Cybersecurity

284

Solutions

647

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

Webroot Certification Program
We're excited to announce the launch of our Webroot Certification Program.

The Webroot Certification Program covers key feature differentiators, deployment best practices, cybersecurity management, and basic troubleshooting techniques for SecureAnywhere® Business Endpoint Protection. The program enables the sales and technical teams at managed service providers (MSPs), value-added resellers (VARs), and other distributor partners to better sell and support the solution, as well as streamline and enhance their IT services business.

Get certified by signing up here.
2
Database Solutions Engineer FAQs
LVL 2
Database Solutions Engineer FAQs

In this series, we will discuss common questions received as a database Solutions Engineer at Percona. In this role, we speak with a wide array of MySQL and MongoDB users responsible for both extremely large and complex environments to smaller single-server environments.

refer to attached zipped slides:
any reviews / views on accuracy & thoroughness of this service is appreciated.

I think it relies on a list of questionnairres that customers feedback/input to
them, so I guess it will not be as accurate as doing actual penetration test scans
or vulnerability scans in our actual environment
cybint.zip
0
BecomingMalwaretech-SocialMedia-Nati.pngEver wondered what it takes to become a threat intel expert like Malwaretech? Check out our first Q&A release where Marcus discusses his background and predictions for the next threat in malware.
4

Cyber News Rundown: Edition 7/21/17


Cyber-News-Rundown-WordPress-800x600.jpg
Malware Lurking in Game of Thrones Torrents

Viewers hoping to catch an illegal copy of the season 7 premier of Game of Thrones, released last Sunday evening, stumbled across something much more dangerous than White Walkers. The most pirated TV show in the last 5 years, Game of Thrones torrents often come with an extra side of malware, and have even released a Cerber ransomware variant onto unsuspecting viewers. While some lucky pirates have escaped with clean torrents, others haven’t been so fortunate. Use caution in all your internet activities, whatever they may be.

Twitter Porn Bot Shutdown

In the last few weeks, researchers have been attempting to bring down a Twitter botnet that took over 86,000 bot accounts to send out a relentless stream of porn ads to Twitter users across the globe. The botnet itself began by creating systematically generated Twitter accounts to send out a malicious URL payload to victims, which would then redirect them to a variety of porn sites controlled by the same network.

Adoption Data Leaked in Newcastle

Recently, officials of the Newcastle City Council have been attempting to resolve a data breach in which a spreadsheet of over 2,700 adopted children’s information
5
QTT2017.PNG
In This Issue:
Streaming Malware Detection and Trends

More information here.

Although malware and potentially unwanted applications (PUAs) such as spyware and adware have been a top concern for years, many organizations still find themselves overwhelmed by the abundance of modern threats. This quarter, we examine malware trends, get insight from Webroot CTO Hal Lonas on dissolving security perimeters, and present findings from two recent surveys on how security professionals will focus their security efforts over the next year.

Get the latest Threat Trends Report now!
2
Experts Exchange got the opportunity to interview MalwareTech, the 22yr old who discovered the WannaCry kill switch. Check out his advice on security and future security threats, as well as his comments on the importance of tech communities.
5
 
LVL 31

Expert Comment

by:Zoppo
Once a customer called me and told our software tells him 'Hardlock not found' - after 10 minutes verifying everything (driver, service, client) was installed fine and running, just for fun and coz I was a little bit frustrated, I aksed if he really plugged in the hardlock - the customer was a bit surprised and answered "No, it's here, laying in front of me, on my desktop - do I have to plug it somewhere?"

Another time I sent a PDF docu to a customer - he answered with a mail asking me what to do with this PDF. I wrote 'just open it to read or print it' - he answered he doesn't know what 'open' means and asked me if it would be possible that I open the PDF and send it to him 'opened'.

And one of my favorites, allthough it wasn't directly me: Once surprisingly I heard my colleague (usually a relaxed guy) yelling loud into the telephone "NO! STOP! Stop EVERYTHING! DON'T TOUCH the mouse! DON'T TOUCH ANYTHING! When I tell you 'click', click EXACTLY ONCE with the LEFT mouse button! WHEN I TELL YOU 'double click', click EXACTLY TWICE with the LEFT mouse button! As long as I don't tell you anything DON'T TOUCH ANYTHING!!!"
0
Skyport2-SocialMedia-LinkedInV2.pngDid you miss our co-branded webinar with Skyport Systems yesterday? Check out the recorded webinar available on-site to learn how to secure your Active Directory against security threats.
1
Cyber-News-Rundown-WordPress-800x600.jpg
Cyber News Rundown Edition: 7/14/17

Verizon Call Logs Found Exposed Online

Over the past month, researchers have been learning more about the recent discovery of unsecured customer service call records for over 14 million individuals on an Amazon server. The server in question is controlled by Nice Systems, an enterprise software company based in Israel, and contained call logs from January through June of this year. In the unencrypted records were customers’ names and their Verizon account login credentials. Even after Verizon became aware of the server’s vulnerability, it took over a week to get it properly secured by Nice Systems.

Bupa Healthcare Services Breached

In the last week, international healthcare provider Bupa was the victim of a data breach that included basic customer information, such as names, birthdates, and nationalities. The breach originated with an employee incorrectly transferring data between systems of Bupa Global, which handles international health insurance for frequent travelers—around 108,000 customers in total. The affected branch of Bupa has contacted all affected customers, and has stated that no other branches worldwide have been compromised.

Botnets Distributing New Point-of-Sale Malware

With the recent influx of botnet-related cyberattacks in the last year, it’s hardly surprising that Point-of-Sale malware is now spreading through the same channels
3
Bupa breach affects more than half a million customers

A London health insurance agency has been hit with a massive data breach. The personal information of about 547,000 people was compromised.

More info here
1
ransomware-2320941_960_720<wbr />
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
0
Get your Disaster Recovery as a Service basics
LVL 1
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Hello,
     We use RealVNC to to monitor a couple of PCs that are at a remote location. We have never had a problem using it but since upgrading the firmware on our  Sonicwall NSA 220 the firewall now stops the connection with the following alert: IPS Prevention Alert: MISC RealVNC Authentication Bypass, SID: 5828, Priority: Medium. How can I stop the firewall from blocking these events?

Thank you
0
I  would like to know the explanation behind the answer.
0
Cyber-News-Rundown-WordPress-800x600.jpg
Cyber News Rundown: Edition 7/7/17

British Lawmakers’ Logins Targeted

Over the last week, multiple parliament members and other lawmakers in the UK have been the focus of cold-callers attempting to gain login credentials, following a successful brute force attack that compromised the credentials of several other officials. Passwords for the remainder of the parliamentary staff have received a force reset to avoid any further exploitation of their systems.

Banks Still Struggle with Security

The Online Trust Alliance recently conducted an anonymous study of 1,000 websites across many different sectors, to test for security, privacy, and consumer protection. Of the 100 largest US banks in the study, only 27% passed all 3 categories, while 65% failed in at least one category. Although the American Banking Association still believes that banks are the current standard for security, the long list of breaches throughout the last year alone leave many consumers questioning just how secure their banks really are.

Sabre Breach Exposes Google Employee Data

In the past few days, Google has been sending out notifications to employees after Sabre Hospitality Services experienced a breach in their reservation system
4
bitcoin_photo_via_shutterstock.jpg
This just in... Humans Still the Weakest Link

"The fact that access appears to have been initiated by initially compromising an employee's personal PC is a very worrying development – highlighting huge failings on so many levels, from an employee education and training standpoint, all the way to administrative and technical controls, to monitoring and enforcement." -  David Kennerley, director of threat research at Webroot.

More on TheRegister.
5
 
LVL 2

Expert Comment

by:Christopher Rourke
Good ol' PEBCAK :) Thanks for the article link.
1
 

Author Comment

by:Drew Frey
Happy to share, Christopher! There's an educational component most people could use to help combat PEBCAK :)
1
Hello Everyone

I'm an aspiring Cyber Security Analyst and currently I'm studying for my Sec+. I currently have my A+ and want to move away from the Help Desk as I find this not in my passion to do but more so to be hands on and not dealing heavily with end user contact as much as a Help Desk position would. When I try to research entry level positions to become a Security Analyst it seems almost impossible because of the experience that is wanted/needed. I understand that. This is now starting to make me feel as if I chose the wrong path, I also as well have a strong interest in becoming a Sys Admin as well. These two are my primary focus. Any suggestions for someone who only have help desk experience to move into a more hands on role for a Cyber Security Analyst. Or is it best to become a Sys Admin and then transition into the Security field?

Thank you

Also any suggestions on tools or virtual labs that will help me learn cyber security tools and gain my own hands on practice
0
0
I installed Crashplan on a windows machine and have a mapped network path as drive letter f: and crashplan cannot back it up, but on a MAC I installed Crashplan and it can backup the same network path. What is the limitation in windows that prevents this and is there a work around? I have even attempted mapping the drive in windows then creating a symbolic link and it still does not work.
0
Today is the last day to enroll in June’s Course of the Month. With ransomware attacks on the rise this year, we encourage all members of our community to enroll and avoid becoming part of 2017's statistics. Premium members, Team Account members, and Qualified Experts will have 30 days after enrollment to complete the course. Don’t miss this opportunity to enhance your security!
3
3
Efficient way to get backups off site to Azure
LVL 1
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Today's update on Petya
Previously, it was believed that the ransomware would not begin encrypting until an hour after the initial infection. It is now been discovered that it begins encrypting the first 1MB of the below file types upon infection. Therefore turning off your device when viewing the reboot message, will not stop encryption.

It is also now being disputed if the goal of this attack was to collect Bitcoin or cause mass destruction in the devices it infects.

Files types:
.3ds .7z .accdb .ai .asp .aspx .avhd .back .bak .c .cfg .conf .cpp .cs .ctl .dbf .disk .djvu .doc .docx .dwg .eml .fdb .gz .h .hdd .kdbx .mail .mdb .msg .nrg .ora .ost .ova .ovf .pdf .php .pmf .ppt .pptx .pst .pvi .py .pyc .rar .rtf .sln .sql .tar .vbox .vbs .vcb .vdi .vfd .vmc .vmdk .vmsd .vmx .vsdx .vsv .work .xls .xlsx .xvd .zip
6
4
 
LVL 1

Expert Comment

by:Juana Villa
Can people user their intelligence to help others? or ... at least not hurt them in any way?
1
hi experts,

 I've been asked to design it, present it as to why it needs to be done and implemented. Can someone with experience in this subject on how to proceed , what information I need to gather and what steps actions need to be taken to secure and protect uers/network/workstations from ramsomware.
0
Update on Petya Attack
As noted by our on-site expert, krakatoa, the current vaccine for Petya involves creating a file called perfc in the C://Windows folder and making it read only.  No kill-switch has been discovered, only a local vaccine.  
If you see the reboot notification below, your device has been infected. Turn off your device to prevent future encryption. Petya begins encrypting the device an hour after the initial infection.
**Update: Petya begins encrypting your the first 1MB of your files prior to the reboot. See new post for the updated information. **petyareboot.JPG
6
 

Expert Comment

by:Phillip Monk
.dat
1
 
LVL 9

Author Comment

by:Experts Exchange
According to our knowledge, file extensions .dat and .dll for perfc. Check out this article for more info!
0
Gain the added security of knowing you are prepared and properly protected against future ransomware attacks, such the Petya attack, with this free course! Premium members, Team Account members, and Qualified Experts have 3 days to enroll for June’s Course of the Month. Once you enroll, you have 30 days to complete the course.

5

Many Firms Hit by Global Cyber Attacks - Petrwrap


Firms around the globe are reporting that they have been hit by a major cyber-attack. Some experts have suggested that it could be a ransomware attack, similar to Wannacry which hit last month. Alan Woodward, a computer scientist at Surrey University, said: "It appears to be a variant of a piece of ransomware that emerged last year.

More on this story via the BBC.
10
 
LVL 9

Expert Comment

by:Experts Exchange
They have a sense of humor.
2
 
LVL 14

Expert Comment

by:Ajit Singh
The Petya ransomware has caused serious disruption at large firms. Ransomware attack continue to be a huge challenge for organizations with incidents reaching record highs. This article explains bit more about 'Petya' ransomware attack strikes companies across Europe and US.
 
Also check this this article to defense the ‘Petya’ Ransomware Attack.
0

Cybersecurity

284

Solutions

647

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.