Exclusive: Interview Citrix CISO, Fermín Serna: where did it go wrong?
Techzine had an exclusive interview with Fermín Serna, the Chief Information Security Officer (CISO) of Citrix, with the most important question; where did it go wrong? Citrix has dominated the news for the past week with a critical security vulnerability in Citrix ADC and Citrix Gateway. The prob... Read more
Citrix launches security intrusion detection tool
Citrix and FireEye have announced that they are launching a new tool to combat the security error that has caused quite a few problems in recent weeks. The tool is available for free in the GitHub repositories of both Citrix and FireEye, and is designed to recognise if a user's system has been hack... Read more
Oracle taps customers on the fingers because of negligence updates
Oracle recently released its quarterly set of patches to address vulnerabilities within its products. With the patches came a corresponding message, in which customers were urged, with some powerful words, to actually install the patches when they are available.
The reason for the reprimand to O... Read more
Microsoft will fix leak in Internet Explorer on February 11th
A critical security vulnerability has been found in Internet Explorer (IE). By exploiting this leak, criminals can remotely execute code on the system and even access it. The leak is already being abused, but a patch is still pending.
The security leak is located in the scripting engine of Inter... Read more
Citrix makes patches available for critical leaks
This morning, Citrix released the first patches for Citrix Application Delivery Controller (Citrix ADC) and Citrix Gateway, formerly known as NetScaler Gateway. These are patches for versions 11.1 and 12.0. More patches for other versions will follow later this week.
The problem with the Citrix ... Read more
Oracle update covers large amount of security flaws
Oracle has rolled out a large number of security updates across its range of products. A total of 334 security issues were addressed by the updates.
The updates are spread across 93 products in the company's portfolio. For example, there are updates for Database Server, which addresses 12 securi... Read more
Microsoft discovers malicious npm package
Microsoft has discovered a malicious npm package that steals data from Unix systems. The npm (Node Package Manager) security team for JavaScript has taken the malicious package off the air.
The malicious package is called 1337qq-js and was uploaded to the npm repository on December 30th. The pac... Read more
Thousands of British passports exposed through AWS database
An unsecured Amazon Web Services database has exposed thousands of British passports, visible in scans. In addition, tax documents and job applications were also visible. It's not yet clear who left the database exposed.
Two security researchers, Noam Rotem and Ran Locar, discovered the flaw whi... Read more
Microsoft patches large vulnerability in Windows 10
Microsoft has fixed a large vulnerability in Windows. The vulnerability was discovered by the American National Security Agency (NSA). The problem was officially called CVE-2020-0601. It affected Windows 10, Windows Server 2016, 2019 and Server version 1803.
The error was described as a crypto l... Read more
Citrix ADC and Citrix Gateway waiting for patch after December leak
In December, a major security breach came to light in the Citrix Application Delivery Controller (Citrix ADC) and Citrix Gateway, formerly known as NetScaler Gateway. We are still waiting for a patch, while researchers are now warning that cyber criminals are actively looking for vulnerable Citrix ... Read more