Security

24K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Intel has come out with a critical update - Intel-SA-00086

https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

How serious is this?
Is this required for users who are using wired connections or
users who are connecting wirelessly need be concerned
what is the best way to find out the type of processors in an organization and the best way to implement this.

Thank you.
0
What Security Threats Are We Predicting for 2018?
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Malwarebytes has quarantined the PUP spigot.generic google chrome on my husband's computer (and a few clients) on three separate occasions. One client got a pop up requesting to not turn off her computer and to call a phone number which seems to be related.
  • Why does PUP spigot.generic google chrome keep coming back - I have run MBAM (premium), SAS, Adwcleaner and CCleaner, I didn't go further since it appeared to be a simple PUP
  • How and why do people get popups on their desktop to contact a company to "fix" their computer

On MBAM's site a suggestion (https://forums.malwarebytes.com/topic/154762-pupoptionalspigota-chrome-preferences/) was to run ZOEK by Smeenk, I've never heard of it.

I appreciate your assistance! I have attached the most recent report from MBAM.
Thanks,
Mags
MBAM-Quarantine-12-8.txt
0
Hi All,

We are using default domain policy for the password & below are the settings

Max Password Age --180 days
Min Password Age --0 days
Min Length --10 Characters

Our company security decided to change the password age from 180 days to 90 days, I would like to understand the impact of this change, the password will expire for users having password age 90+ days ? when we change the policy
0
Have a computer that does not turn on screen saver for some reason even it is set to do so . But I want the computer to get locked after 30 minutes of inactivity, is there a app that would accomplish this without instead of investigating what keeps windows from turning on screen saver.

Window 10
0
Is cisco umbrella professional [openDNS] a replacement of anti malware, or is it still needed something like anti malwarebytes
0
We got this once last week and again just now. It opened in it's own browser or covered another site. I had Yahoo mail open as well as Hotmail and a couple other sites that are frequented regularly. I've never gotten this particular alert before the last 10 days.
I could not close or click ok and was only able to close the full screen. I tried that to, one by one, close each browser. There was not time.
I had to manually shut down after a screen shot of the alert.

That's not my IP address: 165.227.181.242
Last week it was 165.227.114.14
Both said call Microsoft immediately.
Upon reboot Trend Micro did a scan and found nothing.
todaylast week
0
Is it possible to stop/disable tacacs on a member of a Cisco ACS cluster? I would like our reporting and monitoring server to NOT be able to respond to tacacs requests. Is it possible to stop that? What is the process?

Is it possible to make this disablement persistent so that if this ACS cluster member reboots, tacacs remains disabled when it comes back up?
0
Hi All

We have some Honeywell Ct50 devices running on Android 6.0.1.

It has a suppliers app installed and we remotely manage the devices using Air Watch.

Yesterday both of these apps disappeared from the device, however, after restarting the device they are there again and started automatically as we like them to.

This is a one of event but I'd still like to have some kind of understanding of why it happened, the user of this device has no idea but did they put the device into a different mode and my concern is without Air Watch running we lose the ability to remotely manage the device.

I suspect we have not got the security locked down enough and this technically allows users to inadvertently change settings or potentially wipe the device.
0
Asked by a client that has contractors working for him and want to monitor their work is networklookout.com is a safe software.
0
A customer of mine with a Windows 2016 Server got a ransomware infection this Monday.  Turned out to be the Xorist.  I got the Emsisoft decrypter tool and ran it with success and then decrypted all the files on the server.  

With that part done, scanned the machine with Webroot (installed, don't know how it didn't detect this) windows defender, sophos second opinion, TDDSKiller,  superantispyware  and malwarebytes.  a trojan was found in a zip file that was in a profile that was created by an external source.

I went through all my usual programs to look for anything further (process explorer, tcpview, netstat etc but when it got to process monitor i narrowed a lot of network traffic coming from the lsass.exe process, and it was going to random IP's (gamertalk.com.br)
snapshot of the process monitor
I could not get this traffic to subside, and it eventually crashed the server after 6-8 hours.

I took away the servers DNS settings as well as the gateway setting and this continued to flow in process monitor.

Am I reading this program incorrectly?
How else can I go about trying to find what is making this traffic?

Thank you.
0
Free Tool: Port Scanner
LVL 11
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Hi
We are reviewing our internet connectivity to a view of simplifying and improving performance and security.  We currently have 3 sites with Cisco routers and ASA firewalls on-premise running IPSec between them, with remote user VPNs terminating on two of them.  We are not running any additional services on the firewalls.  We also run SIP trunks into one of the offices which traverses to another.  QoS on the routers and on-premise switches.  Voice works well.
Still running many systems on prem and only have o365, no AWS/Azure yet..
We are looking at MPLS.  Would this be a better fit?  What about VPLS, SDWan or sticking with on-premise firewalls with IPsec?  
Any suggestions would be great.  
Thanks
0
Where is the long term memory module on iPhone 4?
I actually disassembled it and took out the motherboard, but I am unsure which module is the long term memory.
Hope someone can help.
0
We have an SFTP setup and have a client that wants to know what protocols/hashing algos/encryption we allow.  I found this info, I'm not sure if this is good... should any of these be disabled?  Any insight would be helpful.

Thanks!

[root@clientsftp ~]# ssh -Q cipher
3des-cbc
blowfish-cbc
cast128-cbc
arcfour
arcfour128
arcfour256
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com
[root@clientsftp ~]# ssh -Q mac
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
hmac-ripemd160
hmac-ripemd160@openssh.com
umac-64@openssh.com
umac-128@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha1-96-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-md5-96-etm@openssh.com
hmac-ripemd160-etm@openssh.com
umac-64-etm@openssh.com
umac-128-etm@openssh.com
[root@clientsftp ~]# ssh -Q kex
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256
curve25519-sha256@libssh.org
gss-gex-sha1-
gss-group1-sha1-
gss-group14-sha1-

Open in new window

0
I have PEAP working with MSCHAPv2 on an iPad, but I cannot get PEAP working with 'Microsoft: Smart Card or other certificate' for authentication.

The error I get is this:
Reason Code: 300
Reason: No credentials are available in the security package

I can get 'Microsoft: Smart Card or other certificate' (without PEAP) authentication working on the iPad using the certificate I created for it.

Please help.
0
Hi,

it is installed and has security vulnerabilities so i need to know whether is can be removed or if there is a business requirement to keep it.

Could you please assist me on this.
0
What are the risks associated with installing the above on a PC/laptop for doing data analysis?

Are the following mitigating measures valid?

a) apply regular patches for R & Python to fix vulnerabilities: as they're opensource, are the patches
               released quite timely/regularly.  I tend to think opensource is lacking in this area
b) if patches are not applied regularly, can we isolate the PCs such that they have no Internet
    access & no email clients to mitigate?  I tend to think most breaches result from Internet,
    emails activities & infected USB devices
c) is it common that emails contain malicious python attachments?
d) Where can we subscribe to  vulnerabilities news/updates for these 2 softwares?
e) Python and Ruby are dynamic platforms (free ware) , have to tighten the web application security if it’s being used for web applications, Python has flexible features that make it particularly useful for hacking?  
    Can we harden these & where to obtain such a hardening guide?
0
Looking into OneDrive for Business, for a client with a mobile workforce. I know that, with some cloud-based storage solutions, you can set it up such that when you disable or delete the account, the next time the agent on a client machine tries to sync with the cloud service, it deletes all the locally synced files from that client machine.

I don't know if there is such a capability with OneDrive for Business, and I can't seem to find anything online that even discusses the issue.

Does anyone know, and if so, how?
0
I can't get pasv connection to work from public IP to internal IP
this is the junos code I have
set security nat destination pool FTP21 address 10.10.2.15/32 port 21
set security nat destination rule-set 1 rule FTP match destination-address <public IP>
set security nat destination rule-set 1 rule FTP match destination-port 21
set security nat destination rule-set 1 rule FTP then destination-nat pool FTP21
set security policies from-zone untrust to-zone trust policy FTP21 match source-address any
set security policies from-zone untrust to-zone trust policy FTP21 match destination-address SERVER (= trust address 10.10.2.15)
set security policies from-zone untrust to-zone trust policy FTP21 match application junos-ftp (is port 21)
set security policies from-zone untrust to-zone trust policy FTP21 then permit

FTP ALG is enabled

What am I doing wrong for PASV ftp to work?
message in log from client is
0
Lenovo desktop which runs a hardware scan once a week. Sunday it found two failures.
A Malwarebytes scan found Google Chrome related pups. Normal for MB to find those.

The next scan Lenovo got one cancel and one red X.

It gives a final result code. Then today Trend Micro would not open. I got a new serial number and re-download and that program appears to be fine. Scan with that and MB and nothing found.
Then the 3rd Lenovo scan and the cancel and one red X are still there.
On their forum it was suggested to run a Chkdsk which I have not done yet. I was planning to do it without backing up some folders. I've done check disk many time before.

It was interesting that during one Lenovo scan a message bottom right that a hardware had been installed. Not it had not. Nothing was installed or plugged in.

first scan 2 failures2nd and 3rd scans with a cancel and an Xdevice plugged in - falsem
0
The Evil-ution of Network Security Threats
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

We have Trend Micro compliments of the ISP. Saturday the small flag lower right corner indicated there were two problems. One was that Trend Micro Security needed to be turned on. Also Windows Defender. I turned both on but one problem remains and it says Trend Micro is off. When I try to open the program to check the settings: start > computer > programs > open or run as administrator.
I get a white icon middle of the desktop but the program never opens.
Also here mention of a worm.

Here the three images, the first when I am ask if I want to allow TM to open.
This was in the morning. Abandoned for the day but then a few hours later up pops what you see in image three.

Windows 7 and I can totally remove Trend Micro and call the ISP for a new code to download the program again.
Though I downloaded updates for Trend Micro yesterday.

abc
0
Server is Windows 2012 R2. Clients are Windows 10.

VPN is a Watchguard SSL VPN. Users are connected on fast VDSL connections.

When Offline Files is enabled, users connecting via the VPN can no longer see any folders other than those already synchronised. File explorer shows the computer working in offline mode.

I have checked the network location, and this shows 'domain' as expected.

It appears that when connected to the VPN, Windows is perfectly happy to authenticate against the network, browse network shares it's never seen before, there are no speed issues, etc, but the minute offline files is enabled, Windows (file explorer only) thinks the computer is offline.

There is no GPO set to describe the slow speed threshold, so the default of 500kbps should be true. The connection is operating nearer 80Mbps.

I've set a GPO "Computer Configuration > Policies > Administrative Templates > Network > Offline Files > Configure slow-link mode" to disabled, which seems to have resolved the issue.

However, I'm more concerned that Windows believes the computer to be offline when it isn't, and I wonder if there's a firewall issue I should be aware of?

Any pointers?
0
Hi,
one of my customers(development department) demand SMTP over SSL and POP3 for testing purposes(application testing)
I have no problem  authenticated using first step in Outlook test ( POP3), but when test tries to send mail(SMTP over SSL), in outlook, i get the following error in client :
2.png1.png
SMTP over TLS works fine!!

Is it posible to configure SMTP over SSL?
Microsoft says:
„Secure Sockets Layer (SSL) is being replaced by Transport Layer Security (TLS) as the protocol that's used to encrypt data sent between computer systems.“
https://technet.microsoft.com/en-us/library/gg298947(v=exchg.160).aspx
1
Experts please help me understand the way this link should be used in free Skype

https://join.skype.com/xxxwZBJIbYLp3Cd

I added the xxx sequence for security

Gordon
0
A friend of mine is trying to do the following (as best I can understand):

If there are 2 computers and one is 1b2f1 and the second is 1b2f2 and the password is password, then the first computer would be set to password1b2f1 and the second would be set to password1b2f2.  Anyone done this (with a script as there are a ton of computers to do)?
0
Hi, If we go to https://   techgardensdotcom,  we see the lock. A test of the ssl cert shows it's installed correctly. But I can still get to http://   techgardensdotcom.

Am I missing something, maybe an entry in the htacess file? Thanks.
0

Security

24K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.