Articles In Uncategorized

By Ken Phelan, Posted in Uncategorized

As I get older I find myself using the phrase “Remember When?” more and more often. Remember when candy bars cost a nickel? Remember when kids would just go out and play after school? Remember when you could get hired by a company, work your whole life there, and retire with a pension? As the cyber-attacks mount, I think we’re seeing the emergence of a new “remember when”. Remember when we used to go on the Internet and download code from vaguely anonymous servers that we would run on our per... read more.

• December 09, 2014

By Brian Wagner, Posted in Uncategorized

VMware recently released updates to both ESX 5.1 and 5.5 that cause the NetScaler VPX to lose networking. ESX 5.1 EP5 and ESX 5.5 Update 2 both cause the issue. The issue is described from Citrix as: NetScaler VPX network connectivity issue on VMware ESXi 5.1.0 2191751 and VMware ESXi 5.5 Build 2143827 is caused by tx_ring_length mismatch, which causes TX stalls. There is a fix, which involves running a command from the console of the VPX: echo hw.em.txd=512 > /flash/boot/loader.con... read more.

• November 24, 2014

By Brian Wagner, Posted in Uncategorized

Today, Citrix XenApp 7.6 was released (and XenDesktop 7.6). It addresses some features that have been "missing" from XenApp since the 7.x platform was released. If this release is all it's cracked up to be, I think you'll see most XenApp customers on 6.x (or those still on 4.5, you know who you are) will be looking to upgrade to 7.6 sooner than later. So, what exactly is in 7.6 that changes this thinking? Connection Leasing - Remember the local host cache? Well most of my clients do, and have noted it... read more.

• September 30, 2014

By Ken Phelan, Posted in Uncategorized

I was at a Gartner conference a couple of weeks ago where the speaker said something to the effect of: The speed of business applications is going to continue to increase. Where it may have been normal to spend months creating an application that would have a lifespan of years, we now need to spend weeks creating applications that will have a lifespan of months. So far so good, I’m seeing this. As a byproduct of this speed requirement, the business is going to procure, write and deploy its own applicatio... read more.

• September 16, 2014

By Brian Wagner, Posted in Uncategorized

If you've been a Citrix customer for a long time, you have been through the many access iterations over the years: Program Neighborhood NFuse Web Interface StoreFront Starting with NFuse, we have been asked by our clients to customize the interface to integrate corporate branding. Each iteration of the web-based access solutions had the capability to customize the user interface. Each of course had its own method, development languages, and extent of customization capability. But once a user launch... read more.

• August 21, 2014

By Nancy Rand, Posted in Uncategorized

August 18, Threatpost – (International) New attack binds malware in parallel to software downloads. Researchers at Ruhr University developed a proof-of-concept attack that can inject malicious code into a legitimate download that runs parallel to the original and does not modify the code, taking advantage of security deficiencies present in some free and open source software. An attacker using the attack would need to control an intermediate network node between the client and the download server, such as c... read more.

• August 20, 2014

By Nancy Rand, Posted in Uncategorized

July 7, IDG News Service – (International) Attack on Dailymotion redirected visitors to exploits. Symantec researchers reported that beginning June 28 attackers injected malicious code into video-sharing Web site Dailymotion.com which redirected visitors to a malicious Web site hosting the Sweet Orange Exploit Kit. Computers compromised by the exploit kit were then infected with the Trojan.Adclicker artificial traffic generator malware. Source: http://www.networkworld.com/article/2451063/security/attack-on-... read more.

• July 08, 2014

By Nancy Rand, Posted in Uncategorized

June 9, Bloomberg News – (International) Cybercrime remains growth industry with $445 billion lost. A McAfee and Center for Strategic and International Studies (CSIS) report estimated that various forms of cybercrime globally caused losses of $445 billion a year to various industries, including financial institutions, energy companies, and retailers. The report pointed to stolen trade secrets and intellectual property as the largest source of losses to legitimate companies, as well as the potential for mark... read more.

• June 11, 2014

By Nancy Rand, Posted in Uncategorized

June 5, Threatpost – (International) New OpenSSL MitM flaw affects all clients, some server versions. A security researcher identified a remotely exploitable vulnerability in all versions of OpenSSL that could be used in a man-in-the-middle (MitM) attack to decrypt traffic between vulnerable clients and servers. The researcher reported that the vulnerability appears to have existed in OpenSSL’s code since 1998 Source: http://threatpost.com/new-openssl-mitm-flaw-affects-all-clients-some-server-versions Ju... read more.

• June 06, 2014

By Nancy Rand, Posted in Uncategorized

May 23, Threatpost – (International) Apple patches 22 Safari Webkit vulnerabilities. Apple released an update for its Safari browser May 22, patching 22 vulnerabilities in the Webkit browser engine that could be exploited in drive-by download attacks. Source May 22, IDG News Service – (International) Microsoft will patch IE zero day but doesn’t give timeline. Microsoft announced May 22 that it plans to patch a use-after-free vulnerability in Internet Explorer (IE) 8 disclosed by the HP Zero Day Initiativ... read more.

• May 27, 2014