June 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary So far, June 2021 is a bit of a reprieve from the massive oil pipeline breach that we were looking at this time just a month ago. That said, there are a couple of things to keep your eyes on. Threat actors, including nation states, are targeting vaccine and virology organizations as well as pharmaceutical companies. If you're in these verticals or do business with these verticals (supply chain, customers, etc.), be on the lookout for targeted attacks.Multiple significant bugs patchedMicrosoft patched six zero-day vulnerabilities, including a Remote Code Execution (RCE) vulnerability and a privilege escalation vulnerability that are being actively exploited in the wild.Threat actors are evolving - According to this article, the bad guys seem to be doing a better job of applying lessons learned to…
Read More

May 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary May 2021 is proving to be a busy month (already) from a technology perspective. Between massive ransomware attacks on critical infrastructure (and $5M USD ransoms paid) to newly patched wormable vulnerabilities (that could easily be weaponized and used against other critical infrastructure targets) to the latest Windows Feature Release, IT Pros have certainly been tested. Regular site visits return - When we saw the potential for a fuel shortage and the subsequent rush on gas stations, we halted all non-critical site visits. With the fuel supply stabilizing, I'm happy to report that site visits are back to normal.Enhanced Patch Management - Cyber Security impacting the physical world - We have two cases where cyber attacks had real world impacts on the physical worldColonial Pipeline Breach - Details are…
Read More
But the HIPAA Security Rule doesn’t explicitly say anything about patches and updates!?!?

But the HIPAA Security Rule doesn’t explicitly say anything about patches and updates!?!?

Industry News, Tech news
Technology is a requirement for business and is deeply embedded in modern healthcare. Although no specifics for patch management is available in the HIPAA Security Rule, healthcare providers who fall victim to threats like phishing, malware, ransomware or other cyber criminals may be subject to significant fines if they do not have a documented patch management program in place. Most of the software that powers the technology used in healthcare contains "bugs" that can negatively affect how the software works and create risks to the confidentiality, integrity and availability of the data. These "bugs" are regularly fixed with updates and patches by the manufacturers, but it's generally the users responsibility to test, approve and install these updates and patches. While the HIPAA Security Rule doesn't explicitly detail a patch management…
Read More

March 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary A number of Windows Users, after installing the latest security updates, found that they were unable to print. In some cases, the symptom was simply that blank pages were printed and in some cases the computers would blue screen (crash) or freeze (requiring a power cycle). Additional information is available here.Four zero day vulnerabilities were published and publicly exploited in Microsoft Exchange servers including Exchange Server 2013, 2016 and 2019. The vulnerabilities were used extensively to target and attack US targets including healthcare, government and more. Additional information is available here.Microsoft's Azure Platform (Azure AD, AAD) suffered a pretty significant outage on 15 March starting at apparently 19:15 UTC and finally ending at approximately 09:37 UTC on the following day. Impacted users were unablet o access Azure resources…
Read More

Microsoft Outage (Azure, Microsoft 365, others)

Industry News, Tech news
Microsoft is reporting an outage in the Microsoft 365 ecosystem that's impacting a number of services including Teams, Office (Outlook / email), Xbox Live, the Azure Portal and others. If you are a Microsoft 365 user and are having problems logging into your services, this is the likely issue. The issue is being tracked and updated [by Microsoft] on the Azure Status Page.
Read More

March 2021 Updates are breaking Kyocera, Ricoh, Zebra and other printers

Industry News, Tech news
Windows 10 update KB5000802 is an automatic security update released by Microsoft in March or 2021 (this week). Since the update is a security update and is rated as critical, it is automatically installed in most cases. We have had a number of clients report that, after the update is installed, their computers are crashing as soon as they try to print to Kyocera, Ricoh, Zebra and other printers. In some cases, the users are getting a Blue Screen (BSOD) and in some cases the computers simply freeze. Since the patch is a security update, we are encouraging anyone who has already installed the patch and is not having problems to leave it in place. If you have installed the patch and are experiencing problems printing, removing the patch appears…
Read More

February 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary A remote attacker was able to breach a water treatment facility in an attempt to poison the water supply. The facility was running Windows 7, using shared passwords, Teamviewer for remote access and had no firewall in place. Thankfully, the attack was thwarted. Additional information is available here and here.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're able to share more.Quite a few of you noticed some changes that we're making to the MyIT systems including the ability to push critical updates (like…
Read More

January 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary Happy New Year. We hope that you were able to enjoy time with family, friends and loved ones over the holidays and that you're doing well in the New Year.Microsoft is getting the year off to a rough start, patching 80 vulnerabilities including one that is being actively exploited.Ubiquiti noted Monday that it had "…became aware of unauthorized access to its systems hosted by a third-party cloud provider…". Adobe Flash Player is officially end of life.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're…
Read More

Ubiquiti Breach – Change your password, enable 2FA

Industry News, Tech news
Ubiquiti has been notifying it's customers today (Monday, 11 January 2021) that it had "...became aware of unauthorized access to its systems hosted by a third-party cloud provider...". The notification email was relatively vague (screenshot below) but he point of the email was very clear, change your password and enable 2FA if you haven't already. According to the notification, the data that any potential attackers were able to get was minimal (name, email address, and the one-way encrypted password to your account and address and phone number if you provided it) but, to a skilled attacker, certainly not low value. If you have any Ubiquiti gear deployed, we would recommend taking this opportunity to change the password and enable 2FA. Additional information TechCrunch ArticleKrebs on Secutity
Read More

December 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary We will be closed Thursday, 24 December and Friday 25 December to celebrate Christmas with family and friends. We will be closed on Friday, 1 January 2020 for New Years Day.Probably the biggest news for December (so far, 2020 isn't over yet) is what looks to have been a very successful compromise of SolarWinds with impacts reaching both far and wide including the Department of Energy, National Nuclear Security Administration, Treasury and a who's who of other critical infrastructure and large enterprise. There's additional information from FireEye here and Krebs here but, short term, removing anything related to SolarWinds immediately would likely be a good plan. Microsoft patched 58 vulnerabilities this month with only nine listed (by both Microsoft and SANS) as critical and none currently being actively…
Read More