Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


Google search

For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 39

Baanboard at LinkedIn

Reference Content


Security Planner: Improve your online safety, (Thu, Dec 14th)

SANS Internet Storm Center - December 14, 2017 - 6:01am
Just in time for holiday visits with your familes and friends, soon you will face the inevitable questions, particularly if you're a security practitioner of any sort. "There are always questions about whether the devices and services we use respect our privacy, and if they adequately safeguard our information. Has a good balance been struck? Many of us are not sure. It is easy to feel overwhelmed by the challenge of how to be safer online." Search for "how to be safe online" and you'll receive inconsistent results to be certain. Who hasn't had Mom or Dad, or your friends for that matter, ask your help to be more secure? To help rectify such situations, the Citizen Lab just released Security Planner.
Categories: Security

Tracking Newly Registered Domains, (Wed, Dec 13th)

SANS Internet Storm Center - December 13, 2017 - 8:16am
Here is the next step in my series of diaries related to domain names. After tracking suspicious domains with a dashboard[1] and proactively searching for malicious domains[2], let’s focus on newly registered domains. They are a huge number of domain registrations performed every day (on average a few thousand per day all TLD’s combined). Why focus on new domains? With the multiple DGA (“Domain Generation Algorithms”) used by malware families, it is useful to track newly created domains and correlate them with your local resolvers’ logs. You could detect some emerging threats or suspicious activities.
Categories: Security

December Microsoft Patch Tuesday Summary, (Tue, Dec 12th)

SANS Internet Storm Center - December 13, 2017 - 12:52am
Microsoft today patched 36 different vulnerabilities (+ Flash). Luckily, none of the vulnerabilities have been exploited in the wild of have been disclosed prior to today. The list includes the malware protection engine update that was released on Friday. Probably the most interesting vulnerability is the remote code execution in Windows RRAS. (%%cve:2017-11885%%). According to Microsoft, this vulnerability can be exploited via RPC on servers that have routing enabled. (RRAS is the Routing and Remote Access Service). I am a bit confused why Microsoft rates this one only as "important". Maybe because RRAS is not enabled by default.
Categories: Security

Sometimes it's a dud, (Sat, Dec 9th)

SANS Internet Storm Center - December 9, 2017 - 11:11pm
A reader submitted a malicious RTF file, experiencing difficulty to find the malicious code.
Categories: Security

Using Our API To Adjust iptables Rules, (Fri, Dec 8th)

SANS Internet Storm Center - December 8, 2017 - 9:14pm
We are offering a simple (IMHO) API to allow you to script various queries against our databases. One dataset we offer is a list of IP addresses that are scanning the internet for exposed services. The most prominent of these services is likely Shodan. To avoid having any devices from your organization show up in Shodan, you may want to block all scans from known Shodan hosts. We do create a list of these IP addresses and update it daily. The respective API query to retrieve the list is:
Categories: Security

Apple Updates Everything. Again. , (Wed, Dec 6th)

SANS Internet Storm Center - December 7, 2017 - 12:06am
After a rushed release of iOS 11.2 over the weekend to fix a "December 2nd Crash" bug, and last weeks special update to fix the passwordless root authentication bypass in macOS, Apple today released its official set of security updates. With this, we also received details about the security issues patched in iOS this weekend. Apple's different operating systems share a lot of code with each other, and as a result, they also share some vulnerabilities. I am trying to organize the details in a table below (starting with macOS. Others will be added soon)
Categories: Security

PSA: Do not Trust Reverse DNS (and why does an address resolve to "localhost")., (Wed, Dec 6th)

SANS Internet Storm Center - December 6, 2017 - 5:41pm
Odd reverse DNS entries keep coming up from time to time. So I think we are due for a quick public service announcement about reverse DNS.
Categories: Security

IR using the Hive Project., (Tue, Dec 5th)

SANS Internet Storm Center - December 5, 2017 - 1:56am
Request Tracker Incident Response (RTIR) is one of the most popular IR ticketing systems. Its a open source project based on perl and MySQL. While it meets all your typical ticket tracking items, it needs lots of customization to meet your SOC needs. A few months ago I came across a project called TheHive ( that is a scalable open source platform.
Categories: Security

Phishing campaign uses old ".bat" script to spread banking malware - and it is flying under the radar, (Sat, Dec 2nd)

SANS Internet Storm Center - December 4, 2017 - 1:04am
While hunting this week, I came across a phishing campaign spreading a banking malware using an old DOS Batch script to drop it. Surprisingly enough, the “.bat” file has a VT 0/58 rating helping cybercriminals targeting 9 different Brazilian Banks. In today’s diary, I’ll give some details about this underway campaign and its indicators of compromise (IOCs).
Categories: Security

All times are GMT +2. The time now is 05:40.

©2001-2017 - -