Cyber Security

503

Solutions

829

Contributors

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

Preventing theft of company data - with the plethora of routes that are available on the internet, can someone suggest a comprehensive solution for preventing employees who are leaving the firm from stealing emails (their own corporate emails) and files? We can disable USB ports, disable certain websites such as dropbox, box.com, etc. Gmail/Hotmail/Yahoo, etc. However, there are many other routes with a simple google search away...
0
Protect Your Employees from Wi-Fi Threats
LVL 1
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

We have been working with 7-zip form some time as matter fact was recommend by EE, we use it for large compression and complex-long password protected files.  Today in a meeting we were informed that 7-zip can be hacked.  We didn't believe until the person ran an apps and unzip one of our supposedly secure 7-zip files.  So our question is which compression apps is least to be hacked (WinZIp, WinRar, etc.?), which one can we trust? Is the oldies WinZip & WinRar also hacked?.
0
RISK approach
A conventional approach to security to just put in best of the breed security control is not enough. This will be a part of the series to get the RIGHT security in place and first off is to make sure proper risk assessment approach is adopted. Security need not be complex.
0
Brief: SonicWALL IP Spoof on WAN from Similar Subnet.

While this article seems like the resolution doing what it detailed did not resolve the issue:
https://www.experts-exchange.com/questions/2856328/Dell-Sonicwall-IP-Spoof-Detec tion.html

I have a Unifi Controller behind a SonicWALL.
We have multiple sites we control from it.

If the site is on a static IP from the same ISP (only 2 ISPs in town) and has the same first 3 octets the traffic passes fine.
Example:
Server site WAN IP: 50.50.50.15
Client site WAN IP: 50.50.50.230

However if a site is on a different octet then they cannot communicate due to "IP Spoofing" detection.
Example
Servers site WAN IP: 50.50.50.15
Client site WAN IP: 50.50.45.59

I've talked with SonicWALL and their engineers are working to find a resolution but I don't know if they can come up with anything.

The server site ISP WAN IP is a /30 net mask.
0
We require our staff to use MobileIron MDM and read their corporate emails using
MobileIron's  Email+ (a secure email client by MI).

Several staff read Bloomberg's BFW (Bloomberg First W)  news which is not in
http nor https format but  bbs format which MI can't load though this could
load in Apple IOS partition.

Q1:
Does Bloomberg offers http or https  instead of bbs ?  It's the
trading staff who subscribes so I don't hv Bloomberg's support
access

Q2:
We have logged a case with MI & MI ack'ed they can't support bbs:
Bloomberg was supposed to be used globally, so how is it that MI
can't support it.  Any workaround?
0
I have been ask by PCI QSA regarding what is SonicWALL using for PCI industry hardening standard.

I have been searching the internet and talking to SonicWALL support but couldn’t get the answer. So I will try here.

Anyone know this information or any PCI expert here that can tell me what to do with PCI Req 2.2 regarding system hardening standards?

Please advise.

Thank you
0
some of the cyber security best practices require that admin access and admin type activities can only be performed from dedicated admin hosts/ technically how is this enforced to ensure that admin type work can only be performed from dedicated hosts and no other users? Would this be firewall settings on each individual computer joined to a domain? Can enforcing such a policy cause any issues in support/resolution?
0
I am tasked to setup an alert for unsuccessful admin login attempts at our company to satisfy cyber security controls.  We have 2 offices and 4 home offices - the main office logs into our Windows 2012 server and then everyone logs into our Windows 2012 RDS server for all network resources.  
How can I set some sort of alert for unsuccessful admin login attempts?  I understand that event ID 4625 is the main unsuccessful login attempt identifier, and I'm ok with using that even though it is not strictly for admin logins, but where would I create this (I assume a group policy)?  On the Domain Controller (AD Server), RDS server, workstation (for all local domain logins in the main office), or all 3.  I was hoping only one server (AD server?) could do this.
0
Cloud Class® Course: SQL Server Core 2016
LVL 12
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

I am considering running openVPN on a linode and setting UFW to only accept connections from that IP Address. Would this be good security? I realize it may be redudent with Fail2Ban but I'm hungover today doing sys admin stuff and thought about doing this.

I'm a Cyber Security student but I haven't gotten to any major classes yet so I really don't know if this is a good idea or not.
0
i need to secure Exchange 2016 OWA via a reverse proxy. Is there anyone doing this and what appliance are you using/recommend
0
We have a SonicWall TZ600.  A manager wants to know in easy to understand terms what the security benefits the firewall is providing us.  Can someone help me word something that would be understandable?  I am new to SonicWall.  We were using a CISCO ASA.
0
I am currently in a trial with Citrix Sharefile... but find the pricing a bit too much for our company at the moment..   Love the features .. Large File send.. Encryption .. all integrated into Outlook.   In my email signature I have a link for people that need to send me files... etc..etc..     Does anyone know of any other companies that offer this type of service that might not be as expensive?

Cheers

GoRaps!
0
I'm trying to understand how DMZ work in a Windows environment ...

So I've got my LAN, no problems with that. Now I want to put a Windows web server into a DMZ.
I've configured a VLAN for the DMZ, that works. But I'm unsure about the necessary policies on my (Watchguard) firewall regulating the traffic between DMZ and LAN:

- I'd like to be able to access the web server from the LAN using Windows Explorer. Is that possible? If yes, how?
- does the web server need to be in the local AD in order to achieve this?
- can the web server in the DMZ use a serial number distributed by the KMS server on the LAN? Or how is this being handled? [update: I got that to work]
- what if the web server in the DMZ needs to execute a query on an MSSQL server on the LAN? Do I just open the port for SQL connections? I guess using a cache DB on another server in the DMZ would be better?
- how can I RDP from the LAN to the DMZ? RDP tells me the server does not exist although I have open the RDP port on the firewall ...

Thanks!
1
I have a client with a SonicWall TZ 205, and we are running into an issue with PCI compliance scans.
Right now we are struggling to resolve a failure with "SSL Certificate - Signature Verification Failed Vulnerability".

Sonic support is clueless - does anyone here have a thought? Thanks in advance!
0
Playing the Triage Game
The intent of this article is not to tell you what solution to use (you know it better) or make a big bang change to your current regime (you are well aware of), but to share how the regime can be better and effective in streamlining the multiple patch implementation.
0
Hello,

I am trying to catch malware using T-Pot.
I caught some malware in /data/dionaea/binaries, but I don't know which IP did they come from.

Please let me know how to determine src ip of each malware(file name is MD5 hash).

regards,
Nobuo Miwa
0
In 2017, the number of vulnerabilities detected in applications rose 33%. Is your company prepared to deal with these risks? Train to become a Certified Penetration Testing Engineer today! There are only two days left to enroll in this month’s Course of the Month.
2
Increase Security & Decrease Risk with NSPM Tools
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

I upgraded our SonicWall at the beginning of the year and have some confusion regarding SonicOS's  CFS.  The device is running SonicOS Enhanced 6.5.0.2-8n.

(1) Is there a way to get a log of *ALL* CFS entries?  When I look under:

Log Settings > Base Setup > Security Services > Content Filter

It shows:

CFS Alert = 1461
Website Accessed = 16
Website Blocked = 14

However, I can't figure out how to get to that log.

(2) Is there a way for me to be emailed anytime someone gets the "blocked" screen with the details shown on the block screen they see?

TIA.
0

[Free Webinar] Ten Security Controls for effective Cybersecurity


cyber-webinar-1200x627.jpgWith cyberattacks evolving everyday organizations are forced to build a strong security layer to keep their data safe and maintain user privacy. With so much touch points to improve organization security, ManageEngine is here to facilitate things for you, by hand picking 10 primary security controls which you need to practice to keep the attackers at bay.

Attend our webinar about cybersecurity on April 24th, 11 am BST and make sure you have the best security measures in place for 2018.

Register Now: https://goo.gl/R16u4f
0
In a Cyber Security training, the trainer/consultant from UK has recommended to my colleague (I did not attend the training) to use MS sysinternals.

Our role is to capture the evidences/artefacts using Sysinternals.

a) an End User IT support told me that sysinternals is not supported by MS, it's given as it is for use.
    Concern is : has MS been updating the version of sysinternals for use on Win 7, 8, 10 and Win2008 R2, Win 2012 R2, Win 2016
    so that it can be run / used on these versions of Windows (both 32bit Win7 as well as 64 bits Windows)?   I felt if sysinternals
    could run & capture evidences/artefacts on these platforms/versions of Windows, it's good enough  or is there any concern
    since MS is not supporting it?    We do have MS Premier support contract including MS Security escalation, so I guess MS
    will still analyse dumps captured using sysinternal or won't MS do it?

b) our role is to capture the evidences/artefacts in the event of compromises/attacks & we'll engage external forensics
     experts to analyse.  Which of the tools/components in sysinternals offer these capturing?  Will need to elaborate a
     bit for this one.  Example for "Process Explorer", we can select the specific process & "Create Full Dump" or take its
    hash & submit to Virustotal if any of the 60+ security products in Virustotal reported the hash as malicious
0
Installed a new SonicWall SOHO wireless router and the other computers at home cannot be viewed over the network.

How do I change this?
0
Did you know it only takes 2 hours for a security patch to be reversed engineered? Don’t let your company’s vulnerabilities go unsupervised. Enroll in March’s Course of the Month to begin training for your Certified Penetration Testing Engineer Certification today.
1
All of my assets laptops and servers run semantic for antivirus and protection, the security operation center that’s now providing additional security use McAfee. how will this impact my server and laptop loads?

There are live scans and after hours
0

Cyber Security

503

Solutions

829

Contributors

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.