Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


Google search

For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 39

Baanboard at LinkedIn

Reference Content


The joys of changing Privacy Laws, (Tue, Mar 6th)

SANS Internet Storm Center - March 6, 2018 - 7:12am
There are a few privacy changes that have occured and will occur. You may be affected, so I've summarised it here. Please keep in mind I'm not your legal counsil so as always, check yours. 
Categories: Security

Malicious Bash Script with Multiple Features, (Mon, Mar 5th)

SANS Internet Storm Center - March 5, 2018 - 11:22am
It’s not common to find a complex malicious bash script. Usually, bash scripts are used to download a malicious executable and start it. This one has been spotted by @michalmalik[1] who twitted about it. I had a quick look at it. The script has currently a score of 13/50 on VT[2]. First of all, the script installs some tools and dependencies. 'apt-get' and 'yum'  are used, this means that multiple Linux distributions are targeted. The following packages are installed: wget, git, make, python, redis-tools, gcc, build-essentials. Some Python packages are installed via PIP.
Categories: Security

The Crypto Miners Fight For CPU Cycles, (Sun, Mar 4th)

SANS Internet Storm Center - March 4, 2018 - 11:07am
I found an interesting piece of Powershell code yesterday. The purpose is to download and execute a crypto miner but the code also implements a detection mechanism to find other miners, security tools or greedy processes (in terms of CPU cycles). Indeed, crypto miners make intensive use of your CPUs and more CPU resources they can (ab)use, more money will be generated. When a computer is infected, it looks legit to search for already running miners and simply kill them: The fight for CPU cycles started!
Categories: Security

Reminder: Beware of the "Cloud", (Sat, Mar 3rd)

SANS Internet Storm Center - March 3, 2018 - 11:57am
Today, when you buy a product, there are chances that it will be “connected” and use cloud services for, at least, one of its features. I’d like to tell you a bad story that I had this week. Just to raise your awareness... I won’t mention any product or service because the same story could append with many alternative solutions and my goal is not to blame them.
Categories: Security

Common Patterns Used in Phishing Campaigns Files, (Fri, Mar 2nd)

SANS Internet Storm Center - March 2, 2018 - 10:31am
Phishing campaigns remain a common way to infect computers. Every day, I'm receiving plenty of malicious documents pretending to be sent from banks, suppliers, major Internet actors, etc. All those emails and their payloads are indexed and this morning I decided to have a quick look at them just by the name of the malicious files. Basically, there are two approaches used by attackers:
Categories: Security

Why Does Emperor Xi Dislike Winnie the Pooh and Scrambled Eggs?, (Thu, Mar 1st)

SANS Internet Storm Center - March 1, 2018 - 3:20pm
   China made big news last week by amending its constitution to allow President Xi to stay in power beyond the normal 10 years. While the move found great support from the Chinese party elite appointed by Xi, others in China are not all that happy about Xi being given powers not attained by anybody in China since Mao. The Chinese censors have long had a pretty tight grasp on social media in the country in order to curb any dissent.  For example, Chinese censors in cooperation with service providers in China have used automated tools that eliminate certain key terms from social media discussions. But we all know that signature-based filtering of “known bad words” is tricky.  
Categories: Security

How did this Memcache thing happen?, (Wed, Feb 28th)

SANS Internet Storm Center - February 28, 2018 - 4:18am
As pointed out earlier ( this memcached reflected DDoS thing is pretty bad.  How bad?  Well, US-CERT updated its UDP-Based Amplification Attacks advistory ( to add Memcache to the list of potential attack vectors.  The really telling bit is the chart that shows the Bandwidth Amplification Factor.  Before memcache was added the largest factor was 556.9 from NTP where each byte sent in to a vulnerable server would return about 557 bytes in attack traffic.  Memecache is listed as 10,000 to 51,000.  That's remarkably large.
Categories: Security

Why we Don't Deserve the Internet: Memcached Reflected DDoS Attacks., (Tue, Feb 27th)

SANS Internet Storm Center - February 27, 2018 - 7:39pm
Let me start off by saying: If you have a memcached server in your environment that is exposed to the internet, then you should stop scanning for them, and spend your time writing a resume instead. Either because you do not want to work in an utterly incompetent organization like that, or if you are responsible for the exposed server, then well.. write a resume for a simpler job. (I was going to suggest a job here. But I can't come up with a job a sysadmin would be qualified for in a case like this)
Categories: Security

Cracking AD Domain Passwords (Password Assessments) - Part 1 - Collecting Hashes, (Mon, Feb 26th)

SANS Internet Storm Center - February 26, 2018 - 2:23pm
In my last 2 posts we discussed recovering passwords in a penetration test, first by using password spraying and then by using LLMNR (using the responder tool).  In both cases we discussed that it’s pretty likely that you’ll recover domain admin credentials in these steps.
Categories: Security

Retrieving malware over Tor on Windows, (Sun, Feb 25th)

SANS Internet Storm Center - February 26, 2018 - 12:14am
I found an easier way to retrieve malware over Tor on Windows, using free open-source software.
Categories: Security

Blackhole Advertising Sites with Pi-hole, (Sun, Feb 25th)

SANS Internet Storm Center - February 25, 2018 - 12:41pm
A coworker told me a few weeks ago that he started using Pi-hole to block all advertising and that got me curious. I checked the hardware requirements and already had a server I could install this on. I used CentOS 7.4 as my platform but before starting, make sure selinux isn't running because it isn't supported (It is one of the checks the installation script does). To check execute:
Categories: Security

All times are GMT +2. The time now is 05:38.

©2001-2017 - -