05Jun 2020 by nathan

Serious flaw in Microsoft Windows – CISA recommends patch now

Industry News, Tech news
The Cybersecurity and Infrastructure Security Agency (CISA) has released a warning that Proof of Concept (PoC) code has been published to exploit a vulnerability in Windows that can be executed remotely, is wormable and can give an unauthenticated attacker full SYSTEM level privileges on unpatched systems.  It is reasonable to assume the PoC code will be weaponozed very quickly if it has not been already. Microsoft released an update on March of 2020 to patch this vulnerability and organizations are encouraged to patch now if they have not already. This vulnerability also underscores the need for organizations to block and log inbound and outbound SMB traffic between their internal network(s) and the Internet. If you do not have a patch management system or would like information on how Cyber Tech…
Read More
27May 2020 by nathan
Phishing Emails. What to look for to protect yourself, your team and your organization.

Phishing Emails. What to look for to protect yourself, your team and your organization.

CTC NEWS, Industry News, Tech news
Phishing has long since been a go-to for the bad guys as an easy way to get malware on or access to victim computers. The trick for the bad guy / attacker is to make the email look like something legitimate and trigger some sort of fear response. The trick for the good guy / target is to be able to spot the scam, and that's the point of this quick post. The email below is one that I just received that's trying to get me to click on a link to confirm my email address. Let's take a look. In the email above, the goal of the attacker is to get the target to click the link to 'prove your email account ownership'. The email looks real enough. It…
Read More
17Apr 2020 by nathan
Beware, fake ransomware attacks are making the rounds again.

Beware, fake ransomware attacks are making the rounds again.

CTC NEWS, Industry News, Tech news
Don't get me wrong, there are still tons of legitimate ransomware attacks circulating about but the fake ones seem to ebb and flow as well. Below is an email that we received this morning. The domain is one that's legitimately ours but a) it's unused and b) there's no database there. So, it's a complete farce but it's an excellent opportunity to highlight some key things to watch out for to protect yourself. If you get a similar email (these tend to be pretty boilerplate), know that it's likely false. Another popular pretext is that some random attacker has caught you in 'compromising positions' or watching 'illicit material'. The email is regarding an unused domain.Since the domain name is unused, there's no database there for the attackers to have download.The…
Read More
08Apr 2020 by nathan

Apparent phishing campaign spreading Kryptik trojan

CTC NEWS, Industry News, Monthly Newsletters, Tech news
We are seeing a surge in phishing attacks attempting to spread the Kryptik trojan. Currently, both Fortinet and ESET are successfully identifying and blocking the trojan but the phishing campaign seems to be widespread (we're seeing it in clients nationwide) and indiscriminate (we're seeing it in finance, manufacturing, medical and others). Attackers appear to be trying to leverage the fact that many people are working from home on less protected networks than they normally are. Additional information on Kryptik can be found below.
Read More
06Apr 2020 by nathan

Cyber Tech Cafe Remote Only Support Extended

CTC NEWS, Industry News
As an IT Service Provider, we have been deemed essential by the Cyber Security and Infrastructure Security agency (CISA) and are continuing to provide a full range of remote and on-site services to our medical, healthcare and critical infrastructure customers and will continue to do so as long as we can. To help protect the health and well being of our team and customers, we will continue to keep the office closed except for pick-up and drop-off by appointment only and focusing on remote only support for all non medical, healthcare and critical infrastructure customers. Our business hours will remain the same (Monday through Friday, 9:00am until 5:00pm ET and 8:00am until 5:00pm for MyIT customers) and all contact methods (telephone, email, website and regular postal mail) will remain the…
Read More
27Mar 2020 by nathan
Temporary Closure Extended through 3 April.

Temporary Closure Extended through 3 April.

CTC NEWS, Industry News, Tech news
Thank you to all of our customers who have continued to support us through these unusual times and thank you to our team for all of your hard work and dedication. As I noted earlier, the health and well being of our team and our customers is of paramount importance to Kristy and me. At this time, we are extending the temporary office closure as well as the temporary suspension of site visits (excluding medical / health care) and will continue providing remote support via email, telephone and remote assistance. We will review conditions again next Friday and will post updates here and on our Facebook page. We will continue providing remote support to all of our current customers as well as new customers. Remote support includes not only email…
Read More
20Mar 2020 by nathan

Bad guys seizing opportunity to attack remote workers

CTC NEWS, Industry News, Tech news
With the surge in people working from home and often no longer having the protection of the corporate firewall or their peers to warn them of mass phishing emails and the like, we are seeing a surge in social based attacks like phishing and phone based tech support scams. Below are some quick things to keep in mind. Have a well communicated process for anything that involves money. One of the types of attacks that we're seeing is the 'money mule' attack, where the attacker tries to leverage an emergency need from an authority figure (CxO, Finance, Owner, etc.) to someone with access to funds to transfer money quickly. Make certain that you have a way to absolutely authenticate a request to transfer funds before doing so. Some examples would…
Read More
17Mar 2020 by nathan

Remote Workforce Support

CTC NEWS, Industry News, Tech news
We have seen a surge in the number of people opting to and / or being forced to work remotely in an effort to mitigate the spread of the COVID-19 outbreak. If your company needs to or is having trouble implementing secure remote work capabilities, we have extensive experience in this area and we are happy to help. If you have an existing IT Support / Staff that just needs some recommendation or direction, we're happy to assist. If you don't have an IT Support / Staff or your IT Support / Staff doesn't have the resources or expertise to implement secure remote work solutions, we are also happy to help there too.
Read More
14Mar 2020 by nathan

March 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
  Executive Summary COVID-19 Response - The health and safety of our team, our clients and our business partners is of paramount importance to us at Cyber Tech Cafe.  We are still offering on-site service, however, we have a number of clients who have opted for remote support only for a time to minimize the risk of spreading the virus.  We will continue to monitor and heed the recommendations of the CDC and other subject matter experts on this topic and will post any policy changes to our website and social media pages.  Our thoughts and prayers go out to those affected by this virus and to those working so diligently to fight it. Microsoft released patches for at least 115 vulnerabilities, including 26 that are rated as critical and…
Read More
11Dec 2019 by nathan

December 2019 News and Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary The December 2019 updates include a number of important updates from Microsoft and Adobe including a number of zero day vulnerabilities that are being actively exploited by threat actors. Organizations evaluate the updates and patch vulnerable systems as soon as feasible. These updates also mark the next-to-the-last updates available for Windows 7 and Windows Server 2008. News Holiday Schedule - Cyber Tech Cafe will be closed for Christmas and New Year to enjoy time with friends, family and loved ones. Any support requests received during the holiday will be prioritized and responded to on the next business day.Christmas - Closed Tuesday, 24 December and Wednesday, 25 December.New Year - Closed Wednesday, 1 January 2020.DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group…
Read More