Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


Google search

For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 39

Baanboard at LinkedIn

Reference Content


Finding VBA signatures in Word documents, (Sun, Feb 11th)

SANS Internet Storm Center - February 11, 2018 - 10:49pm
One of my former students contacted me after reading my last diary entry "An autograph from the Dridex gang" with a question: how to detect Word documents with signed VBA code?
Categories: Security

Increase in port 2580 probe sources, (Fri, Feb 9th)

SANS Internet Storm Center - February 10, 2018 - 2:56pm
Reviewing the dashboards at the ISC today revealed an anomaly on port 2580.  Over the last couple days the number of sources probing for port 2580 has increased by nearly 600x from near none historically. 
Categories: Security

An autograph from the Dridex gang, (Fri, Feb 9th)

SANS Internet Storm Center - February 9, 2018 - 7:26pm
Reader Wayne Smith submitted a PDF file attached to a malicious email.
Categories: Security

SQL injection and division by zero exceptions, (Thu, Feb 8th)

SANS Internet Storm Center - February 8, 2018 - 1:32pm
SQL injections are my favorite vulnerabilities. Of course, every penetration tester loves them since they are (in most cases) critical, however what I like with them is that there are so many ways to exploit even the apparently-looking remote or unexploitable cases.
Categories: Security

Analyzing an HTA file: Update, (Mon, Feb 5th)

SANS Internet Storm Center - February 6, 2018 - 12:10am
A reader asked what the &H?? strings were in the malware I analyzed in my last diary entry. These are numbers in VBA written in hexadecimal.
Categories: Security

Analyzing an HTA file, (Sat, Feb 3rd)

SANS Internet Storm Center - February 4, 2018 - 12:37am
I received an Invoice.MHT file attached to an email:
Categories: Security

Simple but Effective Malicious XLS Sheet, (Fri, Feb 2nd)

SANS Internet Storm Center - February 2, 2018 - 10:26am
Here is another quick analysis of a malicious Excel sheet found while hunting. The malicious document was delivered through a classic phishing attempt from Jane’s 360[1], a website operated by HIS Markit[2]. Here is a copy of the mail body:
Categories: Security

Adobe Flash 0-Day Used Against South Korean Targets, (Thu, Feb 1st)

SANS Internet Storm Center - February 1, 2018 - 9:16pm
the Koren CERT announced that it is aware of a so far unpatched Adobe Flash vulnerability that is being exploited in targeted attacks [1]. All versions of Adobe Flash Player including are vulnerable. was released in January as part of Adobe's normal patch Tuesday. Adobe has not yet released an advisory, and the only confirmation so far is a twitter post from a Korean security researcher [2]. [See update below about Adobe's advisory]
Categories: Security

Adaptive Phishing Kit, (Thu, Feb 1st)

SANS Internet Storm Center - February 1, 2018 - 8:26am
Phishing kits are everywhere! If your server is compromised today, they are chances that it will be used to mine cryptocurrency, to deliver malware payloads or to host a phishing kit. Phishing remains a common attack scenario to collect valid credentials and impersonate the user account or, in larger attacks, it is one of the first steps to compromise the final target. Phishing kits are usually mimicking well-known big Internet players (eBay, Paypal, Amazon, Google, Apple, Microsoft…[add your preferred one here]). I found an interesting phishing kit which adapts itself to the victim. Well, more precisely, it adapts to the victim email address.
Categories: Security

Cisco ASA WebVPN Vulnerability, (Tue, Jan 30th)

SANS Internet Storm Center - January 31, 2018 - 4:35pm
Before I get too many "I'm surprised/disappointed you haven't mentioned..." emails let's get out a rough draft on CVE-2018-0101.
Categories: Security

All times are GMT +2. The time now is 05:39.

©2001-2017 - -