Go Premium for a chance to win a PS4. Enter to Win







Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts, am I right when think that if my PC is in domain environment, everyone inside my domain can join my PC and access my drives (for example: D drive,..) ?

If so, how can we avoid it by using Group Policy in Domain controller? or other process?
Concerto's Cloud Advisory Services
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

For some tools, they require to have ssh password in them to be able to login
to the endpoints to extract configuration of the device that it's managing?

Does NB media & master servers require to contain the endpoints credentials for it
to perform backups?

We deem it a risk if media/master servers contain the credentials (domain AD credentials
 or even the local credentials) of the  Win & Unix servers that it's backing up
Does some sort of it security baseline / hardening / security best practice document/check list for Jetty already exist?

If so where can it be found?
I'm getting spam emails on my iPhone Hotmail inbox but they are not showing up on my desktop or on any other device.  
These iPhone spam emails are nowhere to be found on my desktop, not even in my spam folder.
I'm suspecting that my iPhone is infected with some sort of virus.
I want to ensure my iPHone has no virus. What do I do?
on a browser I can click "ok" button to donate my cpu for bitcoin mining.
When I press "ok" my computer gets slow.

Windows defender did not detect this a virus

So I think I could be donating my cpu by keeping a browser window open
any website can be taking my cpu for bitcoin mining without an "ok" button

I keep many browser windows open
On windows 10 control panel can I block browser from taking cpu for bitcoin mining?
Please dont tell me it is a virus and to check for other viruses
Maybe I can just use a non admin regular windows user to ban cpu usage from my browser
I need to resert my admin password. How do I do it?
Hello Experts,

We are working on remediating some security vulnerabilities.  One of the low hanging fruit that I thought I would remediate is the requirement to allow RDP connections from computers running Remote Desktop with Network Level Authentication.  Below is a screenshot from one of our workstations showing the current setting:

Current settings on workstations
As you can see, we currently allow connections from any version of Remote Desktop.

The setting to require Network Level Authentication had been configured in our default domain policy.  It was set to “disabled”.  I have changed the setting to “enabled” and applied the change.  

NLA required set to enabled
I have saved the GPO and let domain replication take place.  When I do a gpupate /force /sync and restart the RDP settings are the same as they were in the first screenshot.  What am I missing here?

Thanks in advanced.
We have a VBA application that runs on a thick client workstation that is compiled into an accde,  this has coded within it 2 DSNless connection strings to 2 MariaDB databases.

Problem -
This application is going to be subjected to a series of unknown penetration tests, for example, SQL Injection In The Login Form and to try and Intercept MariaDB root details.

Application -
Once the application is launched the user is presented with a login screen where they are able to put in their username and password.  These entries are then verified against links to a table in the MariaDB database.  If the credentials are entered successfully the application then establishes a connection string to another DB which contains the data we wish to protect from unauthorised intrusions.

Question –

How do we protect the connection string from being extracted from the application or memory using tools that can be loaded onto the desktop of the PC.

Dear Experts, can you please give us some ideas about the best policies for Domain controller? Do you have any reference link for that? Many thanks!
A Windows 10 64-bit domain joined computer has an issue where the SYSTEM security group keeps getting removed from the %tmp% folder. This temp folder is located within the default location of C:\Users\username\AppData\Local\Temp.

This creates issues such as programs not being able to upgrade and the user not being able to print.

This computer currently has all latest Windows 10 updates installed and according to Malwarebytes it is completely clean and doesn't have any malware or harmful software installed. the SFC and DISM commands have also been run and the event viewer logs don't display any serious issues or warnings.

While this issue can be fixed by adding the SYSTEM security group back within the  Security tab (with the full control permissions) it is a hassle to keep doing this.

What can be done to prevent this issue from occurring?
Ready for your healthcare security check-up?
Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

I have been wondering about scanned copies of physical signatures.  My financial institution sent me a document with a scanned copy of my signature on it.  I know that these signatures can be found in the county under public records, but I am wondering if it is a good idea security wise, to have these signatures flying around the internet with the inherent  insecure nature of unencrypted email.  They pointed out to me that they did not share anything that they are disallowed by law.  Unlike a physical letter that you sign to a friend, it is out there for others to see and one less piece of information for a scammer to steal an identity.

Am I just overthinking this or is this a real issue?

Thanks for your thoughts.
When the domain network portion of the Exchange server's firewall is on none of the Outlook clients can connect to the server. It will ask to rety, work offline, or cancel. After choosing to retry a few times it will go through.

We are using Exchange 2010. Server is 2008 R2 Standard.  I have searched through the event logs and can find nothing that would help identify the culprit. I have also searched through the firewall rules and everything looks correct.
Hi guys,

Im currently running what i would say is a "normal home set up". I have a router as my main incoming wifi as well as a extender which is a netgear night hawk.

I run all PC traffic though a paid for VPN.

I also have a smart home, thermostat, alexa, wireless sockets etc. I have been told that the smart home is easy to "hack" AKA some sitting outside gaining entry via the smart home device.

Ive been told i need something like this; Ubiquiti UniFi Security Gateway to secure my home.

Any suggestions.

Please bear in mind my technical knowledge is limited!
I am looking for a Sample Internet Usage Policy for a Dentist Office so it needs Hippa Verbiage

any Samples would be great.

I have installed a clean Server 2012R2 server, joined it as a member server, installed RDS ran all patches. I am trying to set the IE Internet zone to medium High.  The sites button is greyed.  The Custom slider is not there.  Custom Level button is available but the only Level available is High (default).

I have checked HKLM and HKCU for the Control Panel Internet settings. Keys/entries do not exist.
    HKEY_CURRENT_USER \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel
    HKEY_LOCAL_MACHINE \ Software\ Policies \ Microsoft \ Internet Explorer \ Control Panel
    HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ CurrentVersion \ Internet Settings

I have verified no GPO Domain or local exists preventing changes.

I have set the registry value for the zone(s) to 1, no difference.  Restarted server.

Added a Local GPO to allow changes (option is set to disable).  

I'm at a loss now.  Please help.
The SCCM client keeps re-installing Silverlight on the Domain Controllers after we manually uninstall it.  

Security has flagged Silverlight on DCs and wants it permanently removed.

We want SCCM to handle endpoint protection, so I can't remove the client.

I understand that it's required for software center, and don't need to uninstall it from anything but DCs.
We would like to restrict access to removable storage on our Windows 10 machines to one process (preferably via file hash).

Is that possible using something built into Windows - Group Policy, Powershell, etc?


User received the "Microsoft Office has identified a potential security concern" for:

c:\program files (x86)\common\Microsoft shared\smart tag\metconv.dll

Options:  Trust all documents from this publisher OR Enable application add-in OR Disable application add-in

Do you know why the user received this message?  Supposedly it came up when she was restarting her computer.

I have attached the print screen of the message but it may be very small to read so that was why I typed out the message.
I need to print a screen or oracle database 12c security settings.

Is there a tool or a screen that shows that? if not is there a view or table that can show the settings.
Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Dear Experts, we have 3 different domains and each of them has its own AD server and domain users. However the users have not joined domains. The request is building 1 ShareFile Server for all 3 domains.

With only 1 domain, it is easy when we just need to join the ShareFile to domain and grant the permissions based on domain users, groups but we do not know how to do it with 3 domains. Do you have any idea? Please help!

In other words, can we authenticate an user from a domain to a different AD server in different domain?

I'm trying to install one of today's security updates (KB3162047, Office 2013), and it's failing with Code 780, unknown error. I've tried downloading and manual install with no luck. Anyone have an idea how to troubleshoot this?

Never mind. "Windows Font Cache" service was disabled. Enabling it allowed the update to succeed.
This is a great video (however the links no longer work):
I need a real life example of IF someone clicks on a bad link via email or whatever avenue how the redirected website collects their credentials. Anyone have any good ones?


I have a group of servers (Windows 2008 / 2012 / 2016) that are not connected to a domain.

I would like to use a command line script (powershell / ) that would allow me to change only the following values :

Security settings->Account Policies->Password Policy
      Enforce password history :  3 passwords remembered
      Maximum password age  :  45 days
      Minimum password  age  :  1 day
      Maximum password length:  8 characters
      Password must meet complexity requirements :   Enabled  
      Store a password using reversible encryption  :  Disabled

I only want to change (via a script) the 6 values listed above and not change any other security settings.

How can this be accomplished?
Hi Experts,

We are being audited by external partners, and they recommended to enable Advanced security audit policy, and enable all features as per screenshot below. The problem with this change is they want to apply to all DCs, workstations and servers of the organization.

I need your help to identify and prevent any major impact or performance degradation, as this change will be applied to all DCs, servers and workstations.

Can you please provide me with some sort of documentation about business case, blogs, service impact after enabling advance auditing?

What is the service impact for a large organization once this policies are enabled?

Any performance issues or log file impact on servers/dcs/workstation after enabling this per link below?

Any known issues after applied advance auditing per link above?

Please, provide your input and elaborate the answers, it would be highly appreciated that you do not only attach links, more than links look for your feedback.

Provide instructions steps by step in case of the elaboration of a plan to prevent service/server degradation

Single forest/Single domain/multiple sites, all DCs are Windows 2012 R2 latest patches, no other software running on DCs.

Windows 2008 is the forest and domain level

All workstations run Windows 7 and 10.

Servers is a mix of 2003/2008/2008R2/2012/2012 R2
We are currently looking for a Cisco RV 320 alternative. What are the possible options?

Some side info:

- We provide IT services to networks starting at 5 users no larger than 50 users
- As always the case, not too expensive

So far we have been pretty happy with the Cisco RVx series. We were just wondering if there are better alternatives out there that provide more security for our customers.






Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.