Tag Archives: don’t

For Trade – 8GB (2x4GB) DDR3 RAM Kingston – looking for low end GFX Card

I need a DVI and hdmi or Display Port as I’m driving 2 monitors with no VGA inputs

I don’t think you can drive 2 monitors from 1 DVI though I think it’s possible to daisy chain with Display Port?

lightroom and Olympus workspace both want 2GB for acceleration though something that supports a more modern version of OpenGL would be an improvement if it can drive both displays.

Go to Original Article
Author:

For Sale – Corsair HS60 Surround headset, Carbon/white, boxed as new

Bought these late August 2019 from Amazon but don’t find them that comfortable as I wear glasses. Balance of 2 year warranty – happy to help out in any future claim, although I’ve no idea how practical that would be.

Corsair HS60 Stereo gaming headset with 7.1 surround sound USB dongle
Carbon/white
Perfect, as new working condition – under 10 hours use
Boxed with all accessories inc detachable mic (unused), USB dongle and manual/warranty booklets
Compatible with PC, Mac, PS4, XBOX, Switch and mobile devices
Precision-tuned 50mm audio drivers
Plush memory foam ear pads
CUE software compatible
Have been fully cleaned with anti bacterial wipes etc

Ideally you will collect but can post at additional cost

Go to Original Article
Author:

For Sale – AMD Ryzen 9 3950X Retail Boxed, ASUS ROG X570 Crosshair VIII Hero (Wi-Fi) Motherboard, Zotac 2080Ti

On the basis that it’s working at the moment, I don’t see any reason why it would break.

I probably should try to knock that £25 back off but I’m happy to take at asking.

(it’s not as if I’m going to build it for a couple of weeks anyway as I need to sort out the rest of my watercooling kit).

Go to Original Article
Author:

For Sale – INNO3D GeForce RTX 2080Ti iChill Black

Hi folks,

Downgraded my monitor from 4K to 1440p so I really dont need the 2080Ti anymore for the titles I play.

Hence I’ve downgraded to an RTX 2070 Super, making this beast available for sale.

https://www.overclockers.co.uk/inno…ddr6-pci-express-graphics-card-gx-074-in.html

Inno3D GeForce RTX 2080 Ti iChiLL Black

Purchased new by myself from Overclockers UK in October 2019.

Card is perfect and has never skipped a beat, all original box etc.

Extremely cool and quiet running card, as you might expect with such a cooling solution.

Happy to help buyer with any potential warranty issues down the line, card still in warranty until 31/10/22.

Payment by BT

Asking is £950 inc delivery.

Go to Original Article
Author:

Wanted – 2 Desktop PC’s required – All In one

I have a Sony all in one at my studio we don’t use anymore. I’ve got to pop into The studio later. Can boot it up and see specs etc if your Interested. What’s your budget?

Go to Original Article
Author:

Active Directory nesting groups strategy and implementation

Trying to set up nesting groups in Active Directory can quickly become a challenge, especially if you don’t have a solid blueprint in place.

Microsoft recommends that you apply a nesting and role-based access control (RBAC), specifically the AGDLP for single-domain environments and AGUDLP for multi-domain/multi-forest environments. But implementing either arrangement in a legacy setup that lacks a clear strategy when it comes to RBAC and nesting can take time to clean up. The effort will be worthwhile, because the end result will make your environment more secure and dynamic.

Why should I use a nesting groups strategy?

A good nesting approach, such as AGDLP or AGUDLP, gives you a great overview of who has what permissions, which can help in certain situations such as audits. This setup is also useful because it eliminates the need for troubleshooting if something doesn’t work. Lastly, it reduces administrative overhead by making the assignment of permissions to other domains straightforward.

What is AGDLP?

AGDLP stands for:

  • Accounts (the user or computer)
  • Global group (also called role group)
  • Domain Local groups (also called access groups)
  • Permissions (the specific permission tied to the domain local group)

The acronym is the exact order used to nest the groups.

Accounts will be a member of a global group that, in turn, is a member of a domain local group. The domain local group holds the specific permission to resources we want the global group to have access to, such as files and printer queues.

We can see in the illustration below how this particular nesting group comes together:

AGDLP nesting group
AGDLP is Microsoft’s recommended nesting group for role-based access configuration in a single domain setting.

By using AGDLP nesting and RBAC principles, you get an overview of a role’s specific permissions, which can be easily copied to other role groups if needed. With AGDLP, you only need to remember to always tie the permission to the domain local group at the end of the nesting chain and never to the global group.

What is AGUDLP?

AGUDLP is the multi-domain/multi-forest version of AGDLP, with the one difference being a universal group added to the nesting chain. You can use these universal groups to add role groups (global groups) from other domains without too much effort.

The universal group — also called a resource group — should have the same name as the corresponding role group, except for its prefix, as illustrated below:

AGUDLP nesting group
For organizations with multiple domains and forests, AGUDLP is recommended to make it easier to add role groups from other domains.

What are the implementation concerns with AGDLP/AGUDLP?

There are four important rules related to the use of AGDLP or AGUDLP:

  1. Decide on a naming convention of your groups.
  2. One user can have multiple roles. Don’t create more role groups than necessary.
  3. Always use the correct group type: domain local, global, universal, etc.
  4. Never assign permissions directly to the global or universal groups. This will break the nesting strategy and its corresponding permissions summary for the organization.

Should you use AGDLP or AGUDLP?

If you don’t need to assign permissions across multiple domains, then always use AGDLP. Groups nested with AGDLP can be converted to AGUDLP if needed and require less work to operate. If you’re in doubt, use AGDLP.

To convert an AGDLP nested group to AGUDLP, do the following:

  1. Create a universal group.
  2. Transfer the memberships of the global group to the universal group.
  3. Add the universal group as a member of the global group.
  4. Have all users and computers update their Kerberos ticket or log out and log in.
  5. Remove all the domain local groups from the global group.

Why a naming convention is necessary with nesting groups

You should decide on a naming convention before you implement AGDLP or AGUDLP; it’s not a requirement, but without one, you will quickly lose control of the organization you worked to build.

There are multiple naming schemes, but you can create a customized one that fits your organization. A good naming convention should have the following criteria:

  • Be easy to read.
  • Be simple enough to parse with scripts.
  • Contain no whitespace characters, such as spaces.
  • Contain no special characters — characters that are not numbers or from the alphabet — except for the underscore or minus sign.

Here are a few examples for the different group types:

Role groups

Naming convention: Role_[Department]_[RoleName]
Examples: Role_IT_Helpdesk or Role_HR_Managers

If you use the AGUDLP principle, then there should be a corresponding resource group with a Res prefix such as Res_IT_Helpdesk or Res_HR_Managers.

Permission groups (domain local groups)

Naming convention: ACL_[PermissionCategory][PermissionDescription][PermissionType]
Examples: ACL_Fileshare_HR-Common_Read or ACL_Computer_Server1_Logon or ACL_Computer_Server1_LocalAdmin.

Executing AGDLP and AGUDLP

It might be challenging to implement AGDLP in older domains that lack a conventional arrangement. It’s imperative to identify and test thoroughly to uncover a lot of the oddities to make everything conform to the new setup.

A rough outline of the implementation plan looks like this:

  • Educate and inform your co-workers to keep them from creating groups and assigning permissions in a way that doesn’t adhere to the new arrangement.
  • Ask the HR department for assistance to identify roles. It’s possible a user might have multiple roles.
  • Create role groups and their corresponding Res groups — if you use AGUDLP — and assign new permissions with the AGDLP/AGUDLP principle.
  • Identify existing permissions and change them to adhere to AGDLP/AGUDLP. You could either rename the groups and adjust their group type or build new groups side by side with the intent to replace the old group at a later date.

Go to Original Article
Author:

How IoT, 5G, RPA and AI are opening doors to cybersecurity threats

“You can’t say civilization don’t advance… in every war they kill you in a new way.” – Will Rogers

Software is eating the world. Cloud, RPA and AI are becoming increasingly common and a necessary part of every business that wishes to thrive or survive in the age of digital transformation, whether for lowering operational costs or to remain in the competition. But as we increasingly digitalize our work, we’re opening new doors for cybersecurity threats. Here, we dive into the technological advancements in the past year to learn how we can use those progresses without getting burnt.

IoT

From office devices to home appliances, our “anytime, anywhere” needs require every peripheral to connect to the internet and our smartphones. But simultaneously, the new IT landscape has created a massive attack vector. SonicWall’s Annual Threat Report discovered a 217% increase in IoT attacks, while their Q3 Threat Data Report discovered 25 million attacks in the third quarter alone, a 33% increase that shows the continued relevance of IoT attacks in 2020.

IoT devices collect our private data for seemingly legitimate purposes, but when a hacker gains access to those devices, they offer the perfect means for spying and tracking. The FBI recently warned against one such example of the cybersecurity threat concerning smart TVs, which are equipped with internet streaming and facial recognition capabilities.

As governments increasingly use cyberattacks as part of their aggressive policies, the problem only gets worse. IoT devices were usually exploited for creating botnet armies to launch distributed denial-of-service attacks, but in April 2019, Microsoft announced that Russian state-sponsored hackers used IoT devices to breach corporate networks. The attackers initially broke into a voice over IP phone, an office printer and a video decoder and then used that foothold to scan for other vulnerabilities within their target’s internal networks.

Some of the hacks mentioned above were facilitated because the devices were deployed with default manufacturer passwords, or because the latest security update was not installed. But with the IoT rush, new cybersecurity threats and attack vectors emerge. “When new IoT devices are created, risk reduction is frequently an afterthought. It is not always a top priority for device makers to create security measures since no initial incentive is seen due to a lack of profit,” warned Hagay Katz, vice president of cybersecurity at Allot, a global provider of innovative network intelligence and security solutions. “Most devices suffer from built-in vulnerabilities and are not designed to run any third-party endpoint security software. For many consumers, cybersecurity has been synonymous with antivirus. But those days are long gone,” he said.

To fight against the new cybersecurity threats, Katz recommended turning to a communications service providers (CSP). “Through machine learning techniques and visibility provided by the CSP, all the devices are identified. A default security policy is then applied for each device and the network is segregated to block lateral malware propagation. By simply adding a software agent on the subscriber’s existing consumer premise equipment, CSPs can easily roll out a network or router-based solution that protects all the consumer’s IoT devices.”

We also need to consider whether we really need an IoT version of everything. In the words of Ryan Trost, co-founder and CTO of ThreatQuotient who has over 15 years of security experience focusing on intrusion detection and cyber intelligence: “I can appreciate the benefits of every single student having a tablet (or equivalent) for schooling. However, I struggle to find the legitimacy of why my refrigerator needs an Internet connection, or for that matter, a video conferencing feature.”

5G

While the next generation network takes AI, VR and IoT to new levels, it’s also creating new problems. “5G utilizes millimeter waves, which have a much shorter range than the conventional lower-frequency radio waves. This is where the source of the greatest [cybersecurity] threat in 5G infrastructure originates from,” warned Abdul Rehman, a cybersecurity editor at VPNRanks. “An attacker can steal your data by setting up a fake cell tower near your home and learn a great deal about the device you are using including location, phone model, operating system, etc. These can even be used to listen in on your phone calls.” To mitigate the risk, Rehman suggests relying on strong encryption.

AI

We’ve previously talked about how AI is vulnerable to data poisoning attacks. As the technology advances, new forms of cybersecurity threats emerge. Voice deepfakes are one of such threats, where hackers impersonate C-level executives, politicians or other high-profile individuals. “Employees are tricked into sending money to scammers or revealing sensitive information after getting voice messages and calls that sound like they are from the CFO or other executives,” said Curtis Simpson, CISO at IoT security company Armis. “We’ve already seen one fraudulent bank transfer convert to $243,000 for criminals. Given how hard it is to identify these deepfakes compared to standard phishing attacks, I expect these operations will become the norm in the new year.”

It only takes one wrong click for a hacker to implant malware or open a backdoor. Unfortunately, that could be the undoing of all other security measures put in place to protect the network. “No one is off limits when it comes to cybersecurity threats,” warned PJ Kirner, CTO and founder of Illumio, which develops adaptive micro-segmentation technologies to prevent the spread of breaches. Children could end up installing malware on their parents’ phones. According to Kirner, “our sons and daughters will quickly become a new threat vector to enterprise security.”

Robotic process automation

A Gartner report showed the annual growth of RPA software and projected that revenue will grow to $1.3 billion by 2019. “In 2020, [RPA] will continue its disruptive rise and become even more ingrained in our everyday lives,” predicted Darrell Long, vice president of product management at One Identity, an identity and access management provider. “However, with the rapid adoption of RPA, security has become an afterthought, leaving major vulnerabilities.” RPA technologies hold privileged data and that makes them lucrative targets for cybercriminals. CIOs must pay close attention to the security of the RPA tools they use and the data they expose to ensure their business is not infiltrated by malicious actors.

Storage attacks

Cybercrimes are not only rising — they are also evolving. Attackers have realized that data in storage systems are key to an organization’s operations. “Hackers are now targeting network attached storage (NAS) devices, according to the data revealed in a new Kaspersky report. This new type of attack presents a significant problem to businesses using only NAS devices to store their backups,” said Doug Hazelman, a software industry veteran with over 20 years of experience.

According to Kaspersky, there was little evidence of NAS attacks in 2018, but as hackers realized the benefits, they caught users off guard since NAS devices typically don’t run antivirus or anti-malware products. Hackers exploited this shortcoming to put 19,000 QNAP NAS devices at risk.

Organizations should keep their systems updated with the latest security patches and ensure only necessary devices are reachable from public networks. Per Hazelman’s recommendation, “to prevent cybercriminals from infecting backups with malicious software, CIOs should ensure company backups are being stored on two different media types, one of which being cloud storage, which has several benefits, including increased security.”

Reaching for the clouds

While new technologies promise convenience and increased returns, CIOs must make sure the security risks do not outweigh the gains.

Contrary to the other technologies on this list, ransomware has largely left the cloud untouched. However, as companies continue to transition their servers and data to the cloud for more cost-efficient solutions, criminals will shift their focus. The current attacks have largely been due to cloud misconfigurations or stolen credentials, but since the cloud has become a one-stop shop for all data, it’s becoming the new battleground.

What we need to do about cybersecurity threats

By now, we’ve seen how devastating cyberattacks can be, and that the risks are steadily increasing. Security must be a priority and not an afterthought. While new technologies promise convenience and increased returns, CIOs must make sure the security risks do not outweigh the gains.

Go to Original Article
Author:

5G vs. Wi-Fi: Verizon says cellular will win

Verizon’s long-term strategy is to make mobile 5G a Wi-Fi killer. While analysts don’t see that happening this decade, it is technically possible for the next-generation wireless technology to drive Wi-Fi into obsolescence.

Ronan Dunne, CEO of Verizon Consumer Group, recently entered the ongoing 5G vs. Wi-Fi tech debate when he predicted the latter’s demise. Dunne said his company’s upcoming 5G service would eventually make high-speed internet connectivity ubiquitous for its customers.

“In the world of 5G millimeter wave deployment, we don’t see the need for Wi-Fi in the future,” Dunne told attendees at a Citigroup global technology conference in Las Vegas.

Today, the millimeter wave (MM wave) spectrum used to transmit 5G signals is often blocked by physical objects like buildings and trees, making service unreliable. Verizon believes its engineers can circumvent those limitations within 5 to 7 years, bringing 5G wireless broadband to its 150 million customers.

Most analysts agree that Wi-Fi will remain the preferred technology for indoor wireless networking through the current decade. Beyond that, it’s technically possible for 5G services to start eroding Wi-Fi’s market dominance, particularly as the number of 5G mobile and IoT devices rises over the next several years.

“If the CEO of a major cellular carrier says something, I will take that seriously,” said Craig Mathias, principal analyst at Farpoint Group. “He could be dead wrong over the long run, but, technically, it could work.”

As an alternative to Wi-Fi, Verizon could offer small mobile base stations, such as specially designed picocells and femtocells, to carry 5G signals from the office and home to the carrier’s small cell base stations placed on buildings, lampposts or poles. The small cells would send traffic to the carriers’ core network.

Early uses for 5G

Initially, 5G could become a better option for specific uses. Examples include sports stadiums that have an atypically high number of mobile devices accessing the internet at the same time. That type of situation requires a massive expenditure in Wi-Fi gear and software that could prove more expensive than 5G technology, said Brandon Butler, an analyst at IDC.

Another better-than-Wi-Fi use for 5G would be in a manufacturing facility. Those locations often have machinery that needs an ultra-low latency connection in an area where a radio signal is up against considerable interference, Butler said.

Nevertheless, Butler stops short of predicting a 5G-only world, advising enterprises to plan for a hybrid world instead. They should look to Wi-Fi and 5G as the best indoor and outdoor technology, respectively.

“The real takeaway point here is that enterprises should plan for a hybrid world into the future,” Butler said.

Ultimately, how far 5G goes in replacing Wi-Fi will depend on whether the expense of switching is justified by reducing overall costs and receiving unique services. To displace Wi-Fi, 5G will have to do much more than match its speed.

“It’ll come down to cost and economics, and the cost and economics do not work when the performance is similar,” said Rajesh Ghai, an analyst at IDC.

Today, Wi-Fi provides a relatively easy upgrade path. That’s because, collectively, businesses have already spent billions of dollars over the years on Wi-Fi access points, routers, security and management tools. They have also hired the IT staff to operate the system.

Verizon 5G Home

While stressing the importance of mobile 5G vs. Wi-Fi, Dunne lowered expectations for the fixed wireless 5G service for the home that the carrier launched in 2018. Verizon expected it’s 5G Home service to eventually compete with the TV and internet services provided by cable companies.

Today, 5G Home, which is available in parts of five metropolitan markets, has taken a backseat to Verizon’s mobile 5G buildout. “It’s very much a mobility strategy with a secondary product of home,” Dunne said.

Ghai of IDC was not surprised that Verizon would lower expectations for 5G Home. Delivering the service nationwide would have required spending vast amounts of money to blanket neighborhoods with small cells.

Verizon likely didn’t see enough interest for 5G Home among consumers to justify the cost, Ghai said. “It probably hasn’t lived up to the promise.”

Go to Original Article
Author: