February 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary A remote attacker was able to breach a water treatment facility in an attempt to poison the water supply. The facility was running Windows 7, using shared passwords, Teamviewer for remote access and had no firewall in place. Thankfully, the attack was thwarted. Additional information is available here and here.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're able to share more.Quite a few of you noticed some changes that we're making to the MyIT systems including the ability to push critical updates (like…
Read More

January 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary Happy New Year. We hope that you were able to enjoy time with family, friends and loved ones over the holidays and that you're doing well in the New Year.Microsoft is getting the year off to a rough start, patching 80 vulnerabilities including one that is being actively exploited.Ubiquiti noted Monday that it had "…became aware of unauthorized access to its systems hosted by a third-party cloud provider…". Adobe Flash Player is officially end of life.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're…
Read More
Happy New Year

Happy New Year

CTC NEWS
All of us here at Cyber Tech Cafe would like to wish you a Happy New Year! We will be closed Friday, 1 January 2021 to celebrate with friends and family. We will reopen to normal business hours on Monday, 4 January 2021. All non emergency issues will be handled Monday morning on a first come, first served basis. In case of an emergency we will have an on-call technician available. We ask if it is an emergency that you put 'emergency' in the subject line of the email. Please note that any emergency support requests will be billed at our standard holiday rate with a 4 hour minimum. From all of us here at Cyber Tech Cafe, we wish you and yours a Happy New Year. Nathan and Kristy…
Read More

December 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary We will be closed Thursday, 24 December and Friday 25 December to celebrate Christmas with family and friends. We will be closed on Friday, 1 January 2020 for New Years Day.Probably the biggest news for December (so far, 2020 isn't over yet) is what looks to have been a very successful compromise of SolarWinds with impacts reaching both far and wide including the Department of Energy, National Nuclear Security Administration, Treasury and a who's who of other critical infrastructure and large enterprise. There's additional information from FireEye here and Krebs here but, short term, removing anything related to SolarWinds immediately would likely be a good plan. Microsoft patched 58 vulnerabilities this month with only nine listed (by both Microsoft and SANS) as critical and none currently being actively…
Read More

Merry Christmas from Cyber Tech Cafe

CTC NEWS
Cyber Tech Cafe will be closed from Thursday, 24 December 2020 until Monday, 28 December 2020 to celebrate Christmas and to enjoy time with family, friends and loved ones. Any non-emergency support requests will be responded to on a first come, first served basis on Monday, 28 December 2020. If you need emergency technical support Thursday thru Sunday, our emergency on-call technicians will be available. You can page the emergency on-call technician by including the word ’emergency’ in the subject of your email request or using the emergency support telephone option. Please note the holiday rate will apply. From all of us here at Cyber Tech Cafe, we wish you and  yours a very Merry Christmas! Nathan and Kristy Underwood
Read More

November 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary We will be closed Thursday, 26 November 2020 and Friday, 27 November 2020 to celebrate Thanksgiving with family and friends. We are currently beta testing our device to tether your office network to your mobile phone / hotspot to provide emergency / backup Internet access to your office network. We hope to have a production version available mid December.Microsoft patched 112 vulnerabilities this month, tipping the 100 vulnerabilities in a month scale again. One update, rated as Important by Microsoft, is being chained with a Google Chrome vulnerability and exploited in the wild. Microsoft patched 112 vulnerabilities this month, 17 were classified [by Microsoft] as CRITICAL, 93 rated important and 2 rated moderate. One vulnerability patched this month , CVE-2020-17087, is rated by Microsoft as important but is…
Read More

Happy Thanksgiving from Cyber Tech Cafe

CTC NEWS
Cyber Tech Cafe would like to wish everyone a Happy Thanksgiving! We will be closed on Thursday, 26 November 2020 and Friday, 27 November 2020 to celebrate the Thanksgiving holiday with family and friends. Any non-emergency support requests will be responded to on a first come, first served basis on Monday, 30 November 2020. If you need emergency technical support Thursday thru Sunday, our emergency on-call technicians will be available. You can page the emergency on-call technician by including the word 'emergency' in the subject of your email request or using the emergency support telephone option. Please note the holiday rate will apply. From all of us here at Cyber Tech Cafe, we wish you and  yours a Happy Thanksgiving! Nathan and Kristy Underwood
Read More

In an emergency, use the mobile hotspot on your phone to get Internet for your office

CTC NEWS, Tech news
With the recent bad weather that moved through the southeast from Tropical Storm Zeta, we and a number of our customers, were without Internet for an extended period of time. We and many of our customers depended on our Internet connection for things like email, Point of Sale (POS) systems, etc., so the Internet outage was crippling. In some cases, the ISP has a wireless backup option but a) there was an additional monthly cost and b) it wasn't immediately available. As a work around at our office, we built a small device (based on our Network Ninja) that connected a mobile phone and our firewall and, using the phone's mobile hotspot, got the office Internet access for all of our computers and VoIP phones. It worked very well and,…
Read More

October 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary The US Treasury Department released an interesting advisory earlier this month suggesting they were prepared to file civil charges against the victims of ransomware who pay the ransom and anyone offering material support.Microsoft released patches for 87 vulnerabilities this month, making it the first month in 8 with less than 100 (and the first in 5 with less than 120).Twelve of this months patches address vulnerabilities considered by Microsoft to be critical.Adobe released a patch for a critical vulnerability in Flash Player that affects Windows, Apple / Mac, Linux and ChromeOS. Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include…
Read More

Interesting advisory from the Treasury Dept. regarding ransomware

CTC NEWS, Industry News, Tech news
If you are a potential ransomware victim, an insurance company who provides ransomware protection, an IT Services provider or financial institution who may provide services to a ransomware victim, the latest advisory from the U. S. Treasury Department suggesting that you may be subject to civil penalties if you pay, recommend paying or facilitate the payment of a ransom may be worth a read. The U.S. Department of the Treasure's Office of Foreign Assets Control (OFAC) released an advisory on 1 October 2020 that suggests that it can and may pursue civil penalties against victims of ransomware who pay the ransom as well as third parties who recommend or facilitate ransomware payments. I've linked the advisory below and have copy / pasted some of the pertinent sections of the advisory…
Read More