Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


As a Customer What would do to keep your ERP Implementation intact
Proactively define Business Process-- Take the Project Ownership
Handover everything to System Integrator from drawing BP till implementation of ERP
Hire more inhouse skilled & capable IT Resource to work directly with SI
Rely on SI Architects/Consultants
Total votes: 4

Baanboard at LinkedIn

Reference Content


Java Deserialization Attack Against Windows, (Tue, Apr 3rd)

SANS Internet Storm Center - April 3, 2018 - 3:34pm
Recently we talked a lot about attacks exploiting Java deserialization vulnerabilties in systems like Apache SOLR and WebLogic. Most of these attacks targeted Linux/Unix systems. But recently, I am seeing more attacks that target windows. For example:
Categories: Security

Phishing PDFs with multiple links - Detection, (Mon, Apr 2nd)

SANS Internet Storm Center - April 2, 2018 - 10:59pm
One advantage of static analysis over dynamic analysis, is that it can reveal more information than dynamic analysis. In the last analysis example of a phishing PDF, we uncovered more URLs via static analysis.
Categories: Security

Phishing PDFs with multiple links - Animated GIF, (Sun, Apr 1st)

SANS Internet Storm Center - April 1, 2018 - 11:26am
Here is an animated GIF showing the URLs in the PDF I analyzed yesterday:
Categories: Security

Phishing PDFs with multiple links, (Sat, Mar 31st)

SANS Internet Storm Center - March 31, 2018 - 9:25pm
A reader wanted to know why the phishing PDF he received contained multiple and different links, according to my pdf tools, but would only show the same URL when he hovered over the links in Adobe Reader.
Categories: Security

Version 7 of the CIS Controls Released, (Fri, Mar 30th)

SANS Internet Storm Center - March 30, 2018 - 2:19am
The CIS Controls serve as a “prioritized set of actions to protect your organization and data from known cyber attack vectors.”. Embraced by several organizations as outlined in the Case Studies section, significant improvements to their cyber security programs are listed and can serve as an inspiration to consider this approach to effective cyber defense.
Categories: Security

One hash to rule them all: drupalgeddon2, (Thu, Mar 29th)

SANS Internet Storm Center - March 29, 2018 - 1:18pm
I’m sure virtually all of our readers are aware of the patch that has been released for Drupal yesterday. In case you’ve been on a remote island, all versions of Drupal (6, 7 and 8) were vulnerable to a critical security vulnerability that allows an attacker remote code execution.
Categories: Security

How are Your Vulnerabilities?, (Wed, Mar 28th)

SANS Internet Storm Center - March 28, 2018 - 7:09am
Scanning assets for known vulnerabilities is a mandatory process in many organisations. This topic comes in the third position of the CIS Top-20[1]. The major issue with a vulnerability scanning process is not on the technical side but more on the process side. Indeed, the selection of the tool and its deployment is not very complicated (well, in not too complex environments, to be honest): Buya solution or build a solution based on free tools, define the scope, schedule the scan and it’s done. Then start the real problem: How to handle the thousands of vulnerabilities reported by the tool? Yes, be sure that you’ll be flooded by alerts like this:
Categories: Security

Side-channel information leakage in mobile applications, (Tue, Mar 27th)

SANS Internet Storm Center - March 27, 2018 - 8:42am
Smartphones today carry an unbelievable amount of sensitive information. As absolutely everything is going mobile these days, we have to pay special attention on security of mobile applications, specifically data at rest (data stored on a mobile device) and data in transit (data transferred to the target server).
Categories: Security

Windows IRC Bot in the Wild, (Mon, Mar 26th)

SANS Internet Storm Center - March 26, 2018 - 7:25am
Last weekend, I caught on VirusTotal a trojan disguised as Windows IRC bot. It was detected thanks to my ‘psexec’ hunting rule which looks definitively an interesting keyword (see my previous diary[1]). I detected the first occurrence on 2018-03-24 15:48:00 UTC. The file was submitted for the first time from the US. The strange fact is that the initial file has already a goods code on VT (55/67) and is detected by most of the classic antivirus tools. 
Categories: Security

Scanning for Apache Struts Vulnerability CVE-2017-5638, (Sun, Mar 25th)

SANS Internet Storm Center - March 25, 2018 - 9:12pm
Over the past two weeks, I have noticed several attempts against my honeypot looking to exploit CVE-2017-5638 Apache Struts2 vulnerability that look very similar to this python script[2]. Today alone I recorded 57 attempts against port 80, 8080 and 443. T format of the queries I have observed over the past two weeks contain one of these two requests:
Categories: Security

"Error 19874: You must have Office Professional Edition to read this content, please upgrade your licence.", (Sat, Mar 24th)

SANS Internet Storm Center - March 24, 2018 - 10:07am
I was sent a document that could (supposedly) only be read with Office Professional. Of course, this was a malicious document (MD5 151a561d41eb3e960676b293e726d8f3) with macros.
Categories: Security

Extending Hunting Capabilities in Your Network, (Fri, Mar 23rd)

SANS Internet Storm Center - March 23, 2018 - 8:30am
Today's diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network[1]. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first recipe could miss some malicious files in the following scenarios:
Categories: Security

All times are GMT +2. The time now is 23:12.

©2001-2018 - -