Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

BecomingMalwaretech-SocialMedia-Nati.pngEver wondered what it takes to become a threat intel expert like Malwaretech? Check out our first Q&A release where Marcus discusses his background and predictions for the next threat in malware.
2
On Demand Webinar - Networking for the Cloud Era
LVL 9
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Experts Exchange got the opportunity to interview MalwareTech, the 22yr old who discovered the WannaCry kill switch. Check out his advice on security and future security threats, as well as his comments on the importance of tech communities.
5
 
LVL 31

Expert Comment

by:Zoppo
Once a customer called me and told our software tells him 'Hardlock not found' - after 10 minutes verifying everything (driver, service, client) was installed fine and running, just for fun and coz I was a little bit frustrated, I aksed if he really plugged in the hardlock - the customer was a bit surprised and answered "No, it's here, laying in front of me, on my desktop - do I have to plug it somewhere?"

Another time I sent a PDF docu to a customer - he answered with a mail asking me what to do with this PDF. I wrote 'just open it to read or print it' - he answered he doesn't know what 'open' means and asked me if it would be possible that I open the PDF and send it to him 'opened'.

And one of my favorites, allthough it wasn't directly me: Once surprisingly I heard my colleague (usually a relaxed guy) yelling loud into the telephone "NO! STOP! Stop EVERYTHING! DON'T TOUCH the mouse! DON'T TOUCH ANYTHING! When I tell you 'click', click EXACTLY ONCE with the LEFT mouse button! WHEN I TELL YOU 'double click', click EXACTLY TWICE with the LEFT mouse button! As long as I don't tell you anything DON'T TOUCH ANYTHING!!!"
0
Does someone have experience with SaaS solution for network security management?
0
 
LVL 16

Expert Comment

by:Kyle Santos
Hi Asher,

Welcome to Experts Exchange.

Do you have a project in mind that you need someone to work on for you?
If yes, check out our Gigs platform.
https://www.experts-exchange.com/gigs/

If you want to look at members on the site you can go to navigation menu > Browse > Members.  There you can filter what type of expert you're looking for.
3
0
Today is the last day to enroll in June’s Course of the Month. With ransomware attacks on the rise this year, we encourage all members of our community to enroll and avoid becoming part of 2017's statistics. Premium members, Team Account members, and Qualified Experts will have 30 days after enrollment to complete the course. Don’t miss this opportunity to enhance your security!
3
3
4
 
LVL 1

Expert Comment

by:Juana Villa
Can people user their intelligence to help others? or ... at least not hurt them in any way?
1
Update on Petya Attack
As noted by our on-site expert, krakatoa, the current vaccine for Petya involves creating a file called perfc in the C://Windows folder and making it read only.  No kill-switch has been discovered, only a local vaccine.  
If you see the reboot notification below, your device has been infected. Turn off your device to prevent future encryption. Petya begins encrypting the device an hour after the initial infection.
**Update: Petya begins encrypting your the first 1MB of your files prior to the reboot. See new post for the updated information. **petyareboot.JPG
6
 

Expert Comment

by:Phillip Monk
.dat
1
 
LVL 9

Author Comment

by:Experts Exchange
According to our knowledge, file extensions .dat and .dll for perfc. Check out this article for more info!
0
Gain the added security of knowing you are prepared and properly protected against future ransomware attacks, such the Petya attack, with this free course! Premium members, Team Account members, and Qualified Experts have 3 days to enroll for June’s Course of the Month. Once you enroll, you have 30 days to complete the course.

5
Today's ransomware attack is spreading by SMB through the local network according to Marcus,
 @MalwareTech, who stopped the last attack—known as WannaCry—and is working to stop this one.
malware-tech.JPGPost your advice or news on the currently named "Petya" attack and be sure to ask any questions by tagging the topic "ransomware"  to get solutions fast!
4
 
LVL 16

Expert Comment

by:krakatoa
To vaccinate your computer so that you are unable to get infected with the current strain of NotPetya/Petya/Petna simply create a file called perfc in the C:\Windows folder and make it read only.
1
Automating Your MSP Business
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Only 10 days left to sign up for our ransomware prevention and preparation Course of the Month for June. With a 300% increase in ransomware attacks from 2015 to 2016, it is vital to decrease your vulnerability to the next attack and enhance your security by enrolling today.




5
 

Expert Comment

by:Josh Petraglia
Signed up. What a perfect topic to cover!!!
2
UpGuard's cyber risk analyst, Chris Vickery, discovers 198 million US voting records in an Amazon S3 bucket freely available online. One particular spreadsheet also calculates the voters probabilities for situations such as "how likely you are to have voted for a certain presidential candidate".  This breach is another reminder of how important personal data security is.
5
 
LVL 7

Expert Comment

by:Nicholas
Having this data in a public cloud provider is wrong to start with no?
After a quick glance through the article the data wasn't even encrypted.
1
 
LVL 18

Expert Comment

by:Lucas Bishop
Millions of dollars worth of data analysis, available for anyone to download for free. Brilliant!
1
After the WannaCry ransomware attack, we sat down with Thomas Zucker-Scharff to get the inside information on the technology behind the attack and what steps you can take to prevent this in the future. Read more of his advice. Take a step toward your security by enrolling in our free Course of the Month covering ransomware security and prevention written by Thomas.

4
NYS 20th Annual Cyber Security Conference

I will be attending this conference in Albany, N.Y. this Wednesday and Thursday.   If you are going to be there, ley me know (maybe we can meet).  

Over the years I have become more involved in security related areas of information technology. I hope to learn more/ keep up to date by attending this conference.
10
 
LVL 6

Expert Comment

by:Brian Matis
That sounds great, Thomas! I'm a huge fan of the Socratic method (to the point where I get worried some people may try to poison me one day... j/k ;-) And thinking strategically about anything can be quite a challenge, but an increasingly important one as more and more of the tactical type work is moving entirely into automation.

Not familiar with Bloom's Taxonomy; I'll have to go look that one up...

Looking forward to the summary!
0
 
LVL 29

Author Comment

by:Thomas Zucker-Scharff
My summary of the 20th Annual New York State Cyber Security Conference & 12th Annual ASIA conference

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compliance issues with which they have to deal.  If those do not apply to you, this conference may have limited application as well.

I did enjoy putting some faces to people I had only corresponded with.  I also wanted to hear as much as possible about ransomware (these presentations turned out to be only okay), and cryptography (not a gripping presentation – it was a presentation of thesis work and ongoing research – but nonetheless very interesting).  They did a good job of setting  you up for the days events with a decent Keynote speaker.  The lunch speakers were not as polished, but did have good things to say.

I enjoyed going around to the vendors , even if their swag was not class A stuff. (some had excellent stuff while others had none – the full gamut)  

I have to say again that the highlight of the conference, for me, was the very non-technical, and only slightly security related talk by Christie Struckman of the Gartner Group, session 4 on the first day.  I would encourage anyone in a leadership position to check it out.  I have asked for her slides and will try to make a pdf of them available if she is amenable to that.  My takeaway on that talk was: There are leaders and there are Bosses.  The leaders help their teams think about solutions and then make decisions, the bosses make decisions and tell their teams to carry them out.  I think the quote she used at the beginning was excellent:

socrates-quote.jpg
2
Every 10 seconds, a consumer gets hit with ransomware. Enroll in June’s featured Course of the Month to learn the basics of ransomware, how it works, how to prevent it, and what to do if you’ve been infected. Premium members, Team Accounts, and Qualified Experts will enjoy this free course written by our resident security expert, Thomas Zucker-Scharff. Learn more and enroll today!

facebook-ad-1200x628.png
6
The recent malware attack brings to light the need for more security and privacy online. The Experts Exchange community has prepared for this shift with the release of anonymous questions--a feature for Premium Members, Team Accounts, and Qualified Experts.
Benefits include:
Masked user identities. These questions are inaccessible to all search engines and questions will not visibly link back to profiles. Logged out users cannot see these questions at all.
Sensitive information removed from questions, by severing ties that could connect you back to your employer or a project.
Freedom to explore different tech topics you may be interested in but have before been afraid to look into.
To learn how to ask anonymous questions check out this video! https://www.youtube.com/watch?v=uFJF70wsd4c
8
ransomwareEmail2.png Friday, May 12th, a new Ransomware threat named WannaCry came onto the scene, affecting organizations in over 150 countries. Damage includes more than 200,000 people infected with the malware and roughly $28,463 paid in bitcoin to decrypt files. That number may only rise unless companies act to mitigate the threat.
Though WannaCry wasn’t a targeted attack on any particular company, institutions using Microsoft operating systems no longer supported by Microsoft security updates found themselves affected by the fast-moving malware.
For a more in-depth look at this attack, check out the following resources:
1. Learn how to prevent this threat without paying a dime.
2. Explore ways to plan ahead and prevent against possible future ransomware attacks.
3. Mitigate damage with these tips if your organization has been affected, and more.
6
image.jpeg
I'm really just a beginner. Tell me, What are the capabilities /benefits for a big virtual bug in theory? How does it access private data concretely in the system? A mind game: Is it possible to switch off the lights of cities by hacking into the local electricity networks?
1
 
LVL 6

Expert Comment

by:Brian Matis
1
The global technology community is grateful for Marcus Hutchins and his team of tech professionals for their genius download of the malware domain and sinkhole use to stop the international Ransomware attack. The media is calling him an accidental hero, but we will continue to refer to him as an expert! However, as stated by Hutchins, this sinkhole is only a fix to one sample of the WannaCry attack. To protect yourself from further attacks, please patch your systems as soon as possible. More on the specifics of both the fix and the WannaCry Ransomware attack found in this link.
wannacry.jpghttps://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
10
5
Organizations in 99 countries are being targeted and hacked by “WannaCry” ransomware, which takes advantage of a Microsoft vulnerability. If you haven’t already, install the official patch (MS17-010) to close the affected SMB Server vulnerability.

https://www.nytimes.com/2017/05/12/world/europe/international-cyberattack-ransomware.html
5

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.