Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

What is the best solution to detect and prevent keylogger software running in the windows systems?
0
5 Ways Acronis Skyrockets Your Data Protection
5 Ways Acronis Skyrockets Your Data Protection

Risks to data security are risks to business continuity. Businesses need to know what these risks look like – and where they can turn for help.
Check our newest E-Book and learn how you can differentiate your data protection business with advanced cloud solutions Acronis delivers

We currently use airwatch to manage our Android / Samsung devices. Using airwatch we can reset the password on the devices to stop our sellers using them if they are placed on garden leave etc. So they can no longer contact customers and what not.

We already have licenses to use Intune as we have 365 E3 + EMS licenses, however, not being able to remotely reset the password for mobile phones is stopping us from migrating.

I have read that intune supports password reset via samsung knox, but when we try to reset the password in intune it just comes back saying that it has failed.

Does anyone know of any way to lock down these devices? Wiping the device / work profile isnt really an option for us and we cant seem to do it from either the Google or Samsung account either.

Thanks in advance for any input
0
Curious, how do people go about arranging to receive $ in bitcoins anonymously?
0
Good Day Everyone

We have created a web application using ASP.NET WebAPI (Visual Studio 2017), after it has been tested for security issues or penetration testing, one of the finding is parameter tampering and cross site request forgery, for tampering I have added validation and another verification to fix the issues, but for the cross site forgery, the <ValidateAntiForgeryToken> only works for MVC Controllers but not for API Controllers, is there a way to create Anti-forgery Token for API controllers, please bear in mind that I'm a beginner developer for WEB API, so make the explanation simple as possible.
0
I have a function A()  which outputs  ref cursor data set in PostgresSQL .  There is another function B() which call function A and uses ref cursor output to insert into a temp table.
and function B() should out data set as well. Please find below details.
1) first function

CREATE OR REPLACE FUNCTION CUST_FUN(refcursor)
   RETURNS SETOF REFCURSOR AS $$
DECLARE

 REF2 REFCURSOR;
BEGIN
REF2 := $1;
OPEN REF2 FOR
  SELECT
      CUSTOMER_ID, FIRST_NAME, LAST_NAME,
      EMAIL
    FROM
    CUSTOMER;
  RETURN NEXT REF2;
 
END;
$$ LANGUAGE PLPGSQL VOLATILE SECURITY INVOKER;

2) second function which call above function1


CREATE OR REPLACE FUNCTION CUST_FUN(refcursor)
   RETURNS SETOF REFCURSOR AS $$
DECLARE

 REF2 REFCURSOR;
BEGIN
REF2 := $1;
OPEN REF2 FOR
  SELECT
      CUSTOMER_ID, FIRST_NAME, LAST_NAME,
      EMAIL
    FROM
    CUSTOMER;
  RETURN NEXT REF2;
 
END;
$$ LANGUAGE PLPGSQL VOLATILE SECURITY INVOKER;

--DROP FUNCTION IF EXISTS PAYMENT_FUN();

CREATE OR REPLACE FUNCTION PAYMENT_FUN(refcursor)
    RETURNS SETOF REFCURSOR AS $$
DECLARE
  REF1 REFCURSOR;
 
BEGIN

REF1 := $1;

  CREATE TEMP TABLE TEMP_CUST(
    CUSTOMER_ID INTEGER,
    FIRST_NAME CHARACTER VARYING(45),
    LAST_NAME CHARACTER VARYING(45),
    EMAIL CHARACTER VARYING(45)
  ) ON COMMIT DROP;

  INSERT INTO TEMP_CUST
    SELECT
      *
    FROM
      CUST_FUN($1);
      FETCH ALL IN $1;
      commit;

   OPEN REF1 FOR SELECT
   …
0
I would like to enable BitLocker through command prompt of my RMM (can run cmd as system).
1. Most of the systems don't have TPM. I would like to use there Password to unlock BitLocker drive.
2. I have couple of systems which have TPM. I would like to use there PIN in addition to TPM to unlock BitLocker drive.
We would like to encrypt with 256 strength, recovery path to be "\\localhost\c$\users\" (I used it in GUI BitLocker).

I found some examples and articles for PowerShell, but could not find anything for systems without TPM.

I tried using:
$SecureString = ConvertTo-SecureString "u7Y1FzJ6D8Wr1" -AsPlainText -Force
Get-BitLockerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPath "\\localhost\c$\users\" -PasswordProtector $SecureString -RecoveryKeyProtector $SecureString -SkipHardwareTest
or
manage-bde but could not get past erros:

"Enable-BitLocker : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:23
+ ... kerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPat ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Enable-BitLocker], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Enable-BitLocker
"

or

"ERROR: An error occurred (code 0x8028400f):
A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer.
"


Tried amending …
0
I am in the process of changing out a file server.  It is the only server on the network.
Access to the internet is through a WatchGuard XM25 appliance
The Domain name is the same, but the DNS has changed.  The WatchGuard provided internet connection for a few minutes, and now there is no internet connection.  I can remote into the network with the WatchGuard SSL-VPN utility, and access the computers.  

Any thoughts on why I cannot access the internet from behind the WatchGuard Appliance?

The old server was 2008R2 and the new server is 2016Standard
0
Excel VBA
MS Outlook 2010
VBA runs code to grab the body of the Outlook email

Early binding does not create an issue so far...
However,  late binding triggers an Outlook Pop Up Message:OutLook Security Message programatically : A program is trying to access e-mail addresses ?
Early Binding does not appear to create an issue ?  Note I am not allowed to change my Outlook settings - The Programatical Access options are greyed out.  Thus this is not an option for me to fix the late binding issue by changing my Outlook settings or loading 3rd party software.

Shouldn't I get a security message for both late binding and early binding ?  

Also why does the message indicate I am trying to access email addresses when all I am trying to do is scrape the body of the email...Also odd is I have no issue (no security messages) within Excel VBA saving off attachments from my Outlook Folders.  Its only when trying to scrape the body of the email a security message displays.


Sub Extract_Body_Subject_From_Mails()

Dim oNS As Outlook.NameSpace
Dim oFld As Outlook.Folder
Dim oMails As Outlook.Items
Dim oMailItem As Outlook.MailItem
Dim oProp As Outlook.PropertyPage

Dim sSubject As String
Dim sBody

On Error GoTo Err_OL

Set oNS = Application.GetNamespace("MAPI")
Set oFld = oNS.GetDefaultFolder(olFolderInbox)
Set oMails = oFld.Items

For Each oMailItem In oMails
sBody = oMailItem.Body
sSubject = oMailItem.Subject 'This property corresponds to the MAPI property PR_SUBJECT. 

Open in new window

0
I was asked to verify login after #FacebookDown two days ago.

When I submit this error comes up - "It looks like you’re using this feature in a way it wasn’t meant to be used. Please slow down, or you could be blocked from using it."Facebook Error Code
I have submitted forms letting them know about login errors.
I have also attempted to submit form to verify my account w/ my ID but it's showing this error: Error 2
Which also indicates to me that I have not violate any TOS - I am very aware of the rules and do not spam or appear to spam.

I went to bed with a working profile and woke up to this, so I'm assuming this is a result of the outage.  

I can not log into to business manager or my profile. My profile appears blocked, according to my friends.
I have tried several devices.

It appears to me that this is a widespread issue, but I'm wondering if anyone had any insight/solution/way to contact FB.

Thanks!
0
Hallo Experts
       
I would like to collect the following Threat Artifacts from a compromised Windows System:
     
  • CPU
  • Routing-, ARP- & Process tables
  • Memory
  • Temporary files
  • Relevant data from storage media
   
What would you collect? Is there any best practice from NIST or anyware?
 
Thanks a lot
1
Get a highly available system for cyber protection
Get a highly available system for cyber protection

The Acronis SDI Appliance is a new plug-n-play solution with pre-configured Acronis Software-Defined Infrastructure software that gives service providers and enterprises ready access to a fault-tolerant system, which combines universal storage and high-performance virtualization.

Hallo Experts
     
For our Security Operations Center (SOC), we are searching for a tool that can collect “Threat Artifacts”. When I worked with McAfee in the past, they used GetSusp to collect information about undetected malware on their computer.
     
We are searching for a similar tool that we can use in the network to collect information remotely. What would you recommend us? It would be nice, if the tool would work on Windows & Linux, albeit this is not a must.
   
Thanks a lot
1
hello

- Local Server Windows 2016 (192.168.10.12), logged as adminstrator
- Synology NAS (192.168.10.10) with one Shared folder (NASFOLDER)

Problem:

I want to copy 10 Go on data from a local server folder F:\LOCALFOLDER to the NAS folder \\192.168.10.10\NASFOLDER  

I do not want to : Map the NAS as a network drive F: = \\192.168.10.10\NASFOLDER with the "remember password" option
I do not want to : Use a UNC path \\192.168.10.10\NASFOLDER with the "remember password" option

My concern is to protect the NASFOLDER in the event of a cryptolocker ransomware attack on the LOCALFOLDER

My solution should be to integrate NAS credentials (in hidden) in the copy command

Is it possible? Any idea how to do that ? any tool?

Thank you
0
Hello,
We are using Paessler PRTG to monitor our infrastructure, including network devices, servers and security equipments which are Fortigate devices.
I would like to ask about those Fortigate devices, if there is any means to include the remaining License period in the PRTG using SNMP or any other means.
Thank you in advance,
Regards
0
We are considering a gateway that will manage our access points ( we presently use UAP-AC-PRO) , our primary interest is to be able to manage employee data bandwidth usage. block certain websites. manage what they are seeing / data management. etc. port forwarding, limit internet data usage on employee phones etc.

We are considering UniFi Secure Gateway (USG) and or pfSense SG-1100 Security Gateway. Kindly make recommendations not only limited to these 2.
0
We have several computers that are being setup with Windows 10 that are only going to be used for one purpose: to go to one external website and input data into a web form.  Nothing else.  [They are going to be in a workgroup configuration and not a domain/server environment where we can push GPO.]

We want to prevent users from doing anything else on the computer such as visiting other sites, opening applications, or even the start menu.

What is the best way to simply lock the computer down to prevent users from straying away from the original purpose (see above) and inadvertently causing an issue?

I have heard of solutions over the years however I am not sure what is the best solution in 2019.  Thanks in advance.
0
Hi,
How is it possible to build private file upload system ?
 I want to collect private data from colleagues without being seen by anybody except sender and me.

Any advice would be very appreciated.
0
apache file.

what is wrong with this file? i upload it into my ftp , but my login is still not working!

must be a formatting error.
.htpasswd
0
Good morning,

I'm looking for best practices on hardening Exchange 2013 Security HTTP Response Headers.For Example:  Security HTTP Response Headers

X-Frame-Options
Strict-Transport-Security
X-Content-Type-Options
X-XSS-Protection


There is a lot information for IIS, but I would like to know  specifically for securing Exchange web services. From I read if is not implemented correctly it can cause mail connectivity issues.

Thank you!
0
Hi,

I have  been assigned a  job to install SolarWinds  Switch backup solution. and I need to setup or create a RADIU user with read only permission.
My RADIUS server is running on Server 2016 Standard. I have bit confused  to setup the RADIUS  read only account.

how I can crate RADIUS read only account   to use this for Solar wind  switch backup solution .

please advice.

thanks
Asif
0
Active Protection takes the fight to cryptojacking
LVL 2
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

One of the computers was affected by ransomware and the excel files were the the files changed the name and added to name of the file i.id-5AAD7A69.[datadecrypt@qq.com].ETH
I need help
0
How do I limit Exchange 2010 Admins to just creating mailboxes and nothing else? What security groups control this feature? Right now I have all admins belong to the Exchange Admins group. I wanted to know what options I have to restrict access. Bottom line is that I don't want admins to be able to access someone's mailbox.
0
We have an urgent issue.
On the Client side, the error is as below:
Today morning the users started getting errors in outlook
Error: there is a problem with the proxy server’s security certificate. The name on the security certificate is invalid or does not match the name of the target site mail.abc.com
Outlook is unable to connect to the proxy server. (Error code 10).

On the exchange server when we view the certificate, there is a warning “Revocation Check failed”. But the certificate is valid for another year. Could this be causing the issue?
We tried installing a new certificate but the issue still persists. The revocation check is still failing.
We downloaded the root and the subordinate CA CRL’s and installed It on the exchange servers and still no luck.
Running out of ideas.
0
With lots of DNS solutions out there I have a question

What are the Best to use for Cell phones and Tablets to secure thier browsing

and give them an additional level of Security

Cjoego
0
I am trying to configure a shared mailbox – Orders@mdomain.com  for say for 4 users. on Exchange 2016 on premise server.

There are 4 users Bob, Bill, Steve ad Mike and 3 folders in shared mailbox Orders

With same name as users Bob, Bill and Steve.

I want to configure permissions to each folder as follow.

1 Bob is an OWNER for Bob folder while Bill, Steve, and Mike only REVIEWER for it.

2. Bill is an OWNER for BILL folder while Bob, Steve and Mike only reviewer for it.

3. Steve is an ONWER other can only Review (read)

 

When I create shared ORDERS mailbox orders and add all users to a delegation with full access all 4 have full rights while if I do folder permissions

With

Add-MailboxFolderPermission -Identity orders@mydomain.com:\bob -User bob@mydomain.com -AccessRights Owner

Add-MailboxFolderPermission -Identity orders@mydomain.com:\bob -User bill@mydomain.com -AccessRights Reviewer

All uses can see Shared MB Orders automatically cached in their outlook regardless of my permission via Powershell

While if no delegation set in ESM and only with powershel users can’t open mailbox

https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/add-mailboxfolderpermission?view=exchange-ps

I am looking for an expert advice with s a sample syntax. (not looking for any google search results)

Thank you
0
I'm using OpenVAS CE 4.2.24 (Virtual Appliance), and i've few scan tasks yesterday.   I would like to export all the results as a single PDF, with only meaningful information.
How can we export scan results?

I see how i can export them, 1 by 1 but when i go to the result, i can't export in anything else than XML.

Thank you
0

Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.