image
Patrick Domingues
Windows Tutorials

Windows devices can’t connect to RADIUS 802.1X Wifi

There is a known issue with a windows patch that will cause some Windows 10 and 11 devices unable to connect to RADIUS 802.1x Wifi, luckily there is a workaround.  

 

Windows RADIUS Wifi Access Workaround

  1. On your Windows device open search, type Control Panel and open the Control Panel application.


  2.  Once the Control Panel window is open click on [ View network status and tasks ].


  3.  Once your within the Network and Sharing Window locate and click on [ Set up a new connection or network ].


  4.  Now we will click on [ Manually connect to a wireless network ] followed by clicking Next.


  5.  In the Network name field type in your WIFI SSID name. In Security type, click the dropdown and select WPA2-Enterprise. Afterwards click Next.


  6.  You will now be presented with a Successfully added your wifi ssid message. However
Read the rest
Tutorials

An ideal tactic for security training engagement

In this article, we’ll explore the two main approaches to employee engagement: the carrot and the stick. We’ll look at what motivates employees to engage in security awareness training, and how each strategy can positively impact a company’s security program.
 
When businesses get punished for bad security practices, they often try to avoid the punishment in the future. However, punishing a business for bad security is not the best long-term strategy. This is according to the panelists who spoke at CyberRisk Alliance’s InfoSec World conference. They said that when businesses are punished for security breaches, they often try their best not to get caught again. But in the long run, this can actually harm consumers and businesses alike.
 
But, the panelists suggested, companies should not focus on scaring people into thinking that their information will be stolen. Instead, these companies should instill good cyber habits by providing positive reinforcement and
Read the rest
Security Awareness

Windows Zero-Day Allows Privileged File Access

A Windows security vulnerability could allow information disclosure and local privilege escalation (LPE), researchers have warned. The issue (CVE-2021-24084) has yet to get an official fix, but there is a way to protect yourself. A micropatch has been rolled out as a stop-gap measure.
 
 
Security researcher Abdelhamid Naceri reported a bug in Microsoft’s Autopilot software last October. Microsoft patched it in April, but it has not yet been released. Naceri recently discovered that CVE-2021-24084 could also be exploited for local privilege escalation. He demonstrates that users can copy files from a chosen location into a Cabinet (.CAB) archive, which they can then open and read.
 
 
The process of exploiting the bug is very similar to the LPE exploitation techniques used in a vulnerability in Windows 10, CVE-2021-36934. This bug affects the Security Accounts Manager (SAM) database, which houses user account credentials and network domain information.
 

Windows 10 Bug Exploitation Details

Read the rest
Vulnerabilities

Stripchat Breach Exposed 200m User Records

Stripchat founded in 2016 is an adult site for live nude cam shows has had its 200m user database exposed online. This data exposure puts both models and users at risk of extortion, violence, and other risks. 

The database was found on Nov. 5 by a security researcher. It contained about 200 million records from Stripchat, including 65 million user records with email addresses, IP addresses, the amount in tips they gave to models, when they created their accounts and when they last logged in. Another database discovered which had a lot of information about models. This data included their usernames, gender, studio IDs, tip menus and prices, whether they were online or not, and a number that reflects how much money they earned during private shows. We don’t know if anyone evil saw this information before they secured it.

 

Stripchat Data Exposure Threat

“The exposure could pose a significant

Read the rest
Data Breach
UniFi Tutorials

How to configure Windows Server and UDM-PRO UniFi Controller for RADIUS VPN access

In this tutorial you will be shown how to configure Windows Server and UDM-PRO UniFi Controller for RADIUS VPN access. Why is this useful? Well this allows us to just disable a user account in Active Directory after a termination and the previous employee will no longer have VPN access to the network. This will prevent Tech Support having to manually remove VPN users every time an employee is terminated.

Prerequisites for this tutorial.

  1. Internal Unifi Controller and Firewall, I myself am using a UDM-PRO for that function.
  2. Your Unifi equipment should be assigned static IP addresses outside your DHCP Scope. Once done write down the IP addresses alongside their model or unique name.
  3. Stand up a new physical or virtual server with Windows Server 2019.
    • I called my new virtual server HDN-RADIUS. 1vcpu 4GBram 60GB HDD
    • Install all updates on new Radius server
    • Assign static IP address.
    • Join new
Read the rest
Tutorials

Why HIPAA Compliance Matters In Telehealth

While the world has dealt with the far reaching effects of COVID-19, the healthcare industry has had to deal with many unique challenges. The procedure to protect both patients and staff from possible exposure to virus’s is a tricky process, especially when in some locations hospitals have also been dealing with patient surges. Keeping up with scheduled visits and procedures is a challenge, and keeping patients and staff aware of what is going on around them is a challenge as well.

 

Telehealth Grew Exponentially Due To COVID

The Centers for Disease Control and Prevention (CDC) has created a specific condition in which many physicians’ offices are finding themselves doing routine patient visits virtually. While the concept of telehealth appointments has been around for years, telemedicine has only recently become the new norm for many people. During the recent pandemic, the number of Medicare beneficiaries using telehealth services increased by 11,700%. … Read the rest

Security Policies and Compliance

Google Banned 150 Android Apps And They Need To Be Removed From Your Phone

It’s a rough world out there. You must be wary of threats — even if it’s as simple as an email or text message. We can’t go a week without a new threat popping up, and the latest crucial warning concerns 150+ fake Android apps on the Google Play Store that can steal your information.

Security software company Avast has been reporting on a scam campaign that has been going on for more than a year. The scam is called UltimaSMS, and it involves hundreds of fake apps that are disguised as popular ones, such as photo editors and camera filters. What they actually do is get victims to sign up for expensive SMS services and charge their accounts. It’s all about getting consumers to give their consent and payment information.

 

A list of the apps removed from the Google Play store

If you are wondering which apps are the … Read the rest

Security Awareness

How Can Businesses Prevent Common Wireless Network Attacks?

If you’re a business owner, how do you keep your wireless network secure from today’s most common online threats? While it may be difficult to prevent hackers from creating fake WiFi hotspots, there are steps you can take to protect your business.

Isolate the Guest Network

If your business WiFi is not isolated from your guest WiFi, it could be used to gain access to business data and place your POS at risk of compromise. Use a router that offers multiple SSIDs – most modern routers have that functionality. These routers often have a guest SSID option or separate guest portal. Make sure it is activated when it is deployed. Alternatively, your wireless network could be compromised by an attacker who is already on the guest WiFi.
 

Encrypt WiFi Traffic with WPA2 or WPA3

If you have a router that is not WPA2 compliant, it is time for an upgrade.
Read the rest
Security Awareness

Hashthemes Demo Importer WordPress Plugin Vulnerability

The Hashthemes Demo Importer and is found in more than 8,000 blogs, according to researchers at Wordfence. It’s a high-severity security flaw. This WordPress plugin is designed to import demo content from HashThemes.com. However, it’s possible for subscribers to use the demo importer as a tool to wipe out content on any WordPress site.

The HashThemes Demo Importer plugin allows you to easily import demos for WordPress themes with a single click. It also has no dependencies such as XML files, .json theme options, .dat customizer files or .wie widget files.
 
 
A security researcher named Ram Gall from Wordfence said that he reported the bug to the developer of the plug-in on Aug. 25. However, the developer did not respond for nearly a month. So, he got in touch with the WordPress team Sept. 20.
 

WordPress Yanks Plugin, Puts Out Fix

 
On the same day, the WordPress team removed the
Read the rest
Vulnerabilities
UniFi Tutorials

How to configure Windows Server and Unifi Controller for RADIUS Wifi access

In this tutorial you will be shown how to configure Unifi Controller and Windows Server for RADIUS Wifi access. Why is this useful? Well this allows us to just disable a user account in Active Directory after a termination and the previous employee will no longer have Wifi access. This will prevent Tech Support having to change the Wifi password every time an employee is terminated.

 

 

Prerequisites for this tutorial.

  1. Internal Unifi Controller, I myself am using a UDM-PRO for that function.
    • You can use a Cloud Hosted Unifi Controller but you will need to open radius ports on your firewalls wan. Your network firewall should be configured to only allow incoming traffic from your Unifi Hosted Controllers IP address to access the Radius ports.
  2. Your Unifi equipment should be assigned static IP addresses outside your DHCP Scope. Once done write down the IP addresses alongside their model or unique
Read the rest
Tutorials

Available On Amazon

Polls

What Content Do You Want To See?

View Results

Loading ... Loading ...

Categories

Archives

Subscribe Today

Want to know when new posts are published? Enter your email & click on that subscribe button.

Stay Informed

Receive instant notifications when new content is released.