In light of the recent security disclosure, the Windows community must be informed about CVE-2024-38126, a security vulnerability affecting the Network Address Translation (NAT) component in Windows systems. This announcement, published by the Microsoft Security Response Center (MSRC)...
Hi everyone,
I’m looking for advice on securing our Storage Area Network (SAN) within a Windows environment to prevent unauthorized access and ensure data integrity. We’re using an iSCSI SAN with Windows Server 2019, and our primary concerns are:
Access Control: Best practices for using Active...
access control
active directory
auditing
best practices
chap
data integrity
data protection
encryption
firewall
iscsi
monitoring
networksecurity
san
security
storage
strategies
unauthorized access
windows
windows server 2019
In a recent announcement, Microsoft has addressed a significant security vulnerability affecting Remote Authentication Dial-In User Service (RADIUS) protocols under the identity of CVE-2024-3596. This vulnerability primarily revolves around flaws in the MD5 hashing algorithm, which could lead to...
As concerns over privacy and data security continue to escalate, it becomes increasingly important for users to take proactive steps in safeguarding their digital identities on all platforms. One effective method in Windows 11 to bolster your privacy is by randomizing your MAC (Media Access...
Hello, Windows enthusiasts! Exciting news for Windows Insiders: Microsoft has rolled out Windows 10 22H2 Build 19045.4713 (KB5040525) to both the Beta Channel and the Release Preview Channel. This update promises a host of new features, bug fixes, and improvements tailored for Windows 10...
Microsoft recently unveiled a new learning initiative aimed at IT professionals called "Windows Skilling Snacks". These bite-sized learning resources are designed to help both novice and experienced IT individuals enhance their skills in areas such as Windows security, deployment, and...
I am running Windows Server Essentials. Ehen the server is being accessed over network via file explorer all of my security is working great. Folder security is good, However if someone knows a folder path and enters that in a browser the have read access to the folder and all of it's...
Hi,
This is my first post and need some help with adding IP security rules to IP security policy.
Setting IP security policies on local computer.
We have already created IP security policy and blocked the internet.
But we need to allow/add certain DNS (WebURL).
rule:
This rule does not...
Hello dear friends.
I wanted to ask you about some logs that from my exchange server which i catch with qradar. They are all with qid: 5000830 or eventid:4624 which is a successful login to a server or anything.
I use a rule which tells me if someone logs in to the exchange server from an...
cybersecurity
data protection
event id
exchange server
external access
false positives
firewalls
fraudulent ip
ip logs
ip quality score
isp tracking
login events
microsoft corporation
networksecurity
password management
qradar
security audits
security rules
user management
I received today the Zalman ZM-WE450 WIFI enclosure and planning to buy 4TB HDD for it.
It works pretty well but since it is old it is limited to the speed of the WIFI 2.4GHz.
I am trying to find a way to limit who can access it on the network. It is currently connected to the WIFI rounder and...
Hello,
we are facing an issue where the domain admin accounts are becoming locked randomly.
We have filtered out the event 4740 in the windows security log and we can see the PCs triggering this lockdown.
-------------------------------------
A user account was locked out.
Subject:
Security ID...
account lockout
antivirus
contoso
domain admin
domain issues
event 4740
kerberos
malware scan
network analysis
networksecurity
rdp sessions
security id
smb protocol
system admin
system formatting
troubleshooting
user account
user management
windows log
windows security
So I'm the poor schmuck that gives a crap about backups. I have scripts that are supposed to run every night, but due to IT corporate domain nonsense they make me change my password. The scripts are run from a local admin account (non-domain) but every time I change my network password, all...
automation
backups
corporate it
error handling
it support
local account
local admin
microsoft
networksecurity
password issues
raid
scheduled jobs
scripts
server management
snapshot tool
task scheduler
technical support
troubleshooting
user accounts
windows scripts
Original release date: October 18, 2021
Summary
Actions You Can Take Now to Protect Against BlackMatter Ransomware
• Implement and enforce backup and restoration policies and procedures.
• Use Link Removed.
• Use Link Removed.
• Implement network segmentation and traversal monitoring.
Note...
Original release date: September 22, 2021
Summary
Immediate Actions You Can Take Now to Protect Against Conti Ransomware
• Use Link Removed.
• Segment and segregate networks and functions.
• Update your operating system and software.
Note: This Alert uses the MITRE Adversarial Tactics...
Original release date: July 28, 2021
Summary
This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau...
Original release date: July 19, 2021
Summary
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
How do you find open ports in your home network because im trying to make sure my network is more secure and that if something happens im alerted or the problem is taken care of automatically?
I dont know how to block all sites except one site. Im using google chrome , and i have downloaded group policy editor but still dont know how to set it. Help me please..
Original release date: April 26, 2021
Summary
The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29...