Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


What version of Baan have you installed
Baan IV
10.2 (incl. 10.2.1)
Total votes: 13

Baanboard at LinkedIn

Reference Content


Phish or scam? - Part 1, (Sun, Dec 17th)

SANS Internet Storm Center - December 17, 2017 - 9:35am
Reader Carlos Almeida submitted an email with a .docx attachment.
Categories: Security

Microsoft Office VBA Macro Obfuscation via Metadata, (Sat, Dec 16th)

SANS Internet Storm Center - December 16, 2017 - 8:44am
Often, malicious macros make use of the same functions to infect the victim's computer. If a macro contains these strings, it can be flagged as malicious or, at least, considered as suspicious. Some examples of suspicious functions are:
Categories: Security

Detection Lab: Visibility & Introspection for Defenders, (Thu, Dec 14th)

SANS Internet Storm Center - December 15, 2017 - 6:00am
     Me when I discovered @Centurion's Detection Lab.
Categories: Security

Security Planner: Improve your online safety, (Thu, Dec 14th)

SANS Internet Storm Center - December 14, 2017 - 6:01am
Just in time for holiday visits with your familes and friends, soon you will face the inevitable questions, particularly if you're a security practitioner of any sort. "There are always questions about whether the devices and services we use respect our privacy, and if they adequately safeguard our information. Has a good balance been struck? Many of us are not sure. It is easy to feel overwhelmed by the challenge of how to be safer online." Search for "how to be safe online" and you'll receive inconsistent results to be certain. Who hasn't had Mom or Dad, or your friends for that matter, ask your help to be more secure? To help rectify such situations, the Citizen Lab just released Security Planner.
Categories: Security

Tracking Newly Registered Domains, (Wed, Dec 13th)

SANS Internet Storm Center - December 13, 2017 - 8:16am
Here is the next step in my series of diaries related to domain names. After tracking suspicious domains with a dashboard[1] and proactively searching for malicious domains[2], let’s focus on newly registered domains. They are a huge number of domain registrations performed every day (on average a few thousand per day all TLD’s combined). Why focus on new domains? With the multiple DGA (“Domain Generation Algorithms”) used by malware families, it is useful to track newly created domains and correlate them with your local resolvers’ logs. You could detect some emerging threats or suspicious activities.
Categories: Security

December Microsoft Patch Tuesday Summary, (Tue, Dec 12th)

SANS Internet Storm Center - December 13, 2017 - 12:52am
Microsoft today patched 36 different vulnerabilities (+ Flash). Luckily, none of the vulnerabilities have been exploited in the wild of have been disclosed prior to today. The list includes the malware protection engine update that was released on Friday. Probably the most interesting vulnerability is the remote code execution in Windows RRAS. (%%cve:2017-11885%%). According to Microsoft, this vulnerability can be exploited via RPC on servers that have routing enabled. (RRAS is the Routing and Remote Access Service). I am a bit confused why Microsoft rates this one only as "important". Maybe because RRAS is not enabled by default.
Categories: Security

Sometimes it's a dud, (Sat, Dec 9th)

SANS Internet Storm Center - December 9, 2017 - 11:11pm
A reader submitted a malicious RTF file, experiencing difficulty to find the malicious code.
Categories: Security

Using Our API To Adjust iptables Rules, (Fri, Dec 8th)

SANS Internet Storm Center - December 8, 2017 - 9:14pm
We are offering a simple (IMHO) API to allow you to script various queries against our databases. One dataset we offer is a list of IP addresses that are scanning the internet for exposed services. The most prominent of these services is likely Shodan. To avoid having any devices from your organization show up in Shodan, you may want to block all scans from known Shodan hosts. We do create a list of these IP addresses and update it daily. The respective API query to retrieve the list is:
Categories: Security

Apple Updates Everything. Again. , (Wed, Dec 6th)

SANS Internet Storm Center - December 7, 2017 - 12:06am
After a rushed release of iOS 11.2 over the weekend to fix a "December 2nd Crash" bug, and last weeks special update to fix the passwordless root authentication bypass in macOS, Apple today released its official set of security updates. With this, we also received details about the security issues patched in iOS this weekend. Apple's different operating systems share a lot of code with each other, and as a result, they also share some vulnerabilities. I am trying to organize the details in a table below (starting with macOS. Others will be added soon)
Categories: Security

PSA: Do not Trust Reverse DNS (and why does an address resolve to "localhost")., (Wed, Dec 6th)

SANS Internet Storm Center - December 6, 2017 - 5:41pm
Odd reverse DNS entries keep coming up from time to time. So I think we are due for a quick public service announcement about reverse DNS.
Categories: Security

All times are GMT +2. The time now is 15:11.

©2001-2017 - -