Go Back > News > RSS Newsfeeds > Sources

User login

Frontpage Sponsor


As a Customer What would do to keep your ERP Implementation intact
Proactively define Business Process-- Take the Project Ownership
Handover everything to System Integrator from drawing BP till implementation of ERP
Hire more inhouse skilled & capable IT Resource to work directly with SI
Rely on SI Architects/Consultants
Total votes: 6

Baanboard at LinkedIn

Reference Content

SANS Internet Storm Center
Syndicate content SANS Internet Storm Center, InfoCON: green
SANS Internet Storm Center - Cooperative Cyber Security Monitor
Updated: 2 years 18 weeks ago

ISC/DShield Website TLS Updates, (Wed, Apr 4th)

April 4, 2018 - 3:36pm
On Thursday, we will change our TLS certificate to one issued by Letsencrypt. In the past, we used normal "commercial" certificates. Until a few months ago, we used HTTP Public Key Pinning. It appears that key pinning is no longer going to be supported by browsers, so we decided to remove this feature, which enabled us to use Letsencrypt. We removed the key pinning header a while ago, and browsers should no longer "pin" for our sites. But in case you are experiencing problems connecting to this site later this week, please let us know. You may still be able to connect to if you can not connect to 
Categories: Security

A Suspicious Use of certutil.exe, (Wed, Apr 4th)

April 4, 2018 - 6:43am
The Microsoft operating system is full of command line tools that help to perform administrative tasks. Some can be easily installed, like the SysInternal suite[1] and psexec.exe, others are builtin in Windows and available to everybody. The presence of calls to such tools can help to detect suspicious behaviours. Why reinvent the wheel, if a tool can achieve what you need? I recently upgraded my hunting rules on VirusTotal to collect samples that are (ab)using the "certutil.exe" tool. The purpose of this tool is to dump and display certification authority (CA) information, manage certificates and keys. This is a command line tool that accepts a lot of parameters [2]. A classic use of certutil.exe is to easily process Base64 encoded data:
Categories: Security

Java Deserialization Attack Against Windows, (Tue, Apr 3rd)

April 3, 2018 - 3:34pm
Recently we talked a lot about attacks exploiting Java deserialization vulnerabilties in systems like Apache SOLR and WebLogic. Most of these attacks targeted Linux/Unix systems. But recently, I am seeing more attacks that target windows. For example:
Categories: Security

Phishing PDFs with multiple links - Detection, (Mon, Apr 2nd)

April 2, 2018 - 10:59pm
One advantage of static analysis over dynamic analysis, is that it can reveal more information than dynamic analysis. In the last analysis example of a phishing PDF, we uncovered more URLs via static analysis.
Categories: Security

Phishing PDFs with multiple links - Animated GIF, (Sun, Apr 1st)

April 1, 2018 - 11:26am
Here is an animated GIF showing the URLs in the PDF I analyzed yesterday:
Categories: Security

Phishing PDFs with multiple links, (Sat, Mar 31st)

March 31, 2018 - 9:25pm
A reader wanted to know why the phishing PDF he received contained multiple and different links, according to my pdf tools, but would only show the same URL when he hovered over the links in Adobe Reader.
Categories: Security

Version 7 of the CIS Controls Released, (Fri, Mar 30th)

March 30, 2018 - 2:19am
The CIS Controls serve as a “prioritized set of actions to protect your organization and data from known cyber attack vectors.”. Embraced by several organizations as outlined in the Case Studies section, significant improvements to their cyber security programs are listed and can serve as an inspiration to consider this approach to effective cyber defense.
Categories: Security

One hash to rule them all: drupalgeddon2, (Thu, Mar 29th)

March 29, 2018 - 1:18pm
I’m sure virtually all of our readers are aware of the patch that has been released for Drupal yesterday. In case you’ve been on a remote island, all versions of Drupal (6, 7 and 8) were vulnerable to a critical security vulnerability that allows an attacker remote code execution.
Categories: Security

How are Your Vulnerabilities?, (Wed, Mar 28th)

March 28, 2018 - 7:09am
Scanning assets for known vulnerabilities is a mandatory process in many organisations. This topic comes in the third position of the CIS Top-20[1]. The major issue with a vulnerability scanning process is not on the technical side but more on the process side. Indeed, the selection of the tool and its deployment is not very complicated (well, in not too complex environments, to be honest): Buya solution or build a solution based on free tools, define the scope, schedule the scan and it’s done. Then start the real problem: How to handle the thousands of vulnerabilities reported by the tool? Yes, be sure that you’ll be flooded by alerts like this:
Categories: Security

All times are GMT +2. The time now is 05:02.

©2001-2018 - -