January 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Windows 11 is Here - Microsoft is wasting no time getting it's new flagship desktop operating system Windows 11 rolled out to (often) unsuspecting Windows 10 users. If you find yourself the recipient of an unexpected / involuntary upgrade to Windows 11, How-To Geek has put together an excellent article on downgrading back to Windows 10.The MyIT Program is proving to be a huge win for clients who are signing up for or renewing their Ransomware / Cyber Insurance plans. The MyIT Program is designed to address those important (but, sometimes, not as urgent) issues that seem to go undone until there's a problem (like testing your backup before a ransomware attack). In many cases, the regular maintenance items addressed by the MyIT Silver program address all of these (and…
Read More

November 2021 News and Updates – The Holidays are Upon Us

CTC NEWS, Industry News, Monthly Newsletters, Tech news
The November "Patch Tuesday" updates are often the last "big push" before the holidays with many shops preparing to take time off over the next several weeks. These often unattended systems can be a tempting and lucrative target for attackers, making it even more important to make certain that any and all available updates have been applied to everything from the workstations to the firewalls. The upcoming holiday season is also prime season for other criminal activity like porch pirating, charity and phishing scams. If you'll be having packages delivered when you aren't home, it may be worth asking a trusted neighbor to watch for delivery (and then grab the package), getting a temporary mailbox (PO Box, UPS Store, etc.) or investing in one of the doorbell cameras to safeguard…
Read More

October 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Microsoft and Apple (oddly enough) released updates to bugs that are being actively attacked. Adobe released updates to a number of products including Reader, Acrobat, Commerce and Connect.The MyIT Program is proving to be a huge win for clients who are signing up for or renewing their Ransomware / Cyber Insurance plans. The MyIT Program is designed to address those important (but, sometimes, not as urgent) issues that seem to go undone until there's a problem (like testing your backup before a ransomware attack). In many cases, the regular maintenance items addressed by the MyIT Silver program address all of these (and more). Two things that really set the MyIT Program apart from other MSP type offerings is that a) there is no term agreement, cancel at any time and…
Read More

September 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary Lots going on in September including updates from the usual suspects (Microsoft and Adobe) but also a couple of significant releases from Apple and Chrome this month. Test your backup - Many organizations, especially in the wake of so many ransomware attacks, have implemented backups. Few though think to test those backups to make sure that they're working. Simply restoring something from the backup to make certain that a) the backup is running and b) you can recover what it's backing up is usually sufficient. If you don't have a backup or aren't sure when the last time it was tested (if ever) was, we'd love to help. A monthly test of your backup is included as part of all of our MyIT Plans.Cyber Risk Insurance - If…
Read More

June 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary So far, June 2021 is a bit of a reprieve from the massive oil pipeline breach that we were looking at this time just a month ago. That said, there are a couple of things to keep your eyes on. Threat actors, including nation states, are targeting vaccine and virology organizations as well as pharmaceutical companies. If you're in these verticals or do business with these verticals (supply chain, customers, etc.), be on the lookout for targeted attacks.Multiple significant bugs patchedMicrosoft patched six zero-day vulnerabilities, including a Remote Code Execution (RCE) vulnerability and a privilege escalation vulnerability that are being actively exploited in the wild.Threat actors are evolving - According to this article, the bad guys seem to be doing a better job of applying lessons learned to…
Read More

May 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary May 2021 is proving to be a busy month (already) from a technology perspective. Between massive ransomware attacks on critical infrastructure (and $5M USD ransoms paid) to newly patched wormable vulnerabilities (that could easily be weaponized and used against other critical infrastructure targets) to the latest Windows Feature Release, IT Pros have certainly been tested. Regular site visits return - When we saw the potential for a fuel shortage and the subsequent rush on gas stations, we halted all non-critical site visits. With the fuel supply stabilizing, I'm happy to report that site visits are back to normal.Enhanced Patch Management - Cyber Security impacting the physical world - We have two cases where cyber attacks had real world impacts on the physical worldColonial Pipeline Breach - Details are…
Read More

March 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary A number of Windows Users, after installing the latest security updates, found that they were unable to print. In some cases, the symptom was simply that blank pages were printed and in some cases the computers would blue screen (crash) or freeze (requiring a power cycle). Additional information is available here.Four zero day vulnerabilities were published and publicly exploited in Microsoft Exchange servers including Exchange Server 2013, 2016 and 2019. The vulnerabilities were used extensively to target and attack US targets including healthcare, government and more. Additional information is available here.Microsoft's Azure Platform (Azure AD, AAD) suffered a pretty significant outage on 15 March starting at apparently 19:15 UTC and finally ending at approximately 09:37 UTC on the following day. Impacted users were unablet o access Azure resources…
Read More

February 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary A remote attacker was able to breach a water treatment facility in an attempt to poison the water supply. The facility was running Windows 7, using shared passwords, Teamviewer for remote access and had no firewall in place. Thankfully, the attack was thwarted. Additional information is available here and here.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're able to share more.Quite a few of you noticed some changes that we're making to the MyIT systems including the ability to push critical updates (like…
Read More

January 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary Happy New Year. We hope that you were able to enjoy time with family, friends and loved ones over the holidays and that you're doing well in the New Year.Microsoft is getting the year off to a rough start, patching 80 vulnerabilities including one that is being actively exploited.Ubiquiti noted Monday that it had "…became aware of unauthorized access to its systems hosted by a third-party cloud provider…". Adobe Flash Player is officially end of life.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're…
Read More