Baanboard.com

Go Back   Baanboard.com > News > RSS Newsfeeds > Categories

User login

Frontpage Sponsor

Main

Poll
For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
35%
Installation Wizard into new VRC
42%
Manual into existing VRC
3%
Manual into new VRC
19%
Total votes: 31

Baanboard at LinkedIn


Reference Content

 
Security

Gunter Ollmann: Time to Squish SQL Injection

Security Focus - 48 min 3 sec ago
Time to Squish SQL Injection
Categories: Security

Mark Rasch: Lazy Workers May Be Deemed Hackers

Security Focus - 48 min 3 sec ago
Lazy Workers May Be Deemed Hackers

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909
Categories: Security

Adam O'Donnell: The Scale of Security

Security Focus - 48 min 3 sec ago
The Scale of Security
Categories: Security

Mark Rasch: Hacker-Tool Law Still Does Little

Security Focus - 48 min 3 sec ago
Hacker-Tool Law Still Does Little
Categories: Security

Infocus: Enterprise Intrusion Analysis, Part One

Security Focus - 48 min 3 sec ago
Enterprise Intrusion Analysis, Part One
Categories: Security

Infocus: Responding to a Brute Force SSH Attack

Security Focus - 48 min 3 sec ago
Responding to a Brute Force SSH Attack
Categories: Security

Infocus: Data Recovery on Linux and <i>ext3</i>

Security Focus - 48 min 3 sec ago
Data Recovery on Linux and <i>ext3</i>

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909
Categories: Security

Infocus: WiMax: Just Another Security Challenge?

Security Focus - 48 min 3 sec ago
WiMax: Just Another Security Challenge?
Categories: Security

More rss feeds from SecurityFocus

Security Focus - 48 min 3 sec ago
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories: Security

Ongoing Ykcol (Locky) campaign, (Wed, Sep 20th)

SANS Internet Storm Center - September 20, 2017 - 8:12pm
Today I noticed a high amount of e-mails on my honeypots with similar subject, body and attachment. It caught my attention . After inspecting the attachments and doing some analysis, it was not difficult to realize that those supposed “Status Invoice” messages were, indeed, part of an ongoing campaign pushing a Locky ransomware variant that is being called Ykcol (or Locky in reverse) due to the encrypted file extension (“.ykcol”).
Categories: Security

New tool: mac-robber.py, (Tue, Sep 19th)

SANS Internet Storm Center - September 19, 2017 - 6:36pm
On a recent forensic investigation where we couldn't take the Linux system down to image the disks, I was forced to do live response. Fortunately, I was able to get a memory image, but I also wanted a filesystem timeline. I first went to my old friend fls from The SleuthKit (TSK), but for some reason, it failed. So, I tried mac-robber (also from TSK) and it, too, failed. Not one to give up easily, I decided to write my own version of mac-robber in Python. Like the TSK mac-robber, it outputs the data in body file format (so that it can be fed into mactime or elasticsearch). Like the TSK version, by default, it does not hash the files (so it doesn't modify access times), so the "MD5" column defaults to 0. In this case, though, I had reason to believe that there might be multiple copies of some potential malware scattered around the filesystem, so I really wanted to grab hashes, too. So I included the capability in the tool (in my next diary, I'll explain the trick I used to grab hashes without modifying access times). A couple of other notes on the tool. It only hashes "regular" files, it doesn't attempt to hash soft-links, block or character device files, pipes, or sockets. It also skips /proc/kcore which to os.stat() looks like a regular file, but on my dev box is 128TB (a little more than I want to hash). At the moment, it uses MD5 as the hash because that is what fls uses, but I could easily be talked into substituting SHA256 (or SHA3 of whatever length, though in Python < 3.6 this requires pip-installing the pysha3 module). Also, due to a limitation in Python's os.stat(), it only give MAC times, not B time (even if available in the filesystem in question). The tool should work just fine on Linux/Unix, Mac OS X, or Windows with a standard install of Python 2.7 or later though it has not been extensively tested on anything other that Linux to date. Another feature that I added to mine was the ability to add or remove prefixes to the path and to exclude specific directories of files. The -m switch behaves just like the corresponding switch in fls and allows you to prefix the path with a system name or drive letter. The -r switch allows you to remove a prefix (for example, when the directory in question has been mounted on /mnt, but you want your report to show the actual path on the system in question). The -x option actually needs more work, at present, it isn't as flexible as I'd like, but if you want to skip a specific directory or file you can.
Categories: Security

CCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users, (Mon, Sep 18th)

SANS Internet Storm Center - September 18, 2017 - 11:46am
The version 5.33 of CCleaner[1] has been reported as compromised (only the 32bits version) and delivers a malware during the installation. If you installed CCleaner between Augustus 15th and September 12th, you better have to search for potentially infected systems. Here is the list of DGA domains that could help to track the infected hosts:
Categories: Security

All times are GMT +2. The time now is 02:33.


©2001-2017 - Baanboard.com - Baanforums.com