Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


Google search

For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 39

Baanboard at LinkedIn

Reference Content


2017, The Flood of CVEs, (Sat, Dec 30th)

SANS Internet Storm Center - December 30, 2017 - 9:05am
2017 is almost done and it’s my last diary for this year. I made a quick review of my CVE database (I’m using a local cve-search[1] instance). The first interesting number is the amount of CVE’s created this year. Do you remember when the format was CVE-YYYY-XXXX? The CVE ID format[2] changed in 2014 to break the limit of 9999 entries per year. This was indeed a requirement when you see the number of entries for the last five years:
Categories: Security

What are your Security Challenges for 2018?, (Wed, Dec 27th)

SANS Internet Storm Center - December 27, 2017 - 1:25am
We are almost at the end of another year. Last year I wrote a diary on Talent Shortage [1] and from what I have seen, it is still difficult to find the right people with the right skills [2]. I read more than ever, enterprises have to start coming up with creative recruitment strategies to hire the next generation of security professionals (IP-based skillsets) and develop strong training programs to bring them up-to-speed with the right security skills needed to defend or audit their enterprise. Obviously, you can learn a lot of things in a classroom but some skills can only be acquired in the real world. Anyone willing to learn or is curious about how attacks methods works and how to defend against them, has strong ethics and problem solving skills sound like a candidate you might want to coach and hire.
Categories: Security

Dealing with obfuscated RTF files, (Mon, Dec 25th)

SANS Internet Storm Center - December 26, 2017 - 12:20am
I see a lot of malicious RTF files that are heavily obfuscated. Last, I received a sample that rtfobj or rtfdump could not handle properly to correctly identify OLE objects ("Not a well-formed OLE object"). But my rtfdump tool has an option that can help decode objects that are not well-formed. Let's take a closer look.
Categories: Security

PDF documents & URLs: update, (Sun, Dec 24th)

SANS Internet Storm Center - December 24, 2017 - 5:27pm
I've written before about PDFs with URLs used in social engineering attacks (TL;DR: nowadays, it's more likely you'll receive a malicious PDF that just contains a malicious URL, than a PDF with malicious code).
Categories: Security

Encrypted PDFs, (Sat, Dec 23rd)

SANS Internet Storm Center - December 23, 2017 - 7:55pm
I received a bug report for my pdf-parser: it could not decompress the streams of a PDF document (FlateDecode decompress failed).
Categories: Security

I'm All Up in Your Blockchain, Pilfering Your Wallets, (Thu, Dec 21st)

SANS Internet Storm Center - December 22, 2017 - 12:01am
With the latest “gold rush” in cryptocurrency, many people are investing (or speculating, depending on your perspective) in Bitcoin and various other currencies. Many of these people are not the same tech-savvy people who have been mining for years, they are chasing big rates of returns. While the economic risks are its own discussion, this post will talk about some observations in how to protect the security of your cryptocurrency.
Categories: Security

Guest Diary (Etay Nir) Kernel Hooking Basics, (Wed, Dec 20th)

SANS Internet Storm Center - December 20, 2017 - 6:24pm
A note from HOD: We are recruiting, Etay is mostly through the roadmap. If you are interested in becoming a handler please check out our handler roadmap!
Categories: Security

Example of 'MouseOver' Link in a Powerpoint File, (Tue, Dec 19th)

SANS Internet Storm Center - December 19, 2017 - 8:51am
I really like Microsoft Office documents... They offer so many features that can be (ab)used to make them virtual bombs. Yesterday, I found a simple one but nicely prepared Powerpoint presentation: Payment_copy.ppsx (SHA256:7d6f3eb45c03a8c2fca4685e9f2d4e05c5fc564c3c81926a5305b6fa6808ac3f). It was still unknown on VT yesterday but it reached now a score of 1/61![1]. It was delivered to one of my catch-all mailboxes and contained just one slide. 
Categories: Security

Phish or scam? - Part 2, (Mon, Dec 18th)

SANS Internet Storm Center - December 18, 2017 - 8:03am
We continue the MSG analysis of yesterday.
Categories: Security

Phish or scam? - Part 1, (Sun, Dec 17th)

SANS Internet Storm Center - December 17, 2017 - 9:35am
Reader Carlos Almeida submitted an email with a .docx attachment.
Categories: Security

Microsoft Office VBA Macro Obfuscation via Metadata, (Sat, Dec 16th)

SANS Internet Storm Center - December 16, 2017 - 8:44am
Often, malicious macros make use of the same functions to infect the victim's computer. If a macro contains these strings, it can be flagged as malicious or, at least, considered as suspicious. Some examples of suspicious functions are:
Categories: Security

Detection Lab: Visibility & Introspection for Defenders, (Thu, Dec 14th)

SANS Internet Storm Center - December 15, 2017 - 6:00am
     Me when I discovered @Centurion's Detection Lab.
Categories: Security

All times are GMT +2. The time now is 05:39.

©2001-2017 - -