Entries by Fredrik Svantes

High Risk Drupal Vulnerability

New vulnerabilities have been disclosed for Drupal versions lower than 6.28 and 7.19. It is strongly advised to update your installations if you have any, as there is (amongst other things) the possibility of being the victim of XSS-attacks if you do not update. More information: http://drupal.org/SA-CORE-2013-001

Ruby on Rails Vulnerability

On January 8th, Aaron Patterson announced CVE-2013-0156, multiple vulnerabilities in parameter parsing in Action Pack allowing attackers to: Bypass Authentication systems Inject Arbitrary SQL Perform a Denial of Service (DoS) Execute arbitrary code That means that anyone running Ruby on Rails is advised to update to the latest version, as not doing so could lead […]

High Risk Java Vulnerability

A new year has arrived, as has a new Java 0-day vulnerability. The vulnerability is present in all Java version up to version 7 update 10. There is currently no patch available for this, and it has already been integrated into the BlackHole exploit kit. As many of you know, Java runs on all platforms, […]

Mobile Security

As most of you are aware, the christmas holiday is quickly coming up! 🙂 This means that a lot of us will be traveling on trains, busses and flights to get to our families to maybe relax, drink glögg and eat sill. Bad people tend to take advantage of the extra amount of people traveling […]

Skype Vulnerability

Please note that there appears to be a security vulnerability in Skype allowing an attacker to gain access to Skype accounts: Here’s how it works: > Sign up for a new Skype account. Use the victim’s email. A warning will come up that an account with that email already exists, but you can still proceed […]

Zero-day Microsoft Internet Explorer

A new high risk zero Internet Explorer day exploit is currently being active in the wild. That means that anyone using Internet Explorer 7,8 or 9 to browse the internet has the potential of getting infected by simply visiting a webpage with the specific bad code in it. The code will then download an exploit […]

High Risk Java vulnerability

There is currently an extremely high risk Java vulnerability out in the wild that can potentially cause havoc for a lot of users and systems. All someone has to do is get you to visit a site with the bad code, which can then run an exploit kit on your system under the same user […]

High Risk Java Vulnerability

There is an extremely high risk exploit out that can potentially cause havoc for a lot of users/systems. All someone has to do is get you to visit a site with the bad code, which will then run an exploit kit under the same user as the Java process which means they’ll most likely be […]

Defcon 20

Wednesday This year, my colleague Jens and I were given the opportunity to visit Defcon 20 (https://www.defcon.org/html/defcon-20/dc-20-index.html) in Las Vegas. It was my first time visiting the US, so I was obviously very excited about it! We started off around noon on Wednesday, and after having a transfer at Heathrow, London, we arrived to Las […]

A day in the life of a Technical Account Manager

Basefarm is of course constantly on the look out for new talents to join our company, both technical and non-technical. I’m personally working as a Technical Account Manager (TAM) for Linux customers in Sweden, and thought some of you might find it interesting to read about what it is we do. First of all, let me […]