Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Looking for a solution for my users with regards to Password Management.
What is the best way to save passwords on a mobile device?
eg through password protected notes like what Apple has?

and What are the top  free and recommended Password App for an Apple and Android Phone?
0
Active Protection takes the fight to cryptojacking
LVL 2
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

Hi,
How can I add a test to the attached power point and when the person finishes taking the test and pass with a 65, they will receive an certificate and I will receive an email that they completed the annual security awareness review.  I am not sure if there is freeware that you can suggest or a tutorial I can follow.  Please share any ideas or suggestions.  Thanks.
Families-Cybersecurity-Presentation.pptx
0
Another robocopy.

Yes, I could figure this out normally, my brain is fried and I need a hand.

Robocopy \\source\d$ \\Destination\D$

I want it to copy the security only and replace it on the destination, what's the code for that? is it /copyall or /sec?

Thanks
Alex
0
Morning,

So I'm using Robocopy to migrate a file server and i'm consolidating 2 drives into a single volume. However, on the source server I have D:\ and S:\, so I am wondering how I make it copy the security for the folder structure for both D:\ and S:\ and then drop everything onto a new D:\.

So

Server 1 D and S

Server 2 S

I want to refresh the security from both drives onto the single drive, will that work if I just do

robocopy  \\old01\D$\*.* \\new02\D$\*.* /E /ZB /DCOPY:T /COPYALL /R:0 /W:0 /V /TEE /LOG:Robocopy.log

Open in new window


And then


robocopy  \\old01\S$\*.* \\new02\D$\*.* /E /ZB /DCOPY:T /COPYALL /R:0 /W:0 /V /TEE /LOG:Robocopy.log

Open in new window


Whilst leaving the anything that's not changed alone, mainly so it won't take hours again.

Thanks

Alex
0
How do I bulk add Security Groups to Azure Office 365 using powershell?  These are not AD groups, only cloud only groups.
0
Experts,

This question relates to cyber security and service side code execution.

In many cases I read about a vulnerability that allows an attacker to upload files.  However, how do they get the file to execute?  Normally it is mentioned as "vulnerability allowed for attacker to upload and execute the malicious payload".  I would see uploading and being able to tell the server to execute it as two separate functions that require two separate exploits.  Thoughts?
0
https://www.softpedia.com/get/Internet/Servers/Proxy-Servers/FreeProxy.shtml

Pending our hardware arrival & clearing change control, we're considering the above
Free proxy.  If anyone has used it, mind sharing:

a) if it can do whitelisting & ban/blacklistings?  Basically I would like to create a
    whitelist of about 120 trusted websites & then every other websites will be
    banned/barred from access

b) For the 120 sites, may need wildcards in front/back

c) for the barred sites, when users load them, it'll launch a secure browser
0
I have Exchange 2016 in a Hybrid setup. How do you migrate mail enabled security groups and distribution lists to Office 365? Or if this is even possible?

I was told that this is possible by converting it to universal groups first? Or do I delete them and recreate them as Office 365 groups?

If I leave these groups on-prem (leave it out from AD Sync), can the member of the groups be on both on-premise and Office 365 (mix of users)
0
Uninstalling Kaspersky Security Center 10 Network Agent 10.4.343 using Kaspersky Security Center 10 console with the "Uninstall application remotely network agent" task is successful.  Or so the console says.  The PC, on the other hand, even after a reboot, still has it installed.  Tried this on three separate PCs with the same result.  Removing the other KAV agent is successful, just not the Network Agent.  How do I find out where the issue is when it thinks it worked correctly?
Capture.PNG
0
Can somebody  review this and let me know your thoughts?

https://gbhackers.com/imap-most-abused-protocol/amp/

how can we protect
0
Become a Certified Penetration Testing Engineer
LVL 13
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

I would like to enable BitLocker through command prompt of my RMM (can run cmd as system).
1. Most of the systems don't have TPM. I would like to use there Password to unlock BitLocker drive.
2. I have couple of systems which have TPM. I would like to use there PIN in addition to TPM to unlock BitLocker drive.
We would like to encrypt with 256 strength, recovery path to be "\\localhost\c$\users\" (I used it in GUI BitLocker).

I found some examples and articles for PowerShell, but could not find anything for systems without TPM.

I tried using:
$SecureString = ConvertTo-SecureString "u7Y1FzJ6D8Wr1" -AsPlainText -Force
Get-BitLockerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPath "\\localhost\c$\users\" -PasswordProtector $SecureString -RecoveryKeyProtector $SecureString -SkipHardwareTest
or
manage-bde but could not get past erros:

"Enable-BitLocker : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:23
+ ... kerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPat ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Enable-BitLocker], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Enable-BitLocker
"

or

"ERROR: An error occurred (code 0x8028400f):
A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer.
"


Tried amending …
0
I am in the process of changing out a file server.  It is the only server on the network.
Access to the internet is through a WatchGuard XM25 appliance
The Domain name is the same, but the DNS has changed.  The WatchGuard provided internet connection for a few minutes, and now there is no internet connection.  I can remote into the network with the WatchGuard SSL-VPN utility, and access the computers.  

Any thoughts on why I cannot access the internet from behind the WatchGuard Appliance?

The old server was 2008R2 and the new server is 2016Standard
0
Excel VBA
MS Outlook 2010
VBA runs code to grab the body of the Outlook email

Early binding does not create an issue so far...
However,  late binding triggers an Outlook Pop Up Message:OutLook Security Message programatically : A program is trying to access e-mail addresses ?
Early Binding does not appear to create an issue ?  Note I am not allowed to change my Outlook settings - The Programatical Access options are greyed out.  Thus this is not an option for me to fix the late binding issue by changing my Outlook settings or loading 3rd party software.

Shouldn't I get a security message for both late binding and early binding ?  

Also why does the message indicate I am trying to access email addresses when all I am trying to do is scrape the body of the email...Also odd is I have no issue (no security messages) within Excel VBA saving off attachments from my Outlook Folders.  Its only when trying to scrape the body of the email a security message displays.


Sub Extract_Body_Subject_From_Mails()

Dim oNS As Outlook.NameSpace
Dim oFld As Outlook.Folder
Dim oMails As Outlook.Items
Dim oMailItem As Outlook.MailItem
Dim oProp As Outlook.PropertyPage

Dim sSubject As String
Dim sBody

On Error GoTo Err_OL

Set oNS = Application.GetNamespace("MAPI")
Set oFld = oNS.GetDefaultFolder(olFolderInbox)
Set oMails = oFld.Items

For Each oMailItem In oMails
sBody = oMailItem.Body
sSubject = oMailItem.Subject 'This property corresponds to the MAPI property PR_SUBJECT. 

Open in new window

0
Hallo Experts
       
I would like to collect the following Threat Artifacts from a compromised Windows System:
     
  • CPU
  • Routing-, ARP- & Process tables
  • Memory
  • Temporary files
  • Relevant data from storage media
   
What would you collect? Is there any best practice from NIST or anyware?
 
Thanks a lot
1
Hallo Experts
     
For our Security Operations Center (SOC), we are searching for a tool that can collect “Threat Artifacts”. When I worked with McAfee in the past, they used GetSusp to collect information about undetected malware on their computer.
     
We are searching for a similar tool that we can use in the network to collect information remotely. What would you recommend us? It would be nice, if the tool would work on Windows & Linux, albeit this is not a must.
   
Thanks a lot
1
We are considering a gateway that will manage our access points ( we presently use UAP-AC-PRO) , our primary interest is to be able to manage employee data bandwidth usage. block certain websites. manage what they are seeing / data management. etc. port forwarding, limit internet data usage on employee phones etc.

We are considering UniFi Secure Gateway (USG) and or pfSense SG-1100 Security Gateway. Kindly make recommendations not only limited to these 2.
0
In regards to email antispoofing: In the SPF query below. What does the "?ALL" indicate?

v=spf1 ip4:68.96.128.0/18 ?all
0
I'm using OpenVAS CE 4.2.24 (Virtual Appliance), and i've few scan tasks yesterday.   I would like to export all the results as a single PDF, with only meaningful information.
How can we export scan results?

I see how i can export them, 1 by 1 but when i go to the result, i can't export in anything else than XML.

Thank you
0
I am looking to restrict a user from using removable drivers on their laptops, this can be accomplished with a local GP, but wondering if there is a way to apply the policy or do it in a different way so I can apply it only to standard users [or specific user] not to admin users.

Also, would I like to lock if possible to boot from USB so they cannot remove or change their password

Windows 10 not joined domain
0
Get a highly available system for cyber protection
Get a highly available system for cyber protection

The Acronis SDI Appliance is a new plug-n-play solution with pre-configured Acronis Software-Defined Infrastructure software that gives service providers and enterprises ready access to a fault-tolerant system, which combines universal storage and high-performance virtualization.

I'm working with a client regarding PCI compliance and have a question about one specific requirement.  I've looked up definitions and such, but am not absolutely clear on the answer.

My question has to do with the requirement of MFA on non-console access with administrative rights.  My basic question is: If I am an AD administrator logging into a workstation, am I using non-console access to the file server by virtue of the fact that I'm accessing shared folders?  I'm not referring to RD or VNC or other methods where I control the operation of the server.  I'm specifically referring to accessing file (or print) shares.

The definition of non-console access that I got from pcisecuritystandards.org is: "Refers to logical access to a system component that occurs over a network interface rather than via a direct, physical connection to the system component. Non-console access includes access from within local/internal networks as well as access from external, or remote, networks."

My reading of that is, yes, it applies.  That is, accessing a shared folder qualifies as "logical access to a system component".  Is that how others interpret it?

If I conclude that it does apply, I'll be asking about how others deal with this, but that will be in a separate post.

Thanks to all for your help with this!
0
Hello,

I have a Mail Flow rules issue.

My ultimate goal is to allow specific domains, to email specific internal groups.  I've opened up external mail for those specific internal groups, but I don't want just anyone to be able to email the group.  So I've created the rule below.

Trusted External Senders to Internal Groups
If the message...
Includes these patterns in the recipients' addresses: 'internalgroup1@123.com' or 'Internalgroup2@123.com' or 'internalgroup3@123.com'...
and Is received from 'Outside the organization'
Do the following...
Delete the message without notifying the recipient or sender
Except if...
sender's address domain portion belongs to any of these domains: 'abc.com' or 'abcd.com' or 'abcde.com'
Rule comments

Rule mode
Enforce
Additional properties
Sender address matches: Header

This rule is failing to block anything coming in.  Am I using a bad condition? Any advice/suggestions?  

Thank you In advance!
0
Hello Experts,

Anyone can help me on how to properly configure this Access Control Board? Most of the problem lies on the drop bolt on not properly functioning.

I would like  to have this access control board and the zoter drop bolt function properly.

I have read the manuals, diagrams and watched tutorials on web but it doesn't works as it intended.

And just to let you know, I am new to this technology so I hope the steps for solving are fairly simple.

Drop Bolt, I think the main problem lies in this one. I have not seen any good wiring with this drop bolt model.
Screenshot_2.png:

Access Control:

SCAN_20190306_114403286.jpg
Wirings:

A. I followed this manual guide with a bit of difference due to the drop bolt(+12V to NO) but doesnt work with the software and card reader.
ACB-4DR-2-SA-PSB-K-Var-_SE_14.jpg
B. I followed this wiring but it has a problem when the magnetic plate is on the lock sensor...It wont open at all regardless of card readers, exit button to software, however if I remove the magnetic plate it works, except for the automatic lock its like it based the locking on the timer instead of detecting the magnetic plate .
ac-paint-v1.png
C. this is a rough sketch of the best wiring I have, Its the same as Wiring B however the Exit Button works now and its Locking is based on detecting the magnetic plate instead of timer like Wiring B.
ac-paint-v2.png
I have made a video for more clear details. In this video I used the Wiring B.
Electric Drop Bolt

I would really appreciate if anyone can assist me on this.
0
Just curious what is a good wireless penetration tools to scan a small and mid-size customers.

Looking for something an affordable commercial and non-subscription tool(s).  Qualys for example is too expensive.

Thank you in advance,
0
Trying to do a port range forward on an ASA and I am having a lot of issues getting it to work.  I have tried everything i can think of, to the point where i am throwing in the towel and just creating individual nat rules (there is over 100 entries), but when i did all the commands I found out that a network object can only have one rule at a time, so there is no simple way of building the commands.  In the past when i had to do something like this it just flat out would not work, but that was on an ASA running 8.3 or below, so there were no network objects and I could build 60 or so commands in excel and have the rules ready to go in about 5 minutes, not the case here as i would have to create over 100 network objects and put a command for each port on each one, and that's just crazy.  There has to be something i'm missing as this is a basic feature on pretty much all other firewalls.

I have been at this for days so I can't list all the things i've tried, but ask me if I've tried it and i should be able to tell you yes or no.  To try and get the port range forward to work what i have been doing is creating NAT rules and using service objects.  The asa takes the command but when i try to connect to the port it fails and in the logs it says the packet is discarded.  I have tried every variation I can think of on the NAT rule and I have tried mirroring (copying) it to a working network object nat rule to no avail.  Surely there is something i'm missing as other people have …
0
Hi,

Is there a way I can protect the identity and location of a server (dedicated or VPS) in terms of IP address and therefore where the server is actually hosted?  I have a CentOS 7 server and I want to release SSH and FTP access to the clients IT team (FTP over TLS using OpenSSL cert) and allow my client to use HTTP and HTTPS (as well as SSH / FTP) to access a hosted application without knowing which service (DC) provider the kit resides with.

I was thinking I might be able to do something using another server on AWS running Linux and HAProxy?

Any ideas, please?
0

Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.