Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

This utility will help to identify the hash value of the application, which will help to protect computers from the various attacks.
0
LVL 35

Expert Comment

by:Terry Woods
Comment Utility
It's worth noting, for those who aren't aware, that MD5 is a broken algorithm for security use. If there is a stronger alternative algorithm available to be used, it would be a good idea to use it.

Further reading:
https://www.zdnet.com/article/ssl-broken-hackers-create-rogue-ca-certificate-using-md5-collisions/
https://blog.avira.com/md5-the-broken-algorithm/
0
Simple Misconfiguration =Network Vulnerability
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

We have a Sonicwall Firewall NSA 2600 and it is configured to not allow access to sites with SSL certificate issues, such as self signed, expired, untrusted, and so forth/

Beginning Monday morning, any attempt to access a Microsoft website is being blocked. First SSL block that occurs is untrusted root CA. I have triple checked and then triple checked the triple check and the Sonicwall does have the Baltimore Cyber Trust Root CA certificate installed and the serial number matches but it keeps saying Untrusted Root CA.

To get past that temporarily I disabled checking for untrusted Root CA and now it is giving an SSL block saying Certificate Chain Not Complete. I was able to find the correct intermediate certificate "Microsoft IT TLS CA 5" and imported it into the firewall certificate store. The serial number matches and the issued by is correct. However, the problem continues.

Is anyone else having any problems with Microsoft secure websites or have an idea of what to look at? I am very knowledgeable about SSL certs and certificate chains and such but this has me stumped.

This is affecting all Microsoft websites including Live.com, Bing, MSN, TechNet and MSDN any site that requires a secure connection.
0
Our firm sends employees to client sites to perform audit work, and common practice is to use the guest wifi at the client location (or even the client's primary network if that is what is offered).  We have concerns over the security implications  of these arrangements.
 The work is rather data intensive, so prior attempts at using our own cellular hotspots proved expensive (not sure unlimited data is still an option).  Is there a way that we could equip audit teams with their own hardware (wireless AP, etc.) or any other method that would allow them to use the wifi at client sites but essentially segregate themselves from the actual guest network?  Like a VLAN type arrangement?
0
How to export the members of a global security group in active directory such as VPN Users.  When I tried to export the list I got a list of all the global groups and not the members of the VPN users group.
0
Had an Vista PC brought in to me today, with a scareware remote story.  The computer is LOCKED (Pictures attached).  Drive was pulled and no virus/malware/rootkit found.  Ctrl+Alt+Del allows me to open task manager, but I cannot actually do anything with hit.  The mouse is constrained to the middle of the screen away form Task Mgr, and keyboard input closes everything immediately and then reopens the locked password request.  No actual Ransomware is found on the computer asking for money or providing a phone number or e-mail.   No change when logging into Safe Mode of any flavor.  Replacing registry from regback didn't solve it.
20180810_111145.jpg
20180810_111150.jpg
0
I have a group of admins who didn't need to be Domain Admins. I removed them from the group and delegated permissions as needed. They have Edits settings, delete, modify security permissions to GPOs and can backup a GPO via the GPMC, but they cannot restore the GPO. Does anyone know the rights I need to grant and to what container to allow them to restore GPOs? Thanks.
0
Dear Experts, can you please suggest pros and cons of this diagram? Any suggestion please?

aqua.PNG
0
https://www.cscollege.gov.sg/programmes/Pages/Display%20Programme.aspx?ePID=pe8r29gaqc5voaoitct59bdi3m

Referring to the above, I've been googling for IM8 (Instruction Manual 8 for ICT)
to download but can't locate one.  Anyone knows where to download a copy
without attending the training?  A slightly outdated (say 2 yr old) copy is fine.
0
getting an exception  very rarely.  exception throws at webServiceTemplate.sendSourceAndReceiveToResult().

org.springframework.ws.client.WebServiceTransportException:  [500]
        at org.springframework.ws.client.core.WebServiceTemplate.handleError(WebServiceTemplate.java:699)
        at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:609)
        at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555)
        at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:506)
        at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:446)
        at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:436)


My client code -
 StreamSource source = new StreamSource(new StringReader(request));
        StreamResult result = new StreamResult(new StringWriter());


        final StreamResult soapHeaderResult = getSoapHeader(parameters);

        webServiceTemplate.sendSourceAndReceiveToResult(
                source,
                webServiceMessage -> {
                    SoapMessage soapMessage = (SoapMessage) webServiceMessage;
                    // formulate soap header using a simple xslt transformation
                    // the transformation copies the Security and Message Header
                    // from…
0
Looking to set up "Honey token" or Trip Wire" in Windows PCs and servers.

I have read that you can use /NetOnly to dump fake username/passwords into Lsass.

How can I do this across the domain silently?
0
Cloud Class® Course: Microsoft Office 2010
LVL 12
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

I want to display only the installed antivirus (in my case is the last item) and not all items of the collection, for example, it shows me:
Windows Defender
Malwarebytes
ESET Endpoint Security

So I added an ArrayList whose purpose is to display only the last Item which is: ESET Endpoint Security
wscript.echo GetAntiVirusName
Function GetAntiVirusName()
Set objWMIService = GetObject("winmgmts:\\.\root\SecurityCenter2")
Set colItems = objWMIService.ExecQuery("Select * From AntiVirusProduct")
On Error Resume Next
If Err <> 0 Then
	GetAntiVirusName = "No AntiVirus "
Else
	Set ArrayList = CreateObject("System.Collections.ArrayList")
	For Each objItem In colItems
		ArrayList.add objItem.displayName
	Next
End If
GetAntiVirusName = ArrayList(ArrayList.count-1)
End Function

Open in new window

How to know if there is no antivirus installed by this function?
If you have any advice to go, I am at your disposal, to improve it!
0
I've in inherited a Windows 2012 R2 that doesn't look like it every been updated - I've run manuel updates and there are a few there but i've not installed them yet I thought I would try to install 2018-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4338815) - But I get an error message reading not applicable to this computer.

I am installing the right update it's a R2 update going onto an R2 Machine and it's getting the updates from the internet

Any ideas?

Or is there a better strategy?
0
Dear wizards, can you please recommend some best models of Firewall appliance?

The requirements are:
- Can detect and automatically block network attacks (IDS/ÍPS), virus, worms, volummetric ...

- Including routing, HA, failover features

- Reliable
0
Looking for a better security solution for home directory listing buzz in.  
Due to the increase mail package thefts, HOA proposed to completely remove remote buzz in option.  Currently visitors dialing the code downstairs, call comes to resident's cell phone,  and by pushing '9' the door unlocks;  If we remove that option the resident has to go downstairs to open the door to the visitor. Definitely inconvenient option.  But could be safe. Recently we even noticed the food delivery guys stealing packages on the way out.

My idea to improve it is to add a small cam downstairs.  When someone dialing in the call comes to resident's smartphone.  Resident immediately see shows coming in and make a decision to buzz person in or not.   Can this be implemented for a building of 50 units?  

Any ideas appreciated.   Thanks!!
0
On my new Windows 10 Home Laptop (1803 64 bit), I've done everything to disable the lock screen, but it continues to come up after the laptop has been idle - I think for 30 minutes.  Even when plugged in - set to never sleep, never hibernate, no screen saver, screen powers off after 15 minutes.  Disabled lock screen in registry.  In power options there is NOT the usual option to not ask for a password when resuming, but again, I have it set to never sleep or hibernate when plugged in and it still happens.  Any ideas to make the lock screen NEVER come up?  Maybe it is a good security setting, but I understand the risks and don't want it!
0
Hi,

I have been looking at ways to improve my knowledge and skills in IT security as i am running into a lot of hacking/phishing attempts on my clients.
I only support small businesses and individuals running their own businesses, typically the market that does not have access to an IT dept, making them less agile in dealing with breaches/hacking attempts.
Can someone suggest some certifications/courses, knowledge bases where i can get more information and skill sets that are RELEVANT to protecting small businesses and individuals. I want to be in position where i can understand the fundamentals and concepts of various hacking methods and react accordingly on behalf of my clients. I already put in place many policies to protect my clients data , but this is an ever evolving arena so i want to remain relevant.
I dont deal with Enterprises so i am not trying to be the next Troy Hunt, that is not my expertise.

Many thanks

D
0
Wifi Flaw
Nothing is ever secure - things get "broken" but not always easily mended. This is the norm today. Despite security measure put in place, cyber attacks are still successful because security controls themselves can be vulnerable as well. Catch this Wi-Fi security weakness run through.
5
Is it considered a good practice to have an open wifi network run through the same switches and routers your business network is going through? The open WiFi is on a separate VLAN, however, I am concerned that Denial of Service attacks can still be implemented on the wifi VLAN and used to target the switch interface or even the router interface bringing down the business connection as well.
0
I need to copy a user profile in Windows 7 because my Mandatory Profile goal.  I created and logged into the new user (domain computer, local user without privileges), then I customize the profile (icons, registry itens, webpages...) So I restarted the computer and has logged with my domain admin account and Copy To for User Profile Is Greyed Out (Control Panel, Security, System...).
So I enable the local Administrator account and logged in. Same result: Copy To for User Profile Is Greyed Out.

I had read that simply copying the user folder manually and inserting it into the mandatory profile sharing could cause problems. So, how to do the right way?
0
Powerful Yet Easy-to-Use Network Monitoring
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

We use Office 365 for Exchange. One employee's email account was compromised. HR received a request for changing direct deposit bank, from this employee's email address, and HR replied the email. But the request wasn't from the employee. The employee could receive all the normal emails, but not the ones related to this request.

How can we trace the original request email? How can we fix this issue?
0
I am looking for PowerShell code to export a list of all empty security groups in a specified OU or in the domain, to a .csv file. I found the following code online.

Get-ADGroup -Filter * -Properties Members | where {-not $_.members} | select Name | Export-Csv H:\documents\reports\emprtygroups.csv –NoTypeInformation

The output is the empty groups in the whole domain. I think it finds both security groups and distribution groups but I always just want security groups.

I am just going to paste the code into a PowerShell command window so it can be bare bones and you can just give me two separate pieces of code - one for the whole domain and one to specify a specific OU.

I have PowerShell code for another similar task where the OU is specified by Distinguished Name like this:

$OU = "ou=Security Groups,ou=our OU,ou=User Accounts,ou=Our department,dc=our-organization,dc=com"

That would be an acceptable way to specify the OU and maybe I could just remove that line to specify the whole domain?

The names have been changed to protect the innocent.

Thanks,
Don
0
hello all,

I am an owner of a small business in my town, I got infected by a ransomware, with .rapid extension, he wants a big ransom that I cant pay.
any solution for this version. please help.
0
I have Exchange 2007. I've installed a new SSL Certificate on the server using the management shell. It appears successful, bot my Outlook users are still getting Security Alerts. "The security certificate has expired or is not valid" errors popping up.
0
I have a workstation getting numerous event 4624. Searching and I can see many different workstations attempting to login to this computer but the security id and process id give me no information. Anyone know what this could be?

Category: Logon
Message:  An account was successfully logged on.

Subject:
      Security ID:            S-1-0-0
      Account Name:            -
      Account Domain:            -
      Logon ID:            0x0

Logon Information:
      Logon Type:            3
      Restricted Admin Mode:      -
      Virtual Account:            No
      Elevated Token:            No

Impersonation Level:            Impersonation

New Logon:
      Security ID:            S-1-5-7
      Account Name:            ANONYMOUS LOGON
      Account Domain:            NT AUTHORITY
      Logon ID:            0x123C0FAA6
      Linked Logon ID:            0x0
      Network Account Name:      -
      Network Account Domain:      -
      Logon GUID:            {00000000-0000-0000-0000-000000000000}

Process Information:
      Process ID:            0x0
      Process Name:            -

Network Information:
      Workstation Name:      XXXXXX-PC
      Source Network Address:      192.168.1.59
      Source Port:            49324

Detailed Authentication Information:
      Logon Process:            NtLmSsp
      Authentication Package:      NTLM
      Transited Services:      -
      Package Name (NTLM only):      NTLM V1
      Key Length:            128

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field …
0
I need some documentation on the SANS 20.  Preferably something that is not too long, but gets to the point.
0

Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.