Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)
Gallery
Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Citrix, CyberSecurity

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)marc2022-12-16T15:07:16-05:00

iManage Security Vulnerability due to third-party Apache component Log4j
Gallery
iManage Security Vulnerability due to third-party Apache component Log4j

Announcements - External, CyberSecurity, iManage

iManage Security Vulnerability due to third-party Apache component Log4j

If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.

iManage Security Vulnerability due to third-party Apache component Log4jmarc2022-12-13T14:54:40-05:00

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)
Gallery
Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

Announcements - External, iManage

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

The iManage Security team identified a vulnerability affecting on-premises versions of iManage products. It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)marc2022-12-13T14:57:01-05:00

[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability
Gallery
[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability

Announcements - External, Microsoft, News

[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability

Microsoft has released a patch to mitigate to this vulnerability, we can’t deny the fact that this security flaw has already been exploited by numerous criminal organization – developing into a new ransomware attack and other potential malicious activities. Check this post for options & solutions.

[Update] On-Premises Microsoft Exchange Server Zero-Day VulnerabilityAdriana Vitale2021-03-16T13:33:35-04:00

Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits
Gallery
Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits

CyberSecurity, Microsoft, News

Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits

Hafnium operators deploy web shells on compromised server, creating software backdoors that allow attackers to steal data and perform additional malicious actions that lead to further compromise.

Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day ExploitsAdriana Vitale2022-03-22T17:04:34-04:00

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

iManage Security Vulnerability due to third-party Apache component Log4j

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

[Update] On-Premises Microsoft Exchange Server Zero-Day Vulnerability

Advisory: HAFNIUM targeting Exchange Servers with Critical 0-day Exploits

Services

Partners

Company

The Corner View

ICYMI: Recap of Last Week’s Security Alerts – week of March 12, 2023

Microsoft Outlook Privilege Elevation Vulnerability (CVE-2023-23397)

Veeam Backup & Replication Vulnerability (CVE-2023-27532)

Critical VMware product vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)

Microsoft Ends Security Updates, Technical Support for Windows 7 and 8.1

Cornerstone.IT Celebrates 20 Years of Excellence in Service to the Legal Industry

More Posts →