Go Back > News > RSS Newsfeeds > Sources

User login

Frontpage Sponsor


For ERP LN feature pack upgrade, what method of install are you using?
Installation Wizard into existing VRC
Installation Wizard into new VRC
Manual into existing VRC
Manual into new VRC
Total votes: 31

Baanboard at LinkedIn

Reference Content

SANS Internet Storm Center
Syndicate content SANS Internet Storm Center, InfoCON: green
SANS Internet Storm Center - Cooperative Cyber Security Monitor
Updated: 32 min 36 sec ago

Hancitor malspam uses DDE attack, (Tue, Oct 17th)

1 hour 48 min ago
Categories: Security

WPA2 "KRACK" Attack, (Mon, Oct 16th)

4 hours 2 min ago
Starting yesterday, word of a new attack against WPA2 started to take over security news feeds. This "Key Reinstallation Attack" (aka KRACK) can be used to substantially weaken many WPA2 implementations.
Categories: Security

It's in the signature., (Sun, Oct 15th)

October 16, 2017 - 10:46am
We were contacted by a worried reader: he had found 2 seemingly identical µTorrent executables, with valid digital signatures, but different cryptographic hashes. With CCLeaner's compromise in mind, this reader wanted to know why these 2 executables were different.
Categories: Security

Peeking into .msg files, (Sun, Oct 15th)

October 15, 2017 - 12:18pm
Readers often submit malware samples, and sometimes the complete email with attachment. For example exported from Outlook, as a .msg file.
Categories: Security

Version control tools aren't only for Developers, (Thu, Oct 12th)

October 12, 2017 - 7:56am
When you start to work on a big project or within a team of developers, it is very useful to use a version control system. The most known are probably ’svn’[1] or ‘git’[2]. For developers, such tools are a great help to perform tasks like:
Categories: Security

October 2017 Security Updates, (Tue, Oct 10th)

October 10, 2017 - 10:42pm
DescriptionMSFT Severity
Categories: Security

Base64 All The Things!, (Mon, Oct 9th)

October 9, 2017 - 10:59am
Here is an interesting maldoc sample captured with my spam trap. The attached file is "PO# 36-14673.DOC” and has a score of 6 on VT[1]. The file contains Open XML data[2] that refers to an invoice:
Categories: Security

A strange JPEG file, (Sun, Oct 8th)

October 9, 2017 - 12:03am
I had a JPEG file to analyze that would not render properly: image viewers would display an error, but no image.
Categories: Security

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises, (Sat, Oct 7th)

October 7, 2017 - 1:38pm
Recently the Center for Internet Security (CIS) released the CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises (SMEs). The Implementation Guide is directly mapped to the CIS Critical Security Controls and is focused on actionable steps that can be taken right now to assess and improve the cyber security posture and preparedness, particularly in small and medium sized enterprises. Recently a webinar with some of the team members who helped develop the Implementation Guide was made recorded.  
Categories: Security

What's in a cable? The dangers of unauthorized cables, (Fri, Oct 6th)

October 6, 2017 - 4:04pm
As data speeds have increased over the last few years, and interface ports have become more and more multi-functioning and integrated, cables have started to pose a very particular and real danger. So far, they often have been ignored and considered "dumb wires". But far from that, many cables these days hold logic chips of their own and in some cases even upgradable (replaceable) firmware.
Categories: Security

pcap2curl: Turning a pcap file into a set of cURL commands for "replay" , (Thu, Oct 5th)

October 5, 2017 - 2:51pm
Many web browsers have the ability to quickly generate "curl" commands to replay a request. For example, in Google Chrome just open the "Network" pane in Developer Tools," right click on the URL (/baanboard/leftmost column) and select Copy->copy as cURL. This is a great feature when inspecting and reversing HTTP APIs. But recently I ran into an issue when inspecting traffic to a router. The browser would send a request a second, which made it hard to find the right request. To better understand what was going on, I recorded the traffic with tcpdump. But what I needed was a quick way to extract all the HTTP requests, and turn them into cURL commands for replay. The first part isn't all that hard. There are plenty of tools (tcpflow, tshark) to extract the data. The second part isn't difficult either. But the "glue" was missing.
Categories: Security

All times are GMT +2. The time now is 04:17.

©2001-2017 - -