- DC770 – Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson’s restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org . Our speaker for the November meeting is the world famous TBD.
Microsoft – Microsoft reported 79 vulnerabilities, 12 of which were classified [by Microsoft] as CRITICAL with the remaining 67 rated important, moderate or low. Not to be outdone by last month’s update debacle, Microsoft continues its update woes with reports of non functioning audio, default app bugs, broken Windows Media Player and more. Read more about it.
Additional details on Windows Updates are available Here, Here, and Here.
Adobe – Adobe released six (5) bulletins addressing vulnerabilities ranging from low to critical and impacting most of their supported products and all supported platforms.
Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc.).
Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.
Java / Oracle – The latest update for Java is Version 8 Update 191, released on 16 October 2018.
Java is a tool that’s widely used by banks, online service providers and even security companies for SSL VPN connections. Java’s ‘official’ release cycle is approximately quarterly but Oracle is notorious for out of band updates. It’s worth noting again that, if you don’t absolutely need Java on your computer, it’s not a bad idea to remove it altogether.
Additional details are available from Oracle here.
Security News, Sponsored by Piratica – Security and compliance are often two very different things. Being secure doesn’t necessarily mean that you’re compliant and, being compliant often doesn’t mean that you’re secure. We see this a lot in the area of data protection and put together this article to try to shed some light on the topic.
The response to our free vulnerability scan has been overwhelming. More overwhelming though has been the organizations that took advantage of the free scan, found vulnerabilities (exposed servers, unpatched firewalls, thought-to-be retired Remote Desktop servers and more) and addressed them. To that end, we are happy to extend the free vulnerability scan (we haven’t set an end date yet). If you would like to take advantage of this free scan, complete the request form on our website.
Piratica is a risk management firm. We work with client organizations to help them identify and understand the risks to their organizations so that those metrics can be incorporated into the organizations overall security strategy. We believe that the first step in any solution is to correctly and completely identify the problem. Additional information is available on our website, Facebook and Twitter or via our free weekly email newsletter (signup available on our website here).
These updates will be automatically reviewed, approved and installed for MyIT Customers. If you would like more information about the Cyber Tech Cafe MyIT services for your business, please let us know. The Cyber Tech Cafe MyIT services are available in three different levels (Bronze, Silver and Gold) and can provide updates only (Bronze), updates and proactive network auditing and monitoring (Silver) or updates, proactive auditing and monitoring and up to 10 hours of priority support at a significantly discounted rate (Gold). Pricing is based on the number of physical locations, servers and workstations that you have.