Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

1
PMI ACP® Project Management
LVL 13
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

Security flaw involving third party keyboards in iOS 13 and iPadOS: https://support.apple.com/en-us/HT210613
0
0
Speaking of voice scamming, here's a rather catchy warning about cyber security, courtesy of Emerates Bank: https://vimeo.com/344959412
1
1
Thousands of dollars and new kit up for grabs if you can blow a hole in Zuck's video-conf gear

https://www.theregister.co.uk/2019/08/28/pwn2own_facebook_portal/ 
0
1
0
1
0
Exploring ASP.NET Core: Fundamentals
LVL 13
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

A interesting Bunndle for Security Penetration Testing learning and also sure to keep on eye for offers.

https://deals.thehackernews.com/sales/2018-cybersecurity-bundle
0
1
1
LVL 3

Expert Comment

by:Ryan
Glad you liked my post.  I get most of my info from toms hardware and technology review.

Ryan,
Denver, CO
0
LVL 3

Expert Comment

by:Ryan
I haven't had any problems with Windows 10 upgrades.  Not so far anyway.
0
Synology® Urges All Users to Take Immediate Action to Protect Data from Ransomware Attack

https://www.synology.com/en-global/company/news/article/2019JulyRansomware
1
If after applying VMware vSphere (ESXi) security update -  ESXi-6.7.0-20190504001-standard (Build 13644319) - https://kb.vmware.com/s/article/55636 and adding VMkernel.Boot.hyperthreadingMitigation = TRUE After restarting ESXi you notice half the number of logical processors (e.g. hyperthreading disabled!) - this is NORMAL!. "Enabling this option will result in the vSphere UI reporting only a single logical processor per physical core; halving the number of logical processors if Hyperthreading was previously enabled. In addition Hyperthreading may be reported as 'Disabled' in various configuration tabs."


BEFORE UPDATE VMkernel.Boot.hyperthreadingMitigation = false
Before Update
AFTER UPDATE VMkernel.Boot.hyperthreadingMitigation = true
After Update applied

0
If you are using Spotify, just to make you aware that The company Pro-Active reset users Password

https://techcrunch.com/2019/05/22/spotify-password-resets/
2
https://www.nytimes.com/2019/05/06/us/politics/china-hacking-cyber.html
Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal.
Morning NSA and thank you so much!
1
2
New Offensive USB Cable Allows Remote Attacks over WiFi

Be careful where you buy your USB cables folks

https://www.bleepingcomputer.com/news/security/new-offensive-usb-cable-allows-remote-attacks-over-wifi/


4
LVL 52

Expert Comment

by:noci
Hopefully not to late to learn... ;-)

Many people considder USB to be some Serial cable like they used to have for Modems, Printers etc.
USB really is a multi-drop networking standard. And it provides for all kind of adapters like Storage Nodes, Network "routers" (=Usb Ethernet ...), Network camera's (photo equipment), ...
So USB sticks are more like a NAS on a private network then a Disk onto a Pata/Sata cable.  The difference is they have no configuration items on most USB equipment.
(Rather like the original SCSI standard, only serial).

The Poison Tap (short version) provides a network adapter, with DHCP and it will provision a network with netmask 0 (so ALL packets sent by your system [ except for the local network you PC is connected to ] go to the PoisonTap..). Which also runs a transparant proxy to hijack connections.  and will inject code back into the browser to redirect ALL access through another public site. After the PoisonTap is removed the attack still persists. Allowing an attacker to keep on tapping authentication data.
1
LVL 29

Author Comment

by:Andrew Leniart
Hopefully not to late to learn...
Never too late to learn something new noci. I live by that rule :)
0
C++ 11 Fundamentals
LVL 13
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Interesting documentary available on Hulu and Netflix right now called Zero Days. It gives a high level analysis of the Stuxnet virus which was apparently engineered to specifically target the Siemen's logic controllers used in Iran's nuclear centrifuges.
0
LVL 52

Expert Comment

by:noci
Also available on YouTube:

https://www.youtube.com/watch?v=J50bUcf8gfc     [ Spanish Subtitles ]
1
Stop using Internet Explorer, warns Microsoft's own security chief

https://www.telegraph.co.uk/technology/2019/02/08/stop-using-internet-explorer-warns-microsofts-security-chief/

Heads up for those of you that might be doing so.
4
LVL 114

Expert Comment

by:John
Fuller quote from the bottom of the article (and I have read others like it)

""We want you to use IE for the sites that need it - what I'm trying to say here is that I hope you don't use it for everything else,” Mr Jackson said in a comment on the blog post.
Microsoft will end support for Internet Explorer 10 in January 2020, while Internet Explorer 11 will remain as the final iteration of the software."

Some servers do not have (and have not been able to update to) IE 11.  This was not in the article but I have read it along with the statement that Server updates would be revised to use IE 11. I am not sure about Server 2008 but certainly Server 2012.
0
LVL 28

Expert Comment

by:Brian B
The headline is somewhat sensational, the message is just good security practice.
1
I'm looking for a cybersecurity-oriented managed service provider that will monitor a single Windows webserver for a small business that will be launching a web app soon. Most MSPs have a minimum that is too expensive for this organization. Any ideas on firms that will take a client that small, are reasonable and provide good service?
0
LVL 21

Expert Comment

by:Lucas Bishop
Depending on what type of monitoring you need, the Experts Exchange Business Account monitoring tool might give you what you're looking for:
https://www.experts-exchange.com/business.jsp#analysis
2

Author Comment

by:Ed Eckenstein
Sounds interesting. I will look into it.
Thanks!
0
Warning - A respectable looking scam attempt

I get scam attempt emails all the time, however, this one caught my eye due to how cleverly it's been put together. An almost perfect reproduction of a genuine Energy Australia electricity bill. Two screw-ups from this particular scammer though - An invalid "From:" email address and the Copyright statement at the bottom of the bill is dated 2017.

Other than those two mistakes, it is an almost perfect reproduction that I fear would fool the majority of technically challenged users. Even the Sign in to My Account etc. links are genuine. Take a look at this:

EnergyAustralia Scam
















The "view your bill" link is bogus and hyperlinks to the following address, which I've purposely mangled to make it unclickable.

h t t p: // org155 DOT outdoorjacketstore DOT com / route / b65ffaead5b87a47

Give a heads up to your folks if you still have them, as well anyone else you think might benefit from this information.

Hope that's helpful.

Regards, Andrew
1
https://www.computerworld.com/article/3005184/encryption/bitlocker-encryption-can-be-defeated-with-trivial-windows-authentication-bypass.html
Wow. Just came across this by chance. I can't believe I missed that one back in 2015. The article describes, that due to bad design, windows (all versions) allowed attackers at the logon screen to break in without knowing the password of your domain user account.

I consider myself very well-informed when it comes to computer security and I did not know this. How did Microsoft manage that this did not start a giant outcry, back then? Must be, because the security advisory simply does not even rate this "critical"!
0
Saw this a while ago and just came across it again. I think it's too good not to share. Enjoy...  :)

IT Emergency
5
LVL 21

Expert Comment

by:Lucas Bishop
I follow the same procedure when I mis-send an email.
2
LVL 14

Expert Comment

by:Prabhin MP
even me follow the same.

this note can save your entire organization during cyber attack
0

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.