January 2023 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
We're currently interviewing for a Tier 1 and Tier 2 Support Tech to join our team. If you'd like more information on joining our team, use our online application available here. Updates to Policies and Procedures - We've made some slight changes to our Policies and Procedures and posted them here. Upcoming End of Life for Windows Server 2012 - In October 2023, Microsoft will be ending support for it's Windows Server 2012 operating system, meaning anyone currently using Windows Server 2012 will need to make plans to replace it before October. Changes to the MyIT Program - We are in the process of making some changes to the MyIT Program that we're pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related…
Read More

November 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Six Zero Day vulnerabilities patched by Microsoft this month, all of which are being actively exploited by threat actors. All MyIT Customers should be updated and protected against all of these vulnerabilities but it is critical to reboot if prompted by the update management tool. Updates to Policies and Procedures - We will be posting our updated policies and procedures to our current Policies and Procedures page in January. Upcoming End of Life for Windows Server 2012 - In October 2023, Microsoft will be ending support for it's Windows Server 2012 operating system, meaning anyone currently using Windows Server 2012 will need to make plans to replace it before October. 2022 Holiday Schedule Thanksgiving - Closing Thursday, 24 November and re-opening for regular business on Monday, 28 November. Christmas &…
Read More

October 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Accepting Applications - We are looking to add a new member to the team and are accepting applications for a Tier 2 Support Position. If you know someone that's got a passion for good customer service, a solid technical pedigree and is looking to work with some of the greatest customers on the planet, definitely send them to our online application here.Multiple zero day vulnerabilities have been addressed by Microsoft this month including (at least) two in Microsoft Exchange that have been actively exploited. Microsoft released updates to fix 84 security vulnerabilities this month including 20 remote code execution vulnerabilities and 13 (including some of the RCE) that it has rated as Critical. Worth noting is that this does not include the 12 patched on 3 October and fixes for…
Read More

Widespread brute force / dictionary attacks overnight

Industry News, Tech news
We received notifications from literally every Internet facing firewall that we have deployed as well as a number of honeypot devices for failed login attempts from an IP Address 45.134.144.200. This IP Address is in the same network (45.134.144.0/24) that we've seen similar traffic from in the past and we have no indication of any legitimate traffic to or from that network in the past 12 months. If you manage one or more networks with Internet connectivity, it may be worth looking into this network range to see if there has been any traffic (or successful logins). For our MyIT clients, we had already blocked a few specific IP Addresses based on similar traffic in the past but are now updating all of our managed firewalls to block the entire…
Read More

July 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Accepting Applications - We are considering adding a new member to the team and are accepting applications for a Tier 2 Support Position. If you know someone that's got a passion for good customer service, a solid technical pedigree and is looking to work with some of the greatest customers on the planet, definitely send them to our online application here.Macros Now Default Enabled - Microsoft reverses course on it's decision to turn off macros by default on untrusted documents. Not a lot of details on why other than "because some people said so" but network admins, systems admins and security admins are left scratching their heads on this one.More Zero Day Vulnerabilities - Microsoft is patching multiple privilege escalation vulnerabilities across it's fleet that, combined with something like a…
Read More

June 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Multiple Zero Day Vulnerabilities - Additional details below in the Microsoft Section but there were technically three critical vulnerabilities this month, one in NFS, one in Hyper-V and one in the Microsoft Diagnostic Tool. Microsoft is (finally) retiring Internet Explorer (IE) - A side impact of this is that Intuit Quickbooks, which has long used (required) the Internet Explorer web browser, now has it's own custom browser. Windows 11 is Here - Microsoft is wasting no time getting it's new flagship desktop operating system Windows 11 rolled out to (often) unsuspecting Windows 10 users. If you find yourself the recipient of an unexpected / involuntary upgrade to Windows 11, How-To Geek has put together an excellent article on downgrading back to Windows 10.The MyIT Program is proving to be a…
Read More

April 2022 News and Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Windows 11 is Here - Microsoft is wasting no time getting it's new flagship desktop operating system Windows 11 rolled out to (often) unsuspecting Windows 10 users. If you find yourself the recipient of an unexpected / involuntary upgrade to Windows 11, How-To Geek has put together an excellent article on downgrading back to Windows 10.Firewall as a Service - We are currently exploring an option to offer what we are calling a "Firewall as a Service" for commercial clients. This would effectively be a way to "rent" a managed firewall for a fixed monthly cost. There would be a nominal install cost as well as a monthly recurring cost to manage the firewall but no term agreement and the customer would not have to purchase the firewall. If you…
Read More

March 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Now Hiring - We are currently looking to hire a Senior Support Specialist to join our team. This is a full time, permanent position and hours are generally Monday through Friday, 8:00am until 5:00pm ET. If you or someone you know would be a good fit for the position, there's an online application available here.Spike in network based attacks - I reported in late February (here) that we were seeing a spike in attack traffic from IP Addresses registered to Russian and Chinese organizations. We were seeing those attacks across multiple ISPs (Comcast, Charter, AT&T, etc.) and nationwide. The initial attacks seemed focused on brute force attacks against VPN portals. The volume of the attacks has slowed significantly and the targets seem to have widened (we're still seeing brute force…
Read More

Sharp rise in traffic to / from Russian and Chinese IP Addresses

CTC NEWS, Industry News, Tech news
One of the services that's included in all of our MyIT plans is a weekly review of the clients firewall logs. This tends to be a win / win for us and the customer because it gives the customer an additional layer of security for their environment and it gives us a very broad view of the threat landscape across a large geographic area and 20+ verticals ranging from construction to manufacturing to finance and entertainment. In most cases, there's a "low rumble" of generic threat traffic across the fleet and maybe a few stand-outs here and there. This week though, we have seen a significant spike in traffic from and to IP Addresses in Russia and China. Much of it has been from appliances like NVR / DVR devices,…
Read More

February 2022 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Firewall as a Service - We are currently exploring an option to offer what we are calling a "Firewall as a Service" for commercial clients. This would effectively be a way to "rent" a managed firewall for a fixed monthly cost. There would be a nominal install cost as well as a monthly recurring cost to manage the firewall but no term agreement and the customer would not have to purchase the firewall. If you are interested in the Firewall as a Service program and / or would like information, let us know.Windows 11 is Here - Microsoft is wasting no time getting it's new flagship desktop operating system Windows 11 rolled out to (often) unsuspecting Windows 10 users. If you find yourself the recipient of an unexpected / involuntary…
Read More