OS Security

22K

Solutions

23K

Contributors

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

Share tech news, updates, or what's on your mind.

Sign up to Post

I know a lot of people say Windows Defender is "good enough". So keep this new bug in mind: https://www.bleepingcomputer.com/news/microsoft/windows-defender-antivirus-scans-broken-after-new-update/
The TL;DR info is this: Full and scheduled scan is broken, custom scan still works.
0
LVL 100

Expert Comment

by:Lee W, MVP
How is this different from any other antivirus?  They all have update bugs from time to time.
0
LVL 29

Author Comment

by:Brian B
Lee, the issue was it would say it had scanned when it didn't.
0
Microsoft Azure 2017
LVL 19
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

A little help in promoting both Experts Exchange and a few of my articles!

Tweet Promoting a Firetrust Newsletter Extract advertising my articles at Experts Exchange

Firetrust Newsletter Extract
A Tweet promoting the reading of Part 1 of my Article Series on Mailwasher

Mailwasher Article Series Part 1
Please Read, Enjoy, Endorse, and Share!  :-)

Thanks, Andrew
2

[Free Webinar] Ten Security Controls for effective Cybersecurity


cyber-webinar-1200x627.jpgWith cyberattacks evolving everyday organizations are forced to build a strong security layer to keep their data safe and maintain user privacy. With so much touch points to improve organization security, ManageEngine is here to facilitate things for you, by hand picking 10 primary security controls which you need to practice to keep the attackers at bay.

Attend our webinar about cybersecurity on April 24th, 11 am BST and make sure you have the best security measures in place for 2018.

Register Now: https://goo.gl/R16u4f
0
LVL 54

Expert Comment

by:noci
lookat bugtraq   and look for "Defense in depth the microsoft way" a now 52 part series.
... of microsoft not following their own advise. (With a side step of 30 something installer failures).
0

Meltdown and Spectre: Battling the bugs in Intel, AMD, and ARM processors


Intel bugs exploiting your sensitive data, AMD and ARM also becomes victims to this exploit.

Read more: https://blogs.manageengine.com/desktop-mobile/2018/01/05/meltdown-and-spectre-battling-the-bugs-in-intel-amd-and-arm-processors.html

You can mitigate this threats to certain extent by patching your windows systems now, after checking the compatible AV's, if updated with incompatible AV's the system may crash, causing blue screen error. Update now and secure your sensitive data.

Attend this webinar to mitigate the bugs right away.
0
LVL 114

Expert Comment

by:John
Just keep patches up to date and use due care when surfing the web and downloading email.
1
According to tech support site BleepingComputer, victims can "trick" the program into shutting down: once they reach the PayPal purchase screen, they can hit Ctrl+O to open a dialogue box, and then enter http://hitechnovation.com/thankyou.txt. This makes the program think they've paid the $25, and it shuts down.

https://www.cnet.com/news/this-scam-tricks-you-into-buying-fake-tech-support-software/
1
LVL 29

Expert Comment

by:Andrew Leniart
Great Post and Heads Up Kyle.
0
2
For everyone who uses a computer, protect yourself from ransomware; do not pay the bounty.  Prevention is the only solution and this author made it very easy for us to learn how.

https://www.experts-exchange.com/articles/30869/Ransomware-Prevention-is-the-Only-Solution.html
6
How to Generate Services Revenue the Easiest Way
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

For those who like to keep up..

The latest AV Comparatives Real-World Protection Test February – June 2017 has been released.
2
2
LVL 114

Expert Comment

by:John
Because:

1. People do not update their systems still.
2. People go to dodgy sites.
3. People open emails from complete strangers.

I am in no way surprised.
1
Only 10 days left to sign up for our ransomware prevention and preparation Course of the Month for June. With a 300% increase in ransomware attacks from 2015 to 2016, it is vital to decrease your vulnerability to the next attack and enhance your security by enrolling today.




5
LVL 1

Expert Comment

by:Josh Petraglia
Signed up. What a perfect topic to cover!!!
2
5
LVL 7

Expert Comment

by:Nicholas
Old news and was already posted less than a day ago
0
LVL 1

Expert Comment

by:Mahima Gupta
why to pay 1 Million, if you can do the same thing in a very less bucks..  http://bit.ly/2rJTnVj
0
Drew Frey writes articles on cyber security and ransomware protection.  Follow him if you're interested in seeing new articles in those topics.

https://www.experts-exchange.com/members/Drew-Frey.html
5

Expert Comment

by:Michael Bodine
SP INFOTECH was also part of a scam...they had people calling up with foreign voices and the company name would change..as they answered the phone.. certaintly unpredictable crap.
1
LVL 19

Author Comment

by:Kyle Santos
Source?
0
UpGuard's cyber risk analyst, Chris Vickery, discovers 198 million US voting records in an Amazon S3 bucket freely available online. One particular spreadsheet also calculates the voters probabilities for situations such as "how likely you are to have voted for a certain presidential candidate".  This breach is another reminder of how important personal data security is.
5
LVL 7

Expert Comment

by:Nicholas
Having this data in a public cloud provider is wrong to start with no?
After a quick glance through the article the data wasn't even encrypted.
1
LVL 21

Expert Comment

by:Lucas Bishop
Millions of dollars worth of data analysis, available for anyone to download for free. Brilliant!
1
A recent post by Brian Matis motivated me to make this alternate post to see what sort of reaction others might have about these recent revelations.

A recent article on The Verge claims that "The older operating system was less vulnerable that anyone expected"

Windows XP computers were mostly immune to WannaCry

Another article from the same source claims "Windows XP was ‘insignificant,’ researchers say" with regards to helping the WannaCry outbreak spread.

"Almost all WannaCry victims were running Windows 7"

Lots of folks (from their perspective) with a genuine need to keep running on Windows XP suffered a lot of grief in Tech forums as being one of the root causes of giving WannaCry a platform to spread and thrive from, yet now it appears all the criticism may have been a little premature and unjustified.

For the record, I personally don't condone anyone using unsupported operating systems and actively encourage everyone I deal with to get themselves up to date, but I am also sympathetic to those who feel they have a genuine need to do that, so also think they shouldn't be …
0
LVL 33

Expert Comment

by:Thomas Zucker-Scharff
We have too many XP computers at my institution (some with only SP2) - mostly due to budgets and instrumentation.
0
LVL 29

Author Comment

by:Andrew Leniart
Hi Thomas,
Have you considered purchasing an XP Updates agreement with Microsoft? Might be an easier solution if budget restraints prevent you from upgrading? I wouldn't feel comfortable with a lot of XP machines in an environment as it would be a case of when, not if, it will come back to bite you.  Patches are available, just at a cost.

Incidentally, SP3 for XP is still provided by Microsoft - why not install it?

Steps to take before you install Windows XP Service Pack 3

How to obtain Windows XP Service Pack 3 (SP3)

Cheers..
0
NYS 20th Annual Cyber Security Conference

I will be attending this conference in Albany, N.Y. this Wednesday and Thursday.   If you are going to be there, ley me know (maybe we can meet).  

Over the years I have become more involved in security related areas of information technology. I hope to learn more/ keep up to date by attending this conference.
10
LVL 7

Expert Comment

by:Brian Matis
That sounds great, Thomas! I'm a huge fan of the Socratic method (to the point where I get worried some people may try to poison me one day... j/k ;-) And thinking strategically about anything can be quite a challenge, but an increasingly important one as more and more of the tactical type work is moving entirely into automation.

Not familiar with Bloom's Taxonomy; I'll have to go look that one up...

Looking forward to the summary!
0
LVL 33

Author Comment

by:Thomas Zucker-Scharff
My summary of the 20th Annual New York State Cyber Security Conference & 12th Annual ASIA conference

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compliance issues with which they have to deal.  If those do not apply to you, this conference may have limited application as well.

I did enjoy putting some faces to people I had only corresponded with.  I also wanted to hear as much as possible about ransomware (these presentations turned out to be only okay), and cryptography (not a gripping presentation – it was a presentation of thesis work and ongoing research – but nonetheless very interesting).  They did a good job of setting  you up for the days events with a decent Keynote speaker.  The lunch speakers were not as polished, but did have good things to say.

I enjoyed going around to the vendors , even if their swag was not class A stuff. (some had excellent stuff while others had none – the full gamut)  

I have to say again that the highlight of the conference, for me, was the very non-technical, and only slightly security related talk by Christie Struckman of the Gartner Group, session 4 on the first day.  I would encourage anyone in a leadership position to check it out.  I have asked for her slides and will try to make a pdf of them available if she is amenable to that.  My takeaway on that talk was: There are leaders and there are Bosses.  The leaders help their teams think about solutions and then make decisions, the bosses make decisions and tell their teams to carry them out.  I think the quote she used at the beginning was excellent:

socrates-quote.jpg
2
11/26 Forrester Webinar: Savings for Enterprise
11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

"Microsoft has done the right thing by making the patch available even for older, unsupported systems. But it shouldn't proactively push out the patches, as there are usually some business reasons why companies are still running old and unpatched systems," he said.

"By forcefully pushing a patch, it could do just as much harm, causing systems and applications to become unreliable."


http://www.techrepublic.com/article/why-patching-windows-xp-forever-wont-stop-the-next-wannacrypt/
5
The global technology community is grateful for the team of tech professionals and their genius download of the malware domain and sinkhole use to stop the international Ransomware attack. However, this sinkhole is only a fix to one sample of the WannaCry attack. To protect yourself from further attacks, please patch your systems as soon as possible.
10
5
Organizations in 99 countries are being targeted and hacked by “WannaCry” ransomware, which takes advantage of a Microsoft vulnerability. If you haven’t already, install the official patch (MS17-010) to close the affected SMB Server vulnerability.

https://www.nytimes.com/2017/05/12/world/europe/international-cyberattack-ransomware.html
5
7
LVL 19

Author Comment

by:Kyle Santos
Nice.  Thank you.
1
LVL 134

Expert Comment

by:Andrew Hancock (VMware vExpert / EE Fellow)
I blame the NSA for creating the tools!
4

OS Security

22K

Solutions

23K

Contributors

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.