Entries by Basefarm

CVE-2020-16891 | Windows Hyper-V Remote Code Execution Vulnerability

Published: 2020-10-13MITRE CVE-2020-16891 “A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system.” This is especially bad for “hotel” environment with multiple different tenants that should not be able to influence each other, but it is also bad […]

CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability

Published: 2020-10-13MITRE CVE-2020-16898 “A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets.” This vulnerability affects Windows 10, Server 2019 and Server Core versions (see full Security Advisory for proper details). It can be mitigated by disabling a network feature or blocking ICMPv6 Router Advertisement packets. Basefarm and […]

“Known assailant” back with a vengeance

In this post there is specific focus on an infamous threat that resurfaced during the summer. Following several news articles in Nordic media of phishing attacks towards public services in late august and, in addition, sources that indicate that the Emotet trojan resurfaced in mid-july, several sources online are now indicating a massive campaigning not […]

Check your Exchange for ongoing leaks

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT) Currently the biggest exposure to threats in the cyber domain is presented via mail. Phishing attacks tricks out the credentials for legitimate users and then gain access to the mail account, and some actors […]

RedCurl cybercrime group discovered

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT) A new CyberCrime group nicknamed RedCurl has been discovered after over two years of operation, attacking at least 14 organizations in over 26 attacks. They are known to attack companies in at least six […]