Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


What version of Baan have you installed
Baan IV
10.2 (incl. 10.2.1)
Total votes: 17

Baanboard at LinkedIn

Reference Content


PSA: Do not Trust Reverse DNS (and why does an address resolve to "localhost")., (Wed, Dec 6th)

SANS Internet Storm Center - December 6, 2017 - 5:41pm
Odd reverse DNS entries keep coming up from time to time. So I think we are due for a quick public service announcement about reverse DNS.
Categories: Security

IR using the Hive Project., (Tue, Dec 5th)

SANS Internet Storm Center - December 5, 2017 - 1:56am
Request Tracker Incident Response (RTIR) is one of the most popular IR ticketing systems. Its a open source project based on perl and MySQL. While it meets all your typical ticket tracking items, it needs lots of customization to meet your SOC needs. A few months ago I came across a project called TheHive ( that is a scalable open source platform.
Categories: Security

Phishing campaign uses old ".bat" script to spread banking malware - and it is flying under the radar, (Sat, Dec 2nd)

SANS Internet Storm Center - December 4, 2017 - 1:04am
While hunting this week, I came across a phishing campaign spreading a banking malware using an old DOS Batch script to drop it. Surprisingly enough, the “.bat” file has a VT 0/58 rating helping cybercriminals targeting 9 different Brazilian Banks. In today’s diary, I’ll give some details about this underway campaign and its indicators of compromise (IOCs).
Categories: Security

StartSSL: Termination of Services is Now Scheduled, (Sun, Dec 3rd)

SANS Internet Storm Center - December 3, 2017 - 11:04am
StartCom[1] has been a key player for years in the landscape of SSL certificate providers with its 'StartSSL' services. They provided free SSL certificates for everybody and permitted a lot of small organizations to increase the security of their web communications. The fact that StartCom is a China-based company was, for some organizations, a good reason to flag their activities as suspicious. They also suffered from security incidents[2]. In October 2016, Mozilla decided[3] to remove the StartCom certificates from Firefox. Google did the same with Chrome in March 2017[4].
Categories: Security

Using Bad Material for the Good, (Sat, Dec 2nd)

SANS Internet Storm Center - December 2, 2017 - 5:05pm
There is a huge amount of information shared online by attackers. Once again, is a nice place to start hunting. As this material is available for free, why not use it for the good? Attackers (with or without bots) are constantly looking for entry points on websites. Those entry points are a good place to search, for example, for SQL injections. Example:
Categories: Security

Phishing Kit (Ab)Using Cloud Services, (Fri, Dec 1st)

SANS Internet Storm Center - December 1, 2017 - 9:21am
When you build a phishing kit, they are several critical points to address. You must generate a nice-looking page which will match as close as possible to the original one and you must work stealthily to not be blocked or, at least, be blocked as late as possible.
Categories: Security

More Malspam pushing Emotet malware, (Thu, Nov 30th)

SANS Internet Storm Center - November 30, 2017 - 2:45am
Categories: Security

Apple High Sierra Uses a Passwordless Root Account, (Tue, Nov 28th)

SANS Internet Storm Center - November 29, 2017 - 12:10pm
Today, a security researcher twitted[1] about a dangerous behaviour he found in the Apple High Sierra operating system: It is possible to get administrator rights (the "root" account on UNIX) by connecting without a password. I was able to reproduce this behaviour on my MacBook running the latest OS X version. It appears that OS X is delivered with a passwordless root account.
Categories: Security

Fileless Malicious PowerShell Sample, (Wed, Nov 29th)

SANS Internet Storm Center - November 29, 2017 - 9:56am remains one of my favourite place for hunting. I’m searching for juicy content and report finding in a Splunk dashboard:
Categories: Security

9 Fast and Easy Ways To Lose Your Crypto Coins, (Sun, Nov 26th)

SANS Internet Storm Center - November 27, 2017 - 2:49am
Looking at the cost of cryptocurrencies this weekend, it looks like many of you will find a few bitcoins under your tree instead of a new game console. It appears to become a big holiday gift. With all the attention given to cryptocurrencies, they have also become a top target for criminals this season. In many ways, stealing someone's crypto wallet is more lucrative than stealing a credit card number and in many ways easier. Creditcards can be blocked very quickly, and credit card companies are actively looking for fraud, often detecting it before the customer does. In some cases fraudulent credit card transactions can be reversed. With cryptocurrencies, you have to watch out for fraud yourself and there is little recourse if a wallet is stolen, in particular, if you do not realize right away that it has been stolen.
Categories: Security

Exim Remote Code Exploit, (Sat, Nov 25th)

SANS Internet Storm Center - November 25, 2017 - 7:30pm
A use-after-free(UAF) vulnerability has been found in Exim version 4.88 and 4.89 which could lead to the execution of arbitrary code or DoS. The patch has been made available today and is available for download here.
Categories: Security

Benefits associated with the use of Open Source Software, (Sat, Nov 25th)

SANS Internet Storm Center - November 25, 2017 - 12:55pm
This week I ran across an interesting story talking about the benefits of using open source software in an enterprise.
Categories: Security

All times are GMT +2. The time now is 11:57.

©2001-2017 - -