Security News

Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J Serna says the company is aware of a "Threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network, exfiltration of data, and attempts to escalate privileges to launch a ransomware attack."

Attackers are probing Citrix controllers and gateways through recently patched flawsSANS ISC's Dr. Johannes Ullrich spotted attackers attempting to exploit two of the Citrix vulnerabilities on his F5 BigIP honeypot. Exposing the privacy risks of home security camerasAn international study has used data from a major provider of home IP security cameras to evaluate potential privacy risks for users.

Hackers are apparently scanning the web for systems affected by the recently disclosed Citrix vulnerabilities, which the vendor suggested are less likely to be exploited. Citrix informed customers earlier this week that it has patched a total of 11 vulnerabilities affecting its ADC, Gateway, and SD-WAN WANOP networking products.

Earlier this week, Citrix released security updates for Citrix Application Delivery Controller, Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins to apply them as soon as possible to reduce risk. On Thursday SANS ISC's Dr. Johannes Ullrich spotted attackers attempting to exploit two of the Citrix vulnerabilities on his F5 BigIP honeypot.

This week Citrix tried to reassure everyone the 11 security flaws it just patched in its network perimeter products weren't all that bad. Well, we hope they're right because someone's scanning the internet looking for vulnerable installations. SANS dean of research Johannes Ullrich today said his honeypot, set up to detect exploitation attempts against bugs in F5's products, encountered attempts by someone to exploit a couple of the holes Citrix patched in its gear.

Citrix has issued patches for 11 CVE-listed security vulnerabilities in its various networking products. Affected gear includes the Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP. So far there have been no reports of any of the bugs being targeted in the wild, though Rob Joyce, former head of the NSA's Tailored Access Operations elite hacking team, urged admins to apply the patches - right after fixes emerged for vulns in F5 and Palo Alto networking gear, too.

Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller, Gateway, and SD-WAN WAN Optimization edition networking products. Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the gateway or the authentication virtual servers.

Upwork is teaming with Citrix Systems to power flexible work. Upwork announced the launch of the Upwork Talent Solution with Citrix Workspace, a unique offering designed to deliver a best-in-class secure remote infrastructure for companies to boost efficiency and productivity as the world increasingly adopts the benefits of remote, on-demand talent.

The company announced the availability of a new back-to-office solution built on Citrix Workspace that its customers and partners can use to safely transition employees back to offices, enhance their experience and wellbeing and enable them to efficiently adapt to the new world of work. "Citrix has been powering flexible and secure work models for more than 400,000 global organizations within our digital workspace for more than three decades, and we are uniquely positioned to help them adapt and get back to business while putting the safety and wellbeing of their employees first."

Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation's infosec advice agency says that while the attacker has gained access to some systems it has not conducted "Any disruptive or destructive activities within victim environments." Morrison said the attack has targeted government, key infrastructure and the private sector, and was sufficiently serious that he took the courteous-in-a-crisis, but not-compulsory step, of informing the leader of the opposition about the incident.