Security & Networks
Posts on both networks and security (consolidated)
cancel
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

More vulnerabilty fun, Halloween edition

Flaw in OAuth implementation for Grammerly and others; allows full account takeover.https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions iPhone MAC address randomization hasn't ever worked. Turns out that while it ...

rlyons by Rising Star III
  • 527 Views
  • 1 replies
  • 0 kudos

Locating and updating curl and libcurl

 Whats everyone doing to evaluate and understand their device exposure on the curl and libcurl CVE? Ive got to the point where understanding if curl is present on the device only goes so far, as there are potentially 3rdparty apps that have/utilise t...

rodderz by Novitiate I
  • 608 Views
  • 1 replies
  • 0 kudos

Admin locked out!

When I try to login as admin my OTP-code says; Verification code was invalid or already used.It does not work. If I try to reset my password I need also an OTP code. I'm locked out and have no clue how to solve this.

FB991 by Novitiate I
  • 2005 Views
  • 3 replies
  • 0 kudos

Resolved! Printer access/security solutions in JumpCloud

Hello All,I recently joined an organization running JumpCloud. One of the challenges I'm trying to solution in the organization is printer access and security. I don't see anything in JC and wanted to bounce this off the group.What I'd like to do is ...

htgrimmi by Novitiate I
  • 1184 Views
  • 2 replies
  • 0 kudos

LDAP mapping between JumpCloud and OpenDirectory?

We have a Mac mini acting as a FileMaker database server, and I need to add SSO logins for database users. For some reason, the JumpCloud agent won't install, so as a workaround I added the Jumpcloud LDAP server as a native directory service per http...

jlgtx by Novitiate II
  • 2652 Views
  • 6 replies
  • 0 kudos

device security apps

Hi, Just trying out JumpCloud, working well so far. Only issue we have so far is struggling to find anything within the portal to restrict users installing software from the internet. Eg firefox, putty can run directly from Downloads. How are people ...

deano by Novitiate II
  • 1640 Views
  • 5 replies
  • 0 kudos

Tailscale SSO OIDC

Configuring a Tailscale SSO connection is pretty straightforward but there are a couple of gotchas to watch out for.  First, neither JumpCloud nor Tailscale consider each other a primary vendor so you have to use custom connections.  Second, Tailscal...

RNHurt by Novitiate III
  • 1054 Views
  • 0 replies
  • 2 kudos

Integrating with Redox SSO

Just wanted to jot a few notes down for integrating SSO with Redox Engine.Steps:Create the SSO app in JC and accept the defaultsCheck the "Declare Redirect Endpoint" option - Redox requires thisACS URL: https://auth.redoxengine.com/saml2/idpresponseC...

RNHurt by Novitiate III
  • 418 Views
  • 0 replies
  • 2 kudos

Resolved! Does anyone have any experience with Bitwarden SSO?

We just upgraded our Bitwarden account to allow SSO integration and I'm having a bit of a tough time with it.  There are some docs for the SCIM integration with Bitwarden there is nothing for SAML.  JumpCloud has a "Bitwarden" SAML template so I thou...

RNHurt by Novitiate III
  • 1767 Views
  • 1 replies
  • 0 kudos

Sentinel One and windows 11

I create a command in jumpcloud can install sentinel one on Windows 10 it does not need admin right for it to work.Now SentinelOne tell me that in Windows 11 this no longer the case I find it hard to believe that. But I figure I reach out to ask this...

Franco by Novitiate II
  • 1654 Views
  • 1 replies
  • 0 kudos

DHCP and DNS without a Domain Controller

The question of how to handle DCHP and DNS without a domain controller comes up during migrations to cloud directories. The answer is there are alternatives, and the DHCP server role shouldn't installed be on a DC anyway. This brings back a few harro...

JCDavid by Iron I
  • 2057 Views
  • 0 replies
  • 0 kudos

(How to) Get Passwords out of Your Browser

John Hammond, of Huntress fame, published a video detailing how it's possible to recover, decrypt and reveal passwords from Chrome. The attack vector will also work for Firefox. It requires access to an endpoint, so don't be too alarmed when you read...

JCDavid by Iron I
  • 905 Views
  • 0 replies
  • 0 kudos

JumpCloud logs to SentinelOne XDR

We use SentinelOne EDR and I just found out that we have XDR data ingestion with our plan, but are not using.  We can send pretty much any types of logs (so they say ...) to the XDR. Has anyone been sending their JumpCloud logs to SentinelOne XDR?   ...

SlimJim by Novitiate I
  • 654 Views
  • 0 replies
  • 0 kudos

Wazuh SIEM x JumpCloud

Hi Community ,Since JumpCloud does not notify on Directory Insights logs, Directory Insights can be integrated with any third-party SIEM tool as we already know.Wazuh is a free and open-source security platform that unifies XDR and SIEM protection fo...

Wazuh-Dashboard-JC.png