Cybersecurity

300

Solutions

671

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

hi guys

Our consultant teams have run a report for security and a good 10 people's email addresses are available on the dark web. What is the best practice from here for better securing ourselves? Change of password? 2 Factor Authentication for OWA?

Thanks for helping
Yashy
0
Enterprise Mobility and BYOD For Dummies
LVL 4
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

I have been in IT since the 80's so I am old and cranky lol.
I have a good understanding of Security, Networking, Ransom ware, phishing, DDoS attacks, Flooding, Virus, Trojan, SPAM V-Lans, VPNS and so on.....
But I am self taught and there are holes in my advanced knowledge.
Anyone have any suggestions where I can learn prevention techniques for what is coming down the pipe today and tomorrow?

I read other threads on this subject, but seems more geared to home users or beginners, not that there is anything wrong with that ;)

I may have missed something.

I appreciate everyone's input.
0
Is there a way I can add a linux box to my domain network for monitoring purposes?  I'm a complete novice on this particular topic and don't know if my question even makes sense, but I have lots of spare machines I could use and dozens of Linux software disks that have come with my subscriptions to LinuxUser  and to Admin.

Is there a trade pub that would cover this, or a white paper?
0
What is a good anti virus software

Something that may combat ransomware
on windows 10
1
Hi All,

We have just moved to Kaspersky EndPoint security 10 (10.3.0.6294) from Sophos.
Some of the users have complained that now it takes them few minutes when they start there computer in morning and when they shutdown.
Is there anyway we can monitor whats taking up resources when the computer starts and how can we minimize Kaspersky resource utilization?

thanks.
0
Hello,

Trying to create a Site to Site between our TZ215 and Azure:
VNET1 - Address Space     = 10.1.0.0/16
               Subnet  range      = 10.1.0.0/24

GatewaySubnet                  = 10.1.1.0/24

Virtual Net Gateway           = VPN
                                               = Policy-based
                                               = VNET1
                                               = VNET1GWIP  (created Public IP)

Local Net Gateway             = RP_OFFICE
                                              = Public IP address of SonicWALL
                                              = 192.168.250.0/24 (LAN network on SonicWALL)

Connection                          = Site-to-Site (IPsec)
                                               = Virtual Net Gateway
                                               = RP_OFFICE
                                               = Shared key that matches what's configured in the SonicWALL

SonicWALL:
 General Tab                         = Site to Site, IKE using Preshared , IPsec Primary = Public IP of Azure, IPsec Secondary = 0.0.0.0, Local & 
                                                   Peer IKE ID = IPv4 address
Network Tab                         = LAN Subnets, Azure LAN network
Proposals Tab                       = Main Mode, Group 2, AES-256, SHA1, 28800, ESP, AES-256, SHA1, 3600
             
Seeing the following in the SonicWALL log:
  SENDING>>>> ISAKMP OAK INFO …
0
On 3 folders out of 100's When sending a attachment (from there 3 folders only) Outlook give a pop that in contains unsafe attachments and outlook user will not be able to open it (basically it drops the attachment before it reaches the recipient's inbox.
Outlook 2010
Window 7
The only thing I can think I did differently with the documents in these folders is that I saved the docs a word doc-then resaved as a pdf-then resaved in the other two folders.
0
Hi Experts!

I'm wondering about the following scenario, in terms of security:

A high traffic website (www.site.com or site.com) with some other subdomains running Apache/PHP on top of Linux, the website is using cookies to store user's data, the cookie's header states "domain=.site.com", so its a wildcard, cookies are encrypted and over https.  Twenty (20) other sites are "hosted" on the same "site.com" using their own subdomain "blog1.site.com, blog2.site.com, etc). These hosted subdomains are a basic CNAME at the DNS level pointing to a FQDN hosted somewhere else.

Given the above scenario, in specific, would one of those 20 subdomains be able to view/read/alter Cookies from the main website (www.site.com or site.com) or one of its subdomains (me.site.com, app.site.com, my.site.com, etc) ?

What are the security risks in place? Are there techniques or best practices for dealing with such scenario, wanting to exclude a list of subdomains from accessing unprivileged cookies? Anything else I should be aware?

If you can share some knowledge I would appreciate, thank you!!
0
Does anyone have a workaround for June 2017 security update that cause attachments in Outlook to be blocked due to extra (...) ?
0
refer to attached zipped slides:
any reviews / views on accuracy & thoroughness of this service is appreciated.

I think it relies on a list of questionnairres that customers feedback/input to
them, so I guess it will not be as accurate as doing actual penetration test scans
or vulnerability scans in our actual environment
cybint.zip
0
Percona Live Europe 2017 | Sep 25 - 27, 2017
LVL 3
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Hello,
     We use RealVNC to to monitor a couple of PCs that are at a remote location. We have never had a problem using it but since upgrading the firmware on our  Sonicwall NSA 220 the firewall now stops the connection with the following alert: IPS Prevention Alert: MISC RealVNC Authentication Bypass, SID: 5828, Priority: Medium. How can I stop the firewall from blocking these events?

Thank you
0
I  would like to know the explanation behind the answer.
0
Hello Everyone

I'm an aspiring Cyber Security Analyst and currently I'm studying for my Sec+. I currently have my A+ and want to move away from the Help Desk as I find this not in my passion to do but more so to be hands on and not dealing heavily with end user contact as much as a Help Desk position would. When I try to research entry level positions to become a Security Analyst it seems almost impossible because of the experience that is wanted/needed. I understand that. This is now starting to make me feel as if I chose the wrong path, I also as well have a strong interest in becoming a Sys Admin as well. These two are my primary focus. Any suggestions for someone who only have help desk experience to move into a more hands on role for a Cyber Security Analyst. Or is it best to become a Sys Admin and then transition into the Security field?

Thank you

Also any suggestions on tools or virtual labs that will help me learn cyber security tools and gain my own hands on practice
0
I installed Crashplan on a windows machine and have a mapped network path as drive letter f: and crashplan cannot back it up, but on a MAC I installed Crashplan and it can backup the same network path. What is the limitation in windows that prevents this and is there a work around? I have even attempted mapping the drive in windows then creating a symbolic link and it still does not work.
0
hi experts,

 I've been asked to design it, present it as to why it needs to be done and implemented. Can someone with experience in this subject on how to proceed , what information I need to gather and what steps actions need to be taken to secure and protect uers/network/workstations from ramsomware.
0
Hello,

The vendor who does our security audit express concern about SSL certificate we are using on our websites.  They mention version 3 and TLS v1 are not secured.  

I check the version of the cert we purchase is SHA-2.  

I usually purchase the latest version cert and apply it to my IIS website.  Are there additional things I need to do?

Please advise.  

Thanks.
0
Can you please suggest best IT security vulnerability reporting software like hackerone which will be also cost effective.
0
Experts,

On my meterpreter session I need to execute this command:
procdump64.exe -accepteula -ma lsass.exe lsass1.dmp

this does not work:
meterpreter > execute -f procdump64.exe -accepteula -ma lsass.exe lsass1.dmp
nor
meterpreter > execute -f procdump64.exe -a -accepteula -ma lsass.exe lsass1.dmp
0
Experts,

On my victim Windows 7 professional domain joined machine when I go to connect to a network share, I send my NTLMv2 HASH.
But when I take a password hashdump, they are in NTLM format.  
While in a meterpreter connection, when I run hashdump, will it always be NTLM format? I don't remember ever seeing NTLMv2 when running hashdump.
0
Prepare for your VMware VCP6-DCV exam.
LVL 1
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

We developed some apps for our customers.  Besides scanning our mobile/IOS
website, auditors have required that we scan the IOS/Android apps that we have
developed for our customers IOS devices.

Q1:
is this a feasible or common practice to scan the apps running on clients IOS?

Q2:
What are some of these scanning tools that anyone can suggest?

Q3:
My view is to scan the mobile portal that we offers, not client's mobiles/iPad
0
Can someone recommend a syntax on john the ripper using the default word list that I can use to crack an ntlmv2 hash for the password below in under 5 minutes?

DaLLasTexas!!
0
Hi All,

Is it possible to block a particular file, for eg a  malicious pdf, based on its Sha-256/Md5 hash value , from the firewall?

Regards,
T
0
I have a hacker who is aggressively attacking my network and need advice on which router is the most secure/encrypted?
0
is there any technique/command/tool that can be used to remotely report the system centre endpoint protection status from a remote PC (definitions created on, definitions last updated, virus definition version, spyware definition version).
0
Hi, just looking for a better way of managing WSUS v 6.3.9600.18228
We automatically approve Critical, Definition and Security updates
We sync Critical, Definition, Feature Packs, Security Updates, Service Packs, Updates roll ups, and Updates.

We get an email notification once a week of the synchronised updates, we have 3 different sites each running its own WSUS server, and its a constant struggle trying to wade through the print outs, as the print outs (synchronised report) contain all the updates that are automatically approved as well as ones which need checking to see if we want them or not.

This wastes time as we are checking updates unnecessarily. Is there a report that could be run instead that prints out just the items that aren't automatically approved and require attention?
We also find updates on the printout that are only a few days old, have already been superseded, again wasting time.

There must be a better way of doing this?
regards
Rick
0

Cybersecurity

300

Solutions

671

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.