Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
5
LVL 29

Expert Comment

by:Andrew Leniart
Thanks for sharing your story. Ransomware is a topic I follow closely and have a lot of interest in. Sorry to hear you were hit by these criminal scum bags and while it irks me to know they profited from your misfortune not once, but twice, I understand the dilemma you were faced with. Backups are something we all tend to fall lax with at times and this story highlights the reasons we all need to stay vigilant. Good luck for the future.
0
LVL 1

Expert Comment

by:Josh Petraglia
Education is Power!

Also, (offline) Backups are your best friend. Just saying.
0
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
3
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard yourself from future ransomware attacks.
2
Let's recap what we learned from yesterday's Skyport Systems webinar.
1
A look at what happened in the Verizon cloud breach.
4
LVL 20

Expert Comment

by:Kyle Santos
I was able to do this easily last night by logging into my Verizon account online and going to settings to change the PIN.  I didn't even have to call customer service.
1
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
0
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
3
LVL 68

Expert Comment

by:McKnife
Interesting concept.

It should however be noted that you create random 8-character passwords that way, which would not work in case people have setup a password policy that applies to local accounts as well that requires more than 8. I'd use a different password generator.
0
Make the most of your online learning experience.
5
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP, Windows Server 2003 and 2008 - Both 32 and 64 Bit installs.
2
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
0
LVL 10

Expert Comment

by:David Anders
Turning on firmware passwords and encryption requires perfect password records and backup habits.
A dying encrypted drive is beyond my recovery skills.
I have dealt with the problems caused by both many times and have yet to deal with malware.
Adware, scareware, phishing, identity theft yes, I have been called to fix these.
But, I deal with individuals and small businesses.
0
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
2
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication. I found to my own chagrin, that there is a big downside as well.
1
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others. This conference is aimed mainly at government agencies. So it addresses the various compliance issues with which they have to deal.
2
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to thoroughly revise their security concepts.
9
LVL 68

Author Comment

by:McKnife
Some news that might be of interest for Americans: https://www.upguard.com/breaches/the-rnc-files
In short: US politicians payed for analysing voter opinions on US election-critical topics. Voter data (1,1 TB!) of 198 million Americans was uploaded to an amazon server but the access rights were incorrectly set - it was open to the public and the data was not encrypted. It leaked.
See what I am talking about?
0
LVL 29

Expert Comment

by:Andrew Leniart
Before you start discussing - let's wait for other comments.
I guess I've waited long enough now. I just read through this again and still think the world you appear to crave just doesn't exist, nor will it ever. Ideals are one thing, reality another.
are fundamental IT decisions made by non-IT people?
Absolutely, and that would be true for the vast majority of the population around the world. The guy with the fattest wallet (employer) has ultimate control and always will. Stamping feet won't change that fact, and digging in heels will only get you sacked.

All we can do is try our best to educate, and lead by example. Insisting to the point of unemployment isn't a solution. For every IT admin that won't do something management insists on, there will be 20 or more waiting in line to take his place that will. Sad, yet true.
If the admin is not comfortable making his concerns heard, then he is not employed at the right place and should not fear to be replaced but leave on his own.
Raising his concerns is one thing and quite easy to do. Suggesting he should be ready to throw in the towel on what could be his only means of putting bread and butter on the table when his concerns are dismissed by an unsympathetic (and perhaps ignorant?) employer, in order to *force* his concerns to be heard is quite another, and ultimately, an unrealistic and idealistic hope.

Would I be accurate in assuming you've never worked for anyone who would not adopt every security recommendation you made? That you've flat out refused to perform IT-related tasks that were against your own best security practice ideals? If so, I'd be quite surprised, because I credited the head honcho's in the defence sector with bigger balls than that :)

Anyhoo...
0
Here's a look at newsworthy articles and community happenings during the last month.
3
Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
1
Liquid Web and Plesk discuss how to simplify server management with a single tool in their webinar.
2
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
1
Ready for our next Course of the Month? Here's what's on tap for June.
3
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and protection.
1
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
8
LVL 13

Expert Comment

by:Senior IT System Engineer
Hi Shaun,

Why there is a need to use Configurator.exe (Configurator Editor) to do this?
I believe this can be done purely with Group Policy Preference for Windows Vista-Server 2008 and above.
1
LVL 56

Author Comment

by:Shaun Vermaak
Enforcement, yes but not the part where group members are moved to AD. If you do it individually with Preferences you will how to create a preference item for each possible combination.
Also, the configurator is the configuration tool, admingroups.exe is the actual application.
1
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me is flawed and borders on irresponsible behavior!
11
LVL 6

Expert Comment

by:DP230
Sometimes we will get "The update is not applicable to your computer" when updating the patches as well; so Wait a bit :)
0
LVL 29

Author Comment

by:Andrew Leniart
Hi SpiderlinK, thank you for your comment.  I've found that failure to often be a result of being behind in issued Service Packs. A patch will often fail on a Service Pack 1 or 2 installation if a SP3 has been released.

Best..
0
A hard and fast method for reducing Active Directory Administrators members.
9

Expert Comment

by:IT Guy
What AD group(s) or delegation of rights can I use to remove current administrators from the domain admin group while still allowing these administrators to:

1. Remote desktop into a domain controller

2. Only have the right to manage Active Directory users and computers without having the rights to manage any other server or Active Directory functions.
1
LVL 56

Author Comment

by:Shaun Vermaak
1) Create a group and give it allow to RDP via GPO. Do not add it to administrators group.

2) Delegate user rights. Delegate computer rights only on computer OUs
1

Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying


How To Identify the Scam Email

You will see an email from someone you’ve had correspondence with (and in many cases know well) that contains the subject line stating that a document has been shared on Google Docs (example: John Smith has shared a document on Google Docs with you). You will not see your email address because it is in the bcc field, however you will see the email address hhhhhhhhhhhhhhhh(AT)mailinator.com appear.



The message will contain a link saying Open in Docs. Do not click this. If for some reason you do, you will get prompted to sign into your Google account if you are not already signed in. Afterward, you will be prompted to give permission to “Google Docs” access to your email and contacts.



Clicking the info button (The “i” inside of the circle) will show developer information that contains a random Gmail account. Do NOT click the allow button, as it will send the scam message to your contacts. While the adversaries do not have your password, they will have access to read emails in your account as well as to send emails from it without the need for any sort of security check (both passwords and two factor authentication get bypassed).



How do I know if I’ve been affected?

If you clicked the Allow button, then you’re affected. And you may have heard back from acquaintances, friends, and family by now. Another way to know is to check your Sent messages, and see if any strange emails have been sent.


How do I fix the problem?

Go to the Permissions section of your Google account at https://myaccount.google.com/permissions to see the apps that have access to your account. Click the one that says “Google Docs”, then click the Remove button. (In this screenshot you will WhatsApp because it is an app that was given permissions from an Android phone) Optionally, you can change your password (even though the adversary never received it) as it a good security practice to change passwords periodically. Also please be sure to check your sent mail for the scam email. Alert the recipients that not to open the email and to delete it right away, and let them know what happened.


4
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
4

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.