Security News
Leveraging cloud-delivered digital workspace and secure access solutions from Citrix Systems, Kaizen has created a modern security framework through which it can help itself - and its clients - deliver a simple, secure work experience that empowers employees to work when, where and how they want while keeping their information and devices safe. How is Kaizen delivering on this? By moving to the cloud and leveraging solutions from Citrix to secure all the tools, apps, content, and devices that employees need and prefer to use and deliver them in a simple experience that can be customized to fit their personal preferences and evolving work styles.
Research from Citrix Systems shows that more than 90 percent of employees prefer flexible work, and 82 percent of companies plan to embrace hybrid models to accommodate it and capitalize on the benefits it can drive. "In a remote work world, everyone appears in equal boxes on the screen and has the same access to information and opportunities to contribute to a project. As companies move toward hybrid models, they must maintain this consistent, inclusive and equal experience to ensure that no employee is at a disadvantage because of their work location and reap the improvements in effectiveness and productivity that more flexible work models can drive."
Ivanti announced it is teaming with Citrix to further empower service desk analysts and end users in the everywhere workplace with automation bots that proactively detect and resolve issues. Ivanti Neurons for IT Service Management now integrates with Citrix Workspace, resulting in reduced help desk ticket volumes, improved mean time to remediation, and optimal personalized end user experiences.
Citrix this week announced that it has patched a local privilege escalation vulnerability in the Citrix Workspace app for Windows. All supported versions of Citrix Workspace app for Windows are affected by the security hole.
Wipro Limited announced that it has strengthened its alliance with Citrix Systems and Hewlett Packard Enterprise. The partnership will provide enterprises a robust solution that will accelerate remote working and bring modernization into workspaces.
Vulnerabilities Citrix patched in Hypervisor this week could allow for code executed in a virtual machine to cause denial of service on the host. Tracked as CVE-2021-28038 and CVE-2021-28688, the newly addressed vulnerabilities could be abused to cause the host to crash or become unresponsive.
Citrix on Monday informed customers that it released firmware updates for its Application Delivery Controller and Gateway products to prevent threat actors from abusing the appliances to launch and amplify distributed denial-of-service attacks. Several people reported a few days before Christmas that they had started seeing DDoS attacks abusing their Citrix ADC and Gateway devices.
Citrix has released a feature enhancement designed to block attackers from using the Datagram Transport Layer Security feature of Citrix ADC and Gateway devices as an amplification vector in DDoS attacks. According to reports that have surfaced starting with December 21st, 2020, a DDOS attack used DTLS to amplify traffic from susceptible Citrix ADC devices dozens of times.
Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller devices that attackers are abusing to launch amplified distributed denial-of-service attacks against several targets. The desktop virtualization and networking service provider said it's monitoring the incident and is continuing to investigate its impact on Citrix ADC, adding "The attack is limited to a small number of customers around the world."
Citrix has confirmed today that an ongoing 'DDoS attack pattern' using DTLS as an amplification vector is affecting Citrix Application Delivery Controller networking appliances with EDT enabled. Reports of the attack have started trickling in on December 21st, with customers reporting an ongoing DDOS amplify attack over UDP/443 against Citrix Gateway devices.