Updated on 2022-12-29 Thousands of Citrix servers still remain vulnerable to attacks due to two critical security flaws that received patches in recent months. The flaws can be abused to perform remote command execution. Updated on 2022-12-28: Thousands of Citrix Servers Remain Unpatched Within the past two months, Citrix has released updates to address two …
Updated on 2022-12-15: KEV update CISA has updated its KEV database with six new vulnerabilities that are currently being actively exploited. These include recently disclosed zero-days in Citrix, Fortinet, Windows, and iOS, but also two vulnerabilities patched earlier this year in Veeam backup solutions. Overview: Flaws in Veeam, Microsoft, Citrix, Fortinet, and Apple Added to …
Updated on 2022-12-19: Chinese hackers actively attacking flaw in Citrix gear The NSA said in an advisory this week that APT5, a China-based espionage group, is exploiting a new Citrix zero-day in the wild. The advisory was designed to burn China’s ongoing activity by calling it out — and Citrix releasing patches. Citrix was generally …
Updated on 2022-12-15: Citrix and Fortinet patch zero-days exploited in APT and ransomware campaigns Citrix and Fortinet, two of today’s largest providers of enterprise networking equipment, have released security updates to patch two zero-day vulnerabilities that were exploited in the wild against their devices. The Fortinet zero-day (CVE-2022-42475) is an unauthenticated RCE that impacts the …
90% of security leaders believe they’re falling short in addressing cyber risks, especially as complexity increases with the rapid onset of hybrid work and cloud architectures. Read this article to learn more about deploying simplified, multi-layered security with Citrix and Chrome OS.
