POPULARITY
In this episode of The Citrix Session, host Bill Sutton and guests dive deep into the latest advancements in hardware and device security, with a special focus on Netscaler disk encryption. Our experts, including Jeremy Myers and Todd Smith, discuss how these innovations originated from financial and public sectors and are now setting a standard for security across industries. Discover how encryption not only protects sensitive data but also ensures compliance with stringent regulations. Join us as we explore how these technologies are being implemented to safeguard decommissioned devices and prevent unauthorized data retrieval, making a significant impact in the finance and government sectors.
Delve deeper into cybersecurity's critical aspects with our thorough examination of the Citrix Netscaler Zero Day vulnerability. This analysis covers the vulnerability's technical nuances, highlighting its capacity for remote code execution and the severe risks it poses to network security. Understand the sophisticated mechanisms attackers use to exploit this vulnerability, leading to unauthorized access and potential data breaches. Interested in the full technical info of the discussed threat? For more detailed information or to access the infographic, please visit https://threat-talks.com/citrix-netscaler-deep-dive/
On this week's episode of the podcast I cover multiple vulnerabilities, one of which is under active exploitations, I get into some recent AI news and much more! Reference Links: https://www.rorymon.com/blog/2-new-netscaler-vulnerabilities-new-chrome-zero-day-incognito-mode-controversy/
Martin Creighan tells us why you should “You don't have to be a jerk to be successful”, why “It's ok to be afraid”, and that “Real leadership is putting your team out front” and other insightful lessons it took him years to learn. About Martin Creighan Inspired by people, building new relationships and a continuous curiosity of learning, Vice President of Sales, Martin Creighan has joined our leadership team to propel Commvault's innovative brand and award-winning software and SaaS offerings into the Australian and New Zealand markets. Martin has over three decades of experience and brings a wealth of leadership expertise and knowledge in the software, cloud, technology, telecommunications and defence industries, having held numerous senior leadership and sales positions. Prior to joining Commvault, Creighan was the Vice President and General Manager of Cloud Software Group (Citrix, NetScaler and Tibco) Australia and New Zealand where he was responsible for go to market execution and revenue/profit growth. He previously held senior sales and general management leadership roles at AT&T, Radware, SecureNet/Baltimore Technologies and was an Operations Specialist and Master Training Specialist with the United States Navy. Creighan holds a Bachelor of Business from The National University of San Diego, California, and is a Certified Master Training Specialist from US Navy. Episode Notes Lesson 1: You don't have to be a jerk to be successful 04:18 Lesson 2: Look after your people and your people will always looks after you! 16:32 Lesson 3: Your “Why” doesn't have to be industry specific. 21:40 Lesson 4: Tackle each of life's challenges one step at a time. 28:24 Lesson 5: Always be kind. 31:25 Lesson 6: Real leadership is putting your team out front. 35:42 Lesson 7: Build your team based on Attitude, not aptitude! 38:55 Lesson 8: Don't be a “Gonna”. 42:15 Lesson 9: It's ok to be afraid! 46:24 Lesson 10: Never, ever forget where you came from. 49:45
This episode reports on unpatched holes that are being exploited by threat actors, and more
On this week's episode I give an update on the NetScaler and Confluence vulnerabilities and explore a new strategy being used by a cyber gang plus much more! Reference Links: https://www.rorymon.com/blog/mass-exploitation-of-netscaler-vulnerabilities-major-week-for-ai-systems-new-cloud-pcs/
The StormWatch podcast episode from October 31, 2023, began with the hosts in a light-hearted mood, donning costumes for Halloween. The hosts discussed the latest happenings in the cybersecurity world, focusing on the latest phones, developments at Censys and GreyNoise, and important cybersecurity news. They also touched on conspiracy theories. The hosts were in costumes, with one host dressed as the Invisible Man, another as Louise Belcher from Bob's Burgers, and another as Cozy Bear, a reference to APT 29, a cyber espionage group. They also discussed their "scariest vulnerabilities," with one host mentioning the mercenary spyware like Pegasus as a significant concern. The hosts then discussed the recent security breaches involving Okta, Beyond Trust, and 1Password. They praised 1Password for their transparent and detailed response to the incident. They also discussed the recent vulnerabilities found in SolarWinds and the subsequent charges filed by the SEC against SolarWinds and their Chief Information Security Officer for fraud and internal control failures. The hosts also discussed a tool called cvecrowd.com, which tracks CVE mentions on Mastodon, a social network. They praised the tool for its usefulness in tracking cybersecurity vulnerabilities and incidents. They also mentioned an upcoming event at a brewery where they would discuss threat hunting techniques and tips. The hosts then discussed the recent vulnerabilities found in Cisco IOS, with one host sharing her findings from her investigation into the vulnerabilities. They also discussed the importance of patching and updating systems to protect against these vulnerabilities. This Episodes Slides >> Join our Community Slack >> Learn more about GreyNoise >>
In Episode 7, we discuss Microsoft's $5 billion investment in Australia's cloud infrastructure and ChatGPT's introduction in Australian Schools in 2024. We also cover the recent NetScaler and Sony data breaches, Telstra's acquisition of Versent for $267.5 million, job cuts at Stack Overflow, ANZ's experiments with GitHub Copilot, and Comm Bank's job reductions due to automation. Tune in for the latest tech updates and headlines!
In our first segment: the PSW hosts drop valuable insight on how to start your own journey into reverse engineering hardware! Resources we mentioned: The Hardware Hackers Handbook is a great start Do a badge challenge: https://www.cyberark.com/resources/threat-research-blog/an-introduction-to-hardware-hacking Take some classes Do some Arduino stuff: https://www.arduino.cc/ Take free courses on electrical engineering: https://ocw.mit.edu/courses/6-01sc-introduction-to-electrical-engineering-and-computer-science-i-spring-2011/ (And here: https://www.tinkerforge.com/en/doc/ and here: https://www.youtube.com/watch?v=LSQf3iuluYo&list=PLoFdAHrZtKkhcd9k8ZcR4th8Q8PNOx7iU) Building a lab - The list: Soldering iron (and tools and parts such as Solder, Flux, Tweezer, Soldering wick, Cutter, Wire stripper) Hot air rework station (can be bundled with soldering iron) Multi-meter (and lots of associated cables) Jumper and pinout wires Breadboard USB microscope Bench power supply Specific lighting (e.g. my document camera has an LED light that works great) Magnification - magnifying lenses and a headset (esp. if you are old, like us) USB serial devices (or Bus Pirate if you fancy) Then, in the Security News: Windows 11 tries to fix legacy authentication, Rapid resets and the world's largest DDoS attack, we finally get to see the cURL vulnerability, and its pretty ugly, turns out Android TV boxes with pre-installed malware are a hot topic, patch your Netscaler, root for everyone with emergency responder software, learn THIS hacking Tools First, long live Wayland, how to actually hack a WiFi device with a Flipper Zero, scanning open source packages, GNOME bugs and a bonus, security is a great idea until there is a bypass in apparmor,a tool that everyone should have in their kit, and we could talk for hours about 25 hard hitting lessons from Cybersecurity! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-802
In the Security News: Windows 11 tries to fix legacy authentication, Rapid resets and the world's largest DDoS attack, we finally get to see the cURL vulnerability, and its pretty ugly, turns out Android TV boxes with pre-installed malware are a hot topic, patch your Netscaler, root for everyone with emergency responder software, learn THIS hacking Tools First, long live Wayland, how to actually hack a WiFi device with a Flipper Zero, scanning open source packages, GNOME bugs and a bonus, security is a great idea until there is a bypass in apparmor,a tool that everyone should have in their kit, and we could talk for hours about 25 hard hitting lessons from Cybersecurity! All that and more on this episode of Paul's Security Weekly! Show Notes: https://securityweekly.com/psw-802
In our first segment: the PSW hosts drop valuable insight on how to start your own journey into reverse engineering hardware! Resources we mentioned: The Hardware Hackers Handbook is a great start Do a badge challenge: https://www.cyberark.com/resources/threat-research-blog/an-introduction-to-hardware-hacking Take some classes Do some Arduino stuff: https://www.arduino.cc/ Take free courses on electrical engineering: https://ocw.mit.edu/courses/6-01sc-introduction-to-electrical-engineering-and-computer-science-i-spring-2011/ (And here: https://www.tinkerforge.com/en/doc/ and here: https://www.youtube.com/watch?v=LSQf3iuluYo&list=PLoFdAHrZtKkhcd9k8ZcR4th8Q8PNOx7iU) Building a lab - The list: Soldering iron (and tools and parts such as Solder, Flux, Tweezer, Soldering wick, Cutter, Wire stripper) Hot air rework station (can be bundled with soldering iron) Multi-meter (and lots of associated cables) Jumper and pinout wires Breadboard USB microscope Bench power supply Specific lighting (e.g. my document camera has an LED light that works great) Magnification - magnifying lenses and a headset (esp. if you are old, like us) USB serial devices (or Bus Pirate if you fancy) Then, in the Security News: Windows 11 tries to fix legacy authentication, Rapid resets and the world's largest DDoS attack, we finally get to see the cURL vulnerability, and its pretty ugly, turns out Android TV boxes with pre-installed malware are a hot topic, patch your Netscaler, root for everyone with emergency responder software, learn THIS hacking Tools First, long live Wayland, how to actually hack a WiFi device with a Flipper Zero, scanning open source packages, GNOME bugs and a bonus, security is a great idea until there is a bypass in apparmor,a tool that everyone should have in their kit, and we could talk for hours about 25 hard hitting lessons from Cybersecurity! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-802
In the Security News: Windows 11 tries to fix legacy authentication, Rapid resets and the world's largest DDoS attack, we finally get to see the cURL vulnerability, and its pretty ugly, turns out Android TV boxes with pre-installed malware are a hot topic, patch your Netscaler, root for everyone with emergency responder software, learn THIS hacking Tools First, long live Wayland, how to actually hack a WiFi device with a Flipper Zero, scanning open source packages, GNOME bugs and a bonus, security is a great idea until there is a bypass in apparmor,a tool that everyone should have in their kit, and we could talk for hours about 25 hard hitting lessons from Cybersecurity! All that and more on this episode of Paul's Security Weekly! Show Notes: https://securityweekly.com/psw-802
This week Dr. Doug rants: Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-322
Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News. Show Notes: https://securityweekly.com/swn-322
This week Dr. Doug rants: Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-322
In today's podcast we cover four crucial cyber and technology topics, including: 1. Data theft at Mom's Meals impacts over million individuals 2. FBI says disconnect your Barracuda ESG appliance amidst attacks 3. Citrix under attack from financially motivated criminals 4. Japan CERT says attackers using novel tactic to deliver Word files I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News. Show Notes: https://securityweekly.com/swn-322
China accuses the US of installing backdoors in a Wuhan lab. NetScaler backdoors are found. A Phishing scam targets executives. LinkedIn sees a surge in account hijacking. Raccoon Stealer gets an update. Cryptocurrency recovery scams. We kick off our new Learning Layer segment with N2K's Sam Meisenberg. And a Moscow court fines Reddit and Wikipedia, for unwelcome content about Russia's war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/156 Selected reading. Ministry warns of data security risks after US agencies identified behind cyberattack on Wuhan Earthquake Monitoring Center (Global Times) China accuses U.S. intelligence agencies as source behind Wuhan cybersecurity attack (ZDNET) China teases imminent exposé of seismic US spying scheme (Register) 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability (SecurityWeek) Cloud Account Takeover Campaign Leveraging EvilProxy Targets Top-Level Executives at over 100 Global Organizations (Proofpoint) LinkedIn Accounts Under Attack (Cyberint) LinkedIn faces surge of account hijacking (Computing) LinkedIn accounts hacked in widespread hijacking campaign (BleepingComputer) Raccoon Stealer malware returns with new stealthier version (BleepingComputer) FBI warns of increasing cryptocurrency recovery scams (BleepingComputer) Russia slaps Reddit, Wikipedia with fines (Cybernews)
This week, Oscar and Brad sit down to discuss Adobe ColdFusion & Citrix NetScaler Vulnerabilities.Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com
Was your A+ SSL security scan made possible with NetScaler legacy SSL profiles or basic SSL parameters? Time to look at moving those to Enhanced SSL Profiles...and we'll discuss how to get there easily and save you a lot of time. Thanks to my cohosts, Justin Weldon and Isrrael Quintero, and to our new team member Jeffrey Olsen...and shoutout to our NetScaler guests; John Clayman, Karthick Srivatsan, Subhojit Goswami, Satyam Mehrotra for making the conversation possible.
NetScaler new logo...new licensing options...and review of what you might be missing out on. Join us for a great discussion around NetScaler features, options in your pooled capacity, road mappings, and review of what you may already know, or not know about NetScaler.Thanks to Justin Weldon and John Clayman for always making a great session with us.
NetScaler is, and always will be, the optimum choice in enterprise grade load balancing. Join us on our revamped NetScaler series for a chat around the JARH algorithm and why it's superior to CARP. It you like lower costs in the clouds and greater efficiency, this session will impress you.Blog Topic: https://www.citrix.com/blogs/2022/01/24/innovations-in-load-balancing-better-performance-lower-costs/ Thanks a lot to XenTegra's Justin Weldon and Isrrael Quintero, as well as our special guest John Clayman as we get this series kicked into high gear!
Summary The promise of streaming data is that it allows you to react to new information as it happens, rather than introducing latency by batching records together. The peril is that building a robust and scalable streaming architecture is always more complicated and error-prone than you think it's going to be. After experiencing this unfortunate reality for themselves, Abhishek Chauhan and Ashish Kumar founded Grainite so that you don't have to suffer the same pain. In this episode they explain why streaming architectures are so challenging, how they have designed Grainite to be robust and scalable, and how you can start using it today to build your streaming data applications without all of the operational headache. Announcements Hello and welcome to the Data Engineering Podcast, the show about modern data management Businesses that adapt well to change grow 3 times faster than the industry average. As your business adapts, so should your data. RudderStack Transformations lets you customize your event data in real-time with your own JavaScript or Python code. Join The RudderStack Transformation Challenge today for a chance to win a $1,000 cash prize just by submitting a Transformation to the open-source RudderStack Transformation library. Visit dataengineeringpodcast.com/rudderstack (https://www.dataengineeringpodcast.com/rudderstack) today to learn more Hey there podcast listener, are you tired of dealing with the headache that is the 'Modern Data Stack'? We feel your pain. It's supposed to make building smarter, faster, and more flexible data infrastructures a breeze. It ends up being anything but that. Setting it up, integrating it, maintaining it—it's all kind of a nightmare. And let's not even get started on all the extra tools you have to buy to get it to do its thing. But don't worry, there is a better way. TimeXtender takes a holistic approach to data integration that focuses on agility rather than fragmentation. By bringing all the layers of the data stack together, TimeXtender helps you build data solutions up to 10 times faster and saves you 70-80% on costs. If you're fed up with the 'Modern Data Stack', give TimeXtender a try. Head over to dataengineeringpodcast.com/timextender (https://www.dataengineeringpodcast.com/timextender) where you can do two things: watch us build a data estate in 15 minutes and start for free today. Join in with the event for the global data community, Data Council Austin. From March 28-30th 2023, they'll play host to hundreds of attendees, 100 top speakers, and dozens of startups that are advancing data science, engineering and AI. Data Council attendees are amazing founders, data scientists, lead engineers, CTOs, heads of data, investors and community organizers who are all working together to build the future of data. As a listener to the Data Engineering Podcast you can get a special discount of 20% off your ticket by using the promo code dataengpod20. Don't miss out on their only event this year! Visit: dataengineeringpodcast.com/data-council (https://www.dataengineeringpodcast.com/data-council) today Your host is Tobias Macey and today I'm interviewing Ashish Kumar and Abhishek Chauhan about Grainite, a platform designed to give you a single place to build streaming data applications Interview Introduction How did you get involved in the area of data management? Can you describe what Grainite is and the story behind it? What are the personas that you are focused on addressing with Grainite? What are some of the most complex aspects of building streaming data applications in the absence of something like Grainite? How does Grainite work to reduce that complexity? What are some of the commonalities that you see in the teams/organizations that find their way to Grainite? What are some of the higher-order projects that teams are able to build when they are using Grainite as a starting point vs. where they would be spending effort on a fully managed streaming architecture? Can you describe how Grainite is architected? How have the design and goals of the platform changed/evolved since you first started working on it? What does your internal build vs. buy process look like for identifying where to spend your engineering resources? What is the process for getting Grainite set up and integrated into an organizations technical environment? What is your process for determining which elements of the platform to expose as end-user features and customization options vs. keeping internal to the operational aspects of the product? Once Grainite is running, can you describe the day 0 workflow of building an application or data flow? What are the day 2 - N capabilities that Grainite offers for ongoing maintenance/operation/evolution of those applications? What are the most interesting, innovative, or unexpected ways that you have seen Grainite used? What are the most interesting, unexpected, or challenging lessons that you have learned while working on Grainite? When is Grainite the wrong choice? What do you have planned for the future of Grainite? Contact Info Ashish LinkedIn (https://www.linkedin.com/in/ashishkumarprofile/) Abhishek LinkedIn (https://www.linkedin.com/in/abhishekchauhan/) Parting Question From your perspective, what is the biggest gap in the tooling or technology for data management today? Closing Announcements Thank you for listening! Don't forget to check out our other shows. Podcast.__init__ (https://www.pythonpodcast.com) covers the Python language, its community, and the innovative ways it is being used. The Machine Learning Podcast (https://www.themachinelearningpodcast.com) helps you go from idea to production with machine learning. Visit the site (https://www.dataengineeringpodcast.com) to subscribe to the show, sign up for the mailing list, and read the show notes. If you've learned something or tried out a project from the show then tell us about it! Email hosts@dataengineeringpodcast.com (mailto:hosts@dataengineeringpodcast.com)) with your story. To help other people find the show please leave a review on Apple Podcasts (https://podcasts.apple.com/us/podcast/data-engineering-podcast/id1193040557) and tell your friends and co-workers Links Grainite (https://www.grainite.com/) Blog about the challenges of streaming architectures (https://www.grainite.com/blog/there-was-an-old-lady-who-swallowed-a-fly) Getting Started Docs (https://gitbook.grainite.com/developers/getting-started) BigTable (https://research.google/pubs/pub27898/) Spanner (https://research.google/pubs/pub39966/) Firestore (https://cloud.google.com/firestore) OpenCensus (https://opencensus.io/) Citrix (https://www.citrix.com/) NetScaler (https://www.citrix.com/blogs/2022/10/03/netscaler-is-back/) J2EE (https://www.oracle.com/java/technologies/appmodel.html) RocksDB (https://rocksdb.org/) Pulsar (https://pulsar.apache.org/) SQL Server (https://en.wikipedia.org/wiki/Microsoft_SQL_Server) MySQL (https://www.mysql.com/) RAFT Protocol (https://raft.github.io/) The intro and outro music is from The Hug (http://freemusicarchive.org/music/The_Freak_Fandango_Orchestra/Love_death_and_a_drunken_monkey/04_-_The_Hug) by The Freak Fandango Orchestra (http://freemusicarchive.org/music/The_Freak_Fandango_Orchestra/) / CC BY-SA (http://creativecommons.org/licenses/by-sa/3.0/)
The NetScaler name is back, the features are fresh, and the options are limitless. Join us for a chat on:NetScaler name change/business unit change etc.Adaptive Auth (really cool now in SPA)Application Delivery and Security ServiceWeb App and API ServiceAdvantages of the same VPX code on premises, and in all the clouds.Big thanks to Richard Faulkner (Citrix - Technical Marketing Architect) for joining and sharing the knowledge!
Welcome to this episode of the EUCdigest ThrowDown. In the ThrowDown we'll discuss and debate on the news of the past month in the EUC space:Citrix goes private, merges with TIBCO, brings back NetScaler and more!Dutch Citrix User Group celebrates 10 yearsVMware shows innovations around Autonomous Workspaces, Zero Trust, Employee Experience and moreCorel changes names to Alludo and changes strategy to a more cohesive identityOVH opens less flammable datacentersMicrosoft changes update cadence to yearly updates for Windows 11, adds virtual core licensing, and moreWipro fires 300 employees who were found moonlighting for competitorsWorkers going in to office 1.5 days a week, survey suggestsWorkspace expands service that surfaces employee skillsNew liability rules on products and AI to protect consumers and foster innovation HostIngmar Verheij - https://www.linkedin.com/in/ingmarverheij/Co-hostsJits Langedijk - https://www.linkedin.com/in/jitslangedijk/Johan van Amersfoort - https://www.linkedin.com/in/hojan/Kees Baggerman - https://www.linkedin.com/in/keesbaggerman/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Ransomware written in JavaScript using Node.js https://isc.sans.edu/forums/diary/Ransomware+in+Nodejs/25664/ Landry Restaurant PoS Breach https://www.landrysinc.com/CreditNotice/CANotice.asp Holiday Hack Challenge https://www.holidayhackchallenge.com Citrix/NetScaler Vulnerability Special Webcast Recording https://i5c.us/citrix