Rewterz Threat Alert – Invoice Themed Phishing Emails

July 22, 2020

Rewterz Threat Alert – Tellyouthepass Ransomware worm

July 22, 2020

Rewterz Threat Advisory – CVE-2020-8207 – Citrix Workspace app for Windows Security Update

July 22, 2020

Severity

High

Analysis Summary

A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in:

A remote compromise of the computer running Citrix Workspace app when Windows file sharing (SMB) is enabled.
A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows.

A remote compromise is only possible when the user has enabled Windows file sharing (SMB) and only when the updater service is running. If authentication is required for SMB then an attacker must be able to authenticate before they could exploit this issue.

Impact

Arbitrary command execution

Affected Vendors

Citrix

Affected Products

Citrix Workspace app for Windows 1912 LTSR
Citrix Workspace app for Windows 2002

Remediation

Update to latest version.

https://www.citrix.com/downloads/workspace-app/windows/

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

APT34 Abuses Port 8080 for Fake 404 Pages and Reuse SSH Keys – Active IOCs

Lazarus APT Executes Multi-Stage Attack via Operation SyncHole – Active IOCs

SuperCard X Malware Exploiting NFC for Financial Fraud – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Invoice Themed Phishing Emails

Rewterz Threat Alert – Tellyouthepass Ransomware worm

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.