Cyber Security

647

Solutions

954

Contributors

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

I'm trying to configure a rule in Cisco CES cloud platform the stops people masquerading as the CEO
for attempted Phishing. So on our previous FW we had if the mail has the sender as 'our ceo' but does not come from
our Domain, then drop. I can see where to configure this in the CES.
0
Bootstrap 4: Exploring New Features
LVL 13
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

I have a question about ransomware.  If my computers C drive is already encrypted, is it still possible for ransomware to hold my computer hostage by encrypting files?  if we have office 365 and all the files are also backed up to the cloud through OneDrive, doesn’t that also create a level of protection?
0
Hello,

My site has not stopped planting for a while.
I was advised to check my logs and I see that there is this IP 150.918 times in my logs from 00:00:07am to 12:36:01am

ip.png
what do you advise me to do?

I added this Deny from 104.248.248.206 to my .htaccess but ip continues to show...

Thank you for your advice,
Jaber
0
We are looking for a way to make documents (preferably PDF files) self-destruct after a set period of time.  We strongly prefer a strictly client-side solution with no central management server.  Is there an easy solution?
0
I can't get my forwarders to send data to my indexers for some reason! I've checked my inputs.conf on both universal forwarders and then ran a "list forward-server on each" and they both are reporting back the following:

Active forwards:  None
Configured but inactive forwards:  None

I've triple checked my monitor stanzas and they are good to go.  Permissions on the inputs.conf are wide-open on both UF's and the Search Head (which I am currently using as my deployment server).  Any help would be greatly appreciated!
0
Does FedRamp actually offer a Certification/Accreditation for their training course?   Is there an actual exam that you have to take at the end?
0
please guide me what are the things i should consider for a sandboxing solution. can sandboxes be integrated with any email/ web gateway solution ?
0
I want to ensure the integrity of the value that is set in a session will remain valid throughout the user's interaction with the site.

Can a session value be changed from the client-side?
0
I want to create a lab environment for testing threat traffic logs so that we can identify threat patterns and anomalies within those logs.  Once we have identified "a threat" or signature of one, we can then use that information to write up a case scenario.  What would be the best way to set this up?  This test environment would need to virtualized and segmented.  What would be the best way to receive these traffic logs? From the outside while keeping them maintained in a controlled environment?
0
Is there a way to emulate threat traffic in a controlled environment?  We would then use this information for common use cases.  I was thinking anything along the lines that could include log files that could give an indication of different attack signatures.  This method is obviously safer than injecting a virus on a test box and then introducing it to a customers network.  Any suggestions are GREATLY APPRECIATED!
0
Python 3 Fundamentals
LVL 13
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Is it risky to use a 3rd-party VPN service such as NordVPN for a business?  The goal is to make it harder for attackers to break in to the office through the Internet.  The goal is not to allow people to connect to the office remotely.  The line of thought is that forcing all office Internet traffic through a VPN would make it harder for an attacker to target the office because the VPN would make the office Internet connection anonymous.

Would using a VPN in this way negate the protections provided by a NAT router?  What about if the router itself is configured to make the VPN connection for the whole office instead of having each individual client computer connect?  Which is the best way to do it?
0
Hi Experts,

This is only my second post, and I have a curly question.

Regarding my website's security:
The website/portal is created using PHP 7.2.x with MySQL 5.x database
While I have allowed only authorised users to access a portal to upload images (to a specific directory), how do I stop user/s from uploading to directories outside the specified directory?

Background:
My site is currently under review by a cybersecurity team for vulnerabilities, and I've noticed they have uploaded an image file to my server root folder, and then also uploaded the same image and changed the extension to .php... *gasp*!!  

So, before they provide me with the full list of vulnerabilities, I'd like to get a head start on this particular security issue (as it's clearly a major issue).

The site is hosted with a professional web hosting company, so I seriously would "assume" (though that is dangerous in these times with so many cybercriminals about) there is sufficient server controls in place to stop unauthorised access (other than with FTP) to directories.

Hopefully I can learn more on this asap to mitigate any issues that have potential to cause me unnecessary late night.

Regards,
MB :)
0
Q1:
I'm making comparison for IPS brands that give the most virtual patches
for various CVEs for MS (Windows, Outlook, .Net,  MS SQL, IIS & MSOffice) ,
Oracle (Weblogic, Database, Java, Solaris), Linux (various Linux esp RHEL,
Ubuntu, Debian, CentOS used in microservices) & a couple Opensource
softwares (eg: PHP, Apache, Struts, Wordpress).

Reason is it's difficult to get downtime & lead time to patch can often
stretch to almost a year.   Currently, Trendmicro claims its Deep Security
is endorsed by MS as giving the most virtual patches for MS products.

Q2:
What about TippingPoint NIDS (acquired by Trendmicro) in terms of
its number of virtual patches for various products above?

Q3:
What about other products (esp coverage for Oracle & Linux-related ones)?
McAfee, Checkpoint, Sophos, ... ?

Q4:
Also, continued availability of obsolete versions of softwares are crucial
for us as we have a long lead time to tech refresh obsolete (ie principals/
developers don't release patches for it anymore) softwares.

Q5:
There's an argument that ultimately product patch still need to be applied?
What could be the possible reasons for these?   Heard that for NIDS, if
PCs got infected/compromised, the attacker could bypass NIDS & WAF to
attack the unpatched endpoint servers.  Guess an IPS with agent inside
the endpoint will mitigate, right?
0
We have 40 computers that are Win 7.  The end-of-life is in January 2020.  All security updates will stop.   How critical of a concern is this for our companies security?

We are non-profit so this will be a huge expense if I have to replace them.
0
just had two sites fail pci compliance tests with certificate errors on sonicwall tz180.  trustwave does the scans and this is what they said: The server should be configured to disable the use of the deprecated SSLv2, SSLv3, and TLSv1.0 protocols. The server should instead use stronger protocols such as TLSv1.1 and/or TLSv1.2. For services that already support TLSv1.1 or TLSv1.2, simply disabling the use of the SSLv2, SSLv3, and TLSv1.0 protocols on this service is sufficient.
i have no idea how to do what they said.  any help is really appreciated.  thanks
0
hi guys

I'm thinking of ways in which we could educate our staff when it comes to the actual threats of security through emails like phishing.

However, if I wanted to send out reminders frequently like every fortnight, then I'm wondering what sort of content could be covered in order to not become monotonous?

Have you seen this done at firms you've worked at? If so, are there any tips?

Thanks for helping
Yash
0
Are there any useful documents/articles that are routinely issued/upgraded which show specific trends in cyber attacks for say the past 2-3 years, and for any major cyber attacks that hit the news – what the root cause of the vulnerability that was exploited was? i.e. what the cyber criminals are targeting nowadays, and what the relevant controls are to protect against those, assuming they could be protected against, e.g. a relevant patch applied?

I was also interested in identifying the primary/priority security defences, or at least coming up with some form of priority checklist of what to assess in what order when it comes to security. I appreciate on larger networks/infrastructure security must be an absolutely mammoth effort, and any single vulnerability on any device could be your downfall, but there must be some form of precedence in terms of priority of cyber controls when self-assessing your cyber/security defences, so my question to you is - where exactly would you start, and do any of the guidelines out there put cyber controls/defences in order of importance/priority, I assume they must do, but quite which articles/guidelines is an unknown to me.  

If you were doing an independent review of your security/cyber defences, what order would you start in, e.g. the absolutely bare minimums, and then onto the second tier of
defences, 3rd etc. If there are no such guidelines, your own view on this would be equally as interesting.
0
traveling abroad and using a VPN.  hi, security teams preach using a VPN tunnel when traveling abroad to secure your traffic but is actually happening via a WiFi connection w VPN?  what makes it more “secure”.   what VPN app from the App Store work?   is my sonicwall VPN from my house sufficient?
0
We have a system with around sixty computers and three servers and we are infected with the trickbot virus. We have taken everything offline and cleaned a number of computers but when we add another computer to the network now even though we think the computer is clean it and the other computers become inflected again. We use Sophos but that doesn't seem to fix it.

We are looking for some advice on the best way to deal with this nasty virus

Thanks in advance
0
Exploring SQL Server 2016: Fundamentals
LVL 13
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

I'm looking for some yardsticks/benchmark on the % of staff who clicked
(on the malicious link) during a phishing/Social engrg exercise.

Above what % (10%, 20%, 30% or ?%)  of staff in an organization who clicked
on it, then it's considered as bad (ie the organization is deemed to have
failed & will need remedial/reinforcement training)?
0
Hi

We have customers that cannot patch SharePoint as quickly as possible. So I have some questions:

1)    How high do you measure this vulnerability, since attacks can be done remotely?
2)    Do we have a temporary possibility to reduce the risk without patching?
3)    If yes, what would you recommend me? (Is there a way to block ports etc. ?)

Thank you in advance
0
Hello Gurus ,

Could you please share any reference sites for me to understand cybersecurity technologies such as Threat Hunting , EDR etc

Regards,
Aaron
0
I would like to process an internal penetration test. Is there any recommended website ? a typical site has only 1-2 WAN IPs and 100 end points ?

Many thanks,
Chanaka
0
Hi
   
I would like to know your opinion on the following questions:
   
1)    What are the contras of the CVSS Scoring System, compared to many other systems?
2)    Where did you hit limits while working with CVSS Scoring System?
3)    What must be considered in which scenarios?

Thanks a lot for your feedback.
0
In the past I had a Gmail/Yahoo account, nonetheless companies seem to collect more and more personal information without paying or telling the person each time they are taking it and rarely clearly state it's uses. I don't care if the government looks at my data, but am concerned about unforseen consequences; such as it being easier for a scammer to trick me cause they have more info on me or a criminal buying my data and knowing when I am away from a crowd so they can commit a crime etc.,

I was wondering if getting a web domain through a service like 'godaddy' and forming my own email would be the best way to prevent 3rd party data collection?
0

Cyber Security

647

Solutions

954

Contributors

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. cyber security focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.