- We’re Hiring – If you or someone you know is looking for an entry level IT Support position with a growing company, send them our way. Additional information and an online application is available here.
- DC770 – Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson’s restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org . Our speaker for the September meeting has been published by Brian Krebs, The Guardian and the BBC and has an Apple Zero Day under his belt.
Microsoft – Microsoft reported 60 bugs, 19 of which were classified [by Microsoft] as critical with the remaining 41 rated important, moderate or low. Included in the barrage of updates were patches for two zero days, CVE-2018-8373 and CVE-2018-8414, both of which can lead to Remote Code Execution.
Adobe – Adobe released five bulletins addressing vulnerabilities ranging from low to critical and impacting most of their supported products and all supported platforms.
Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc.).
Java / Oracle – The latest update for Java is Version 8 Update 181, released on 17 July 2018.
Java is a tool that’s widely used by banks, online service providers and even security companies for SSL VPN connections. Java’s ‘official’ release cycle is approximately quarterly but Java updates have been ‘fast and furious’ in recent months. It’s worth noting again that, if you don’t absolutely need Java on your computer, it’s not a bad idea to remove it altogether.
Security News, Sponsored by Piratica – Security and compliance are often two very different things. Being secure doesn’t necessarily mean that you’re compliant and, being compliant often doesn’t mean that you’re secure. We see this a lot in the area of data protection and put together this article to try to shed some light on the topic.
The response to our free vulnerability scan has been overwhelming. More overwhelming though has been the organizations that took advantage of the free scan, found vulnerabilities (exposed servers, unpatched firewalls, thought-to-be retired Remote Desktop servers and more) and addressed them. To that end, we are happy to extend the free vulnerability scan (we haven’t set an end date yet). If you would like to take advantage of this free scan, complete the request form on our website.
Piratica is a risk management firm. We work with client organizations to help them identify and understand the risks to their organizations so that those metrics can be incorporated into the organizations overall security strategy. We believe that the first step in any solution is to correctly and completely identify the problem. Additional information is available on our website, Facebook and Twitter or via our free weekly email newsletter (signup available on our website here).
These updates will be automatically reviewed, approved and installed for MyIT Customers. If you would like more information about the Cyber Tech Cafe MyIT services for your business, please let us know. The Cyber Tech Cafe MyIT services are available in three different levels (Bronze, Silver and Gold) and can provide updates only (Bronze), updates and proactive network auditing and monitoring (Silver) or updates, proactive auditing and monitoring and up to 10 hours of priority support at a significantly discounted rate (Gold). Pricing is based on the number of physical locations, servers and workstations that you have.