[Last Call] Learn how to a build a cloud-first strategyRegister Now

x

Cybersecurity

376

Solutions

737

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have several colleagues complaining that when they are on VPN - when they download something - the download stop in around 75mb.  It then gives a network error.  Users can resume the download - but again causing issues.

Is there a setting in Dell Sonicwall restricting this?

Pretty sure there is no GPO setup
0
New Tabletop Appliances Blow Competitors Away!
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

If I configure sonic wall tz300 to get WAN ip from Comcast GW DHCP, will I still be able to configure the VPN for remote access?   I am mulling several different topologies, and if this could work this seems like the easiest way.
0
Hi All

I have a couple of clients with SonicWALL TZ 300 routers, and am considering having them purchase SonicWALL’s Capture Advanced Threat Protection because it seems like a damn good idea! As I understand it, it's cloud based sandbox system.

Would appreciate hearing everyone's thoughts, concerns or experiences with the product or similar products.

Thank you!

Mark
0
I host application servers for a website and to allow users to upload documents, we need them to be scanned first by AV software. I assume I will need to find AV with some sort of API to trigger the scan. Does anyone know how to approach this problem?
0
The scenario:

1.      We have a Windows XP computer which runs an offline PDF to Print comparison.  
2.      As it is XP we have taken it off our network for security reasons
3.      The XP computer is attached to an A1 scanner which scans a printed leaflet
4.      The software then compares the printed scan against the original PDF used to generate the print plates
5.      For reprints this is OK as a copy of the original PDF already exists on the XP computer
6.      For new prints the user needs to go to another computer which is on WorkGroup, browse for the file, copy the original PDF to a USB, copy from the USB to the Windows XP computer, then run comparison

It is step 6 which I am trying to improve.  Can I directly connect the XP computer to the networked computer using some sort of software that isolates but still allows a folder to be browsed and a file copied.  I hope I have made this clear
0
Two part question... How important is video surveillance when it comes to physical security of your data? How important is that same video to everything else (tech and non-tech) within your premise? For context, I am looking at this from a risk assessment, cyber liability insurance, and/or business continuity perspective.
0
Dear All

I installed Fortigate 60 E and its blocking all the videos and Audios. Also its blocking all the social media sites.
0
Hi all,

Long time reader first time posting.

I have been asked to setup a web server inside a DMZ that can communicate with an internal database server. We have one external IP address available with port 443 currently only being used for external access to the SonicWALL. The firewall is a SonicWALL NSA 220.

The web server will be a virtual Windows 2016 server sat on ESXi on it's own vSwitch connected to a spare port on the SonicWALL which I will configure as a DMZ port. I assuming I can configure a rule on the SonicWALL that will allow ports 443 and 80 to be forwarded to this web server and allow the web server to only communicate with the database server over 1433.

An external vendor will be configuring the application that will be running on the web server.

Does this sound like a workable solution?

Tom
0
Hello,

Are there any trusted and automated sources of Cybersecurity Threat information that you subscribe to?  While we follow many sources on twitter, i was wondering if there were any automated solutions out there like RSS feeds or anything feeds of some sort to provide us information
0
It’s Friday, I’ve had a long week and something has just popped into my head that I really should be able to answer, but I can’t!  It’s probably a very stupid question.

You have a finance or HR system in your business, perhaps based on an Oracle or SQL database.  A decision is made, like most places I presume, not to encrypt the entire database, however users passwords are stored encrypted (in whatever way that may be).  What’s the point behind this?  What I’m questioning is if an attacker can get access to that database file can they not get access to all the other data they need and there for not require all the passwords?

Perhaps what I’m missing is a better understanding of how an attack may happen on a database or how databases work.  The only thing I can think of is that an SQL/Oracle etc. database isn’t a flat file so you can’t just open it in a notepad and view data.  You will have to load/connect to it via an SQL Server where you will have to authenticate.  Then what?  You manage to compromise/guess an account username and password.  This gives you access to the database and therefore the data you want.  You’ve got access so why do you need the remaining passwords?  What’s so valuable about the passwords when the system may hold bank account details that may not be encrypted?

One of the only uses I can think of is you compromise an account in the database so you can view data but what are you going to do with it.  Isn’t the point you then compromise other …
0
How to Use the Help Bell
LVL 11
How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

I have an internal CA. It's got a Root CA (offline) and a Subordinate CA (Enterprise). I am looking to enable code signing. I was successfully able to publish the template and get the cert for the administrators. What I can seem to figure out is how to get the PC to fully trust any certificate from the CA for code signing. I have the Root CA cert in the Trusted Root Cert Authorities and The subordinate in the Intermediaries Authorities. I know that code signing looks at the "trusted publisher" store. What I don't understand is why it's not trusting the certificate since it's issued by a CA that is in the trusted Cert Authorities. Anyways, I tried adding the Root and sub CA certs into the Trusted Publisher store and that also didn't work. The only way I could get full trust was to put the public cert into the Trusted Publishers store. I would like to just make it so that any code signing cert we ever issue, is trusted by my clients. what are requirements to make this happen? I don't want to update GPOs for evreyone's individual code signing certificates. Thank you.
0
Hi

I encrypted a USB drive using BitLocker To Go in Windows 10 Pro and when I inserted it into a new machine it prompted for the password. Once I entered it in I noticed a More Options section which allowed me to check Automatically unlock on this PC. I have since realized I don't want this to occur but I don't know how to make it go back to the way it was. I looked in Credential Manager with no luck. Sorry I'm new to BitLocker.
0
I have reviewed a couple of documents listed below and noticed that the documents do not address all programming languages.  Most of the documents are separate and  I will have to combine into 1 standard document --might be overkill.

Can you please share and/or suggest a good Secure coding Standard.

1) https://www.securecoding.cert.org/confluence/display/seccode/SEI+CERT+Coding+Standards
2) MISRA publications[/list]

As an additional resopurce: I was going to use: the following document as an Secure Coding Practice Guideline because it seeks to encourage secure coding bets practices from the very beginning of development projects - what do you think?
1) http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf


Thanks in advance!
0
Guys, I want to disallow users from changing the 'manual proxy' setting which comes under windows settings > network & Internet > Proxy.

Let me know if you know the Group Policy setting to achieve this centrally at domain level.

Screenshot for your reference:
1.png
Thanks
0
All system in domain:
Windows 7 Professional
Service Pack 1
64-bit OS

Our Nessus scans are indicating a vulnerability with the Product :
Microsoft Office 2016
  - C:\Windows\SysWOW64\mscomctl.ocx has not been patched.
    Remote version : 6.1.97.82
    Should be      : 6.1.98.46

There are two MSCOMCTL.OCX on the systems… one in the C:\PROGRAM FILES\MICROSOFT OFFICE\ROOT\VFS\SYSTEM folder which is the current version 7.0.52.6282 and the offending MSCOMCTL.OCX version 6.1.97.82 found in C:\WINDOWS\SYSWOW64

My question is, is it safe to replace the offending MSCOMCTL.OCX with the newer OCX and if so what it the best way to do so?  I assumed I would need to unregister the OCX file, replace the old one with the new and run Regsvr32 on the newer OCX file.

PFA screenshot of found OCX files.

Ref:
CVE-2016-0012
CVE-2015-6117
CVE-2016-0010
CVE-2016-0035

Has anyone run into this vulnerability and if so what was done to remediate the issue?  Many thanks in advance!
0
I got the task of researching the Glasswall solutions.  has anyone have any experienced with this product?  how does this product compare with Barracuda email spam/filter product?  Thanks.
0
I am working on a website for a client. This website has a form for a potential customer to submit basic personal info on a form (name, cell, email) but not financial data or any other very sensitive information. Given that people online are more conscious of submitting basic personal information (which is overall a good thing), would it be a best practice to pay for an SSL certificate to use for this form?
0
Evening all, we have a self service portal, which allows customers to reset their own passwords.

The generic questions that come with the product aren't good enough in my mind.

Does anyone have a suggested top 5 list of secure, yet memorable questions which would be suitable

Thanks
0
A friend asked What is Kaspersky TeamViewer?

in a brief, semi-technical statement:   Kaspersky TeamViewer is...

Friend is concerned it is related to 'hacking' of his PC
0
Get Certified for a Job in Cybersecurity
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

I had this question after viewing Connect a wireless router to a sonicwall firewall.

Presently using Sonicwall TZ-215 with 3 TP-Link EAP 330 - (coverage decent but not perfect.)  in small business environment:
1. Would using the Linksys Velop in bridged mode give me better coverage (turning off wireless on Sonicwall TZ-215; turning off DHCP on Linksys Velop) ?
2. Since the Sonicwall TZ-215 would be the main router, will the network be secure?
0
I run a start up.
My programmer has win 10 pc .
How can i prevent unauthorized transfer of code .
My modem is binatone DT910W .  

Can i make custom rule in firewall to ping me if any upload of .cs file extension happens.
0
Hi all, i'm looking to deliver a cyber security presentation to customers to raise their awareness of the threat.

Does anyone know of some sites or links with up to date / relevant content which i can use

Thanks in advance
0
hi guys

Our consultant teams have run a report for security and a good 10 people's email addresses are available on the dark web. What is the best practice from here for better securing ourselves? Change of password? 2 Factor Authentication for OWA?

Thanks for helping
Yashy
0
is there any Tool available to Decrypt  n1n1n1 Ransomware?
0
Are BIOS attacks worth defending against?
0

Cybersecurity

376

Solutions

737

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.