Join us in wishing Rob all the best in his new position

CTC NEWS
Rob Adkerson, a long familiar face for all of our customers, has accepted a position with another company and is no longer affiliated with Cyber Tech Café. Rob is a man of the highest integrity and we have no security concerns as a result of his leaving but, in the interest of due diligence, wanted to let you know. We hope that you’ll join us in wishing Rob all the best in his new endeavor.
Read More

Mail Flow Issues at AppRiver

Industry News, Tech news
AppRiver is aware of and currently working to resolve issues with mail flow resulting in, in some cases, significant delays in mail delivery The issue was initially reported on 13 February 2019 and was believed to have been resolved at that time. Unfortuately, that was not the case and delays have persisted for some clients. The AppRiver team is working on a resolution now and believe that they have identified the cause and a fix that is being tested now. Below is a link to the AppRiver status page with an option to subscribe to updates on the issue. http://status.appriver.com/
Read More

6 April 2019 may be a bad day for GPS

Tech news
Prior to 1 January 2000, the so-called Y2K had everyone on edge about what would happen when the year rolled from 99 to 00 on devices with only two digits to note the year. There was significant preparation and work (and a lot of snake oil sold, imho), but it ended up being a pretty smooth transition and using four digits (instead of two) is now the norm. Not sure what will happen on 31 December 9999 but, honestly, that's not really going to be my problem. All of that said though, it seems that GPS may have a similar issue on 6 April 2019. According to this article, GPS signals from satellites include a ten binary bit timestamp, allowing for a maximum of 1,024 weeks (roughly 20 years). When…
Read More

What does the upcoming end of life for Windows 7 mean to me?

Uncategorized
As many of you may already know, support for Windows 7 and Windows Server 2008 officially ends on 14 January 2020. It may seem like a long way off but now is the time to begin planning your migration. In the interest of brevity, I've tried to be short and to the point below with some quick 'what does this mean' and 'what do I do' points but, if you have any questions or if you'd like for Cyber Tech Cafe to help with your migration, definitely let us know. What does this mean? Microsoft works with it's internal staff as well as it's Bug Bounty program to find vulnerabilities (bugs and other problems) in it's products. They then write updates (fixes) and release updates every month that users can…
Read More
Problems reported with Office365

Problems reported with Office365

Industry News
We have had a number of reports this morning of performance and connection issues with Office365 applications, specifically Outlook. In most cases, the reported issues have been slower than normal performance and outgoing emails getting 'stuck' in the Outbox for an extended period of time. Although the Office365 Status page doesn't record any issues, we confirmed via DownDetector.com that a number of users are reporting issues and they appear to have started around 10:32am ET.
Read More

Critical Update for Adobe Reader and Acrobat

Uncategorized
Adobe has released an out-of-band update to address a critical vulnerability in Adobe Acrobat and Adobe Reader products. This vulnerability affects both Windows and Mac platforms and could allow an attacker remote access to vulnerable systems. Users are encouraged to review their systems and apply the necessary patches. If you are a Cyber Tech Cafe MyIT client, please note that this update has already been applied in your environment. If you would like more information about our MyIT managed services options for your organizations, let us know. Additional information can be found at the US CERT and Adobe websites.
Read More

Email scam claiming your account has been compromised

Uncategorized
Criminals continue to evolve and find new ways to take advantage of unsuspecting targets. One method that seems to be gaining popularity is for these criminals to simply send an email to their target claiming that they're already compromised and then demand a ransom in exchange for not doing more (emailing compromising photos to contacts, etc.). From the criminals perspective, it's much easier (no need to actually 'hack' their target, no need to develop ransomware, etc.) and much safer (other than the email, there's no real trail back to the criminal). From the targets perspective though, as long as they can get past the panic and 'fight or flight' stage, it's much easier to avoid. Below is a screenshot of an email that we received in a honeypot account as…
Read More

Is your network safe while you’re gone for the holidays?

Industry News
I just saw this article about the ordeal a Network / Systems Administrator went through as the result of a ransomware attack. If you're a business owner or Network / Systems Administrator for your organization, here are some quick lessons learned to consider before leaving for the holidays. Lessons Learned Do not expose RDP to the Internet - Remote desktop is a tool that's built into Windows to connect to other Windows computers remotely. It's incredibly convenient way to get remote access to a computer for legitimate users as well as the bad guys. A good rule of thumb, do not expose RDP to the Internet. FortiGate firewalls include both an SSL VPN and a web-based portal that makes accessing RDP over the Internet securely trivial. All of the backups…
Read More

Urgent Update for Windows Users = Zero Day vulnerability in Internet Explorer

Uncategorized
Microsoft has released an update for a zero day vulnerability in Internet Explorer that can grant an attacker full access to a victim computer simply by having the target visit a malicious website. The bug ( CVE-2018-8653) was reported by Google. Cyber Tech Cafe MyIT customers are already patched against the vulnerability. Additionally, signatures for the attack have already been released by ESET and Fortinet as an added layer of protection. Additional Resources Microsoft TechNet - https://blogs.technet.microsoft.com/msrc/2018/12/19/december-2018-security-update-release-2/ESET - https://www.welivesecurity.com/2018/12/20/microsoft-emergency-patch-internet-explorer-zero-day/ThreatPost - https://threatpost.com/microsoft-ie-zero-day-gets-emergency-patch/140185/ https://threatpost.com/microsoft-ie-zero-day-gets-emergency-patch/140185/ Brian Krebs - https://krebsonsecurity.com/2018/12/microsoft-issues-emergency-fix-for-ie-zero-day/
Read More