Security News

Citrix this week announced that updates released for Citrix ShareFile storage zones controllers address several information disclosure vulnerabilities. With storage zones controllers, the ShareFile Software-as-a-Service cloud storage also offers private storage for ShareFile data, which is known as storage zones.

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform. The newly identified security issues specifically affect customer-managed on-premises Citrix ShareFile storage zone controllers, a component that stores corporate data behind the firewall.

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform. The newly identified security issues specifically affect customer-managed on-premises Citrix ShareFile storage zone controllers, a component that stores corporate data behind the firewall.

To help plug it, Citrix Systems has launched App Protection, which enables companies to protect apps and data on unmanaged endpoints and ensure their corporate systems and information remain safe. "Endpoints are the penultimate control point for the implementation of device, application, and data security. The rapid acceleration of remote work sparked by the COVID-19 pandemic and proliferation of unmanaged personal devices being used for business has created a special challenge, as decentralization is not the friend of security," said Frank Dickson, Program Vice President, Security & Trust, IDC. "And specialized and sophisticated tools are required to overcome it."

To help them adapt, Citrix Systems, has launched Remote Works, a new virtual series designed to share tips and best practices for staying engaged and productive while working from home. "Working from home is perhaps the biggest change in the way business is done that the world has ever seen and the speed with which it moved from an experiment to a requirement has many companies reeling," said Tim Minahan, Executive Vice President, Business Strategy and Chief Marketing Officer, Citrix.

Between Jan. 20 and March 11, researchers observed APT41 exploiting vulnerabilities in Citrix NetScaler/ADC, Cisco routers and Zoho ManageEngine Desktop Central as part of the widespread espionage campaign. Starting on Jan. 20, researchers observed the threat group attempting to exploit the notorious flaw in Citrix Application Delivery Controller and Citrix Gateway devices revealed as a zero-day then patched earlier this year.

A China-linked threat actor tracked as APT41 has targeted many organizations around the world by exploiting vulnerabilities in Citrix, Cisco and Zoho ManageEngine products, FireEye reported on Wednesday. "It's unclear if APT41 scanned the Internet and attempted exploitation en masse or selected a subset of specific organizations to target, but the victims appear to be more targeted in nature," FireEye said.

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The FBI told Citrix the hackers likely got in using a technique called "Password spraying," a relatively crude but remarkably effective attack that attempts to access a large number of employee accounts using just a handful of common passwords.

More than 80 percent of organizations impacted by CVE-2019-19781, a critical vulnerability in the Citrix Application Delivery Controller and Gateway, have already taken steps to secure their deployments. The security bug impacts multiple versions of Citrix ADC and Gateway, but Citrix has already released permanent patches for all of them, as attacks started to ramp up.

About one in five of the 80,000 companies affected by a critical bug in the Citrix Application Delivery Controller and Citrix Gateway are still at risk from a trivial attack on their internal operations. "The critical information about applications accessible by Citrix can be leaked," he explained.