Published by Microsoft: 02/11/2020 MITRE CVE-2020-0618 “A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.” There exists a proof of concept and write-up. Basefarm considers this a […]
“Researchers detail the process of finding two flaws in the Azure Stack architecture and Azure App Service, both of which have been patched.” “Check Point Research analysts who discovered two vulnerabilities in the Microsoft Azure cloud infrastructure have published the details of how these flaws were found and how attackers could potentially use them.” Read […]
On December 17, Citrix disclosed a vulnerability in their ADC, Gateway and SD-WAN product lines. Some patches were delivered around January 10, but these patches were not that efficient. A proper patch was not released before January 19 to January 24, depending on the appliance and release train. Unfortunately, the nature of the vulnerability makes […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). The year 2020 started of by throwing out a bunch of new vulnerabilities that needed fixing. First it was the Citrix vulnerability in Application Delivery Controller and Gateway products, formerly known as netscaler. The […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Florida has been become a target for two serious ransomware attacks. The city of Pensacola reported a cyber incident that reportedly started Saturday morning. The city disconnected much of the city’s network, and affected […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Today I want to take a look at data leaks and breaches as the last week has had quite a few of those. Unicef Norway had a database exposed to the internet (Paywall) without […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). This week we have seen multiple cases of one of the harder issues in security, the insider threat. Two former employees of twitter have been charged with spying on Twitter users for Saudi Arabia, […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Pen Test Partners has a great blog-post about one of their recent adventures. This is a little bit out of the normal scenario for many, but this is regarding a finding they did on […]
In 2015, Deutsche Bahn (DB) launched an extensive project to improve the quality of passenger information, that would benefit all rail customers travelling in Germany.
Destination Gotland is a wholly owned subsidiary of Rederi AB Gotland. On behalf of the Swedish government, they operate the ferry services between Visby, Nynäshamn and Oskarshamn. THE CHALLENGES: RELIABLE EXPERTISE THAT WOULD NEVER FAIL During peak season, it is absolutely crucial that their booking systems work. The ferry service affects the entire island of […]