Entries by Hans-Petter Fjeld

CVE-2020-0618 | Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability

Published by Microsoft: 02/11/2020 MITRE CVE-2020-0618 “A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.” There exists a proof of concept and write-up. Basefarm considers this a […]

Cloud security is voodoo?

“Researchers detail the process of finding two flaws in the Azure Stack architecture and Azure App Service, both of which have been patched.” “Check Point Research analysts who discovered two vulnerabilities in the Microsoft Azure cloud infrastructure have published the details of how these flaws were found and how attackers could potentially use them.” Read […]

DNSpionage and how to mitigate DNS tunneling

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Cisco Talos has published details regarding an APT campaign using DNS redirection and a malware they call DNSpionage. The malware supports both regular HTTP and also DNS tunneling as a way of communicating back […]

Russia accused of Energy Sector Siege

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Advanced attackers, most likely from Russia, seem to be in the reconnaissance phase of a cyber war, according to a research report from threat hunting firm Vectra. The attackers are using stealthy tactics seemingly […]

Dynamic Content Attacks and How to Mitigate them

This blog post is a summary of this weeks Information Security News put together by our Security Incident Response Team (SIRT). “Most dynamic content attacks are launched against content delivery networks. The attacker uses networks of infected hosts or botnets to request non-cached content from the target. If enough of these requests are made, the […]

BF-SIRT Newsletter 2018-30

New Spectre attack enables secrets to be leaked over a network In a paper named “NetSpectre: Read Arbitrary Memory over Network” researchers from Graz University of Technology, including one of the original Meltdown discoverers, Daniel Gruss, have described NetSpectre: a fully remote attack based on Spectre. With NetSpectre, an attacker can remotely read the memory […]