Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

TIP  SECURITY  ENCRYPTION & CERTIFICATES

In-place upgrade of encrypted Windows systems using reflectdrivers

Apparently since Win10 v1607 there exists a parameter "/reflectdrivers" in the Windows setup (setup.exe the CD / USB stick) see https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-setup-command-line-options

This can be used to tell Setup the location of the encryption drivers (eg Veracrypt) and finally be able to perform upgrades without decrypting!

The Veracrypt developer shares this in a forum post and gives a syntax example for his product:

setup.exe /ReflectDrivers "C:\Program Files\VeraCrypt" /PostOOBE C:\ProgramData\VeraCrypt\SetupComplete.cmd

Open in new window

1
Increase Security & Decrease Risk with NSPM Tools
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Andy's VMware vSphere tip#8: Spectre and Meltdown....Have you patched your server yet? It's almost 5 months since this Security Flaw was found in Intel CPUs, and we are still finding many VMs, and Hosts in the wild which are still not patched!

Remember this actually requires a little bit of work... To successfully patch against Spectre and Meltdown, you must:-

1. Update the BIOS and Firmware, and maybe CPU microcode in the Host ESXi Server. Some BIOS updates update the microcode for you. Check with your Server Vendor, some server vendor have been very slow to release new BIOS/Firmware/Microcode updates, and some servers may be now end of life, as server vendor may not release new code.

2. Update vCenter Server to 6.5 U1g, 6.0 U3e or 5.5 U3h.

3. Update the ESXi Build to the latest versions

ESXi 6.5: ESXi650-201803401-BG* and ESXi650-201803402-BG**
ESXi 6.0: ESXi600-201803401-BG* and ESXi600-201803402-BG**
ESXi 5.5: ESXi550-201803401-BG* and ESXi550-201803402-BG**

4. Update VMware Tools and all virtual machine hardware versions to 11.

5. Update Guest VM with latest updates.

6. You can then sit back, you are patched!

https://kb.vmware.com/s/article/52085

https://blogs.vmware.com/services-education-insights/feed-items/meltdown-and-spectre-vmware-patches#

https://blogs.vmware.com/feed-items/vmware-releases-patches-for-meltdown-and-spectre-bug/

If you need to discuss this further please, post a question to the VMware topic area.
1
Andy's VMware vSphere tip#5: Best Practice and Security Hardening ? HOW... easy as 1...2...3...

How about using some Automated VMware expertise, like having a VMware Consultant on hand, every minute of the day to ensure your VMware vSphere environment, is following best practices and security hardening guidelines to protect your environment, also has the ability to monitor VMware vSphere Hypervisor logs in real time for VMware KBs. We've been using and following this small startup for a few years now. Let me introduce you to Runecast Analyzer.

2018-05-24-10_41_44-Runecast-_-Web-c.png
https://www.runecast.biz/

Download a 14 Day Trial and take it for a spin.

We would not recommend it, if we didn't use it!

So there is no no excuse to quickly scan your environment for FREE, and see what you need to change!

PS Tell them Andy sent you.....you may get a discount!!!
0

Expert Comment

by:Alba Richi
Very interesting, thank you!
0
LVL 127

Author Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
No problems follow me for more tips!
1
0

Expert Comment

by:Alba Richi
Thank you, I will definitely try your checklist!
1
LVL 5

Author Comment

by:Adrian McGarry
If you like the checklist, try our GDPR product
0
2

Expert Comment

by:Alba Richi
Thanks for the link.
0
Google Introduces New advertisement Policies for US Elections

Google is introducing new policies to verify election advertisers in the U.S. In this policy, the advertisers have to verify their citizenship or the permanent residential proofs to buy an election ad on Google.

The new policy exerts that the advertisers have to provide government issued IDs and other information like IRS Employer Identification Number and Federal Election Commission identification number and also, they have to provide the information of the ad and the payee for it.

Kent Walker, the general counsel at Google said, “As we learn from these changes and our continued engagement with leaders and experts in the field, we’ll work to improve transparency of political issue ads and expand our coverage to a wider range of elections”.

Also, he wrote in his blog, “We are continuing that work through our efforts to increase election advertising transparency, to improve online security for campaigns and candidates, and to help combat misinformation.” According to Kent Walker, some more changes are being made to handle these ads.

Google is taking few other actions to reduce the risk of online attacks. Alphabet Jigsaw developed the tools, “Protect Your Election” and “Google’s Advanced Protection” which enhances the security of data stored on Google drive, Gmail, and Google Calendar.

Source
0
https://blogs.technet.microsoft.com/mniehaus/2018/05/02/new-upgrade-to-windows-10-1803-without-suspending-bitlocker/

Microsoft is re-tightening security after tearing open a huge security hole themselves, long ago. They are offering to disable a problematic behavior that they have introduced years ago, which was heavily criticized, but somehow manage to make it sound like "going forward". Thing is, the ability to auto-suspend when upgrading was there before - IT WAS THE PROBLEM.

Interesting read for WSUS/SCCM admins who want to deploy feature upgrades.
1
LVL 103

Expert Comment

by:John
Thank you for posting this. On my machine, I have Opal 2 and my understanding from Microsoft (Redmond Global MVP Summit) is that BitLocker is not needed here so I have not implemented it.

Interesting read and thanks again.
0
0
Simple Misconfiguration =Network Vulnerability
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

1
CloudFlare and APNIC have launched a free DNS service @ 1.1.1.1 that claims to prevent your ISP from selling your data:
https://blog.cloudflare.com/dns-resolver-1-1-1-1/

The claim to be the "fastest" comes with the caveat of "privacy-first" -- I wonder how it stacks up against DNS services that don't provide any inherent perceived privacy?

On a related note, the service is being hammered by multiple gbps of trash data:
https://www.zdnet.com/article/1-1-1-1-cloudflares-new-dns-attracting-gigabits-per-second-of-rubbish/

Personally, I've used Google's public DNS for years now, since it's always seemed to be more stable than my ISPs, but this CloudFlare option is really tempting. Handing over literally all of my browsing data to Google is probably not the best idea.
1
LVL 44

Expert Comment

by:noci
IPv6 patterns:
Google:
google-public-dns-a.google.com. 21599 IN AAAA   2001:4860:4860::8888

Cloudflare:
1dot1dot1dot1.cloudflare-dns.com. 299 IN AAAA   2606:4700:4700::1001
1dot1dot1dot1.cloudflare-dns.com. 299 IN AAAA   2606:4700:4700::1111

Quad9:
dns.quad9.net.          119     IN      AAAA    2620:fe::fe

level3 has no  ipv6...???
0
LVL 18

Expert Comment

by:Kyle Santos
I need an ELI5 version of what this does.  What am I doing by doing what they said here?
See https://1.1.1.1/ because it's that simple!
0
MyFitnessPal breach exposes data of an estimated 150 million users

Got an account at MyFitnessPal?  Change your Password!

MyFitness Pal, a fitness and nutrition app owned by Under Armour, announced on March 29th that a recent data breach impacts 150 million of their users.
 
What happened? According to a press release from Under Armour , they became aware of a potential security issue on March 25th when they discovered an unauthorized party had accessed user data from MyFitnessPal in February.

What data was compromised? The current investigation is ongoing but so far, indicates that the compromised data included hashed passwords, usernames and email addresses.

I'm a MyFitnessPal user. What should I do? The company is urging users to change their MyFitnessPal password immediately. Dashlane also recommends changing passwords for any accounts that share exact or similar passwords with your MyFitnessPal account.

Source: https://dashlane.com
0
In 2017, the number of vulnerabilities detected in applications rose 33%. Is your company prepared to deal with these risks? Train to become a Certified Penetration Testing Engineer today! There are only two days left to enroll in this month’s Course of the Month.
2
Have you been following the ransomware attack against Atlanta? They were threatened with a bitcoin ransom, due yesterday. As of this morning, city courts were shut down and residents have been unable to pay their bills.

In an NPR report, there was a previous audit of Atlanta's IT department and they were warned this could happen.

What can we learn from this?

http://www.businessinsider.com/atlanta-cyberattack-cripples-city-operations-2018-3

https://www.npr.org/sections/thetwo-way/2018/03/28/597758947/time-is-running-out-for-atlanta-in-ransomware-attack
7
LVL 127

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
But we ALL there will be no blame and Management will get pay rises!
0
LVL 127

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Know is missing autocorrect!
0

[Free Webinar] Ten Security Controls for effective Cybersecurity


cyber-webinar-1200x627.jpgWith cyberattacks evolving everyday organizations are forced to build a strong security layer to keep their data safe and maintain user privacy. With so much touch points to improve organization security, ManageEngine is here to facilitate things for you, by hand picking 10 primary security controls which you need to practice to keep the attackers at bay.

Attend our webinar about cybersecurity on April 24th, 11 am BST and make sure you have the best security measures in place for 2018.

Register Now: https://goo.gl/R16u4f
0
Introducing the "443 Security Simplified" Podcast
LVL 1
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

Did you know it only takes 2 hours for a security patch to be reversed engineered? Don’t let your company’s vulnerabilities go unsupervised. Enroll in March’s Course of the Month to begin training for your Certified Penetration Testing Engineer Certification today.
1

iStock_000048177382XXXLarge.jpgMicrosoft Patch Tuesday March 2018 updates

This Patch Tuesday comes with 74 security updates, including fixes for two known vulnerabilities (CVE-2018-0808 and CVE-2018-0940); luckily this release arrives in a more timely fashion, as there have been no known exploitations of these vulnerabilities like we’ve seen in the past.

Read more:  https://blogs.manageengine.com/desktop-mobile/desktopcentral/2018/03/14/microsoft-patch-tuesday-march-2018-updates.html
0
The US DoD recently released (via FOIA request) footage of an F18 SuperHornet tracking a UFO:
https://coi.tothestarsacademy.com/2015-go-fast-footage/

Kind of surprising this type of information doesn't create a maelstrom of headlines.

The tracking system used to capture the footage was Raytheon's Advanced Targeting Forward Looking Infrared pod: https://www.raytheon.com/capabilities/products/atflir

Interestingly, this isn't the first time UFO footage has been released:
https://www.nytimes.com/2017/12/16/us/politics/pentagon-program-ufo-harry-reid.html
0

Expert Comment

by:Alba Richi
Oh thank you for the link, it's very useful information for me.
0
http://www.newsweek.com/best-buy-geek-squad-fbi-informants-834846

There are bound to be varying opinions on the legality and/or morality of Geek Squad's practice of turning over client data to the FBI; especially considering that at least one instance allegedly led to the GS employee being paid for the info. I am intrigued to hear what others think about this.
2
Obtain real-world security knowledge that allows you to recognize vulnerabilities, exploit system weaknesses, and safeguard threats. Enroll in March's Course of the Month to ensure you attain a higher level of cyber security.
0
We talk to business owners about the GDPR. Quite often they say,‘ I have a department that deals with all that legal stuff, they will sort it out.’ As a business owner when it comes to a data breach, you are libel, not your department. Know your data!  http://bit.ly/2CdtRAM
BCA512F8-ADC8-4100-915A-283D13E8013.jpeg
0

Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.