Security News > 2022 > December > Week in review: Citrix and Fortinet RCEs, Microsoft fixes exploited zero-day

State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP!An unauthenticated remote code execution flaw is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller deployments, the US National Security Agency has warned.

Microsoft fixes exploited zero-day, revokes certificate used to sign malicious driversIt's December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw exploited by attackers to deliver a variety of malware.

Security measures to protect Kubernetes workloadsIn this Help Net Security video, Deepak Goel, CTO of D2iQ, provides insight into which security measures can help organizations that use Kubernetes better protect their workloads - and the implications of what can happen if they don't.

Security is no longer an internal affair67% of respondents to a recent survey indicated their company had lost a business deal due to the customer's lack of confidence in their security strategy.

How companies can avoid costly data breachesIn this Help Net Security video, Balaji Ganesan, CEO at Privacera, talks about how organizations are moving to a zero-trust framework and beyond, meaning they have security frameworks that span from perimeter apps to their data at a granular level.

Lack of key domain security measures leaves organizations at riskIn this Help Net Security video, Ihab Shraim, CTO at CSC, talks about how 75% of the Forbes Global 2000 are exposing themselves to significant enterprise risks as third parties maliciously register their brands, and they fail to implement key domain security measures.

News URL

https://www.helpnetsecurity.com/2022/12/18/week-in-review-citrix-and-fortinet-rces-microsoft-fixes-exploited-zero-day/