative-most-exploited-vulns
-
Citrix, watchTowr clash on new RCE-enabling Citrix Virtual Apps and Desktops flaws
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/citrix-watchtowr-clash-on-new-rce-enabling-citrix-virtual-apps-and-desktops-flaws
-
Citrix Patches Zero-Day Recording Manager Bugs
by
in SecurityNewsThere is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a good old unauthenticated RCE. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/citrix-patches-zero-day-recording-manager-bugs
-
Zero-days from top security vendors were most exploited CVEs in 2023
by
in SecurityNewsThe top five vulnerabilities exploited by attackers last were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/security-vendors-zero-days-top-cve-exploits/732814/
-
Citrix, Cisco, Fortinet Zero-Days Among 2023’s Most Exploited Vulnerabilities
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36592/Citrix-Cisco-Fortinet-Zero-Days-Among-2023s-Most-Exploited-Vulnerabilities.html
-
Citrix, Cisco, Fortinet Zero-Days Among 2023s Most Exploited Vulnerabilities
by
in SecurityNewsMost of the top frequently exploited vulnerabilities in 2023 were initially exploited as zero-days, according to data from government agencies. The post Citrix, Cisco, Fortinet Zero-Days Among 2023s Most Exploited Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/citrix-cisco-fortinet-zero-days-among-2023s-most-exploited-vulnerabilities/
-
Citrix schließt Sicherheitslücken in Netscaler ADC und Gateway und weitere
by
in SecurityNewsCitrix hat Sicherheitsupdates zum Ausbessern von Schwachstellen in Netscaler ADC, Gateway und Session Recording herausgegeben. First seen on heise.de Jump to article: www.heise.de/news/Citrix-stopft-Sicherheitslecks-in-Netscaler-ADC-und-Gateway-und-weitere-10029622.html
-
Citrix, Fortinet Patch High-Severity Vulnerabilities
by
in SecurityNewsCitrix and Fortinet have released patches for multiple vulnerabilities, including high-severity bugs in NetScaler and FortiOS. The post Citrix, Fortinet Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/citrix-fortinet-patch-high-severity-vulnerabilities/
-
Citrix stopft Sicherheitslecks in Netscaler ADC und Gateway und weitere
by
in SecurityNewsCitrix hat Sicherheitsupdates zum Ausbessern von Schwachstellen in Netscaler ADC, Gateway und Session Recording herausgegeben. First seen on heise.de Jump to article: www.heise.de/news/Citrix-stopft-Sicherheitslecks-in-Netscaler-ADC-und-Gateway-und-weitere-10029622.html
-
Citrix Issues Patches for Zero-Day Recording Manager Bugs
by
in SecurityNewsThere is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a good old unauthenticated RCE. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/citrix-patches-zero-day-recording-manager-bugs
-
Citrix ‘Recording Manager’ Zero-Day Bug Allows Unauthenticated RCE
by
in SecurityNewsThe security vulnerability is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/citrix-recording-manager-zero-day-bug-unauthenticated-rce
-
HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code
by
in SecurityNews‘Once again, we’ve lost a little more faith in the internet,’ researcher says First seen on theregister.com Jump to article: www.theregister.com/2024/11/12/http_citrix_vuln/
-
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
by
in SecurityNewsCybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE)The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream…
-
New Citrix Zero-Day Vulnerability Allows Remote Code Execution
by
in SecurityNewswatchTowr has found a flaw in Citrix’s Session Recording Manager that can be exploited to enable unauthenticated RCE against Citrix Virtual Apps and Desktops First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-citrix-zeroday-vulnerability/
-
Citrix Boosts Security for Remote Application Accesses With More Security Layers
by
in SecurityNewsConnections on the internet are not secure by default, and bad actors frequently take advantage of users accessing organizations’ applications and res… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/citrix-boosts-security-for-remote-application-accesses-with-more-security-layers/
-
Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing
by
in SecurityNewsIranian hackers are targeting critical infrastructure organizations with brute force tactics. This article explores their techniques, including MFA…… First seen on hackread.com Jump to article: hackread.com/iranian-hackers-target-microsoft-365-mfa-push-bombing/
-
Citrix Workspace App für Windows ermöglicht Rechteausweitung
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Citrix-Workspace-App-fuer-Windows-ermoeglicht-Rechteausweitung-9864320.html
-
Citrix Workspace App Vulnerable to Privilege Escalation Attacks
by
in SecurityNewsCitrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace app for Windows. These vulnerabilities,… First seen on gbhackers.com Jump to article: gbhackers.com/citrix-workspace-app-vulnerable/
-
New ManticoraLoader Malware Attacking Citrix Users To Steal Data
by
in SecurityNewsCyble Research & Intelligence Labs has recently found information about a new type of malware-as-a-service (MaaS) called ‘ManticoraLoader’ in some… First seen on gbhackers.com Jump to article: gbhackers.com/manticoraloader-malware-attacking-citrix-users/
-
Channel Brief: Arrow, Citrix Sign Distribution Agreement for Smaller Partners, Sumo Logic Teams With AWS on Cybersecurity
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/channel-brief-thursday-2
-
Citrix bringt Updates für NetScaler Console und Co. Updates schließen zahlreiche kritische Sicherheitslücken
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/citrix-sicherheitsluecken-updates-a-2e6dc64d21b230224a8ef5123440235e/
-
Citrix Warns of Critical NetScaler Console Flaw
by
in SecurityNewsFirst seen on duo.com Jump to article: duo.com/decipher/citrix-warns-of-critical-netscaler-console-flaw
-
Citrix stopft teils kritische Sicherheitslücken in mehreren Produkten
by
in SecurityNews
Tags: citrixFirst seen on heise.de Jump to article: www.heise.de/news/Citrix-stopft-teils-kritische-Sicherheitsluecken-in-mehreren-Produkten-9795655.html
-
Channel Brief: Cytactic Launches Cyberattack Readiness Platform, Parallels Offers Promo for Citrix Migration
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/channel-brief-cytactic-launches-cyberattack-readiness-platform