#DOGE's Tom Krause, sent by #MelonHusk to #Overhaul the US #Treasury is also still officially the #CEO of govt contractor #CloudSoftwareGroup , the parent corp of #Citrix; which critics say would at one time not long ago be considered a blatant conflict of industry influence interest ... but this is the dawning of a new error...
https://www.wired.com/story/musk-krause-treasury-bfs-conflict-of-interest/
https://www.mitrade.com/insights/news/live-news/article-3-630008-20250210
Windows-Update-Probleme: Rollback bei installiertem Citrix-Agent
Die Windows-Updates aus dem Januar lassen sich auf Systemen mit Citrix-Agent nicht installieren. Gegenmaßnahmen helfen dem ab.
China's largest commercial bank hit by ransomware
ICBC confirms an attack that halted some trades
https://www.computing.co.uk/news/4145029/chinas-largest-commercial-bank-hit-ransomware
Nachhaltige Digitalisierung unter Einsatz freier und quelloffener Softwarelösungen kann so einfach sein:
- Betriebssystem: Debian GNU/Linux
- Website: WordPress, Hugo
- Mitgliederverwaltung: CiviCRM
- Veranstaltungsmanagement: CiviCRM (Modul), pretix, pretalx, Engelsystem
- Cloudspeicher: owncloud, nextcloud
- Projektmanagement: OpenProject
- Authentifizierung: Keycloak, Authentik
- Messenger: Matrix / Element, XMPP, Nextcloud Talk
- Videokonferenzsystem: Jitsi-Meet, BigBlueButton, OpenTalk
- Mailingliste: Mailman3
- Ticketsystem: Zammad, FreeScout
- Lernmanagementsystem: Moodle, ILIAS
- Personaleinsatzplanung: Kimai
- Microblogging: Mastodon
- Foto: Pixelfed
- Video: PeerTube
- Livestreaming: PeerTube, Owncast
- Eventplaning: Mobilizon
- Beteiligung: Consul Democracy
- Community Management / Social Intranet: Discourse
- (Privacyfriendly) Webanalyse: Matomo
- Collaboratives Text schreiben: HedgeDoc
Applikations- und Terminalserver: Apache Guacamole™
- Administrationswerkzeug Webhosting: Froxlor
- Audio- und Videostreaming: Jellyfin
#FediLZ #FLOSS #FOSS #NachhaltigeITInfrastruktur #NachhaltigeDigitalisierung #OpenSource #WordPress #Hugo #CiviCRM #pretix #pretalx #Engelsystem #owncloud #nextcloud #OpenProject #Keycloak #Matrix #Element #XMPP #NextcloudTalk #JitsiMeet #BigBlueButton #OpenTalk #Mailman3 #Zammad #Moodle #Kimai #Debian #Betriebssystem #Website #Mitgliederverwaltung #Veranstaltungsmanagement #Cloudspeicher #Projektmanagement #Authentifizierung #Messenger #Videokonferenzsystem #Mailingliste #Ticketsystem #Lernmanagementsystem #Personaleinsatzplanung
#Microblogging #Mastodon #Foto #Pixelfed #Video #PeerTube #Livestreaming #PeerTube #Owncast
#Eventplaning #Mobilizon #Guacamole #ApacheGuacamole #Citrix #Froxlor #Plesk #Jellyfin #Spotify #Netflix #AmazonPrime #DVD #BlueRay
Cisco, VMware, Citrix Vulnerabilities
Cisco's recent zero-day exploit takes an obfuscation turn, VMware alerts users of a significant auth bypass flaw, and Citrix grapples with session hijacking attacks that have CISA raising an eyebrow.
We ( @greynoise ) have tracked active malicious actors attempting to exploit CVE-2023-4966, an Information Disclosure Attempt in #Citrix #Netscaler
Be careful out there.
Hi! I'm a Dad, husband, and tech nerd in the greater #Seattle area and frequently visit San Francisco Bay Area.
I tend to post about:
Productivity (#GTD and #PKM), 
#Coding 
#Aviation / #Cirrus
#B2B tech
#videogames, #RPGs, & 
#flightsim
#Mountaineering & #Hiking
#FIRE
#Motorcycles 
#Camping
The #PNW, and the #SanFrancisco Bay Area
Formerly #Google, #HashiCorp, #NewRelic, #BlueJeansNetwork, and #Citrix - now doing my own thing.
Passing this along, a recruiting / staffing company I work with has MULTIPLE job openings for Network, Storage, Security, and Firewall Engineers in Las Vegas, NV.
This is a critical 3-6 month #contract opportunity that promises to make a real impact in the world of technology and cybersecurity.
And when they say multiple, they mean multiple
Immediate need (one guess why)..
Here are the details:
Must have experience with one of these key technologies:
Citrix Load Balancers, VMWARE ESX and vSAN, Palo Alto Networking, or VMAX and NetApp Storage.
Positions are open to mid to senior-level professionals.
Additional Info:Open to candidates from across the US Weekly travel to Las Vegas (Monday-Friday) is required 
But don’t worry, all travel and expenses will be covered.
If you're passionate about network infrastructure, storage solutions, #security measures, or #firewall technologies and have expertise in one of these areas, then they want to hear from you!
If interested, send your resume to info@zeektek.com and one of their technical recruiters will follow up.
Years-old Microsoft bugs are still hot targets for criminals • The Register
https://www.theregister.com/2023/09/05/qualys_top_20_vulnerabilities/
OK, let's pause for a sec: 15 of the 20 most exploited vulnerabilities are in Windows, #Oracle follows with 3, #Linux, #Jira #Atlassian, #Apache, #Citrix, #Ivanti, and #Fortinet with 1 each.
Two of the richest companies in the world are heading the list with most vulnerabilities in their products. Let that sink in.
I think this may the first breach notification related to #Citrix #FileShare
In other news, here's the latest #MOVEit stats.
https://www.emsisoft.com/en/blog/44123/unpacking-the-moveit-breach-statistics-and-analysis/
Wie kommt ihr vom #HomeOffice zu euren Firmendaten?
Gerne boosten und in die Kommentare gerne wie groß die Firma ist bzw. wie wichtig Sicherheit da steht
#vpn #citrix #rdp #Sicherheit
Latest issue of my curated #cybersecurity and #infosec list of resources for week #33/2023 is out! It includes the following and much more:
➝ 
#Norfolk and #Suffolk police: Victims and witnesses hit by #databreach
➝ 
#Discord.io confirms breach after hacker steals data of 760K users
➝ 
#Health plan provider PH TECH joins MOVEit victim list, 1.7 million exposed
➝ 
#Interpol arrests 14 suspected cybercriminals for stealing $40 million
➝ 
#Iran and the Rise of Cyber-Enabled Influence Operations
➝ 
Major U.S. energy org targeted in QR code #phishing attack
➝ 
Jon DiMaggio’s demystifying #LockBit’s Secrets in his latest Ransomware Diaries Vol. 3
➝ 
Approximately 2000 #Citrix NetScalers backdoored in mass-exploitation campaign
➝ Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks
➝ #FBI warns of increasing #cryptocurrency recovery scams
➝ 
#LOLEKHosted admin arrested for aiding Netwalker ransomware gang
➝ 
#Russia slaps #Reddit, #Wikipedia with fines
➝ 
️ #Tesla reassures Chinese users on #datasecurity amid spying concerns
➝ 
#Israel, US to Invest $4 Million in Critical Infrastructure Security Projects
➝ 
New #BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
➝ 
Raccoon Stealer #malware returns with new stealthier version
➝ 
Monti #Ransomware Returns with New #Linux Variant and Enhanced Evasion Tactics
➝ 
Over 120,000 Computers Compromised by Info Stealers Linked to Users of #Cybercrime Forums
➝ 
Google Brings AI Magic to Fuzz Testing With Eye-Opening Results
➝ 
#Google Introduces First #Quantum Resilient #FIDO2 Security Key Implementation
➝ 
Cult of the Dead Cow releases #Veilid: A secure open-source Peer-to-Peer network for apps that flips off the surveillance economy
➝ 
Threat actors use beta apps to bypass mobile app store security
➝ 
How a hacking crew overtook a #satellite from inside a Las Vegas convention center and won $50,000
➝ 
How to hack #casino card-shuffling machines
➝ 
Iagona ScrutisWeb Vulnerabilities Could Expose #ATM's to Remote Hacking
This week's recommended reading is: "The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage" by Clifford Paul "Cliff" Stoll
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-332023
CISA says hackers are exploiting a new file transfer bug in #Citrix #ShareFile
https://techcrunch.com/2023/08/17/cisa-hackers-citrix-sharefile-exploit/
Latest issue of my curated #cybersecurity and #infosec list of resources for week #31/2023 is out! It includes the following and much more:
➝ 
Researchers Uncover New High-Severity #Vulnerability in #PaperCut Software
➝ #Israel cybersecurity agency says no breach after senior official self-infects home PC with #malware
➝ CISA’s strategic plan adheres to overall Biden administration direction on cybersecurity
➝ 
Top 12 vulnerabilities list highlights troubling reality: many organizations still aren’t #patching
➝ 
Hacking tool #FlipperZero tracked by intelligence agencies, which fear white nationalists may deploy it against power grid
➝ Hundreds of #Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
➝ ️ Researchers jailbreak a #Tesla to get free in-car feature upgrades
➝ 
Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
➝ 
Russian hackers target govt orgs in #Microsoft Teams #phishing attacks
➝ #Rapid7 found a bypass for the recently patched actively exploited #Ivanti EPMM bug
➝ 
#Tenable CEO accuses Microsoft of negligence in addressing security flaw
➝ Hackers exploited #Salesforce zero-day in #Facebook phishing attack
➝ 
US internet hosting company appears to facilitate global #cybercrime, researchers say
➝ 
#China's #APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
➝ Schools Are Now the Leading Target for Cyber Gangs as Ransom Payments Encourage Attacks
➝ Possible Chinese Malware in US Systems - a ‘Ticking Time Bomb’
➝ 
Cybercriminals Renting #WikiLoader to Target Italian Organizations with Banking Trojan
➝ Microsoft downplays damaging report on Chinese hacking its own engineers vetted
➝ 
#Jordan adopts cybercrime law seen as threat to #freespeech
➝ 
Hacker Claims to Have Stolen Sensitive Medical Records from #Egypt's Ministry of Health
➝ 
#BankCard USA surrenders and pays #ransom
This week's recommended reading is: "Art of Software Security Assessment, The: Identifying and Preventing Software Vulnerabilities" by Mark Dowd, John McDonald, and Justin Schuh
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-312023
Latest issue of my curated #cybersecurity and #infosec list of resources for week #29/2023 is out! It includes the following and much more:
➝ 
#Russia Seeks 18 Years in Jail for Founder of #Cybersecurity Firm
➝ Pro-Russian hacktivists increase focus on Western targets. The latest is #OnlyFans
➝ 
#DDoS Botnets Hijacking #Zyxel Devices to Launch Devastating Attacks
➝ 
New #P2PInfect Worm Targeting Redis Servers on #Linux and #Windows Systems
➝ 
#Google restricting internet access to some employees to reduce #cyberattack risk
➝ 
#Apple slams UK surveillance-bill proposals
➝ 
Cybersecurity firm #Sophos impersonated by new #SophosEncrypt ransomware
➝ 
#Ukraine takes down massive bot farm, seizes 150,000 SIM cards
➝ 
#CISA and #NSA Issue New Guidance to Strengthen #5G Network Slicing Against Threats
➝ Chinese #APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg #Spyware
➝ 
Famed Hacker Kevin Mitnick Dead at 59
➝ 
U.S. Government Blacklists #Cytrox and #Intellexa Spyware Vendors for Cyber Espionage
➝ #Citrix alerts users to critical vulnerability in Citrix ADC and Gateway
➝ 
#VirusTotal Data Leak Exposes Some Registered Customers' Details
➝ FIN8 Group Using Modified Sardonic #Backdoor for #BlackCat Ransomware Attacks
➝ 
#GitHub Security alert: social engineering campaign targets technology industry employees
➝ Analysis of #Storm0558 techniques for unauthorized email access
➝ #Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens
➝ White House, #FCC advance efforts to add security labels to connected devices
➝ 
Police arrests Ukrainian #scareware developer after 10-year hunt
➝ 
#Norway Threatens $100,000 Daily Fine on #Meta Over Data
➝ 
Two New Adobe #ColdFusion Vulnerabilities Exploited in Attacks
➝ #JumpCloud Says Sophisticated Nation-State Hackers Targeted Specific Customers
➝ #MOVEit Hack: Number of Impacted Organizations Exceeds 340
This week's recommended reading is: "Leadership Is Changing the Game - The Transition from Technical Expert to Leader" by Brian Donovan
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-292023
My #Email #security is finally configured for detection and is in learning mode now. I will be setting remediation up in the coming weeks after some education on my #Avanan platform. It's covering my Teams, OneDrive, and Outlook email with the idea I can even make sure the meetings I have with vendors and such are secured more. This also works for #Google #Slack, #Dropbox #Box and #Citrix link
I'll have more to cover in the review in the coming weeks
#Cybersecurity #InfoSec #IT #Emailsecurity
Imagine360 discovered that two of its file-sharing platforms were hit within days of each other: https://www.databreaches.net/imagine360-discovers-that-two-of-its-file-sharing-platforms-were-hit-within-days-of-each-other/
#HIPAA #databreach #hack #incidentresponse #infosec #thirdparty #vendor #BusinessAssociate #transparency #Citrix #Fortra
