Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

How to identify possible virtual host on a network using IP address. I have the ip address but i don't know how to go any further
0
I'm having a security problem involving Windows Offline Files.  I'm using Offline Files in Windows 10 with files located on a server that is running Windows Storage Server 2008 R2.  When connected to the network, my account has no problem accessing files located in appropriate shares on the server.  But when my computer is offline, I am unable to access any files that I have not previously accessed on the server while connected online, and receive "Access Denied" messages.  The folders that I need to access contain literally millions of files, so I cannot simply take the time to access each of those files in advance while connected online, just so that I will later have the ability to access those same files offline.

Note that I suspect this issue could be related to some recent changed permissions on the server.  Here is the relevant setup for one of the accounts with this problem:
On the laptop, there is a local user named Kevin, with a certain password.
On the server, there is an identical user named Kevin with the same password, and that user is a member of the group KAM-BTM.
On the server, the group KAM-BTM has Modify, Read & Execute, Read, and Write permissions on the share containing the files that are exhibiting this problem.
On the server, all subfolders and files beneath the top level share inherit their permissions from the share.

It seems as though the laptop may have cached some obsolete permissions from the server, and the only way those obsolete …
0
Hi

I do have a video that is in a .MOV format and the size is 9MB . I have been requested to  password protect the video.
This video will be sent to a another organisation through an email.

Please let me know how to password protect the video file.

Any help will be great.
Thanks
0
Hi Experts!

Being overly cautious here and wanted your opinion.  I received the following (ransom) email below and thought it was suspicious. From what I can find on the web this looks like a phishing attempt (somehow gotten a hold of my email and old password from somewhere). On my desktops and laptops we have the paid versions of Avast Premium Security and MalwareBytes. Both are scheduled to run daily, and Windows Update is always on. We primarily use Google and that self-update. My email account has MFA enabled for awhile; so I know this person cannot access my email?

 After getting the email I manually scanned the desktops and laptops with Avast and MalwareBytes. Nothing found. Downloaded and ran Spybot seach and destroy and nothing bad found.

My thought that this is a phishing attempt is because if you have control over my computer when don't you lock it and demand payment instead of this email?

Here's the email:

Recorded You <recordedyouXXXX@XXXXX.com>
To:
myEmail@yahoo.com

Nov 18 at 1:30 AM

Hey, I know your password is: HeknowsMyPassword

Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit".

My malware gave me
0
We have a Lenovo laptop with Windows 8. It's only used for travel and that was back in May. Periodically we use it at home to keep it charged, etc. Today as we prepare for travel Windows said our password had expired.

How long are passwords good since we logged in about 45 days ago with no issue.

Then when we try to create a new password it asked for our user name.

Where in the settings can we find our user name?

I guessed 3 times and failed and somehow by clicking ok or cancel or the user icon on the middle of the page, finally got to a place to enter a new password and we in that way.
0
I'd like to obtain the ISO 27001 certification.  From my understanding this is an intermediate level security/audit certification.  Where exactly does one start?  For example training resources; who offers or sponsors this certification; it's costs, etc.  Any input towards this is greatly appreciated.  Thank you!
0
Hello! I have old security groups in Exchange 2016 on-premise that have existed from previous version of Exchange. I want to delete them. However I get this error when I try and cannot find a solution anywhere:

error
Property IsExecutingUserGroupOwner can't be set on this object because it requires the object to have version 0.10 (14.0.100.0) or later. The object's current version is 0.0 (6.5.6500.0).

Any advice?
0
I am looking for a web page that lists Azure compliance with various security standards.

This is  that page in Amazon AWS:

https://aws.amazon.com/compliance/services-in-scope/

Is there something similar for Azure that anyone knows of?

Thanks.
0
I have a computer with 2 hard drives, the OS hard drive C: and a file container hard drive D:

It seems that no matter what procedure I try on the D: drive to set Security, I end up when it propagates permissions I get:
Failed to enumerate objects in the container. Access is denied.

The approach that seems to be recommended most often is changing the ownership to the current user and propagating the result.

I still get:

An error occurred while applying security information :
[foldername]
Failed to enumerate objects in the container.  Access is denied.
[CONTINUE] and on to the next folder with the same message.

It appears that I've been able to get file access down ONE level in the folders and no more.

There's a lot of data (and folders) on this drive and I'd like to propagate an effective cleanup of Security permissions.

Is there a way?
0
I am looking for best options for SMTP relay/Secure Email Gateway to be implemented in our environment.


We already are using O365 and we have IBM domino with Postfix as MTA and I am looking to replace both with a product that will server an SMTp email relay with security features as in junk filtering, user validation etc...

Let me know who are the best players in market.
0
"Forwarded" domain unreachable. Users get "Page Can't Be Displayed" when trying to access website forwarded using GoDaddy to another domain. forward is a "permanent (301)" and set for "forward only" (No Masking). SonicWALL firewall with all Security Services disabled still cannot access. Other sites with similar FW can access site successfully.
0
I logged into my gmail account with my correct email address.
I typed my correct email password!
I got the "doesn't recognize this device message" message.
Gmail wanted to verify my account using a phone number which I don't have any more.
I clicked to "send verification code to my email account".
I received the email verification code and correctly entered it.
Gmail said "Thank you for confirming" BUT STILL DIDN'T LET ME INTO MY ACCOUNT!
(See graphic).
HELP.  How do I get into my account. Is there a help desk? or help email or help "chatline" I can  go to.

errI
0
Latest Windows Security Patch Crashes Microsoft Access 2013/2016 applications with "The OpenForm action was canceled". This started happening Nov 12 2019. I have had at least 14 client computers over the last 2 days call with this issue. So far my only solution has been to do a system restore and pause their Windows updates for the time being.
It also appears that customers with Windows 1809, end of Service was scheduled for Nov 12 2019. and apparently some older Home versions would not allow you to pause updates.
I found an article that suggested that registry settings for MSCOMCTL.OCX are messed up by the update with recommendation to unregister and re-register the control:
using Windows Power Shell:  regsvr32 -u "C:\Windows\SysWOW64\MSCOMCTL.OCX"   and then  regsvr32 "C:\Windows\SysWOW64\MSCOMCTL.OCX"
Although the commands are successful, that does not solve my problem. This problem is occurring for both Windows 10 and Windows 7 computers (I would assume 8.1 as well)
0
Toshiba satellite laptop, and unfortunately it has a password to log in and it was given to me by a relative who passed away.
Any way into it?
0
I am preparing for installing LAPS. I am attempting to identify security principals which have extended rights to the OU LAPS will reside in.  The LAPS management server is a windows 2016 file server.  I get the following errors when attempting to run this scriplets

Import-module AdmPwd.PS
Find-AdmPwdExtendedrights –identity servers| Format-Table  

PS C:\WINDOWS\system32> Find-AdmPwdExtendedrights -identity servers | Format-Table

Name                 DistinguishedName                                                 Status
----                 -----------------                                                 ------
Servers              OU=Servers,OU=EPM,DC=domain,DC=local                                Delegated
Servers              OU=Servers,OU=EPMC,DC=domain,DC=local                             Delegated

Find-AdmPwdExtendedrights : More than one object found, search using distinguishedName instead
At line:1 char:1
+ Find-AdmPwdExtendedrights -identity servers | Format-Table
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Find-AdmPwdExtendedRights], AmbiguousResultException
    + FullyQualifiedErrorId : AdmPwd.PSTypes.AmbiguousResultException,AdmPwd.PS.FindExtendedRights

Since there are duplicate objects the error message specified using the DN.   Which was attempted

PS C:\WINDOWS\system32> Find-AdmPwdExtendedrights -identity OU=Servers,OU=Equipment,DC=domain,DC=local  | Format-Table

1
What command can i run from mac terminal to know the version of Apache that’s running on a remote web server using IP address
0
We have an internal email server running MDaemon.
Trying to set up an existing user's email account on a new Samsung Galaxy S9, with the Exchange option using manual setup.
Getting an error message:
"Can't add account. Gmail's security settings are more secure than those set by your IT Admin. Contact your IT admin for help."
Also a couple of existing mobile users are unable to sync, getting the same message.
Any advice?
0
Hi expert

Need help, I am not strong in Powershell.

I was task to automate the manual windows server patch by using powershell script.

For your information we don't have SCCM environment, let me share the use case show in the following;

Not sure is it possible to achieve the following;

1: Powershell script will get file from SFTP and deploy patch to the Windows Server 2016.
1
What’s the risk of having a self signed SSL cert on servers ?
0
How to check if a remote ssl cert has expired using IP address  On mac terminal
0
Q1:
Our Enterprise Risk Mgmt wants to establish Cyber security KRI (Key Risk Indicators):
I think this is something that must be manageable (ie can be remediated) & measurable
so I suggested :
a) # of virus/malware outbreaks
b) Sev 1 & Sev 2 incidents for the month
c) patching metrics (how many servers & PCs & other devices : % patched)
d) any other ?

Q2:
What about phishing?  I think this is something we can't control as the spammers
or phishers' activities can fluctuate wildly.   It's left to the email security tools &
user awareness.  Besides, I felt that each time a phishing test is conducted, the
results tend to vary widely.   In fact in 2017,  local monetary association organized
a sector-wide phishing test for 11 banks: you'll find the click rate can be from
3 to 27% :  so I beg to differ with the industry click-rate that Proofpoint provided
(I'll extract that article later)  which shows Transport sector's click-rate as 3-4%
lower than Defense/Government.  The figures can't represent anything as it
depends on how good is the phishing campaign.  Anyone care to comment?
0
My wife installed Holdem Manager 3 on her Windows 10 Home computer for my son.
https://www.holdemmanager.com/hm3/

We gave my son a limited account (Windows 10). When he runs the application, it asks for the admin's password which my wife entered. I don't know whether there is a timeout, but when he closes HM3 down, and brings it up again, it does not ask for a password if he didn't log out of Windows.

Since we are not giving him the admin password, we would him to be able to start the application without having us to enter the admin password.

I tried two things:
1) ~10 years ago, I succeeded in setting users rights to full control. So I did that for HM3.exe as well as the other applications in that folder. There were about 170 dll's, so I did not try to change them.

2) I tried the steps in this link, but the application did not start.
https://www.maketecheasier.com/standard-users-run-program-admin-rights/
Any idea why this link might fail for HM3?


I found other links which I have not read yet:
http://meridian.ws/wordpress/?p=306
https://robotronic.de/runasadminen.html
https://www.experts-exchange.com/questions/29154745/Run-program-as-admin-for-non-admin-w10-shorcut.html
https://www.experts-exchange.com/articles/33548/How-to-empower-restricted-users-to-execute-defined-administrative-tasks.html

Will any of these links work for HM3?

Thanks!
0
Hi,

I have Pihole running. Sometimes I look for something and I get
https://www.googleadservices.com/pagead/ ... then a link

but the googleadservices page is blocked and then I cannot ge to the final page.
How can I solve this?

Please advise.
J.
0
Hi,

I'm using PiHole on a Synology NAS in Docker container.
When I go to the PiHole site, it says:
Pi-hole Version v4.3.1 (Update available!) Web Interface Version v4.3 (Update available!) FTL Version v4.3.1

How do I update this Docker container quick & straight forward without losing all my configuration?

Please advise.
J.
0
how to install google chrome browser via SCCM

I downloaded the standalone offline installer (about 57MB),

One issue, if you install the exe while the browser is open, it needs to close to apply the update or click relaunch from the browser. But via a script, how can we do it.

The deployment script.bat working fine at a local computer, but when I deploy it via SCCM its installs the chrome but not closing the browser and displays some message as chrome installed without administrative.

Anyone have abetter idea to install/update chrome, please share

Below script:

start "Installing Chrome Silently" /wait "ChromeStandaloneSetup.exe" /silent /install
echo x=msgbox("Google Chrome browser has been updated successfully. For security reasons, it will relaunch automatically after three minutes.",0,"Security Team") > %tmp%\tmp.vbs
cscript //nologo %tmp%\tmp.vbs
del %tmp%\tmp.vbs
@echo off 
timeout /t 180 /nobreak
taskkill /F /IM chrome.exe /T
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --restore-last-session

Open in new window

0

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.