ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. security
    Log in to post
    • All categories
    • Oksana

      New Names and Features for Microsoft Security Applications
      Starwind • starwind microsoft security azure security • • Oksana

      1
      1
      Votes
      1
      Posts
      105
      Views

      No one has replied

    • Oksana

      How to Automate Azure Playbook Deployment?
      Starwind • starwind microsoft azure microsoft sentinel security devops • • Oksana

      1
      1
      Votes
      1
      Posts
      94
      Views

      No one has replied

    • Oksana

      How to Secure Your VMware ESXi Hosts
      Starwind • starwind vmware esxi esxi security hypervisor • • Oksana

      1
      1
      Votes
      1
      Posts
      87
      Views

      No one has replied

    • StuartJordan

      SSH Chinese Bots
      IT Discussion • security it security • • StuartJordan

      5
      0
      Votes
      5
      Posts
      146
      Views

      StuartJordan

      @dafyre Connection closed by foreign host after a couple seconds lol

    • Fredtx

      Over a million GoDaddy Hosted WordPress Sites Breached
      News • security breach godaddy • • Fredtx

      2
      1
      Votes
      2
      Posts
      189
      Views

      scottalanmiller

      @fredtx This is really GoDaddy breached. That they were running WordPress is kind of an aside.

    • notverypunny

      TacticalRMM - Security
      IT Discussion • tacticalrmm security block public • • notverypunny

      1
      3
      Votes
      1
      Posts
      165
      Views

      No one has replied

    • Oksana

      StarWind Success Story: Boost the security of client data with StarWind VSAN
      Starwind • starwind starwind virtual san vsan virtualization security • • Oksana

      1
      1
      Votes
      1
      Posts
      107
      Views

      No one has replied

    • JaredBusch

      ZeroTier vulnerability found and fixed
      News • zerotier security • • JaredBusch

      1
      4
      Votes
      1
      Posts
      174
      Views

      No one has replied

    • Oksana

      How to Make the Best Use of Azure Sentinel
      Starwind • azure security cybersecurity • • Oksana

      1
      1
      Votes
      1
      Posts
      100
      Views

      No one has replied

    • scottalanmiller

      Technologies Begging to be Ransomwared
      IT Discussion • security ransomware • • scottalanmiller

      54
      2
      Votes
      54
      Posts
      554
      Views

      Dashrender

      @scottalanmiller said in Technologies Begging to be Ransomwared:

      @dashrender said in Technologies Begging to be Ransomwared:

      FYI - my experience in all of this is through the use of shares - so if shares aren't enabled.. then I'm guessing you're probably correct due to configuration.

      Shares aren't on by default. But even when they are, nothing is shared out that a local non-admin user could access.

      Yeah, and this is ultimately what saves you - OK now we're on the same page.

      Thanks

    • JaredBusch

      Unsolved Looking for Security camera options
      IT Discussion • nvr camera security security camera • • JaredBusch

      49
      0
      Votes
      49
      Posts
      627
      Views

      travisdh1

      @jaredbusch said in Looking for Security camera options:

      @travisdh1 said in Looking for Security camera options:

      it requires Windows if you use the Axis Camera Station for the server

      That is a nope. This site has almost completely left Windows.

      Good on them!

      I've had very little involvement in the project besides being told about it after the first server arrived at my house(office) for deployment (5 servers for 5 sites).

    • Ambarishrh

      Anyone used Infection Monkey?
      IT Discussion • infectionmonkey open source breach and attack simulation security security audit • • Ambarishrh

      6
      4
      Votes
      6
      Posts
      212
      Views

      Ambarishrh

      @scottalanmiller said in Anyone used Infection Monkey?:

      @ambarishrh I meant that YOU should make one.

      I'm too subtle, I guess.

      lol! Yes, will make one for sure! Just need to test it on a lab and see how it goes. Its an interesting project 🙂

    • scottalanmiller

      Solarwinds Blames Intern for Laughable Password
      News • solarwinds news security • • scottalanmiller

      10
      0
      Votes
      10
      Posts
      690
      Views

      scottalanmiller

      @DustinB3403 said in Solarwinds Blames Intern for Laughable Password:

      @scottalanmiller said in Solarwinds Blames Intern for Laughable Password:

      @IRJ said in Solarwinds Blames Intern for Laughable Password:

      They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.

      You mean like how the government hires Solarwinds?

      I have a client that uses at least one solar wind product and I shudder....

      Me too.

    • scottalanmiller

      Microsoft Hid Known Vulnerability According to Senator
      IT Discussion • microsoft security azure solarwinds • • scottalanmiller

      18
      0
      Votes
      18
      Posts
      442
      Views

      scottalanmiller

      @DustinB3403 said in Microsoft Hid Known Vulnerability According to Senator:

      @scottalanmiller said in Microsoft Hid Known Vulnerability According to Senator:

      @Dashrender said in Microsoft Hid Known Vulnerability According to Senator:

      you're saying that they can't ever be wrong in their releases?

      No, I'm saying that whether right or wrong is irrelevant. That it happened is what matters. Deciding if it happened accidentally or on purpose is a different discussion. Things that happen on accident doesn't make them not have happened.

      Like teen pregnancy....

      LOL, exactly.

    • DustinB3403

      Active Directory - User Attribute RFID/HID Badge
      IT Discussion • windows active directory azure rfid hid badge security attribute editor • • DustinB3403

      18
      0
      Votes
      18
      Posts
      697
      Views

      DustinB3403

      @Obsolesce said in Active Directory - User Attribute RFID/HID Badge:

      @DustinB3403 said in Active Directory - User Attribute RFID/HID Badge:

      @Dashrender I'm a 3rd party to the end customer here. Acting as the middle man as the customer's IT department wanted to engage outside support to try and vet different products.

      I candidly told the customer that while this product will work, it won't work with all of the features they want without some substantial changes to their infrastructure and that the support (at least from this vendor) is pretty awful.

      The simple approach here is to not integrate RFID/HID's to the system and simply use the AD Integration with the built-in QR codes that each member is assigned.

      Just because something may be supported, doesn't imply that it is support.

      Except in this case the vendor very clearly has stated they support you adding custom attributes within AD.

    • scottalanmiller

      SAMIT: Is Open Source Licensing More Secure?
      Self Promotion • security samit youtube open source licensing code • • scottalanmiller

      6
      1
      Votes
      6
      Posts
      362
      Views

      scottalanmiller

      https://www.zdnet.com/article/microsoft-weve-open-sourced-this-tool-we-used-to-hunt-for-code-by-solarwinds-hackers/

    • Pete.S

      Best practice security updates linux servers?
      IT Discussion • linux servers security updates • • Pete.S

      30
      0
      Votes
      30
      Posts
      592
      Views

      scottalanmiller

      @Dashrender said in Best practice security updates linux servers?:

      saying Well - Johnny is just better employee than you, so I choose to pay him more, that isn't going to make people happy, it will likely make them less happy...

      You are looking at it from the employer's perspective. Of course it doesn't help the employer. It helps the employee when they can see what X work is worth. If employee 1 makes X for a job, and employee 2 wants to know their own value, they have something to go on. If you don't know what others are paid you have almost nothing to go on.

      Remember on Spiceworks when loads of people would claim that $65K was the IT industry cap? Imagine if people (and companies) were able to repeat that without anyone speaking up! People would surmise that if $65K is the top for a CIO, that a system admin must cap out at $50K and a helpdesk tech at $9/hr!

      But in the real world, we know that CIOs make well into the seven figure range, admins can get well into the multiple six figures. Even good help desk leads can hit six figures. If we didn't have others to compare against, it's easy to see people misunderstanding the scope of the industry by an order of magnitude.

    • V

      Sangoma Ransomware
      IT Discussion • sangoma ransomware pbx voip hack security • • VoIP_n00b

      53
      -1
      Votes
      53
      Posts
      834
      Views

      JaredBusch

      Sangoma has relased an updated (and likely final) statement.

      https://www.sangoma.com/press-releases/sangoma-technologies-provides-update-on-ransomware-attack-expects-no-material-impact-on-sales/

      The second paragraph has the relevant information from an IT point of view.

      00a7b475-033f-4db6-8311-b115d6bb0a47-image.png

    • scottalanmiller

      DNS Filtering with Ties to Google Groups
      IT Discussion • gsuite google workspace pi-hole dns web content filtering security • • scottalanmiller

      5
      1
      Votes
      5
      Posts
      186
      Views

      JaredBusch

      @Dashrender said in DNS Filtering with Ties to Google Groups:

      the browser will use the system DNS if that DNS support DNS over HTTPS....

      How can the browser know what the DNs mechanism is? DO you mean the browser will try a local DNS over HTTPS first? That I can see.

    • Nic

      Patch all your Windows DNS servers - CVE-2020-1350 - CVSS score of 10
      IT Discussion • dns security windows windows server • • Nic

      5
      4
      Votes
      5
      Posts
      355
      Views

      P

      @dbeato said in Patch all your Windows DNS servers - CVE-2020-1350 - CVSS score of 10:

      @pmoncho said in Patch all your Windows DNS servers - CVE-2020-1350 - CVSS score of 10:

      Just wondering - Is anyone seeing a patch for 2019 with a reference to the KB article?
      Checked yesterday, last night and this morning. No update that I can see.

      Currently performing the workaround.

      c46cc947-cad4-4bfc-877c-dbd1c1ddfd16-image.png

      https://www.catalog.update.microsoft.com/Search.aspx?q=KB4558998

      Thanks. Forgot about the update catalog.