February 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary A remote attacker was able to breach a water treatment facility in an attempt to poison the water supply. The facility was running Windows 7, using shared passwords, Teamviewer for remote access and had no firewall in place. Thankfully, the attack was thwarted. Additional information is available here and here.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're able to share more.Quite a few of you noticed some changes that we're making to the MyIT systems including the ability to push critical updates (like…
Read More

January 2021 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary Happy New Year. We hope that you were able to enjoy time with family, friends and loved ones over the holidays and that you're doing well in the New Year.Microsoft is getting the year off to a rough start, patching 80 vulnerabilities including one that is being actively exploited.Ubiquiti noted Monday that it had "…became aware of unauthorized access to its systems hosted by a third-party cloud provider…". Adobe Flash Player is officially end of life.We are excited to announce that we will be looking into more / different / better ways to interact with you over the coming weeks and months. I don't have a lot of details available to share at the moment but announcements will be made on our website and mailing list as we're…
Read More

December 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary We will be closed Thursday, 24 December and Friday 25 December to celebrate Christmas with family and friends. We will be closed on Friday, 1 January 2020 for New Years Day.Probably the biggest news for December (so far, 2020 isn't over yet) is what looks to have been a very successful compromise of SolarWinds with impacts reaching both far and wide including the Department of Energy, National Nuclear Security Administration, Treasury and a who's who of other critical infrastructure and large enterprise. There's additional information from FireEye here and Krebs here but, short term, removing anything related to SolarWinds immediately would likely be a good plan. Microsoft patched 58 vulnerabilities this month with only nine listed (by both Microsoft and SANS) as critical and none currently being actively…
Read More

November 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary We will be closed Thursday, 26 November 2020 and Friday, 27 November 2020 to celebrate Thanksgiving with family and friends. We are currently beta testing our device to tether your office network to your mobile phone / hotspot to provide emergency / backup Internet access to your office network. We hope to have a production version available mid December.Microsoft patched 112 vulnerabilities this month, tipping the 100 vulnerabilities in a month scale again. One update, rated as Important by Microsoft, is being chained with a Google Chrome vulnerability and exploited in the wild. Microsoft patched 112 vulnerabilities this month, 17 were classified [by Microsoft] as CRITICAL, 93 rated important and 2 rated moderate. One vulnerability patched this month , CVE-2020-17087, is rated by Microsoft as important but is…
Read More

October 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary The US Treasury Department released an interesting advisory earlier this month suggesting they were prepared to file civil charges against the victims of ransomware who pay the ransom and anyone offering material support.Microsoft released patches for 87 vulnerabilities this month, making it the first month in 8 with less than 100 (and the first in 5 with less than 120).Twelve of this months patches address vulnerabilities considered by Microsoft to be critical.Adobe released a patch for a critical vulnerability in Flash Player that affects Windows, Apple / Mac, Linux and ChromeOS. Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include…
Read More
June 2020 News & Updates

June 2020 News & Updates

Industry News, Monthly Newsletters, Tech news
Executive Summary Criminals continue to take advantage of remote workers connecting to work resources via home networks with (often) lax security controls. In many cases, these unprotected home networks that are connected via VPN connections back to the office are giving attackers an opportunity to completely bypass the corporate firewall.Based on number of bugs patched, June 2020 marks Microsoft's largest Patch Tuesday to date with 129 (or 130, depending on who you ask) bugs patched, with 115 in March 2020 and 113 in April 2020 pulling a close second and third.Adobe released significant security updates for Flash Player and Framemaker that could allow an attacker remote access to vulnerable systems.Windows 7 and Windows Server 2008 are now six months out of support from Microsoft, meaning they are no longer being…
Read More

May 2020 News & Updates

CTC NEWS, Monthly Newsletters
Executive Summary COVID-19 Response - The health and safety of our team, our clients and our business partners is of paramount importance to us at Cyber Tech Cafe.  We are still offering on-site service, however, we have a number of clients who have opted for remote support only for a time to minimize the risk of spreading the virus.  We will continue to monitor and heed the recommendations of the CDC and other subject matter experts on this topic and will post any policy changes to our website and social media pages.  Our thoughts and prayers go out to those affected by this virus and to those working so diligently to fight it.We are still seeing Windows 7 and Windows Server 2008 Servers in use.  It's important to note that…
Read More