Tim (Wadhwa-)Brown Apr 28

Fun with Citrix:

https://shittrix.moksha.dk/

#threatintel, #citrix

89 vulnerabilities in XAPI / Citrix XenServer

Day-0 public disclosure of 89 independently exploitable vulnerabilities in Citrix's hypervisor management platform. 5 Critical, 28 High across 8 XAPI object types. Independent security research by Jakob Wolffhechel.

kjaerulvApr 24
This is bad.. #citrix https://shittrix.moksha.dk/
89 vulnerabilities in XAPI / Citrix XenServer

Day-0 public disclosure of 89 independently exploitable vulnerabilities in Citrix's hypervisor management platform. 5 Critical, 28 High across 8 XAPI object types. Independent security research by Jakob Wolffhechel.

DagApr 15
Utfasing av #VMWare #Microsoft og #Citrix software of tjenester har gått ganske smertefritt for danske Ishøj kommune
Åpen kildekode og andre leverandører dekker behovet.
De amerikanske leverandører skrudd opp prisen ganske kraftig og kommunen måtte finne andre løsninger.
https://www.digi.no/artikler/kommunen-faset-ut-en-rekke-amerikanske-it-systemer-det-har-vaert-relativt-enkelt/570792?sharing_key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9%24eyJ1c2VySWQiOiI2MDIxMTIiLCJhcnRpY2xlSWQiOjU3MDc5MiwiaWF0IjoxNzc2MjU0NzQxLCJleHAiOjE3NzYzNDExNDF9%24P3IrUgPvdUd7QOq_jXps_-1RcQZFG7bzsXw0rdBk9bg
Kommunen faset ut en rekke amerikanske IT-systemer: «Det har vært relativt enkelt»

Da Ishøj kommune i fjor ble rammet av store prisøkninger fra en rekke amerikanske IT-leverandører, besluttet man å fase ut flere sentrale systemer.

Digi.no
samurroApr 14
Are there seriously no big companies using #citrix on a #Proxmox #hypervisor? Just because there is no support its not feasible at all? Are we really dependent on some other #BigTech company when moving from #VMWare?
Show threadStephen BorrillApr 5
@kasperd @jamesthomson @revk And in #Citrix tech support news, if they were still using that now and were using VHD profile containers to help with Outlook's PST files, then resetting those would be a good start if you had two Outlooks and neither on them worked...
Show threadStephen BorrillApr 5
@kasperd @jamesthomson @revk On the ISS, it was #Citrix XenDesktop for the desktop access and Branch Repeater to help with latency (uses lots of highly desktop-optimised caching). These are both the old product names.
https://www.informationweek.com/it-leadership/nasa-taps-citrix-for-tweets-from-space
NASA Taps Citrix For Tweets From Space | InformationWeek

The combination of XenDesktop and Citrix Branch Repeater is the technology behind astronauts' direct access to desktop and Web applications.

Information Week
heise SecurityApr 1

„Passwort“ Folge 54: Alte Bugs, neue Angriffe und zukünftige PKI

Im Podcast geht es um kürzlich entdeckte Lücken in uraltem Unix, aktuelle Angriffe auf Apple-Geräte, quantensichere Zertifikate fürs Web und einiges mehr.

https://www.heise.de/news/Passwort-Folge-54-Alte-Bugs-neue-Angriffe-und-zukuenftige-PKI-11208348.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Apple #Citrix #Google #IT #PasswortPodcast #Podcast #Security #Unix #news

„Passwort“ Folge 54: Alte Bugs, neue Angriffe und zukünftige PKI

Im Podcast geht es um kürzlich entdeckte Lücken in uraltem Unix, aktuelle Angriffe auf Apple-Geräte, quantensichere Zertifikate fürs Web und einiges mehr.

heise online
The New OilMar 31

#CISA orders feds to patch actively exploited #Citrix flaw by Thursday

https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-citrix-flaw-by-thursday/

#cybersecurity

CISA orders feds to patch actively exploited Citrix flaw by Thursday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an actively exploited vulnerability by Thursday.

BleepingComputer
The New OilMar 31

Critical #Citrix #NetScaler memory flaw actively exploited in attacks

https://www.bleepingcomputer.com/news/security/critical-citrix-netscaler-memory-flaw-actively-exploited-in-attacks/

#cybersecurity

Critical Citrix NetScaler memory flaw actively exploited in attacks

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix  NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data.

BleepingComputer
BSIMar 31

RE: https://social.bund.de/@bsi/116295890584639194

📢⚠️ Update zur Sicherheitswarnung: Version 1.1: #Citrix NetScaler ADC & Gateway – #Schwachstellen gefährden Organisationen.

Seit dem Wochenende häufen sich Berichte über Angriffe auf Citrix-Systeme [WAT26], [XCO26]. So finden mindestens seit dem 27. März Angriffsversuche mithilfe von CVE-2026-3055 statt.

Mehr Informationen findet ihr hier: https://www.bsi.bund.de/dok/1195484

@certbund