22Jul 2024 by nathan
After Action Report – CrowdStrike

After Action Report – CrowdStrike

Industry News, Tech news
As many of you know, an issue with an update to CrowdStrike, a security platform installed on literally millions (if not billions) of computers worldwide, caused a global IT Outage on Friday and many organizations (and IT workers) are still feeling the sting of that outage today. The root issue appears to have been a bad configuration update from CrowdStrike that prevented affected systems from booting. We are thankful that none of our clients were directly impacted but the incident provides an excellent opportunity to "sharpen the saw" and update our internal processes. In this email, I'd like to quickly summarize what happened, some key things that we took away from the incident and some changes that we're making in as a result. What happened? CrowdStrike released a corrupt configuration…
Read More
10Jul 2024 by nathan

July 2024 News and Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Client Forms - In an effort to make requesting support easier for common tasks (onboarding and offboarding users, for example), we are launching a number of forms that clients can use to request support. Links to the forms are located at the top of our website under Client Forms. Windows Recall - We received a surprising amount of feedback on the blurb about Windows Recall in last months newsletter and, not surprisingly, literally none of it was positive. The common thread in all of the feedback was basically what are the alternatives? We don't really have a plan, just yet, but we do have some ideas. Expect more on this next month and, if you're concerned about Windows Recall for whatever reason (privacy, regulatory compliance, etc.), keep an eye out…
Read More
25Jun 2024 by nathan

Please update your FortiGate

Industry News, Tech news
What is this about? In February of this year, Fortinet disclosed multiple vulnerabilities in the FortiOS firmware, the operating system for their entire line of products. The vulnerability was highly publicized by Fortinet, The U.S. Cybersecurity and Infrastructure Security Agency (CISA), news outlets, message boards and on social media and we reached out directly to all of our MyIT Clients. The vulnerability is significant because it's position in a network, often running on the Internet facing firewall protecting that network from Internet borne threats, means it's exploitable from anywhere on the Internet and successful exploitation could give an attacker full access to a vulnerable device. It's also important to note that state sponsored threat actors are known to favor (and target) these types of vulnerabilities. What do I need to…
Read More
21Jun 2024 by nathan

CDK Breach – Threat actors now contacting CDK customers directly.

CTC NEWS, Tech news
We are working with a number of clients who have been impacted by what is, I believe, now officially being referred to publicly by CDK as an attack and, specifically, multiple attacks. This latest development (the threat actors are reaching out to CDK Customers directly) confirms that there was data, at the very least customer lists and contact info, taken during the attack. Details are sketchy and there are a lot of moving parts behind the scenes so this post will be a) short, b) in no particular order and c) vague but there are a number of common questions / concerns / comments that we're getting that I'm hoping to address with this post. For those who don't know who CDK is or why this may be important, CDK…
Read More
14Feb 2024 by nathan

February 2024 News and Updates

CTC NEWS, Industry News, Tech news
We're Moving Cyber Tech Cafe will be moving our office to 319 North Tennessee Street, Cartersville GA on 15 March 2024. Our mailing address will remain the same. Urgent Update from Fortinet - Fortinet disclosed on 8 February 2024 a significant vulnerability in basically their entire firewall product line. The vulnerability can allow an attacker with access to the VPN interface on the affected device the ability to run code on the device. According to reports, the vulnerability is being actively exploited in the wild. If you are a MyIT Client, you should have received an email on Tuesday with details on the vulnerability and, in most cases, your firewall has already been updated. If you are not a MyIT Client, we would recommend installing the update immediately if at…
Read More
15Nov 2023 by nathan

November 2023 News and Updates

CTC NEWS, Monthly Newsletters, Tech news
End of Life for Windows Server 2012 - October was the last month of updates, including bug fixes, security updates, etc., for Microsoft Windows Server 2012. If you still have Windows Server 2012 installed in your environment, Microsoft strongly recommends making plans to decommission it as soon as possible. Changes to the MyIT Program - We are in the process of making some changes to the MyIT Program that we're pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related to communications. There will be some changes to the monthly report as well as some reminders about systems that may need extra attention. More on this to come but we're excited about the opportunity to provide more value to our MyIT Customers! 2023…
Read More
12Oct 2023 by nathan

October 2023 News & Updates

CTC NEWS, Monthly Newsletters, Tech news
End of Life for Windows Server 2012 - This will be the last month of updates, including bug fixes, security updates, etc., for Microsoft Windows Server 2012. If you still have Windows Server 2012 installed in your environment, Microsoft strongly recommends making plans to decommission it as soon as possible. Changes to the MyIT Program - We are in the process of making some changes to the MyIT Program that we're pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related to communications. There will be some changes to the monthly report as well as some reminders about systems that may need extra attention. More on this to come but we're excited about the opportunity to provide more value to our MyIT Customers!…
Read More
04Oct 2023 by nathan

Quickbooks Update Scam

Tech news
We often get emails forwarded from customers (and soon to be customers :) ) that they get from scammers and suspected scammers and I often wonder just how many folks actually fall for the scam. We got one today that is a perfect example of what to look for if you suspect you're looking at a scam email and, at the same time, how to put together a really bad phishing email. So, starting at the top, the domain name intuitquickbookssupports.com. A quick search at CentralOps confirms that this domain name was just registered in January of this year and that it's registered at GoDaddy. Looking up intuit.com on the same site confirms that that's not where Intuit registers their domain names. Moving on down to the grammar of the…
Read More
22Sep 2023 by Brey Shaw

September 2023 News & Updates

CTC NEWS, Monthly Newsletters, Tech news
Updates to Policies and Procedures - We've made some slight changes to our Policies and Procedures and posted them here. Upcoming End of Life for Windows Server 2012 - In October 2023, Microsoft will be ending support for it's Windows Server 2012 operating system, meaning anyone currently using Windows Server 2012 will need to make plans to replace it before October. Changes to the MyIT Program - We are in the process of making some changes to the MyIT Program that we're pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related to communications. There will be some changes to the monthly report as well as some reminders about systems that may need extra attention. More on this to come but we're excited…
Read More
15Aug 2023 by Brey Shaw

August 2023 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
We will be closed on Monday, 4 September 2023 to enjoy the Labor Day holiday with friends, family and loved ones and will reopen during normal business hours on Tuesday, 5 September 2023.  Emergency support will be available for our commercial and MyIT clients.  If you need emergency support on Monday, simply include the word 'emergency' in the subject of your email to help@ctc.co or by noting it in your voicemail at 770.386.8900. Updates to Policies and Procedures - We've made some slight changes to our Policies and Procedures and posted them here. Upcoming End of Life for Windows Server 2012 - In October 2023, Microsoft will be ending support for it's Windows Server 2012 operating system, meaning anyone currently using Windows Server 2012 will need to make plans to…
Read More