Cyber Security

551

Solutions

876

Contributors

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

What realistically is the risk if somebody found out an internal server name from the outside, e.g. what may it allow them to do in terms of a security attack. I am talking about from the outside. I noticed in some documents available on our website there is some mention of internal servernames and need to quantify the risk, they are not accessible to anyone outside the organisation, only those internal to the company, but it still doesn't sit easy.
2
Firewall Management 201 with Professor Wool
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

Hi I am looking to do Pester test around my powershell code...but not sure about it ...can some help.

Bascially I need to pull Azurekeyvaultkey information using powershell and then do a pester test to do it, I managed to do poweshell bit but not sure how to do pester part....please I need help urgently.
0
We use Office 365 for Exchange. One employee's email account was compromised. HR received a request for changing direct deposit bank, from this employee's email address, and HR replied the email. But the request wasn't from the employee. The employee could receive all the normal emails, but not the ones related to this request.

How can we trace the original request email? How can we fix this issue?
0
if I wanted to test how secure the network is against being hacked or Ransomware attack - where would I start?

If I did something like the Certified Ethical Hacker Course or CREST Registered Penetration Tester. Would either of these courses help?

Thank

Ian
0
I have a certificate on one of my servers. The server is a certificate of authority. I know that I can set up a GPO to deploy their certificate to individuals on the domain. but what I want to do is install or enroll their certificate on one particular server manually without GPO. is it possible to do this?
0
What are the best practices in light of ransomware attacks. I've had a few local non rotating backups get bricked because of ransomware. I do have remote backup, but is everyone resorting to rotating backup drives?
0
Spectrum on behalf of Sony sent a client this e-mail: {Removed IP address below}

To whom it may concern,

Pursuant to Sony Interactive Entertainment LLC ("SIE") corporate policy, the below IP addresses were blacklisted from using our services because SIE detected activity that is abusive to our network services. In our determination, the abusive activity was not related to velocity or volume (many users behind the same IP address, i.e. NAT), but matched the specific patterns of known abuse of our publicly available services. This abuse may be the result of a computer on your network that has been compromised and is participating in a botnet abuse of our services.

The following table of IP addresses, dates and times should help you correlate the origin of the abusive activity.  The time stamps are approximate from our logs.  The actual timing of the events depend on the signature matched.  It is very likely to have occurred both before, during and following the times listed.

       Approximate Time Range (UTC),      IP Address, Reason
2018-07-23 12:46:00 ~ 2018-07-23 13:46:00 (UTC),   xxx.xxx.xxx.xxx, Account Takeover Attempts

It is most likely the attack traffic is directed at one of the following endpoints:

account.sonyentertainmentnetwork.com
auth.api.sonyentertainmentnetwork.com

These endpoints on our network are resolved by Geo DNS, so the IP addresses they resolve to will depend on the originating IP address.

The destination port will be TCP …
0
Hi Experts

Could you point if  phpCAS that uses API for authenticating users against a CAS server (WebSSO CAS) could be integrated at an existing Codeigniter project?

CAS - Central Authentication Server

I'm implementing a SSO (Single Sign-On)  funcionality to allow a web app conexion based on user id and  correspondent user's data obtained from LDAP (AD-Active Directory)

phpCAS

I'm planning to implement the SSO functionality at PHP Codeigniter's site index.php.

Thanks in advance!
0
Hi Everyone, our small SMB\company recently switched to hosted Office 365 Exchange based email. Before the switch, we had an "in-house" Exchange mail server.
We have about 10 or so domains registered for email delivery.

So here's the problem. Since switching to Office 365 our users are being bombarded with "Somewhat Legitimate" Phishing Emails that try and trick them into providing their logon credentials.
IE> Your account in box is full, click here to fix. Your account will be terminated if you don't click here and login .. and on and on and on.

I've mostly stemmed these by created rules in Mail Flow that block certain words and phrases contained in Subject\Body.

Thats said, any suggestions to better keep these emails out? This issue not nearly as bad when didn't host with Office 365.
0
I'm looking for opinions about setting up DMZ VLANs on switches that are also used for internal networking vs. using separate physical switches for DMZs and internal networks.  Any concerns or benefits you can think of for one over the other.  Assume Cisco equipment.
0
Get Cisco Certified in IT Security
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

SSL Certificates

Can you explain the process for buying SSL certificates?
The challenges around security?
Where to buy from?

Who should have access?

Any other info would be great
0
We have been hit with ransomware.  Please see the attached screenshot.

The file extensions have been changed to STG.

They hacked into the network, created admin users and made them part of the Admin group, created shares etc.
0
In a meeting we were told that it is possible to know or identify if a user hit a specific page and it’s contents even if the page is locked.  We understand that when a page has a lock it means SSL and that the data to/fro from the site to computer is encrypted.  Is this possible that even thought the page has a lock, there is  a way to identify the encrypted page that the user visited and identify the contents, if it has form or just regular page?
0
Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.
0
Hi,

I d like to see how good my Wi-Fi is protected so how can I test this and see what would happen when somebody could get connected to my Wi-Fi (what he could see/do)?

That way I could take countermeasures.

J
0
Hi,

I need assistance how I can disable / close network discovery on LAN for Servers and all Clients please.


Regards
Asif
0
Does anyone recommend any good ethical hackers?  I want to ensure that I close any open security issues for my organization and I was thinking of hiring an organization or individual that can provide that service?  

Any reputable recommendations?
0
I have a question about defending against  DDoS attacks.  My ISP charges a large penny for service to protect me from DDoS attacks, it's basically the same amount for my internet, and it's not cheap.  Besides buying hardware, does anyone recommend any online companies that can provide the same kind of service as my ISP, but at a descent cost?

What other options do I have, or does anyone recommend a good solution?
0
We have been reading lots of hype on these iphone apps for detecting hidden camera and wanted to know if any EE has an experience in them in how truly they work using an iphone.
0
Become a Leader in Data Analytics
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

After being hit with Ransomware, restoring from backup, and reinstalling applications as needed, I can't get the Quickbooks Database Server services started or the Quickbooks Database Server Manager to run. When I browse for files and 'Start Scan", it attempts to start the services after browsing the files, finding Quickbooks files. It claims the folder in which the company files live isn't shared. I guess that's technically true, but the directory one level up IS shared, so it's possible to browse to it from a network share. Then it tells me it is attempting to resolve Networking issues, and tells me after that to resolve network issues and try again later (not the exact syntax, obviously).

I have tried installing just the bare server (what we had done in the past), installing the full version of Quickbooks (2016 for the moment), uninstalling, rebooting the server (2008 R2), reinstalling just the database server, using the Quickbooks clean boot utility, disabling ALL firewalls (Kaspersky and WIndows Firewall), I can't get the QBDbMgrN to start and stay started. I can't get the QuickbooksDB26 started. For some reason it claims to be a service that should be started manually. I don't recall that having been the case in the past.  Also,  I don't think the QuickbooksDB26 ever disappeared, even after a clean install (using the Clean Install tool), an uninstall, and/or a reboot.

Previous to the ransomware, the server had Quickbooks 2015 and 2017 database servers installed. …
0
CAN WE APPLY DIFFERENT RETENTION POLICY FOR DIFFERENT DEPARTMENTS

how many retention policy we can have
0
Running Exchange 2010 with MS outlook 2010
 I have a share mailbox call  (sharemailbox1@domain.com) in my inbox has an auto forward all mails to my inbox.

what I need is a rule that will move (filter) the email that is auto forwarded to a specific subdirectory in my personnel inbox in  Outlook 2010

Screen shot attached.
this-message-was-autoforward.PNG
0
Trying to write an Exchange 2010 Transport Rule that will warn users if someone is attempting to impersonate a real AD/Exchange User.  IE, sender's EMail is liar@gmail.com but sets his text name to be John Smith, who is the president of the company.  So the inbound message is from John Smith <liar@gmail.com> when the correct sender would be John Smith <jsmith@real_domain_name.com>

I've created a Transport rule that checks:

- If inbound message is from a user that is outside the organization
- And sender's properties firstname is John
- And sender's propoerties match text pattern of lastname is Smith
- Then prepend message to EMail's Subject warning recipient

Had to add two conditions because if I put firstname and lastname in the sender's properties line, it made an OR statement instead of an AND statement

Note, can't just block liar@gmail.com, since the actual source address changes.

Not sure if this rule is working, or if GMail and other mailers always use what appear to be Active Directory fields of firstname and lastname.

Is there a better way to do this?

Thanks,

Nathan
0
EE,

We have been attacked by the "rapid' ransomware virus - most of our key information assets have been locked, all with the extension of ".rapid" on each file.
> The worst part is that they locked all of our backup files as well - we are stuck.

I am looking for some suggestions on how to deal with this... Yep, first time for me and my company.

Should we pay or should we fight...

Rojosho
2
We have two VLanes, "V-LAN1 & VLAN2 Wi-Fi"

We have configure traffic between the two, but our email is not working. "Meaning if I connect my cell phone or laptop to the Wi-Fi, I can not received emails. That s with VLAN2 Wi-Fi".
VLAN1 is hardwire .

Exchange:                                                                                     Server:                                                              Firewall:
- Exchange Sever 2007  Version 08.01.0436.000                   - Windows Server 2008 R2 Enterprise         - SonicWall NSA 2600
0

Cyber Security

551

Solutions

876

Contributors

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.