Further Actions Required For Citrix Netscaler Vulnerability
LINK >> https://urlin.us/2t850P
There are no reports of CVE-2018-15983 being exploited in the wild at this time. This vulnerability still requires fast action as it could be coupled into existing attacks, allowing the threat actor to raise their privileges on the system and perform actions at the administrative level.
Eze Castle's ApproachOur Service Teams will coordinate with clients to perform the required actions for remediation shortly after patches are released for the affected systems. ECI is introducing a new e-mail security feature called email tagging for our Eze Private Cloud clients. The intended purpose of email tagging is to label external emails in an effort to prevent email spoofing. More details regarding this security feature will be communicated this week. Please reach out to the ECI Global Support Desk if you have any questions.
Researchers have uncovered vulnerability associated with a widely used WiFi protocol and have released a paper explaining the findings about the vulnerability. Eze Castle Integration expects manufacturers/vendors to release upgrades and patching to WiFi devices including smart phones to address this. Eze Castle will continue to monitor the situation and will alert clients as more information becomes available. Eze Castle Service teams will be reaching out to our clients to coordinate any remedial actions required to update and/or patch impacted end user and network infrastructure devices.
Certitude responsibly disclosed this vulnerability to Citrix in December 2020. A patch release addresses this issue. Note that besides applying the patch, additional configuration steps are required to mitigate this vulnerability:
If you believe your Citrix environment has been impacted by this vulnerability, Herjavec Group's Threat Management & Incident Response team is available for further support and consultation. If you need Incident Response support or Security Expertise, please connect with us.
This blog illustrates further aspects of cyber-attacks leveraging the Log4Shell vulnerability. It also demonstrates how Darktrace detects and responds to zero-day attacks if Darktrace has visibility of the attacked entities. 2b1af7f3a8