Wednesday, June 19, 2019
Citrix

Improper Access Control Vulnerability in AppDNA

CTX253828 NewApplicable Products :  Citrix Virtual Apps and DesktopsA vulnerability has been identified in AppDNA that could result in access controls not being enforced when accessing the web console potentially allowing privilege escalation and remote code execution.This vulnerability has been...
Citrix

Citrix Hypervisor Security Update

CTX251995 NewApplicable Products :  Citrix Hypervisor 8.0, XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.6A number of security issues have been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of...
Citrix

Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows

CTX251986 NewApplicable Products :  Citrix Workspace App, Receiver for WindowsA vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients...
Citrix

Buffer Overflow Vulnerability in Citrix ADC and Citrix NetScaler Gateway

CTX249976 NewApplicable Products :  Citrix ADC, NetScaler GatewayA buffer overflow vulnerability has been identified in Citrix ADC and Citrix NetScaler Gateway which could possibly result in a denial-of-service in a specific configuration.This vulnerability has been assigned the following CVE number:• CVE-
Citrix

Citrix SD-WAN Security Update

CTX247735 NewApplicable Products :  Citrix SD-WANAn information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This  vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic. The vulnerability has been assigned th
Citrix

Authentication Bypass vulnerability in XenMobile Server

CTX247736 NewApplicable Products :  XenMobile, XenMobile 10.8A vulnerability has been identified in Citrix XenMobile Server that could permit an attacker to impersonate and take actions on behalf of any Mobile Device Management (MDM) enrolled device. The vulnerability has been assigned the following...
Citrix

Citrix SD-WAN Center Security Updates

CTX247737 UpdatedApplicable Products :  Citrix SD-WANA command injection vulnerability has been identified in the management console of Citrix SD-WAN Center and NetScaler SD-WAN Center. This vulnerability could allow an unauthenticated attacker with access to the management console to compromise the...
Citrix

Citrix Application Delivery Management (ADM) Agent Security Update

CTX247738 NewApplicable Products :  Citrix Application Delivery ManagementA vulnerability has been identified in Citrix Application Delivery Management Agent that could allow an unauthenticated attacker with network access to the management agent interface to obtain sensitive information. Disclosed information could be...
Citrix

Citrix XenServer Multiple Security Updates

CTX246572 NewApplicable Products :  XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.5, XenServer 7.6A number of security vulnerabilities have been identified in Citrix XenServer that, depending on configuration, may allow a malicious user of a PV...
Citrix

TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller (ADC) and NetScaler Gateway

CTX240139 NewApplicable Products :  NetScaler 10.5, NetScaler 11.0, NetScaler 11.1, NetScaler 12.0, NetScaler 12.1, NetScaler Gateway 10.5, NetScaler Gateway 11.0, NetScaler Gateway 11.1, NetScaler Gateway 12.0A vulnerability has been identified in the Citrix Application Delivery Controller (ADC) formally known as NetScaler ADC and NetScaler Gateway platforms using hardware...
Citrix

Citrix XenServer Security Update

CTX239432 NewApplicable Products :  XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.5, XenServer 7.6A number of security vulnerabilities have been identified in Citrix XenServer that have deployment-dependent impacts.These issues affect the following supported versions of Citrix XenServer:Citrix XenServer 7.6 Citrix XenServer...
Citrix

Citrix XenServer Security Update

CTX239100 NewApplicable Products :  XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.5, XenServer 7.6A security issue has been identified in Citrix XenServer that may allow a malicious administrator of an HVM guest VM to crash the host.This issue affects the following versions...
Citrix

Cross-Site Scripting Vulnerability in Citrix NetScaler

CTX239002 NewApplicable Products :  NetScaler 10.1, NetScaler 10.5, NetScaler 11.0, NetScaler 11.1, NetScaler 12.0, NetScaler 12.1A Cross-Site Scripting (XSS) vulnerability has been identified in Citrix NetScaler Gateway, formerly known as Citrix Access Gateway Enterprise Edition.  This vulnerability could potentially be used to execute malicious client-side script...
Citrix

Citrix ShareFile StorageZones Controller Multiple Security Updates

CTX238022 UpdatedApplicable Products :  ShareFileTwo security issues have been identified within Citrix ShareFile StorageZones Controller that, if exploited, could allow a compromised or malicious ShareFile user to write arbitrary files as that Active Directory user to the local file system,...
Citrix

XenServer Multiple Security Updates

CTX236548 NewApplicable Products :  XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.4, XenServer 7.5Several security issues have been identified that impact XenServer. Customers should consider these issues and determine possible impact to their own systems. These updates provide a mitigation for recently...
TechRepublic

How AI-enhanced malware poses a threat to your organization

Malware controlled by artificial intelligence could create more convincing spam, avoid security detection, and better adapt itself to each target, says a new report from Malwarebytes.
TechRepublic

Tech news roundup: HPE Discover 2019, Facebook’s Libra cryptocurrency, and Google Cloud’s debacle

This week's TechRepublic and ZDNet news stories include a look at the companies that hire the most data scientists, four significant impacts of a security breach, and a first-hand account of a major hack job.
SC Magazine

ACLU tells Ga. Supreme Court Fourth Amendment should apply to personal data stored by cars

Fourth Amendment protections should apply to personal data in a car’s Event Data Recorder, the American Civil Liberties Union (ACLU) will argue before the Georgia Supreme Court today. The state’s high court is hearing oral arguments in Mobley v. State, which challenges law...
PC Mag

Can Anything Protect Us From Deepfakes?

Along with fake news, forged videos have become a national security concern, especially as the 2020 presidential elections draw near. Researchers at the University of Surrey have developed a solution that might solve the problem.

How Hackers Emptied Church Coffers with a Simple Phishing Scam

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.