ITOps Times news digest: Amazon FXs for Lustre beta, Citrix vulnerability discovered, and Falco security audit results

Amazon has announced a beta release of Amazon FSx for Lustre CSI driver on Amazon EKS.

Amazon FSx for Lustre is a fully-managed and optimized file system for workloads like machine learning, high performance computing, video processing, financial modeling, electronic design automation, and analytics.

According to Amazon, this driver will make it easier to configure and use FSx for Lustre systems on EKS and self-managed Kubernetes clusters on AWS.

Vulnerability discovered in Citrix Application Delivery Controller and Citrix Gateway
Positive Technologies recently revealed that it discovered a critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway. The vulnerability, if exploited, enables attackers to gain direct access to a company’s local network. According to Positive Technologies, at least 80,000 companies in 158 could be at risk.

“Citrix applications are widely used in corporate networks,” said Dmitry Serebryannikov, Director of Security Audit Department at Positive Technologies. “This includes their use for providing terminal access of employees to internal company applications from any device via the Internet. Considering the high risk brought by the discovered vulnerability, and how widespread Citrix software is in the business community, we recommend information security professionals take immediate steps to mitigate the threat. On a separate note, we want to point out that the vendor responded very promptly, by creating and releasing a set of risk mitigation measures within just a couple of weeks after the vulnerability was discovered. From our experience, we know that in many cases it can take months.”

Citrix has detailed a mitigation for the vulnerability in advance of a patched version of the firmware. As soon as a new version is available, Citrix recommends that customers upgrade vulnerable appliances as soon as possible.

CNCF releases results of Falco security audit
The CNCF has released the results of its security audit for the Falco project. As part of their audit, they discovered three potential vulnerabilities, one of which were critical and two which were high.

The vulnerabilities discovered include an error where undetected crashes disable Falco monitoring, the ability to bypass various rules, and an error where an HTTP request with incorrect data can lead to crashes.