security

Home / security

Fix Hyperlinks Not Working In Outlook

I recently ran into an issue where Outlook 2016 on Windows 10 was giving me one of these errors whenever I would try to click on a link: "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator" or "Your organization's policies are preventing us from completing [...]

By | 2017-07-18T09:44:15+00:00 July 18th, 2017|Categories: Tech Tips, Windows|Tags: , , , , , , , , |0 Comments

How To Reset All Windows Security Settings To Default In Windows 10

If you recently tried applying a Group Policy or Local Policy in Windows and are having odd side effects, or notice the policy doesn't seem to be working as expected, you can try to reset / restore your local security policy settings to default in Windows 10, 8, 7, Vista and XP. I recently tried [...]

How To Disable NetBIOS on MacOS OS X

Even though my network has NetBIOS disabled in my Windows environment, including on the Windows DHCP server, the Mac OS X computers on the network still want to send NetBIOS requests. While monitoring network traffic using tools like Responder in Kali Linux or Wireshark, you can see the NetBIOS requests being sent. In my case, [...]

By | 2017-02-16T15:10:13+00:00 February 16th, 2017|Categories: Mac, Security, System Administration|Tags: , , , , , , |1 Comment

Apple Releases Security Updates iOS 10.2.1, watchOS 3.1.3, macOS Sierra 10.12.3, tvOS 10.1.1 and other Products

It's that time again! Time to update all of your Apple products to patch some critical security updates and vulnerabilities. Today, Apple released critical security updates for iOS, watchOS, tvOS, MacOS Sierra, Safari, and iCloud for Windows. Apple has patched 56 vulnerabilities, and of the 56, 29 could allow attackers to perform remote code execution [...]

By | 2017-01-23T14:25:36+00:00 January 23rd, 2017|Categories: Security|Tags: , , , , , , , , |0 Comments

How To Harden MongoDB Server

MongoDB is "a document database that provides high performance, high availability, and easy scalability". In this chapter of our InfoSec System Hardening series, we'll walk you through some of the steps you can take to harden your MongoDB database server. You can refer to the MongoDB Server Documentation for more details about the commands and [...]

By | 2017-01-16T15:37:37+00:00 January 17th, 2017|Categories: Security, Server Hardening, System Administration|Tags: , , , , , |0 Comments

How To Harden An NGINX Web Server

The next segment in our InfoSec System Hardening series is how to harden an NGINX Web Server. NGINX is an alternative to the popular Apache Web Server on Linux. In this article, we'll show you some of the basics you'll want to take to secure your NGINX Web Server. To get started, you can follow [...]

By | 2017-01-16T15:38:13+00:00 January 16th, 2017|Categories: Security, Server Hardening, System Administration|Tags: , , , , , |0 Comments

How To Harden A MySQL Server

As with any server, whether it be a web server, file server, database server, etc, hardening is an important step in information security and protecting the data on your systems. This guide will show you some basics when it comes to hardening a MySQL Server. Most of these changes are simple lines to add into [...]

By | 2017-01-16T15:38:43+00:00 January 15th, 2017|Categories: Security, Server Hardening, System Administration|Tags: , , , , , |0 Comments

Adobe’s Latest Security Patch Installs Chrome Extension to Collect Data

Earlier this week, Adobe released some updates to fix security issues and vulnerabilities identified in Adobe Acrobat Reader. Twitter's @SwiftOnSecurity noticed a new Google Chrome extension for Adobe Acrobat after the update. According to the post, there is no mention of the new extension anywhere in Adobe's changelog and instead is installed without your knowing. [...]

By | 2017-01-13T23:21:03+00:00 January 13th, 2017|Categories: Security|Tags: , , , , , |4 Comments

Install YAWAST – The Antecedent Web Application Security Toolkit

YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information leaks. Presence of Files or Directories - Checks for files or directories that could [...]

By | 2016-10-24T14:32:37+00:00 October 24th, 2016|Categories: Pentest|Tags: , , , , , , , |0 Comments

QRLJacker – QRLJacking Exploitation Framework

QRLJacker is a python framework which is used to exploit services that rely on QR code authentication. #QRLJacker is a customizable framework to demonstrate "QRLJacking Attack Vector" and shows how easy to hijack services that relies on QR Code Authentication. Installation Installation on Windows After downloading the framework and Python: cd QrlJacking-Framework pip install -r [...]

By | 2016-10-24T13:25:53+00:00 October 24th, 2016|Categories: Pentest|Tags: , , , |0 Comments