Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


Google search

For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 39

Baanboard at LinkedIn

Reference Content


Are you watching for brute force attacks on IPv6?, (Tue, Jan 9th)

SANS Internet Storm Center - January 16, 2018 - 6:13pm
For a number of years, I've had a personal blog that for the last 2 or 3 years has been pretty much dormant. A few years ago, I found a deal for a VPS instance for $5/month and decided to host my blog there using WordPress. One of the nice feature of this particular VPS setup is that it has good IPv6 connectivity, so I registered the IPv6 address in DNS. I use fail2ban to protect ssh against brute forcing, but I wanted to also protect my WordPress site, so I configured it to log all authentication attempts so that I could have fail2ban watch that log. For much of the last year, I've noticed something really odd. The vast majority of attempts against my WordPress site have come over IPv6. Here is a typical summary from the log (thank you logwatch, note, the IPs have NOT been changed to protect the guilty).
Categories: Security

Decrypting malicious PDFs with the key, (Mon, Jan 15th)

SANS Internet Storm Center - January 16, 2018 - 12:12am
Sometimes malicious documents are encrypted, like PDFs. If you know the user password, you can use a tool like QPDF to decrypt it. If it's encypted for DRM (with an owner password), QPDF can decrypt it without you knowing the owner password.
Categories: Security

Peeking into Excel files, (Sun, Jan 14th)

SANS Internet Storm Center - January 14, 2018 - 10:42pm
Since late 2014, malicious Office documents with macros appeared in the wild again. Malware authors don't always rely on VBA macros to execute their payload, exploits and feature abuse are part of their bag of tricks too.
Categories: Security

Flaw in Intel's Active Management Technology (AMT), (Sat, Jan 13th)

SANS Internet Storm Center - January 13, 2018 - 4:11am
It has been a rough week for Intel. Several media outlets are are reporting that researchers at F-Secure hav discovered a flaw in Intel's Active Management Technology (AMT) which is in most business laptops. AMT is the technology which is used by corporations to remotely manage their  deployed laptops.
Categories: Security

Those pesky registry keys required by critical security patches, (Fri, Jan 12th)

SANS Internet Storm Center - January 12, 2018 - 2:02pm
With the “storm” around Meldown and Spectre slowly winding down, I would like to remind everyone on registry changes that are required by the latest patches released by Microsoft.
Categories: Security

Mining or Nothing!, (Thu, Jan 11th)

SANS Internet Storm Center - January 11, 2018 - 8:37am
Cryptocurrencies mining has been a trending attack for a few weeks. Our idling CPUs are now targeted by bad guys who are looked to generate some extra revenue by abusing our resources. Other fellow handlers already posted diaries about this topic. Renato found a campaign based on a WebLogic exploit[1] and Jim detected a peak of activity on port %%port:3333%%[2]. Yesterday, while reviewed alerts generated by my hunting scripts, I found an interesting snippet of code on Pastebin. Here is a copy of the script with some added comments in blue:
Categories: Security

GitHub InfoSec Threepeat: HELK, ptf, and VulnWhisperer, (Wed, Jan 10th)

SANS Internet Storm Center - January 10, 2018 - 7:20am
There are numerous and exciting information security-related projects on GitHub; one can dive quickly down the rabbit hole, never to be seen again, in an effort to identify the best of breed for use in their security practices. In the last three days, three separate projects have hit my radar screen via social media that I thought readers might find intriguing and likely beneficial. I'm listing the projects in alphabetic order, not order of preference, each project represents a unique discipline and opportunity. 
Categories: Security

Microsoft January 2018 Patch Tuesday, (Tue, Jan 9th)

SANS Internet Storm Center - January 10, 2018 - 2:38am
Microsoft, as expected included last weeks Meltdown/Spectre update in this months patch Tuesday. But note that in addition to these two flaws, we have a number of other "traditional" privilege escalation and even remote code execution flaws that are probably easier to exploit and should be treated probably with a higher priority. Regardless, I doubt that as many people will work overtime for these run of the mill flaws. For example:
Categories: Security

What is going on with port 3333?, (Tue, Jan 9th)

SANS Internet Storm Center - January 10, 2018 - 1:10am
We've seen a spike over the last day or so in reports of apparent scanning on TCP %%port:3333%%. I have serious doubts that anyone is actually looking for DEC Notes which is the registered IANA use for this port. While we're getting our own honeypots set up, I figured I'd ask our readers, do you have packets and/or any idea what is going on here? Please let us know in the comments or via our contact page. Thanx in advance.
Categories: Security

A Story About PeopleSoft: How to Make $250k Without Leaving Home., (Mon, Jan 8th)

SANS Internet Storm Center - January 9, 2018 - 9:01pm
Yesterday, Renato published a diary about an intrusion taking advantage of a recent flaw in WebLogic. Oracle’s WebLogic is a Java EE application server [1]. PeopleSoft, another popular Oracle product can use WebLogic as a web server. PeopleSoft itself is a complex enterprise process management system. The name implies human resource functions, but the software goes way beyond simple HR features. Typically, “everything” in an organization lives in PeopleSoft [2].
Categories: Security

Meltdown and Spectre: clearing up the confusion, (Mon, Jan 8th)

SANS Internet Storm Center - January 8, 2018 - 3:01pm
Unless you’ve been living under a rock (or on a remote island, with no Internet connection), you’ve heard about the latest vulnerabilities that impact modern processors.
Categories: Security

All times are GMT +2. The time now is 12:46.

©2001-2017 - -