Remove 2022 Remove Security Remove Vulnerability
article thumbnail

Guidance for reducing unauthenticated OGNL injection security vulnerability risk (CVE-2022-26134)

Citrix

Citrix has crafted new signatures and has updated its Citrix Web App Firewall signature file to help customers mitigate the recent OGNL injection vulnerability in multiple versions of Atlassian Confluence (CVE-2022-26134). You can download these and apply them immediately.…

article thumbnail

Guidance for reducing Spring4Shell security vulnerability risk with Citrix WAF (CVE-2022-22963 / CVE-2022-22965)

Citrix

to 5.2.19, and older versions was made public on March 30, 2022, allowing an unauthenticated attacker to execute arbitrary code on the target system. Citrix recommends that customers … The post Guidance for reducing Spring4Shell security vulnerability risk with Citrix WAF (CVE-2022-22963 / CVE-2022-22965) first appeared on Citrix Blogs.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Guidance for reducing HTTP protocol RCE security vulnerability risk with Citrix Web App Firewall (CVE-2022-21907)

Citrix

The HTTP protocol stack remote code execution vulnerability (CVE-2022-21907) lies in the management of HTTP Trailers by the kernel mode driver http.sys.

article thumbnail

Uber Security Breach - News Alert

Scott R. Davis

September 16, 2022 – The Cyber Security Association of Pennsylvania and it's President Scott R. Uber has announced that they are investigating a wide-reaching security breach that was started when an employee answered a text message from a person impersonating IT support with their user credentials. What do you do?

Alert 246
article thumbnail

10 Security Trends and Predictions for 2022 

Pure Storage

As we get ready to welcome 2022, this past year has left a big impression on the security landscape. Given what we’ve experienced recently, what will 2022 bring? infrastructure organizations¹—and lesser security threats causing minimal damage. Government oversight might throw a wrench into security strategy.

Security 111
article thumbnail

Security Industry Association Reveals Program for 2022 SIA GovSummit

Security Industry Association

SIA’s public policy and government security technology conference will take place May 24-25 in Washington, D.C. The Security Industry Association (SIA) has announced the schedule, speaker lineup and program for the 2022 SIA GovSummit , SIA’s annual public policy and government security technology conference.

article thumbnail

Guidance for reducing Apache Log4j security vulnerability (CVE-2021-44228) risk with Citrix WAF

Citrix

was made public on December 9, 2021, as to which JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other … The post Guidance for reducing Apache Log4j security vulnerability (CVE-2021-44228) risk with Citrix WAF first appeared on Citrix Blogs. beta9 to 2.14.1