Published: 2020-10-20MITRE CVE-2020-3992 “A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.” The workaround is to stop and disable the SLP service. CVSS Base Score is 9.8 Basefarm and VMware […]
In this post there is specific focus on an infamous threat that resurfaced during the summer. Following several news articles in Nordic media of phishing attacks towards public services in late august and, in addition, sources that indicate that the Emotet trojan resurfaced in mid-july, several sources online are now indicating a massive campaigning not […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT) Currently the biggest exposure to threats in the cyber domain is presented via mail. Phishing attacks tricks out the credentials for legitimate users and then gain access to the mail account, and some actors […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT) A new CyberCrime group nicknamed RedCurl has been discovered after over two years of operation, attacking at least 14 organizations in over 26 attacks. They are known to attack companies in at least six […]
Published: 2020-07-29MITRE CVE-2020-10713 GRUB 2 is a “boot loader”, it precedes the actual operating system and allows for multiple options in what operating system to load and with what parameters given. An attacker with administrative privileges on a system, or physical access, can use this vulnerability to bypass the check of cryptographic signatures and run […]
This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT) This week we get a unique insight into a threat actors inner working as IBM’s X-Force IRIS security team uncover a 40GB cache of data belonging to a threat actor called “ITG18” (overlaps with […]
Published: 2020-07-01MITRE CVE-2020-5902 “The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.” “This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the BIG-IP management port and/or Self IPs, to execute arbitrary system commands, create […]
Published: 2020-06-25MITRE CVE-2020-11996 “A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.” CVSS Base score: 7.5 (or 5.9 if Attack Complexity turns out to be High)CVSS Temporal Score: 6.5 as of […]
Image by Karl Egger from Pixabay
Photo by John-Mark Smith from Pexels
Water Droplets on Spider Web - CC0 by Pixabay
Image by Martin Pecar from Pixabay
Photo by Noelle Otto from Pexels
Photo by Tim Mossholder on Unsplash
Image by David Mark from Pixabay