Go Back > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor


For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 38

Baanboard at LinkedIn

Reference Content


It's in the signature., (Sun, Oct 15th)

SANS Internet Storm Center - October 16, 2017 - 10:46am
We were contacted by a worried reader: he had found 2 seemingly identical µTorrent executables, with valid digital signatures, but different cryptographic hashes. With CCLeaner's compromise in mind, this reader wanted to know why these 2 executables were different.
Categories: Security

Peeking into .msg files, (Sun, Oct 15th)

SANS Internet Storm Center - October 15, 2017 - 12:18pm
Readers often submit malware samples, and sometimes the complete email with attachment. For example exported from Outlook, as a .msg file.
Categories: Security

Version control tools aren't only for Developers, (Thu, Oct 12th)

SANS Internet Storm Center - October 12, 2017 - 7:56am
When you start to work on a big project or within a team of developers, it is very useful to use a version control system. The most known are probably ’svn’[1] or ‘git’[2]. For developers, such tools are a great help to perform tasks like:
Categories: Security

October 2017 Security Updates, (Tue, Oct 10th)

SANS Internet Storm Center - October 10, 2017 - 10:42pm
DescriptionMSFT Severity
Categories: Security

Base64 All The Things!, (Mon, Oct 9th)

SANS Internet Storm Center - October 9, 2017 - 10:59am
Here is an interesting maldoc sample captured with my spam trap. The attached file is "PO# 36-14673.DOC” and has a score of 6 on VT[1]. The file contains Open XML data[2] that refers to an invoice:
Categories: Security

A strange JPEG file, (Sun, Oct 8th)

SANS Internet Storm Center - October 9, 2017 - 12:03am
I had a JPEG file to analyze that would not render properly: image viewers would display an error, but no image.
Categories: Security

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises, (Sat, Oct 7th)

SANS Internet Storm Center - October 7, 2017 - 1:38pm
Recently the Center for Internet Security (CIS) released the CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises (SMEs). The Implementation Guide is directly mapped to the CIS Critical Security Controls and is focused on actionable steps that can be taken right now to assess and improve the cyber security posture and preparedness, particularly in small and medium sized enterprises. Recently a webinar with some of the team members who helped develop the Implementation Guide was made recorded.  
Categories: Security

What's in a cable? The dangers of unauthorized cables, (Fri, Oct 6th)

SANS Internet Storm Center - October 6, 2017 - 4:04pm
As data speeds have increased over the last few years, and interface ports have become more and more multi-functioning and integrated, cables have started to pose a very particular and real danger. So far, they often have been ignored and considered "dumb wires". But far from that, many cables these days hold logic chips of their own and in some cases even upgradable (replaceable) firmware.
Categories: Security

pcap2curl: Turning a pcap file into a set of cURL commands for "replay" , (Thu, Oct 5th)

SANS Internet Storm Center - October 5, 2017 - 2:51pm
Many web browsers have the ability to quickly generate "curl" commands to replay a request. For example, in Google Chrome just open the "Network" pane in Developer Tools," right click on the URL (/baanboard/leftmost column) and select Copy->copy as cURL. This is a great feature when inspecting and reversing HTTP APIs. But recently I ran into an issue when inspecting traffic to a router. The browser would send a request a second, which made it hard to find the right request. To better understand what was going on, I recorded the traffic with tcpdump. But what I needed was a quick way to extract all the HTTP requests, and turn them into cURL commands for replay. The first part isn't all that hard. There are plenty of tools (tcpflow, tshark) to extract the data. The second part isn't difficult either. But the "glue" was missing.
Categories: Security

Security Awareness Month: How to Help Friends and Family, (Wed, Oct 4th)

SANS Internet Storm Center - October 4, 2017 - 9:03pm
For the last few years, October has been "Security Awareness Month", with various organizations using it to promote security awareness. We have done a few "themed" diaries around security awareness in past years, but for the most part, there isn't that much new to say for our core audience. Security awareness is however still a big issue for the rest of humanity, and if you are looking for advice to help friends and family become more security-aware, then the SANS Securing the Human project has a nice newsletter for you.
Categories: Security

Securing "Out of Band" Access, (Wed, Oct 4th)

SANS Internet Storm Center - October 4, 2017 - 8:58pm
How do you get to your critical systems if the network is down? There are a number of different technologies that are used in this case. Often, they involve some kind of terminal server that is connected to the system via a serial terminal (yes... there are still some of them around), or via an IP based KVM switch. The terminal server itself may be reachable via a backup network connection, or maybe someone even has a dial-in setup around for them. But no matter the exact technology you are using to implement this, a "backup connection", or "out of band connection" often bypasses a lot of security controls. This is done by design to ensure that the backup connection can be used even if these security devices do not respond. Often, these connections are also used to manage security devices.
Categories: Security

All times are GMT +2. The time now is 00:06.

©2001-2017 - -