Baanboard.com

Go Back   Baanboard.com > News > RSS Newsfeeds > Sources

User login

Frontpage Sponsor

Main

Google search


Poll
How big is your Baan-DB (just Data AND Indexes)
0 - 200 GB
14%
200 - 500 GB
32%
500 - 800 GB
4%
800 - 1200 GB
4%
1200 - 1500 GB
11%
1500 - 2000 GB
14%
> 2000 GB
21%
Total votes: 28

Baanboard at LinkedIn


Reference Content

 
SANS Internet Storm Center
Syndicate content SANS Internet Storm Center, InfoCON: green
SANS Internet Storm Center - Cooperative Cyber Security Monitor
Updated: 32 weeks 23 hours ago

Campaign is using a recently released WebLogic exploit to deploy a Monero miner, (Thu, Jan 4th)

January 7, 2018 - 11:02pm
     In the last couple of days, we received some reports regarding a malicious campaign which is deploying Monero cryptocurrency miners on victim’s machines. After analyzing a compromised environment, it was possible to realize that a critical Oracle WebLogic flaw, for which the exploit was made public a few days ago, is being used.
Categories: Security

Stone Soup Security, (Sun, Jan 7th)

January 7, 2018 - 3:32pm
Humans have been telling stories to each other much longer than we've had computers.  I still think it's a powerful tool.  Over the holiday I've been telling various updated versions of the "Stone Soup" story to various groups in the security community.  There are many versions of the Stone Soup story.  They all fall into the "clever man" category of the Aarne-Thompson-Uther index.  Think of it as a CVE for folktales.  Specifically, Stone Soup is a type 1548 folktale.  Such stories normally involve a stranger who comes to a house or village and promises to demonstrate that they can make soup from a stone.  The first time that I heard this story, I was in kindergarten and in that telling, travelers came to a poor village who didn't have enough food to spare, so they promised to show them how to make soup from a stone.  First they needed to borrow a pot and some water and some firewood and they began to boil the stone.  Periodically tasting it and noting that it would taste better with an onion, or carrots, or chicken or what have you.  Eventually the makings of a real soup were found by the villagers and a proper soup is made.  At kindergarten, it was a lesson on sharing and coming together.  In this telling of the story everyone wins.
Categories: Security

SSH Scans by Clients Types, (Sun, Jan 7th)

January 7, 2018 - 1:21am
I'm always curious what is scanning my honeypot but I was particularly interested what kind of client applications are used to attempt to login via SSH into that service. This graph shows the activity for the past week, including 500+ attempts for a period of 8 hours on the 31 Dec which when pretty much flat from 31 Dec 1200Z to 1 Jan 2018 1200Z while everyone celebrated New Year.
Categories: Security

Spectre and Meltdown: What You Need to Know Right Now, (Thu, Jan 4th)

January 5, 2018 - 6:05pm
By now, you've heard about the processor vulnerabilities affecting almost every processor in common use today; those vulnerabilities are called Meltdown and Spectre. The only common platform that seems unaffected as of the current moment are iPhone/iPads (Removed per recent advisory).This bug is probably worth its name and logo considering the pervasive nature of the vulnerability. At its core, both involve kernel issues that can lead to leaking running memory outside the current process which can involve compromises of system confidentiality (think encryption keys, passwords, PII/NPI in memory, etc). Contrary to some initial reporting, this is NOT just an Intel bug, it affects AMD and ARM processors as well. These could even be used in cloud / virtualized environments to leak memory outside the running virtual machine. It involves a flaw in "speculative execution" common in these processors where, in the right conditions, code can trick the processor in leaking data returned from other applications.
Categories: Security

Phishing to Rural America Leads to Six-figure Wire Fraud Losses, (Wed, Jan 3rd)

January 3, 2018 - 10:51pm
We often focus on malware and hacking in terms of the tools the criminals use, but often good old-fashioned deception is simple enough. A recent case I worked on involves phishing sent to rural real estate professionals (law firms, title companies, realtors, etc). It is particularly effective on targets that use the various web-mail / free e-mail services.
Categories: Security


PDF documents & URLs: video, (Tue, Jan 2nd)

January 3, 2018 - 12:50am
I received some questions about my diary entry "PDF documents & URLs: update", and to beter explain the analysis method, I created a video.
Categories: Security

What is new?, (Mon, Jan 1st)

January 1, 2018 - 12:13pm
How to best start the new year? How about a new tool: what-is-new.py.
Categories: Security

Analyzing TNEF files, (Sun, Dec 31st)

December 31, 2017 - 10:25am
Yesterday I came across a file type I rarely have to analyze: "Transport Neutral Encapsulation Format". It's an attachment file format used by Outlook and Exchange.
Categories: Security

2017, The Flood of CVEs, (Sat, Dec 30th)

December 30, 2017 - 9:05am
2017 is almost done and it’s my last diary for this year. I made a quick review of my CVE database (I’m using a local cve-search[1] instance). The first interesting number is the amount of CVE’s created this year. Do you remember when the format was CVE-YYYY-XXXX? The CVE ID format[2] changed in 2014 to break the limit of 9999 entries per year. This was indeed a requirement when you see the number of entries for the last five years:
Categories: Security

What are your Security Challenges for 2018?, (Wed, Dec 27th)

December 27, 2017 - 1:25am
We are almost at the end of another year. Last year I wrote a diary on Talent Shortage [1] and from what I have seen, it is still difficult to find the right people with the right skills [2]. I read more than ever, enterprises have to start coming up with creative recruitment strategies to hire the next generation of security professionals (IP-based skillsets) and develop strong training programs to bring them up-to-speed with the right security skills needed to defend or audit their enterprise. Obviously, you can learn a lot of things in a classroom but some skills can only be acquired in the real world. Anyone willing to learn or is curious about how attacks methods works and how to defend against them, has strong ethics and problem solving skills sound like a candidate you might want to coach and hire.
Categories: Security

Dealing with obfuscated RTF files, (Mon, Dec 25th)

December 26, 2017 - 12:20am
I see a lot of malicious RTF files that are heavily obfuscated. Last, I received a sample that rtfobj or rtfdump could not handle properly to correctly identify OLE objects ("Not a well-formed OLE object"). But my rtfdump tool has an option that can help decode objects that are not well-formed. Let's take a closer look.
Categories: Security


PDF documents & URLs: update, (Sun, Dec 24th)

December 24, 2017 - 5:27pm
I've written before about PDFs with URLs used in social engineering attacks (TL;DR: nowadays, it's more likely you'll receive a malicious PDF that just contains a malicious URL, than a PDF with malicious code).
Categories: Security

Encrypted PDFs, (Sat, Dec 23rd)

December 23, 2017 - 7:55pm
I received a bug report for my pdf-parser: it could not decompress the streams of a PDF document (FlateDecode decompress failed).
Categories: Security

All times are GMT +2. The time now is 17:48.


©2001-2018 - Baanboard.com - Baanforums.com