governa, to Citrix
@governa@fosstodon.org avatar

warns admins to manually mitigate SSH client bug

https://www.bleepingcomputer.com/news/security/citrix-warns-admins-to-manually-mitigate-putty-ssh-client-bug/

geekymalcolm, to Citrix
@geekymalcolm@ioc.exchange avatar

Releases Security Updates for XenServer and Citrix Hypervisor

https://www.cisa.gov/news-events/alerts/2024/04/12/citrix-releases-security-updates-xenserver-and-citrix-hypervisor

jbzfn, to Citrix
@jbzfn@mastodon.social avatar

⚠️ CSG is failing to honor its GPL obligations, say critics - The Register

「 Cloud Software Group – the post-merger offspring of Citrix and Tibco – has decided to withdraw the community edition of its JasperReports Server. Now all you can get is the commercial edition, with a 30-day free trial 」

https://www.theregister.com/2024/03/21/csg_fails_to_honor_agpl/

governa, to Citrix
@governa@fosstodon.org avatar

, software impacted by 2024 leap year bugs

https://www.bleepingcomputer.com/news/software/citrix-sophos-software-impacted-by-2024-leap-year-bugs/

governa, to Citrix
@governa@fosstodon.org avatar

cyberpanda, to Citrix German

This meme is proper bang on relatable, innit?

Time for a bit of a laugh! 🫣🤣

simontsui, to Citrix

Citrix Hypervisor Security Bulletin for CVE-2023-46838. "An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to cause the host to crash or become unresponsive." We have released a hotfix (NOTE: NOT A PROPER PATCH) to address this issue.
🔗 https://support.citrix.com/article/CTX587605/citrix-hypervisor-security-bulletin-for-cve202346838

rfwaveio, to Cybersecurity
@rfwaveio@mstdn.ca avatar

Citrix is warning of active exploitation of two zero-day vulnerabilities in its Netscaler ADC and Gateway appliances. The vulnerabilities are tracked as CVE-2023-6548 and CVE-2023-6549, and when exploited, can lead to remote code execution and denial of service. Administrators are advised to not expose management interface to the Internet, and patch ASAP.

https://www.bleepingcomputer.com/news/security/citrix-warns-of-new-netscaler-zero-days-exploited-in-attacks/

br00t4c, to Citrix
@br00t4c@mastodon.social avatar

Two more Citrix NetScaler bugs exploited in the wild

https://go.theregister.com/feed/www.theregister.com/2024/01/18/citrix_netscaler_bugs_attacked/

simontsui, to chrome

CISA Adds Three Known Exploited Vulnerabilities to Catalog:

  • CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
  • CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
  • CVE-2024-0519 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability

🔗 https://www.cisa.gov/news-events/alerts/2024/01/17/cisa-adds-three-known-exploited-vulnerabilities-catalog

simontsui,

CISA buries the lede in their cybersecurity alert about Citrix NetScaler ADC and NetScaler Gateway, by not mentioning that CVE-2023-6548 and CVE-2023-6549 are exploited zero-days. See the KEV Catalog announcement that this toot is a reply to.
🔗 https://www.cisa.gov/news-events/alerts/2024/01/18/citrix-releases-security-updates-netscaler-adc-and-netscaler-gateway
"Exploits of these CVEs on unmitigated appliances have been observed."

governa, to Citrix
@governa@fosstodon.org avatar

, , and Hit with Critical Flaws — Patch ASAP! ⚠️

https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html

governa, to Citrix
@governa@fosstodon.org avatar

warns of new zero-days exploited in attacks

https://www.bleepingcomputer.com/news/security/citrix-warns-of-new-netscaler-zero-days-exploited-in-attacks/

simontsui, to Citrix

Citrix security advisory contains two zero-days: Two vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway):

  • CVE-2023-6548 (5.5 medium) Authenticated (low privileged) remote code execution on Management Interface
  • CVE-2023-6549 (8.2 high) Denial of Service

"Exploits of these CVEs on unmitigated appliances have been observed."
🔗 https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549

majorlinux, to Citrix
@majorlinux@toot.majorshouse.com avatar

Like I always say, update yo stuff!

Comcast held a virtual door open for thieves to steal data - Desk Chair Analysts

https://dcanalysts.net/comcast-held-a-virtual-door-open-for-thieves-to-steal-data/

Some_Emo_Chick, to Citrix
@Some_Emo_Chick@mastodon.social avatar

waited 13 days to patch critical Bleed 0-day. Now it’s paying the price

Data for almost 36 million customers now in the hands of unknown hackers.

https://arstechnica.com/security/2023/12/hack-of-unpatched-comcast-servers-results-in-stolen-personal-data-including-passwords/

br00t4c, to Citrix
@br00t4c@mastodon.social avatar

Xfinity waited 13 days to patch critical Citrix Bleed 0-day. Now it's paying the price

https://arstechnica.com/?p=1992160

necrosis, to Citrix German
@necrosis@chaos.social avatar

Huch. Was ist mit Workspace passiert?

Es läuft out of the box unter 😲

simontsui, to Citrix

CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory : LockBit Ransomware Affiliates Exploit CVE-2023-4966 Citrix Bleed Vulnerability (along with an accompanying analysis report MAR-10478915-1.v1 Citrix Bleed), in response to LockBit 3.0 ransomware affiliates and multiple threat actor groups exploiting CVE-2023-4966. Labeled Citrix Bleed, the vulnerability affects Citrix’s NetScaler web application delivery control (ADC) and NetScaler Gateway appliances.
Link: https://www.cisa.gov/news-events/alerts/2023/11/21/cisa-fbi-ms-isac-and-asds-acsc-release-advisory-lockbit-affiliates-exploiting-citrix-bleed

citrixbleed

geekymalcolm, to Citrix
@geekymalcolm@ioc.exchange avatar

Releases Security Updates for

https://www.cisa.gov/news-events/alerts/2023/11/16/citrix-releases-security-updates-citrix-hypervisor-0

br00t4c, to australia
@br00t4c@mastodon.social avatar

Australia declares 'nationally significant cyber incident' after port attack

https://go.theregister.com/feed/www.theregister.com/2023/11/13/asia_tech_news_roundup/

johnleonard, to Citrix
@johnleonard@mastodon.social avatar

China's largest commercial bank hit by ransomware

ICBC confirms an attack that halted some trades

https://www.computing.co.uk/news/4145029/chinas-largest-commercial-bank-hit-ransomware

msh, to Citrix
@msh@coales.co avatar

So why does or any of its products even exist anymore?

It's all been pointless trash for many years now

One of life's biggest mysteries

philpem, to Citrix
@philpem@digipres.club avatar

experts ... what versions of Metaframe can ICA Client 3.0 connect to?

br00t4c, to Citrix
@br00t4c@mastodon.social avatar

'Mass exploitation' of Citrix Bleed underway as ransomware crews pile in

https://go.theregister.com/feed/www.theregister.com/2023/10/31/mass_exploitation_citrix_bleed/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • InstantRegret
  • magazineikmin
  • thenastyranch
  • modclub
  • everett
  • rosin
  • Youngstown
  • slotface
  • ethstaker
  • mdbf
  • kavyap
  • osvaldo12
  • DreamBathrooms
  • anitta
  • Durango
  • ngwrru68w68
  • tester
  • khanakhh
  • love
  • tacticalgear
  • cubers
  • GTA5RPClips
  • Leos
  • normalnudes
  • provamag3
  • cisconetworking
  • JUstTest
  • All magazines
    •