Category: Uncategorized

It sounds simple but, when it comes to ransomware (and many other types of cyber attacks), those five words will put you head and shoulders above most. Prepare. Know what you have; what's supposed to be there and what's not. Then, protect what's supposed to be there from what's not. Then, just in case something slips by, make sure you have a good disaster recovery plan (that includes off site backups) in place. Patch. Bad guys are going to attack your tech or your people. To attack the tech, they need to find a vulnerability or a miss configuration. Timely installation of manufacturer supplied patches will cut your exposure in half. Having a monthly maintenance plan like Cyber Tech Café’s MyIT Program will help ensure that the supplied patches are…

Executive Summary The Cyber Tech Cafe Managed Services (MyIT) continue to be an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work".  A new version of our website / blogging software brings a new format to these posts, all the same content you know and love with a fresh coat of paint to hopefully make consumption more enjoyable and pleasing. As always, we welcome comments, feedback, concerns, etc. News DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available…

As many of you may already know, support for Windows 7 and Windows Server 2008 officially ends on 14 January 2020. It may seem like a long way off but now is the time to begin planning your migration. In the interest of brevity, I've tried to be short and to the point below with some quick 'what does this mean' and 'what do I do' points but, if you have any questions or if you'd like for Cyber Tech Cafe to help with your migration, definitely let us know. What does this mean? Microsoft works with it's internal staff as well as it's Bug Bounty program to find vulnerabilities (bugs and other problems) in it's products. They then write updates (fixes) and release updates every month that users can…

Adobe has released an out-of-band update to address a critical vulnerability in Adobe Acrobat and Adobe Reader products. This vulnerability affects both Windows and Mac platforms and could allow an attacker remote access to vulnerable systems. Users are encouraged to review their systems and apply the necessary patches. If you are a Cyber Tech Cafe MyIT client, please note that this update has already been applied in your environment. If you would like more information about our MyIT managed services options for your organizations, let us know. Additional information can be found at the US CERT and Adobe websites.

Criminals continue to evolve and find new ways to take advantage of unsuspecting targets. One method that seems to be gaining popularity is for these criminals to simply send an email to their target claiming that they're already compromised and then demand a ransom in exchange for not doing more (emailing compromising photos to contacts, etc.). From the criminals perspective, it's much easier (no need to actually 'hack' their target, no need to develop ransomware, etc.) and much safer (other than the email, there's no real trail back to the criminal). From the targets perspective though, as long as they can get past the panic and 'fight or flight' stage, it's much easier to avoid. Below is a screenshot of an email that we received in a honeypot account as…

Microsoft has released an update for a zero day vulnerability in Internet Explorer that can grant an attacker full access to a victim computer simply by having the target visit a malicious website. The bug ( CVE-2018-8653) was reported by Google. Cyber Tech Cafe MyIT customers are already patched against the vulnerability. Additionally, signatures for the attack have already been released by ESET and Fortinet as an added layer of protection. Additional Resources Microsoft TechNet - https://blogs.technet.microsoft.com/msrc/2018/12/19/december-2018-security-update-release-2/ESET - https://www.welivesecurity.com/2018/12/20/microsoft-emergency-patch-internet-explorer-zero-day/ThreatPost - https://threatpost.com/microsoft-ie-zero-day-gets-emergency-patch/140185/ https://threatpost.com/microsoft-ie-zero-day-gets-emergency-patch/140185/ Brian Krebs - https://krebsonsecurity.com/2018/12/microsoft-issues-emergency-fix-for-ie-zero-day/