How to and why you should disable LLMNR with Windows Server
Link-Local Multicast Name Resolution could enable a man-in-the-middle attack, so it’s best to disable the protocol when setting up Windows Server 2019.
ComputerWorld
Microsoft Patch Alert: October updates bring problems with Start, RDP, Ethernet, older VB programs
Credit to Author: Woody Leonhard| Date: Tue, 29 Oct 2019 12:18:00 -0700
October started out on an extraordinarily low note. On Oct. 3, Microsoft released an “out of band” security update to protect all Windows users from an Internet Explorer scripting engine bug, CVE-2019-1367, once thought to be an imminent danger to all things (and all versions) Windows.
It was the third attempt to fix that security hole and each of the versions brought its own set of bugs.
Earn your IoT security certification
Credit to Author: Insider Pro staff| Date: Tue, 29 Oct 2019 04:59:00 -0700
Insider Pro is teaming up with CertNexus to offer subscribers access to an online course that leads to a Certified IoT Security Practitioner (CIoTSP) certification.
Read moreMemory-Lane Monday: Please tell me his name wasn’t Jones
Credit to Author: Sharky| Date: Mon, 28 Oct 2019 03:00:00 -0700
Pilot fish and his help desk colleagues do a lot of password resets and have learned that it’s best to sympathize with the callers and normalize forgetting those strings of letters, numbers and symbols. It can happen to anybody is the message.
But some forgetfulness is more normal than others, finds fish, who told one user, “I’m going to reset your password to your last name, with the first letter capitalized.”
Reports fish: “He said, ‘Wait a minute. Let me get a pencil and paper to write that down.
“I then spelled his last name for him and reminded him to capitalize the first letter. He thanked me and hung up the phone.
“Surreal doesn’t even begin to describe how this felt!”
Name game
Credit to Author: Sharky| Date: Fri, 25 Oct 2019 03:00:00 -0700
This pilot fish builds a lot of Linux systems that have to be compliant with U.S. Department of Defense/Defense Information Systems Agency STIG security requirements, but he tries to lessen the pain by assigning root passwords that are secure but easily remembered. Naturally, he sends them to the owner via encrypted email.
When the Nvidia driver in one of those machines gets corrupted after the system goes down hard in a power outage, fish needs root access to reinstall the driver. Unfortunately, the user of that machine (who, just incidentally, had ignored the warnings about that planned power outage) has no recollection of the root password, and he can’t get it from his email. Why? He has uninstalled all his old encryption certs, so older encrypted emails can no longer be decrypted.
How to double-check permissions post migration from Windows 7
It pays to make sure all permissions in your Windows environment are correct after migrating from Windows 7 or Server 2008 R2. Here’s how to check.
Your best defense against insider threats | TECH(talk)
When employees are your weakest link, companies must have programs in place to prevent them from accidentally or intentionally putting the organization at risk. Watch as TECHtalk hosts Ken Mingis and Juliet Beauchamp discuss various options with CSO’s Lucian Constantin.
5 big buts about the Pixel 4 phone
Credit to Author: JR Raphael| Date: Tue, 22 Oct 2019 04:00:00 -0700
Look, I’ll just come out and say it: I’m a big believer in buts.
Now, hang on a sec: You haven’t accidentally stumbled onto the world’s last remaining Sir Mix-a-Lot fan site. (If only!) No, the buts of which I speak at this particular moment are the single “t” variety — as in, the contradictory kinds of statements that are so frequently missing when we talk about technology.
You know what I’m talking about, right? Here in these tribal times of 2019, it’s all too easy to fall into a pattern of seeing a certain sort of product or type of device as being either “awesome” or “inferior,” with little gray space in between those extremes. You’ve used this kind of smartphone for years now, damn it, so it has to be the best! And that other company’s devices are, like, obviously awful. They’re from the competing team! They could never be worth your while.
Train to be a certified cyber security professional for just $39
Credit to Author: DealPost Team| Date: Mon, 21 Oct 2019 07:56:00 -0700
Cyber crime is responsible for a staggering amount of damage and chaos around the world. Want to be a part of the solution? Then train for a career in this demanding field with The A to Z Cyber Security and IT Certification Training Bundle.
This e-training bundle is perfect for anyone who has an interest in putting a stop to cyber crime. It includes twelve courses that’ll introduce students to ethical hacking methods, show them how to test a network for weaknesses, and identify problems so they can be fixed prior to being exploited. It’s fast, flexible, and you can even apply your training in preparation for several certification exams
Utah county moves to expand mobile voting through blockchain
Credit to Author: Lucas Mearian| Date: Mon, 21 Oct 2019 03:00:00 -0700
Disabled voters in Utah County will be able to use their smartphones to vote in the November municipal election, an expansion of an earlier pilot test of the blockchain-based technology and anothert step toward allowing all voters to cast ballots with a mobile device.
The county, which has more than a half million residents, is the third in the U.S. to partner with Tusk Philanthropies, a non-profit focused on expanding mobile voting nationally. The latest pilot is a collaboration between the Utah County Elections Division, Tusk Philanthropies, the National Cybersecurity Center and Boston-based voting app developer Voatz.