cybersecurity

4598 readers

80 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

Now everybody but Citrix agrees that CitrixBleed 2 is under exploit (www.theregister.com)

submitted 1 day ago by cm0002@lemmy.world to c/cybersecurity

1 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] adespoton@lemmy.ca 1 points 1 day ago

I wish reporters wouldn’t conflate two timelines.

On June 26, Citrix had no verifiable evidence that it was being exploited.

On July 9, Gossi had evidence that it had been exploited as far back as June 23.

Now, Citrix isn’t innocent in all this; they’ve had 3 days to put out an update stating there’s now evidence it was abused as early as June 23.

But that second paragraph in no way damns the first: an executive at Citrix had as little evidence as everyone else of the abuse 3 days after it had begun. That does indicate that telemetry to flag this sort of thing was lacking though — and Citrix knew about the issue itself long before; that’s just when it was made public and immediately abused.