CISA has given a timeframe of one to three weeks to fix three vulnerabilities related to Citrix NetScaler and Google Chrome. These zero-day vulnerabilities were actively used in cyber attacks. 2 Citrix RCEs Exploited In The Wild, CISA Urges to Update Wednesday, January 17, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert regarding… Continue reading 2 Citrix RCE Under Active Exploitation, CISA Notifies
Tag: Citrix
Comcast’s Xfinity Breach Exposes Data of 35.8 Million Users
Comcast confirms a massive security breach impacting its Xfinity division. Nearly 36 million customers of the world’s largest telecom provider were exposed as the result of CitrixBleed exploitation. The Breach details and impact on customers The CitrixBleed vulnerability, which resides in widely used Citrix networking devices, has been under mass-exploitation by hackers since at least… Continue reading Comcast’s Xfinity Breach Exposes Data of 35.8 Million Users
Mr. Cooper’s Data Breach Affects Millions
Hackers have infiltrated the secure databases of Mr. Cooper, a prominent mortgage and loan company, resulting in a massive data breach. Over 14.6 million customers have been affected, making it one of the most significant breaches in recent times. Mr.Cooper’s Hacked, Huge Amounts of Data Exposed Hackers have breached Mr. Cooper’s databases, impacting 14.6 million… Continue reading Mr. Cooper’s Data Breach Affects Millions
Citrix and Adobe Vulnerabilities Under Active Exploitation
Citrix was able to patch a zero-day vulnerability, while Adobe warns of attacks using ColdFusion Zero-Day and releases an urgent update that nearly fixes the issue. Nonetheless, the story is still not over, as these vulnerabilities are still exploited. Citrix and Adobe Patch 0-day Vulnerabilities Simultaneously, products of two companies were hit with critical vulnerabilities… Continue reading Citrix and Adobe Vulnerabilities Under Active Exploitation
Attackers hacked the US Census Bureau using Citrix exploit
The Office of the Inspector General (OIG) reported that unknown attackers hacked the servers of the US Census Bureau on January 11, 2020. To do this, a zero-day Citrix ADC vulnerability and a public exploit were used, and the Bureau was unaware of the breach until January 28, 2020. Census Bureau officials said the compromised… Continue reading Attackers hacked the US Census Bureau using Citrix exploit
DTLS can amplify DDoS by 37 times
Netscout warns that using of the DTLS vector allows hackers to amplify DDoS attacks by 37 times. The researchers found that criminals are using a relatively new vector for amplifying DDoS attacks: the Datagram Transport Layer Security (DTLS) protocol, which provides connection security for protocols using datagrams. DTLS, like other UDP-based protocols, is susceptible to… Continue reading DTLS can amplify DDoS by 37 times
Chinese hackers attack US organizations and exploit bugs in F5, Citrix and Microsoft Exchange
The Department of Homeland Security (DHS CISA) Cybersecurity and Infrastructure Protection Agency (DHS CISA) has published security guidelines for the private sector and government agencies. CISA said that Chinese hackers associated with the Ministry of State Security of the Republic of China are attacking organizations in the United States and exploit bugs in F5, Citrix,… Continue reading Chinese hackers attack US organizations and exploit bugs in F5, Citrix and Microsoft Exchange
Citrix expects attacks on fresh issues in XenMobile
Citrix engineers released a number of Citrix Endpoint Management patches this week. Citrix expects attacks on XenMobile Server corporate mobile device management systems. These issues give an attacker the ability to gain administrative privileges on vulnerable systems. The severity of the encountered issues, which received CVE IDs CVE-2020-8208, CVE-2020-8209, CVE-2020-8210, CVE-2020-8211, and CVE-2020-8212, differs depending… Continue reading Citrix expects attacks on fresh issues in XenMobile
Dangerous vulnerability in Citrix software is still not resolved in 20% of companies
A month after the publication of information about a dangerous vulnerability in Citrix software that threatened 80 thousand companies in 158 countries, one fifth of companies still did not take measures to eliminate the vulnerability. This can be concluded from the threat intelligence monitoring, conducted by Positive Technologies employees. The critical vulnerability CVE-2019-19781 in Citrix… Continue reading Dangerous vulnerability in Citrix software is still not resolved in 20% of companies
Citrix releases new patches, racing with the hackers that install encryptors on vulnerable machines
Destructive race: Citrix releases new patches, and hackers are actively attacking vulnerable servers and installing encryption engines on them. It seems that users are losing. At the beginning of this year was discovered CVE-2019-19781 vulnerability, which affects a number of versions of Citrix Application Delivery Controller (ADC), Citrix Gateway, as well as two old versions… Continue reading Citrix releases new patches, racing with the hackers that install encryptors on vulnerable machines