Our accounting department received a document that looked like an invoice for $590 to CPU Service Inc. for "online computer support and consulting" which is "access to support forums, knowledge bases and chat rooms." There is a fine-print disclaimer at the bottom saying it's a proposal and not a bill.
Just wanted to make others aware of this shady business practice that's making the rounds.
$590 for online forums? Pffft. Spiceworks is free.
Mods: sorry if this is the wrong group for this.
Morning all -
Long time listener, first time poster. I need your advice on this subject...
There is a member of our executive staff that tends to want to overlord over everything.
He has requested admin passwords for everything in our company. Printers, routers, servers, vSphere, etc.
The real kicker is that he specifically wants this information handed to him in plain text so he can print it out and keep a copy.
This is the first time anyone outside of the IT department would have full access to our infrastructure. He has no IT experience, but has done a little web development and some FileMaker development.
We are not a large company (roughly 60 employees), and our IT department has 3 members (me included)
His reasoning for this is the bus factor (what if all three of you get hit by a bus?) I see where he is coming from, and I am willing to...
I'm looking for a battery-powered security camera of some sort.
Unfortunately, we've been having an issue with an as-yet unknown offender slashing tires in a certain section of our parking lot at irregular intervals. :(
I was hoping to be able to cover that area using a battery-powered camera (video or photo) with SD card storage.
The spot is too far from the to supply power or wireless network service, and would be cost-prohibitive to do so.
My first thought was a wildlife camera, but those seem to be only good for detecting motion for 25-50ft away. The camera would likely have be mounted/strapped to a tree further away than that--maybe 100ft.
So, for $100-$400, what might be a good option?
The poll was conducted by Spiceworks Voice of IT on behalf of CloudEntr in September. The study collected 438 surveys from IT professionals at companies with 20 to 499 employees in industries related to financial services, manufacturing, professional services, government and non-profits.
Of the IT professionals who responded in the survey, 77 percent said that employees are the weakest link in the security infrastructure. The number is even bigger in financial services firms: 81 percent.
Curiously, despite recent high-profile security breaches, a clear majority of IT professionals—64 percent—said they won't change any of their planned security-related infrastructure buying in 2015, though an even larger majority (89 percent) said they plan to provide more employee education next year.
This is a good thing, because effectivesecurity...
Well basically my question is to do or not to do?
I have lived under the assumption that virus protection can not alone protect your company computers from malware. Is this accurate information, and should we take into use some malware removal software, malwarebytes for example.
We are currently running only virus protection.
Thanks for all/any input on this matter.
ps. could not find good old topic about this subject, if already discussed recently ,please link.
Hi,
in our company, most of the users have local admin rights (not our choice, to be clear). We're looking at a way where the users don't have those rights anymore, but are able to ask them temporarely. Like in Ubuntu where you can call them via sudo. Is there a way to accomplish this? What are our options?
Jo
This article was first published in Netwrix Blogs:
http://blog.netwrix.com/2014/11/13/how-to-steal-a-virtual-machine-in-three-easy-steps/
This is a followup topic toTHIStopic I posted last week.
I spent pretty much the latter half of last week and the ENTIRE weekend researching security. Now, obviously in the grand scheme of things, a week of research is laughable when it comes to security... buuuuut, it is what it is. We are up against a wall and desperately need to revamp our security at our growing company. If you read the other topic you'll know we have no dedicated security personal so we are taking it upon ourselves to get this as squared away as possible.
Keep in mind this isn't an actual presentable draft, as it's obviously missing A LOT of information. I just wanted to get some input on the choices, etc.. Here is my initial "draft," if you will:
IDS / IPS - Snort on Ubuntu Server LTS
AS / AM - Kaspersky
AV - Kaspersky
Monitor - Security Onion, Netmonitor (Opsview,...
Scanned the computer with antivirus and Malwarebytes - nothing.
Anyone seen anything like this before? Should I be worried? Searches for "tacebook.com" here and on Google turned up nothing.
I am trying to enable Sonicwall SSL VPN on a Sonicwall NSA device. Each time I enable the SSL VPN, I get an email from our PCI Scan saying the scan has failed because of the following:
TLS Protocol Session Renegotiation Security Vulnerability
SSL server accepts weak ciphers
SSL certificate is signed with weak hash function: MD5
Hi All,
We are using DLP agent's through our organization to protect sensitive data from leaving the environment. I have a help desk admin who is claiming that the DLP agent is randomly deleting users .pst files. Has anyone heard of something like this happening ?
Though numbers show that organizations that conduct security awareness training lose an average of half a million dollars less than those that don't, some of the experts interviewed for Dark Reading's story say that "training is mostly a waste of time. Users aren't information security experts and shouldn't be expected to keep ahead of potential threats. These experts believe the focus on awareness training takes attention away from bigger industry issues such as failures in software design and lack of technical controls."
Both sides obviously have a point, but if you can share security awareness tips with users, why wouldn't you?
I have a number of systems running large numbers of conhost, cmd.exe and wscript processes and I am concerned that we have been compromised. hey all appear to be being run using our spiceworks user account and they are running spiceworks_upload.vbs, creating a netstat.txt file and then uploading it to our spiceworks server under dataloader/persist_netstat_payload.
The CMD task runs cmd.exe /c echo server "%temp$\spiceworks\netstat.txt &&netstat-anop tcp %temp%\spiceworks\netstat.txt" && wscript //B"%temp%\spiceworks\spiceworks_upload.vbs"%temp%\spiceworks\netstat.txt http://spiceworksserver/dataloader/persist_netstat_datapayload
In some cases there are 400 processes running, I have run virus scans on the effected servers and computers but they have come up blank, any clues?
Drac
Curiosity killed the cat....
but as my grandmother often said..
Satisfaction brought him back!
3 weeks ago we had some strange traffic originating from one of our networks, after days of packet sniffing and tracking down the source of the bandwidth, it turns out it was our firewall for our employee's. My first thought was what did someone install and managed to get past Vipre and Malware bytes and very strict UTM rules on traffic / apps and everything else.
I disconnected switches, workstations, servers, everything and yet around the same time every day, massive unicast traffic spikes would leave our network taking down the UTM to an unusable state, dropping internet, initially at one point it hit 200Mbps our ISP told us and took out one of our ISP $30K Juniper routers in the U.S by maxing out its load to 100% (we have a 1Gig link direct...
Just had my first experience with Poweliks, the malware that hides like a Russian nesting doll.
Had a user bring a laptop in to show me that as soon as he connects to a network, MalwareBytes pops up repeatedly that it has blocked dllhost.exe from connecting outbound to fff5ee.com
My first thought of course was why the H-E-Doublehockeysticks did he think it was a good ides to bring it in and connect to the employee WiFi (completely separate from the production environment, but still...)
My next thought was why he didn't tell me this sooner as he said it was going on for a few days and that he brought it in because it was slow.
I started off like normal, booting to safemode w/networking, run RKILL, update MBAM, scan the heck out of it. The problem was nothing was found... weird... I ran combofix, nothing out of place...weird...checked...
We discovered some facts about data breach that are a little scary:
Data breach is expensive and becoming more common, and a lot of companies are making response plans, but how many of you Spiceheads have a plan in place for when a breach happens at your company? We had a few of our own ideas forwhat to put in a response plan, but what do you all think a good plan should include?
Hey guys,
The Sophosproduct team wanted to pick your brains on how you smart dudes/dudettes view server security, so we've created this really quick 60-second (seriously, it's a quick one!) survey to gather your thoughts:http://sophoslabs.polldaddy.com/s/sophos-server-protection
We're going to give away 5 of our famous privacy shirts to some lucky Spiceheads as a thank you for your time. :) This shirtcontest is open to any and all Spiceheads regardless of region. Legal mumbo jumbo here:Terms and Conditions.
Survey closes on Thurs, Nov. 13th at 11:59PM PST, soget your entries in!
TGIF!
Kim@SOPHOS
Hello everyone,
So I work at a school and there are a couple of kids here that love minecraft (and by that I mean EVERYONE here talks about it). Anyways a student started a petition to get minecraft approved to play here in school and sure enough got it approved. Every Friday for the last period they get free time if their behavior in class was good for that week. So now I have to install minecraft on every student computer as well as set up a server so that we can all play. Here is the problem, I need to be able to restrict minecraft to only be able to run during free time. I don't want the students to be able to just run minecraft whenever they want. Also I want to restrict them to be able to join only the server that I will host here at school. While I have played minecraft before, I don't know much about it. I'm not even entirely...
I have to give a presentation to a group of parents here at our school first thing in the morning. The presentations is basically Internet Security at home to protect themselves and their children. I need topics to go over with the parents. I have a decent idea of what I am going to cover thanks to my own research, before I put it all together I just need a couple more ideas from you guys to make sure I didn't overlook something. Thanks!
Basically what I have so far (not going into details) is a list of things they can do at home to make sure they don;t get any viruses. I'll also show them parental control tools for their computers at home and just pretty much keep them aware of security features in general.
We are SMB with about 25 computers. We have windows DC.
All computers in the network are windows 7 pro,enterprise
Looking for a tool,utility,software which can do this for us:
1) Scan our entire network and give me a report as what all folders are shared across the network, including any admin shares setup.
2) Who has access to the shared folders
3) There are 4 critical folders in HR computer which is not shared with anyone. But there might be admin share setup on the PC. We know administrators will have access to these folders using admin shares ( C$,D$). We want to install a software on the PC which will kind of setup auditing on the critical folder and give us a report whenever needed. The report should say which user accessed the files,folders.(local admin,network user,domain admin,backup accounts...etc)
Any GUI tool will be good...