Security researchers have disclosed critical vulnerabilities in Citrix Virtual Apps and Desktops that could allow remote code execution (RCE) attacks. Proof-of-concept (PoC) exploitation attempts have already been… Article Source https://cybersecuritynews.com/citrix-virtual-apps-desktops-rce/
Research shows that Manifest V3 could suffer from security issues The upgraded Chromium manifest still allows malicious extensions Some security tools struggle to identify dangerous extensions Browser extensions have long been a convenient tool for… Article Source https://www.techradar.com/pro/google-chrome-extensions-remain-a-security-risk-as-manifest-v3-fails-to-prevent-data-theft-and-malware-exploitation
Cisco has rushed a patch for a brute-force denial-of-service (DoS) vulnerability in its VPN that’s being actively exploited in the wild. The medium-severity bug (CVE-2024-20481, CVSS 5.8) resides in the Remote Access VPN (RAVPN) found in the Cisco… Article Source https://www.darkreading.com/application-security/cisco-asa-ftd-software-active-vpn-exploitation
Citrix has issued warnings about two zero-day vulnerabilities affecting its customer-managed Netscaler Application Delivery Controller and Netscaler Gateway appliances, with reports of active exploitation in a limited number of cases. The vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, could result in remote code execution and denial of service attacks, respectively. These vulnerabilities come more than three … Read more
Researchers have recently uncovered that the LockBit ransomware gang is behind the exploitation of a massive Citrix bug. This revelation comes as a result of an investigation conducted by CyberNews.com. The researchers identified a connection between the ransomware gang and the exploitation of the vulnerability in Citrix, a software company that provides server, networking, and … Read more
Citrix has warned its customers about two zero-day vulnerabilities affecting Netscaler ADC and Gateway appliances that expose them to remote code execution and denial-of-service attacks. To exploit these vulnerabilities, attackers need access to low-privileged accounts and specific network configurations. Only customer-managed Netscaler appliances are affected, not Citrix-managed cloud services. The affected product versions include Netscaler … Read more
UnitedHealth is set to testify about a cybersecurity breach that occurred on February 12, where hackers gained access to a Citrix portal of its Change Healthcare unit using compromised credentials. CEO Andrew Witty mentioned that the threat actor moved within the systems and exfiltrated data. On February 21, a ransomware attack by a cybercriminal known … Read more