Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

How does 2 Factor Authentication work, exactly, for Office 365?  We are interested in possibly implementing it - but we don't want users to have to CONSTANTLY re-authenticate, either.  And are there control options for how it works - or is it Microsoft-controlled?

Thank you
0
The user was visiting the web page for thinkwellgroup.com (which looks to be a pretty amazing company).  They were using a recent model iPhone and were browsing in Safari for the iPhone. They wanted to call for information on behalf of their company, and saw a phone number on the bottom of the home page.

They then had some sort of message from switch.com appear on their Safari screen.  Switch.com is a colocation company.

Should they be worried about iPhone security?  Could there be an issue with a colocated website?

Thanks.
Phone number link on homepage
0
We have started giving users the option to work off of a Mac instead of PC but an annoying issue has come up.

Unlike in the PC world where users can install Windows Updates, admin credentials are needed for Mac users to install updates.  Is there a way for standard users to install Mac updates other that entering admin credentials or having their accounts changed to admin accounts?

Thanks!
0
Before the last few days we had a setting that would go back to the login screen and require the password. I could be sitting here doing nothing and maybe every 10 minutes this event would happen. Now today I left at 4pm and back at 6pm and the system was still on. Who changed the setting and how to prevent it from failing. The computer was not secure today during those 2 hours. I think the setting I had was 10 minutes.

I went into these settings and not seeing it. Windows 10 desktop.
y
0
We have numerous instances of MS SQL Standard 2012 in our environment. MS's product lifecycle page shows SQL 2012 Service Pack 4 as supported until July 2022.

I'm seeing different information regarding MS support for Critical and Security WSUS updates. Am i reading it right that if we install SP4 on those we will continue to get WSUS critical and security updates but may have to pay a fee if we call MS as they are in extended support and no longer mainstream?

Do i have that correct?
0
Hello,

I have a cloud server where I am hosting a website. It is a Windows Server 2012 R2. Recently I noticed a message in my account control panel saying something like this:

"CRITICAL NETWORK - 384 kbit/s received       12.11 MBit/s transfered"

This is the first time I received a message like this. The server has been operating since 2015.
I am not a network administrator so I do not really know how to proceed. So, I will very much appreciate any support/help you can provide to find out what is going on.

I had watched the Network Activity in Task Manager and I am attaching a screenshot just as a reference. Maybe I need to go over log files but I a not sure which ones are the correct to review and how to proceed.

For example, I watched the System log and I see error entries like this:

"A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203."

I found the error below in the Administrative Events log:

"The RD Session Host server received large number of incomplete connections.  The system may be under attack."

Something I should say is that I use Remote Desktop to connect to my cloud server.

Task Manager Network Activity Screenshot
Respectfully,
Jorge Maldonado
0
Dear Ladies and Gentlemen

we need to find whether D-Link DWM-222 Dongles have any security vulnerability (with latest firmware update).
Do you know any? If not where should I start?

Thanks
0
We got quite a bit of phishing/spamming lately so my IT support colleague has recommendation below:
for your inputs/views if the recommendation below is good or any other alternative best practices out there:
We don't have Proofpoint or email security gateway.

"Note that we should keep the Exchange Online rule/filter as empty as possible as rules filtering affects performance on the Exchange Online; every rule/filter is processed on every single email individually, delaying email delivery eventually.

Recommendation is to perform the blocking at our Exchange Online first (for faster turnaround) and highlight the phishing/spamming source to our host (ie MS team supporting O365) and allow them to take the appropriate actions at their end as ultimately, the RBL/DNSBL relies on the origin/host backend infrastructure.

After acknowledgement from the origin/host on the actions taken, we then remove the rule/filter from our Exchange Online"
0
My fiancée's mother exchanged her laptop for a pawn loan 3 months ago and she bought it back today. The laptop had no password on it. Just turn on the power and your in. Now she is staying with us for a bit and wants our WiFi password so she can connect to the internet with it.

The problem is I am very worried about her laptop compromising the security/safety of my family and their devices. (I.e., In 10 seconds couldn't the pawn owner turn it on and install spyware that could spread to everyone's devices connected too it?!)

I Just wanted to get some feedback from professionals out there on what you would do in my scenario, what are some worst case scenarios and how likely are they too occur? Would you let her login too your WIFI? (Part of me wants to just burn it and buy her a new one)
0
A few years ago we looked at a product named IE Tab for Chrome by Blackfish.  Back then, we weren't convinced of the security because, from what we understood, ulnerabilities of the IE version you selected would be present.  

https://community.spiceworks.com/topic/431687-thoughts-on-the-ie-tab-chrome-extension

We are revisiting the solution due to the ease of use it offers our users but the jury is still out on the security of it.

Security experts, what are your thoughts? Any recommendations on security settings for it? Are there any other products or methods you would recommend in it's place?

Thanks again,
Steph M
0
Gurus,

Could you please explain the difference between

1. End Point Protection / Anti Virus
2. End Point Detection and Response
3. Threat Hunting

Are these three related in terms of end point protection

SID
0
Can someone share the exact steps (step by step) on how to set
X-frame-options in Weblogic (10.3.6, 12.1.3, 12.2.1.3)  & Tomcat
to SAMEORIGIN to fix XFS/clickjacking?


I'm running Solaris 10 & RHEL 6  OS
0
I've been trying to apply uniform Share permissions across the files and folders of an entire drive in a domain-joined Windows 10 Pro workstation.
I can take the steps but the results look strange.
(I've run sfc and DISM just lately on the host).

If I look at the Share permissions, they vary across the folders.
I did re-propogate the Security permissions just in case that it would have some effect.  Wishful thinking...

I've not yet tried logging into different users on the host to see if there are differences.
When I look at properties over the network, I don't see a Sharing tab at all......
1
Other than Factory Reset, what precautions can I use to DEEPLY erase a used Android Phone that I've gotten?  Need some EXTRA level of erasing before I apply all my data to it.

One idea that occurred to me: activate phone with a dummy account.  Turn on video, and just let it run until all the memory has been written over.

Then: Factory Reset again, add REAL account.

What's a good way?

Many thanks,

OT
0
I have a stand-alone server that is host to a web application.  I've created a new domain (new forest) for security as well as preparing for additional servers.  I have a problem where it looks like dns svr records were not created correctly during the DC Promo operation and now there appears to be connectivity issues.  Dcdiag /fix returns the following error:

   Testing server: Default-First-Site-Name\HOST1
      Starting test: Connectivity
         The host 5c533dbd-a226-42e6-8968-b6c5296c08fe._msdcs.mydomain.com could not be resolved to an IP address.
         Check the DNS server, DHCP, server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
         ......................... HOST1 failed test Connectivity

What is the best way to resolve this?
0
What is this? I have several files with names ending with this: _NEMTY_LVMHFKO_-DECRYPT.  Some are .xlsx files, some are .docx files.  Each has the _NEMTY_LVMHFKO_-DECRYPT following the file name.  We can't find the original Excel or Word files, only these files with _NEMTY_LVMHFKO_-DECRYPT tagged onto the end. The file won't open with any program, but if we navigate to it in Excel and open it, Excel will convert it from a text doc to a jumbled up excel doc.
0
When users visit a website hosted on a virtual server at a client site, they are getting a Error and have to refresh the page. 2019-10-10_13h25_26.png
If I select the URL in the toolbar, and hit enter, the page refreshes and it comes up. but then I click on a menu option and it will then time out with the same error unless I hit the uRL and press enter to refresh the page. I have to do this every time I move from one link to another.

The server the site is on is Server 2016.
IIS is where the site is hosted.

I don't see any security updates with Microsoft that could be causing this block. The support entity told me to uninstall a specific security patch that isn't installed. So not sure where to go.
0
I'm trying to configure a rule in Cisco CES cloud platform the stops people masquerading as the CEO
for attempted Phishing. So on our previous FW we had if the mail has the sender as 'our ceo' but does not come from
our Domain, then drop. I can see where to configure this in the CES.
0
I have a stored procedure in one database that writes to another database. Security is assigned using SQL Authentication.
For each user I have issued
GRANT DELETE,UPDATE,INSERT TO JOBCOSTDETAIL TO USERNAME

This stored procedure is called via a  VS C# program. Whenever a user clicks the button to run the stored procedure they get:
The INSERT permission was denied on the object 'JOBCOSTDETAIL' ,database 'DATABASE',schema 'dbo'

I could change my code to run the sp as 'sa' but I should not need to do that. When I check the properties of this user on this database they do have INSERT permission as dbo. What else do I need to set to get an average user the ability to write to this table in this other database.
0
This is a message I got from a friend:

I have a computer problem will you come over about 4 pm and take a look
there is a yellow bar with a green bar in it and a red star in the
corner of it 100% in the bottom of it cant x out of it.


What would be your guess on what it is before I go over there to take a look.
0
Dear All,
I am monitoring ESX logs on a test environment,however I am receiving lot of logs
I need to focus on security logs only
What kind of logs should I look for?Any help?
IN case i want to know if a virtual machine was created,where to look for?
Any tips on monitoring a vmware ESX?
Regards
0
Our apps architect recommends  Alpine Linux for our
microservices/container environment.

Some time back, a patch management vendor told us
that patching for Alpine can't be managed by Satellite
or BigFix  ie we have to manually download & patch.

Q1:
is the above true or is there something like 'yum' in
RHEL to patch Alpine.

Q2:
Also, there's no CIS hardening benchmark nor any
docs that standardize what to harden for Alpine.

Q3:
Architect further points out that Alpine is the most
secure & efficient Linux to use for microservices;
is this true?  Does Alpine has good development
team that constantly check for vulnerabilities &
release advisories/patches (at least like RHEL)?

https://alpinelinux.org/about/
https://en.wikipedia.org/wiki/Alpine_Linux

Q4:
Where can I view past Alpine's CVEs/vulnerabilities
list & how can we assess how good are support
for Alpine?  Don't want a case where we log a
case for support & there's lack of response &
no solution
0
Looking for help getting my Sonicwall logs files to upload the the Microsoft Azure Cloud App Security system. I am trying to setup the Sonicwall's so they forward their logs to MS to be analyze. I need to have a forwarding machine installed to do this. They have a Docking image of Linus, but I can't seem to get it to work. My working knowledge Linux is pretty limited. I have been using this article as a reference: https://blogs.technet.microsoft.com/cloudready/2018/03/07/configure-microsoft-cloud-app-security-to-analyze-sonicwall-logs/. Thanks
0
I have a question about ransomware.  If my computers C drive is already encrypted, is it still possible for ransomware to hold my computer hostage by encrypting files?  if we have office 365 and all the files are also backed up to the cloud through OneDrive, doesn’t that also create a level of protection?
0
Hi All,

We use WatchGuard as our firewall and have Dimensions setup for reporting. What is the easiest way to find out and possibly monitor all users that have some form of file transfer either ftp, or web/app based such as dropbox etc?

Can this be done / how best to view this info or set this up?

Cheers,
Paul
0

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.