Home

Virus Removal

Our industrial strength scanners are the most advanced available
We take the time to manually check 31 critical areas
We check that all your hardware is functioning correctly
Operating system corruption can cause performance issues
When we are done your device will be SAFE, SECURE and OPTIMIZED.

Sales

Compumaster offers "Off Lease" equipment at a fraction of the new cost.
Laptops and Desktops are always available.
They start at $299 and go up.
Call or pop in for a casual chat about your needs.

2 days ago
Ron at COMPU-MASTER is highly recommended. He readily helps others navigate through the complex field of computers making it look easy. As well he manages to maintain a steady flow of helpfulness as his phone rings continually and there is a steady flow of people through his front door, all the while answering customers questions. In essence Ron provides a community service of which many are appreciative. Thanks greatly Ron. Jennifer K.

Cait Banks

1 review

3 months ago

Ron is literally the best. Take your computer there, you can trust him with anything. Saved me in so many computer jams. Amazing customer service and will take his time explaining things to you even if you ask 500 questions. THE BEST. - Cait

Threats/Scams

Fortinet security advisory (AV25-406) - Update 2
Serial number:AV25-406
Date: July 8, 2025

Updated: July 18, 2025

On July 8, 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

FortiAnalyzer – multiple versions

FortiAnalyzer Cloud – multiple versions

FortiIsolator – multiple versions

FortiManager – multiple versions

FortiManager Cloud – multiple versions

FortiOS 7.6 – versions 7.6.0 to 7.6.1

FortiOS 7.4 – versions 7.4.0 to 7.4.7

FortiOS 7.2 – versions 7.2.0 to 7.2.11

FortiOS 7.0 – versions 7.0.1 to 7.0.16

FortiProxy 7.6 – versions 7.6.0 to 7.6.1

FortiProxy 7.4 – versions 7.4.0 to 7.4.8

FortiProxy 7.2 – versions 7.2.0 to 7.2.13

FortiProxy 7.0 – versions 7.0.0 to 7.0.20

FortiSandbox – multiple versions

FortiVoice 6.4 – versions 6.4.0 to 6.4.10

FortiVoice 7.0 – versions 7.0.0 to 7.0.6

FortiVoice 7.2 – versions 7.2.0

FortiWeb – multiple versions

Update 2

On July 18, 2025, CISA added CVE-2025-25257 to their Known Exploited Vulnerabilities (KEV) Catalog.

On July 18, 2025, Fortinet updated their advisory to indicate that this vulnerability has been exploited.

Known Exploited Vulnerabilities Catalog

Fortinet PSIRT Advisories

Update 1

CVE-2025-25257: Unauthenticated SQL injection in GUI affecting:

FortiWeb 7.6 – versions 7.6.0 to 7.6.3

FortiWeb 7.4 – versions 7.4.0 to 7.4.7

FortiWeb 7.2 – versions 7.2.0 to 7.2.10

FortiWeb 7.0 – versions 7.0.0 to 7.0.10

Fortinet PSIRT – FG-IR-25-151

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Fortinet PSIRT Advisories
Nodejs security advisory (AV25-431)
Serial number:AV25-431
Date:July 18, 2025

On July 15, 2025, Nodejs published security advisories to address vulnerabilities in the following products:

Node.js 20 – versions prior to v20.19.4

Node.js 22 – versions prior to v22.17.1

Node.js 24 – versions prior to v24.4.1

Open-source reporting has indicated that proof-of-concept exploit code is available for the vulnerability CVE-2025-27210.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Nodejs - Tuesday, July 15, 2025 Security Releases
Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 – Update 2
Number: AL25-008
Date: June 26, 2025
Updated: July 17, 2025

Audience

This Alert is intended for IT professionals and managers of notified organizations.

Purpose

An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.

Details

On June 17 and 25, 2025, Citrix published security advisories for critical vulnerabilities, CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543, affecting the following products^Footnote1^Footnote2:

NetScaler ADC 12.1-FIPS – versions prior to 12.1-55.328-FIPS

NetScaler ADC and NetScaler Gateway 14.1 – versions prior to 14.1-47.46

NetScaler ADC and NetScaler Gateway 13.1 – versions prior to 13.1-59.19

NetScaler ADC 13.1-FIPS and NDcPP – versions prior to 13.1-37.236-FIPS and NDcPP

NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 are now End-Of-Life (EOL) and are no longer supported.

For CVE-2025-5777 and CVE-2025-6543: NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server for these vulnerabilities to be exploited.

For CVE-2025-5349: An improper access control configured on NetScaler management interface would lead to an access to NSIP, to Cluster Management IP and to local GSLB Site IP.

Citrix reports that exploitation of CVE-2025-6543 against unmitigated appliances has been observed. In response to these vulnerabilities, the Cyber Centre released AV25-350 on June 17^Footnote3 and AV25-374 on June 25, 2025^Footnote4.

The Cyber Centre is aware of online interest and speculation about these vulnerabilities and is publishing this Alert out of an abundance of caution.

Update 1

The Cyber Centre has observed scanning by threat actors for CVE-2025-5777 and has received reports that it is being actively exploited ^Footnote6. Organizations should be aware that patching does not necessarily remove access to their system from threat actors who compromised the device while it was still vulnerable. The Cyber Centre recommends organizations complete a threat hunting exercise using the potential indicators of compromise below regardless of whether you have patched for the mentioned vulnerabilities or not.

Potential Indicators of Compromise

The following indicators of compromise (IoCs) have been shared by the cyber security research community as a starting point for compromise detection.

Depending on logging configurations, log entries with non-printable characters are a pretty good indicator that something is amiss ^Footnote7.

The Citrix advisory recommends terminating existing ICA and PCoIP sessions, which leads us to believe that endpoints related to those features are being targeted. Entries for those logs may similarly contain contents of leaked memory, which may or may not include session tokens ^Footnote7.

Auditing active sessions is also recommended. As an example, a single session being used from multiple client IP addresses could be an indicator that the session may have been compromised ^Footnote7.
Active sessions for NetScaler Gateway can be found in the WebUI via “NetScaler Gateway -> Active User Sessions -> Select applicable context -> Continue”

Session information can also be viewed on the command line by running commands such as “show sessions” or “show <service> session”

In Netscaler logs, look for:
Repeated POST requests to *doAuthentication* which will each yield 126 bytes of RAM.

Requests to doAuthentication.do with “Content-Length: 5”.

Lines with *LOGOFF* and user = “*#*” (i.e. # symbol in the username)

Monitor entries for endpoint logs for contents of leaked memory, which may or may not include session tokens.

Monitor for the creation of new user accounts, dumping or modifying configuration files, and the installation of Remote Access Tools (RATs)

Suggested actions

The Cyber Centre strongly recommends that organizations using Citrix NetScaler ADC and NetScaler Gateway appliances review the Citrix security bulletins^Footnote1^Footnote2 and update or upgrade the affected systems to the following versions:

NetScaler ADC and NetScaler Gateway 14.1-47.46 and later.

NetScaler ADC and NetScaler Gateway 13.1-59.19 and later releases of 13.1.

NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.236 and later releases of 13.1-FIPS and 13.1-NDcPP.

Update 2

The Cyber Centre recommends:

That administrators review logs going back to the beginning of June 2025.

As a precaution, all users who logged into Citrix Netscaler since the beginning of the month of June should reset their credentials and that all active user sessions should be invalidated.

An IOC shell script is being provided by Citrix Support Services and can be run to help determine if organizations are potentially compromised. Please request the IOC Shell Script from Citrix Support line by opening a Severity 2 ticket through your Citrix support portal.

That administrators should follow recommended next steps as highlighted in the referenced DoublePulsar article^Footnote9.

Update 1

Citrix has provided the steps to take if NetScaler ADC is suspected to be compromised ^Footnote8, which includes:

Preserve evidence.

If possible, avoid switching off the machine in order to preserve the traces needed for investigations.

Completely isolate the machine concerned from the network, both from the Internet and from the internal network, in order to limit the risk of further unauthorized access and lateral movement.

Revoke credentials and access.

Examine all servers and systems to which the NetScaler ADC has connected for signs of compromise.

Rebuild and restore.

Rotate restored secrets.

Harden the device.

In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions^Footnote5.

If activity matching the content of this alert is discovered, recipients are encouraged to report via the My Cyber Portal, or email contact@cyber.gc.ca.

References

Footnote 1

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-5349 and CVE-2025-5777

Return to footnote1 referrer

Footnote 2

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543

Return to footnote2 referrer

Footnote 3

AV25-350 – Citrix security advisory

Return to footnote3 referrer

Footnote 4

AV25-374 – Citrix security advisory

Return to footnote4 referrer

Footnote 5

Top 10 IT security actions to protect internet connected networks and information (ITSM.10.089)

Return to footnote5 referrer

Footnote 6

Bulletin d'alerte du CERT-FR - Objet: Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway (only in French)

Return to footnote6 referrer

Footnote 7

CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe?

Return to footnote7 referrer

Footnote 8

Citrix – Steps to Take if NetScaler ADC is Suspected to be Compromised

Return to footnote8 referrer

Footnote 9

CitrixBleed 2 situation update — everybody already got owned

Return to footnote9 referrer
Microsoft Edge security advisory (AV25-430)
Serial number:AV25-430
Date:July 17, 2025

On July 16, 2025, Microsoft published a security update to address a vulnerability in the following product:

Microsoft Edge Stable Channel – versions prior to 138.0.3351.95

Google is aware that an exploit for CVE-2025-6558 exists in the wild.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Microsoft Edge Stable Channel Release Notes
HPE security advisory (AV25-429)
Serial number:AV25-429
Date:July 17, 2025

On July 16, 2025, HPE published security advisories to address vulnerabilities in the following products:

HPE Telco Service Orchestrator – versions prior to v4.2.4

HPE AutoPass License Server – versions prior to 9.18

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

HPESBNW04900 rev.1 - HPE Telco Service Orchestrator Software, Remote Denial of Service (DoS)

HPESBGN04877 rev.1 - HPE AutoPass License Server (APLS), Multiple Vulnerabilities

HPE Security Bulletin Library
Cisco security advisory (AV25-428)
Serial number:AV25-428
Date:July 16, 2025

On July 16, 2025, Cisco published security advisories to address vulnerabilities in the following products:

Cisco Unified Intelligence Center – versions 12.5, 12.6 and 15

Cisco Unified CCX – versions prior to 12.5(1)SU3

Cisco Identity Services Engine (ISE) – versions prior to 3.2, versions 3.3 and 3.4

Cisco ISE Passive Identity Connector (ISE-PIC) – versions prior to 3.2, versions 3.3 and 3.4

Cisco Evolved Programmable Network Manager (EPNM) – versions prior to 7.1, versions 8.0 and 8.1

Cisco Prime Infrastructure – versions prior to 3.9 and version 3.10

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates if available.

Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability

Cisco Identity Services Engine Authenticated Remote Code Execution and Authorization Bypass Vulnerabilities

Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability

Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability

Cisco Security Advisories

Virus Removal

Sales

Testimonials

Threats/Scams

Update 2

Update 1

Audience

Purpose

Details

Update 1

Potential Indicators of Compromise

Suggested actions

Update 2

Update 1

References