“This isn’t really a bug in the BinaryFormatter itself, nor a bug in MSMQ,” said watchTowr, “but rather the unfortunate consequence of Citrix relying on the documented-to-be-insecure BinaryFormatter to maintain a security boundary…. Article Source https://www.csoonline.com/article/3604865/citrix-admins-advised-to-install-hotfixes-to-block-vulnerabilities.html
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days Pierluigi Paganini January 17, 2024 Citrix fixed two actively exploited zero-day vulnerabilities… Article Source https://securityaffairs.com/157611/hacking/citrix-netscaler-zero-days.html
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 ‘Citrix Bleed’ vulnerability to secure vulnerable devices against attacks. Besides applying the necessary… Article Source https://www.bleepingcomputer.com/news/security/citrix-warns-admins-to-kill-netscaler-user-sessions-to-block-hackers/
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Inside the strategy of Salesforce’s new Chief Trust OfficerIn this Help Net Security interview, Arkin discusses a collaborative approach to building trust among customers, employees, and stakeholders, focusing on transparency, shared responsibility, and empowering others to integrate trusted and responsible … Read more
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to mount authentication relay and session hijack attacks. The vulnerabilities haven’t been and won’t be fixed. Instead, VMware is urging admins to remove the EAP plugin, whose deprecation was announced back in 2021. About … Read more
VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. The vulnerable VMware Enhanced Authentication Plug-in (EAP) enables seamless login to vSphere’s management interfaces via integrated Windows Authentication and Windows-based smart card functionality on Windows client systems. VMware … Read more
VMware warned customers on Monday that proof-of-concept (PoC) exploit code is now available for an authentication bypass flaw in vRealize Log Insight (now known as VMware Aria Operations for Logs). “Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published,” the company said in an update to the original … Read more
Subnetting is a fundamental concept in networking, and it is essential for novice network administrators to have a firm grasp of the subject. Proper understanding of subnetting can help you manage your network efficiently and ensure that it remains secure. In this guide, we will cover the ABCs of subnetting and provide you with everything … Read more