Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

How to replace an already expired SSL Certificate.

I have always found SSL Certificates confusing and it is even more confusing if things do not work as planned from the instructions provided.  But it is a good opportunity to learn.  I have an SSL Certificate from godaddy.com and it has expired(1 month ago, or 30 days ago).  It is not a wild card certificate and we need to renew and replace it for an appliance and its  web address.  I see notes from: https://support.cartika.com/portal/kb/articles/renewing-your-ssl-certificate-godaddy-19-6-2018 on how to create a n SSL certificate and this part seems very familiar and straight forward.

Question1:  Do I need to generate a new CSR from that hosting appliance?
      a.  I am assuming yes and I found out how to do this on the appliance.

Question2:  How do I know what type of certificate to create?  Example, for Apache or Tomcat or Other?
     a.  I see from my  note s that all 3 were created last year; but, I am not sure which one was used.
     b.  From the appliance configuration I see a "key Pair" type is listed.

Question3.  I have notes on how to upload the certificate to the appliance; but, I am confused with  how to import the certificate correctly.  We had problems initially when a consultant was doing this.  Initailly the certificate only worked correctly with iphones and computers; but, not with Android phones.  
     a.  The consultant that did this last year had to "create the certificate a little bit …
0
I have PDF files which I need to access because I forgot my password I am not able to open it anymore. I bought a System Tools program which said it would be able to remove the passwords or reset it, but what they said is this:


"Dear Customer,

Thanks for your email.

We are unable to recover/reset the password from your pdf file due to AES encryption. "

I know that there are some tools to remove this password and access the PDF files. I am an IT Security graduate and I have seems many tools to do many things.

Would you be able to advise which tools I could use for that?
0
Anyone can point me to a good study material & model answers for
CIA (Certified Internal Auditor) examination?

Any free online sample test (with immediate answer) CBT will be
good too
0
Hi
Plz Don't ask how or why,
but I left my iPhone at the table this morning at breakfast group.
I didn't have a tracker app.

What is the worst they can do?
They can remove my chip and re-sell it?

Is there anyway it can be traced?

What should I do?

Thanks
0
Security Update for Windows 7 for x64-based Systems (KB3126587)

Installation date: ‎1/‎2/‎2020 3:00 AM

Installation status: Failed

Error details: Code 80246007

Update type: Important

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.

More information:
http://support.microsoft.com/kb/3126587

Help and Support:
http://support.microsoft.com

This update has failed everyday since April 3, 2018.  I have SP1.  Have about 50 GB free on OS drive.
0
Dear Experts
Would like to create power BI user account into MySQL transnational DB (CRM application -based on LAMP stack) but we would like to apply security permissions of the PowerBI account to have ‘Read-Only’ to the database and all it is tables.
The objective is the MySQL user which being used as power BI connector account to have only “Read-Only” privileges therefore no write/update/modifications/delete is possible from PowerBI to the Database of CRM applicaiton, please suggest the privileges that to be set for the database for the power BI user account.
 The mysql user name is sqlconuser and database name production, please help with the command in the mysql prompt command line in linux system on how to set privileges read only  for the database name "production " for the MySQL user sqlconuser think should also provide access to access to all Tables, Views and Triggers, please provide compete command that to be executed, thanks in advance.
0
In a new environment one of the projects left behind by a predecessor was to upgrade the encryption on their DMVPN from 3DES to AES 256. That's a good goal to be up to modern standards. But I see a lot of other areas of greater vulnerability. And the update and verification of hundreds of spoke sites will take considerable time. My question: how vulnerable is a 3DES encrypted DMVPN network?
0
Points of My Scenario:
1. I am domain admin - Windows Server 2008 R2 domain controllers, but mixed member servers (2012 R2, and 2008 R2).
2. A Windows 2008 R2 member server needs to have a folder audited for failed access attempts.
3. Whenever a failure attempt occurs, an email containing the Security event log entry must be sent to a designated email address.

QUESTION: What built-in OR third-party approach/tools can be used to email the Security event log entry/entries arising from a failed access attempt on a folder/file?
0
Hi Guys, i have a website and it got hacked. i have since hardened it up with a few different plugins, however i cant delete a user from Wordpress, it has admin roles, i have also tried deleting the user from phpmyadmin, i then notice that it reappears every few mins.

Any idea what to do?
0
On a brand-new machine, I'm wanting to use Windows Defender for my virus protection, combined with a free version of Malwarebytes.  I read somewhere that this is all I need - "Windows Defender is good enough protection".  

Malwarebytes scans my new machine and reports no viruses.  But is there a way to also scan my machine using Windows Defender?

At https://www.safetydetectives.com/blog/windows-defender-vs-antiviruses-is-defender-enough-for-you/ - I read that Windows Defender can do on-demand scans.  But I don't see it as an application on my machine.

Thanks
0
Q1:
For IT audit purposes, what are some of the questions that an auditor should ask
during the audit interview especially for Cyber, IT Infra, End-user computing  audit?

Q2:
What are some of the open-ended question like "Can you describe your
network architecture", "what's your patch procedure/policy like", "what are
your perimeter & endpoint defenses" ...  <pls add on>.

Q3:
Presume auditors should start with such open questions first before going
into more targetted questions?

Q4:
What are some of the more targetted questions?  
Eg: "how long is your backup retention for DB,  logs, ...", "share some of
      the recent patch logs", ...<pls add on> ...
1
I need to know a process for isolating the source (process or application) that is generating thousands of failed logons (Event ID 4625) per minute on a win 10 workgroup file server.  Within 10 - 30 minutes of logging onto a win 10 workstation, the account used by the logged on user's profile to logon to the workgroup file server starts generating failed logons ( see details of Event 4624 at end ). The fails don't start immediately. There are 2 network drives mapped to the file server using the same credentials and both work perfectly.  Office 365 is installed using online Exchange. I've reinstalled Office365, remapped her network drives, and deleted stale credentials from the workstation, nothing seems to help.  I moved her to a laptop and installed office365 there, mapped the drives, and the errors have stopped. Does anyone have a clear process for isolating the source of these errors?

Subject:
      Security ID:            NULL SID
      Account Name:            -
      Account Domain:            -
      Logon ID:            0x0

Logon Type:                  3

Account For Which Logon Failed:
      Security ID:            NULL SID
      Account Name:           renee aldrich
      Account Domain:            RENEE-PC

Failure Information:
      Failure Reason:            Unknown user name or bad password.
      Status:                  0xC000006D
      Sub Status:            0xC000006A

Process Information:
      Caller Process ID:      0x0
      Caller Process Name:      -

Network Information:
      Workstation Name:      RENEE-PC
      Source Network Address:      192.168.2.97
      Source Port:            50414

Detailed Authentication Information:
      …
0
I have a large windows 10 workgroup with one of the machines sharing files.  The user accounts on the local workstations are replicated on the "server", but with different passwords.  There are shares set up on the Win 10 "server" and Everyone is given Full Control. The user accounts local to the server are given permissions to the shared folders' acl using NTFS. Shares on the "server" are mapped to the local machines using different credentials.  
All has been well for a very long time.
Recently, an individual has started getting logon failures that seemed to have begun when her password was changed both on her workstation, and on the server,  (this has been successfully done to a couple of others so far) then the mapped drives were disconnected and re-created using the new different credentials.
The first time the errors started occurring, I verified settings on the server, went to the workstation, and repeated the process carefully, drives mapped correctly, restarted the machine, logged on to see drive mappings still there, opened a few folders on each drive, and then checked the security logs on the "server" again, SUCCESS all around. TGIF!
Then comes Monday, and the Security log is inundated again.
I've gone through this scenario twice.  The user involved is able to access files on the share, but at very slow speeds.
The Event ID is 4625 and the logon is incrementing the source port by one in each successive attempt.
I have Webroot monitoring the machines, so I …
0
Hi All,

We have a few legacy servers that shortly will no longer be covered by Critical updates. These wont be able to be updated to a newer OS for a little while. We have a solid AV on them and they sit behind a decent friewall. Is there anything else we need to do to further protect these servers until we can upgrade them. None of them bar one touches the internet in any way.

Our reseller has suggested Trend Deep Security. Is this a good path to take / has anyone any experience with this product?

Thankyou,
Paul
0
Hi
I’m staying in a hotel and I opened my MacBook, without thinking. I entered my room number and such to acquire WiFi

How can I tell if it has been infected w backdoor software?
Thanks
I think I looked at my email
0
I moved the Laravel site I was working on from one box to another. I can access the site just fine if I do http://localhost/new_nomas/public/index.php. However, if I try to configure my httpd-vhosts.config file to accommodate a "new_nomas.site" url, as I did on the other computer, I'm getting a "403 Forbidden" error.

I'm running Apache 2.4.41. Here's my httpd-vhosts.config file:

<VirtualHost *:80>
	ServerName nomas.site
	DocumentRoot c:/wamp/www/new_nomas/public
	<Directory "c:/wamp/www/new_nomas/public">
	AllowOverride All
    Require all granted
	</Directory>
</VirtualHost>

Open in new window


...and here's my "hosts" file from the Windows/System32/drivers/etc directory:


127.0.0.1 nomas.site

Everything is pretty much identical to what I had before, but when I attempt "nomas.site" in my URL, I get a "403 Forbidden" message.

I've adjusted the security permissions in all of the files...

What am I missing?
1
Hey guys,

I'm tasked with looking at Active Directory "Groups" in our environment.

My question is, is it okay to have a user and computer account in a security group?

I'm finding both "user and computer" accounts within the same group and I want to know if I should separate these out and put them into their own separate groups?

Also, does anyone have a PowerShell script that can be used to get the groups, group type and group nestings?

Thanks

Phil
0
Our auditors subscribe to Teammate SaaS Prod in the cloud.
Teammate also offers a QA/UAT SaaS in the cloud.

Q1:
Under what circumstances would sites out there subscribe
to QA/UAT  Teammate SaaS?

Q2:
What's Teammate QA/UAT used for?   Is there any development
work for Teammate that needs to be done in UAT 1st before
being ported over to Prod Teammate?

Q3:
I've heard of our parent company's  audit dept uses on-prem
Teammate & have both QA/UAT plus Prod environments?
not convenient to ask the auditors, but curious what it's for
0
Hello Experts

Can somebody confirm that MFA is not available anymore on new tenant? I have a client whoa has purchase O365 E3 and he wants MFA

I had some informations saying that this is not free of charge anymore on new tenants

Rgds
0
I have mentioned the email header below. Can someone please confirm that email received by email security gateway  " esg1.abc.com" from sl.ab-bev.com [104.168.167.27, is through connecting a connection on SMTP over TLS/

Moreover what is mean by verify=NO in the below header.

Moreover what is mean

from sl.ab-bev.com (sl.ab-bev.com [104.168.167.27]) by esg1.abc.com with ESMTP id iYM5xoyaE6GTt8HE (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
0
Question from our legal department:
if our customers send us their personal particulars (eg:
NRIC, Social security number) via email, what's the best
practice out there in terms of
a) how long we retain the email?
b) after how long that we dont need it that we ought to
     purge/delete it away?
c) do we need to show evidence that it's been purged?
d) any other treatment of such customers' information?

Currently we are on O365
0
Hi Experts.\,

I have Office 2010 Pro installed which includes Access.  i.e. Office Version 14.0

I have just installed anapplication developed in Access 2016.

When I tried to run it, it required Access 2016 so I installed Access 2016 Runtime.  i.e. Office Vesion 16.0.

When  I try to run the Access 2016 App it is displaying the Security Warning.  Since Access 2016 Runtime doesn't have an option to specify Trusted Locations I am forced to deal with the Security Warning each time I start the App.

How can I eliminate the Security Warning for the Access 2016 App since setting Trusted Locations is based on the Office Version installed.?

Thanks,
Bob C.
0
Windows 10 laptop.

I uninstalled Office 2010 and installed Office 2016 on a user's laptop and now when I open Outlook, it opens a window that says Windows Security and it has areas for domain\user and password but no matter what I put in, it won't get past it.

When I click cancel, I get the message: Cannot start Microsoft outlook.  Cannot open the Outlook window.  The set of folders cannot be opened.

I went into Settings - Accounts - Email and Accounts and added the users work account (O365) but it still won't work.

Any ideas?  I reloaded Office 2016 again as well.
0
We setup multiple Office 365 Groups and would like to assign policies in Intune corresponding to these Groups. Yet Intune only take Security Groups instead of Office 365 Groups. An obvious method is to create Security Groups Corresponding to Office 365 Groups with duplicated effort and risk of human error creating not matching membership between two groups. I wonder if there is any other practices to manage such situation. Any advice sharing?
0
http://avigilon.com/products/video-security/cameras/

We're installing IP cameras, yet to determine which model.

What are the cybersecurity measures we ought to take?

Q1:
Any hardenings that can be done?  Any other cyber measures
to take?

Q2:
Cameras to be connected to user VLANs or a totally dedicated
VLAN by itself or ??

Q3:
The recorded videos will be archived to a server?  Encrypt it with
which encryption & any other handling methods?

Q4:
Reckon IP cameras are treated as IOTs so in the event they need
to be connected to Internet, what further measures ought to be
taken?

Q5:
Should we do a pentest using Tenable/nessus against it?  I recall
we ever did it with a PABX (which runs a custom RHEL & many of
the vulnerabilities of RHEL are applicable)
0

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.