Hi,
How can I add a test to the attached power point and when the person finishes taking the test and pass with a 65, they will receive an certificate and I will receive an email that they completed the annual security awareness review.  I am not sure if there is freeware that you can suggest or a tutorial I can follow.  Please share any ideas or suggestions.  Thanks.
Families-Cybersecurity-Presentation.pptx

Morning,

So I'm using Robocopy to migrate a file server and i'm consolidating 2 drives into a single volume. However, on the source server I have D:\ and S:\, so I am wondering how I make it copy the security for the folder structure for both D:\ and S:\ and then drop everything onto a new D:\.

So

Server 1 D and S

Server 2 S

I want to refresh the security from both drives onto the single drive, will that work if I just do

robocopy  \\old01\D$\*.* \\new02\D$\*.* /E /ZB /DCOPY:T /COPYALL /R:0 /W:0 /V /TEE /LOG:Robocopy.log

Select all Open in new window

And then

robocopy  \\old01\S$\*.* \\new02\D$\*.* /E /ZB /DCOPY:T /COPYALL /R:0 /W:0 /V /TEE /LOG:Robocopy.log

Select all Open in new window

Whilst leaving the anything that's not changed alone, mainly so it won't take hours again.

Thanks

Alex

Experts,

This question relates to cyber security and service side code execution.

In many cases I read about a vulnerability that allows an attacker to upload files.  However, how do they get the file to execute?  Normally it is mentioned as "vulnerability allowed for attacker to upload and execute the malicious payload".  I would see uploading and being able to tell the server to execute it as two separate functions that require two separate exploits.  Thoughts?

I have Exchange 2016 in a Hybrid setup. How do you migrate mail enabled security groups and distribution lists to Office 365? Or if this is even possible?

I was told that this is possible by converting it to universal groups first? Or do I delete them and recreate them as Office 365 groups?

If I leave these groups on-prem (leave it out from AD Sync), can the member of the groups be on both on-premise and Office 365 (mix of users)

Can somebody  review this and let me know your thoughts?

https://gbhackers.com/imap-most-abused-protocol/amp/

how can we protect

I would like to enable BitLocker through command prompt of my RMM (can run cmd as system).
1. Most of the systems don't have TPM. I would like to use there Password to unlock BitLocker drive.
2. I have couple of systems which have TPM. I would like to use there PIN in addition to TPM to unlock BitLocker drive.
We would like to encrypt with 256 strength, recovery path to be "\\localhost\c$\users\" (I used it in GUI BitLocker).

I found some examples and articles for PowerShell, but could not find anything for systems without TPM.

I tried using:
$SecureString = ConvertTo-SecureString "u7Y1FzJ6D8Wr1" -AsPlainText -Force
Get-BitLockerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPath "\\localhost\c$\users\" -PasswordProtector $SecureString -RecoveryKeyProtector $SecureString -SkipHardwareTest
or
manage-bde but could not get past erros:

"Enable-BitLocker : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:23
+ ... kerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPat ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Enable-BitLocker], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Enable-BitLocker"

or

"ERROR: An error occurred (code 0x8028400f):
A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer."


Tried amending …

Excel VBA
MS Outlook 2010
VBA runs code to grab the body of the Outlook email

Early binding does not create an issue so far...
However,  late binding triggers an Outlook Pop Up Message:OutLook Security Message programatically : A program is trying to access e-mail addresses ?
Early Binding does not appear to create an issue ?  Note I am not allowed to change my Outlook settings - The Programatical Access options are greyed out.  Thus this is not an option for me to fix the late binding issue by changing my Outlook settings or loading 3rd party software.

Shouldn't I get a security message for both late binding and early binding ?  

Also why does the message indicate I am trying to access email addresses when all I am trying to do is scrape the body of the email...Also odd is I have no issue (no security messages) within Excel VBA saving off attachments from my Outlook Folders.  Its only when trying to scrape the body of the email a security message displays.

Sub Extract_Body_Subject_From_Mails()

Dim oNS As Outlook.NameSpace
Dim oFld As Outlook.Folder
Dim oMails As Outlook.Items
Dim oMailItem As Outlook.MailItem
Dim oProp As Outlook.PropertyPage

Dim sSubject As String
Dim sBody

On Error GoTo Err_OL

Set oNS = Application.GetNamespace("MAPI")
Set oFld = oNS.GetDefaultFolder(olFolderInbox)
Set oMails = oFld.Items

For Each oMailItem In oMails
sBody = oMailItem.Body
sSubject = oMailItem.Subject 'This property corresponds to the MAPI property PR_SUBJECT. 

Select all Open in new window

…

Hallo Experts
     
For our Security Operations Center (SOC), we are searching for a tool that can collect “Threat Artifacts”. When I worked with McAfee in the past, they used GetSusp to collect information about undetected malware on their computer.
     
We are searching for a similar tool that we can use in the network to collect information remotely. What would you recommend us? It would be nice, if the tool would work on Windows & Linux, albeit this is not a must.
   
Thanks a lot

In regards to email antispoofing: In the SPF query below. What does the "?ALL" indicate?

v=spf1 ip4:68.96.128.0/18 ?all

I am looking to restrict a user from using removable drivers on their laptops, this can be accomplished with a local GP, but wondering if there is a way to apply the policy or do it in a different way so I can apply it only to standard users [or specific user] not to admin users.

Also, would I like to lock if possible to boot from USB so they cannot remove or change their password

Windows 10 not joined domain

I'm working with a client regarding PCI compliance and have a question about one specific requirement.  I've looked up definitions and such, but am not absolutely clear on the answer.

My question has to do with the requirement of MFA on non-console access with administrative rights.  My basic question is: If I am an AD administrator logging into a workstation, am I using non-console access to the file server by virtue of the fact that I'm accessing shared folders?  I'm not referring to RD or VNC or other methods where I control the operation of the server.  I'm specifically referring to accessing file (or print) shares.

The definition of non-console access that I got from pcisecuritystandards.org is: "Refers to logical access to a system component that occurs over a network interface rather than via a direct, physical connection to the system component. Non-console access includes access from within local/internal networks as well as access from external, or remote, networks."

My reading of that is, yes, it applies.  That is, accessing a shared folder qualifies as "logical access to a system component".  Is that how others interpret it?

If I conclude that it does apply, I'll be asking about how others deal with this, but that will be in a separate post.

Thanks to all for your help with this!

Hello Experts,

Anyone can help me on how to properly configure this Access Control Board? Most of the problem lies on the drop bolt on not properly functioning.

I would like  to have this access control board and the zoter drop bolt function properly.

I have read the manuals, diagrams and watched tutorials on web but it doesn't works as it intended.

And just to let you know, I am new to this technology so I hope the steps for solving are fairly simple.

Drop Bolt, I think the main problem lies in this one. I have not seen any good wiring with this drop bolt model.
:

Access Control:

Wirings:

A. I followed this manual guide with a bit of difference due to the drop bolt(+12V to NO) but doesnt work with the software and card reader.

B. I followed this wiring but it has a problem when the magnetic plate is on the lock sensor...It wont open at all regardless of card readers, exit button to software, however if I remove the magnetic plate it works, except for the automatic lock its like it based the locking on the timer instead of detecting the magnetic plate .

C. this is a rough sketch of the best wiring I have, Its the same as Wiring B however the Exit Button works now and its Locking is based on detecting the magnetic plate instead of timer like Wiring B.

I have made a video for more clear details. In this video I used the Wiring B.
Electric Drop Bolt

I would really appreciate if anyone can assist me on this.

Trying to do a port range forward on an ASA and I am having a lot of issues getting it to work.  I have tried everything i can think of, to the point where i am throwing in the towel and just creating individual nat rules (there is over 100 entries), but when i did all the commands I found out that a network object can only have one rule at a time, so there is no simple way of building the commands.  In the past when i had to do something like this it just flat out would not work, but that was on an ASA running 8.3 or below, so there were no network objects and I could build 60 or so commands in excel and have the rules ready to go in about 5 minutes, not the case here as i would have to create over 100 network objects and put a command for each port on each one, and that's just crazy.  There has to be something i'm missing as this is a basic feature on pretty much all other firewalls.

I have been at this for days so I can't list all the things i've tried, but ask me if I've tried it and i should be able to tell you yes or no.  To try and get the port range forward to work what i have been doing is creating NAT rules and using service objects.  The asa takes the command but when i try to connect to the port it fails and in the logs it says the packet is discarded.  I have tried every variation I can think of on the NAT rule and I have tried mirroring (copying) it to a working network object nat rule to no avail.  Surely there is something i'm missing as other people have …