Closed for 4th of July
Cyber Tech Cafe will be closed on Tuesday, 4 July 2017 in observance of Independence Day to enjoy time with family, friends and loved ones. We will reopen on Wednesday, 5 July 2017 at 9:00am ET.
“Largest Ever” Voter Records Leak Discovered; Approximately 198 Million Records
A poorly or unsecured Amazon Web Services server was the cause for what is being touted as the "largest ever known exposure of voter information to date." The data was stored on an Amazon s3 storage server that is operated by Deep Root Analytics, and the companies Co-Founder, Alex Lundry, has released a statement indicating that they take, "full responsibility for this situation." The data stolen includes voter's name, date of birth, home address, phone number, and voter registration details. Some outlets are even reporting that the information in the leak has predictions on which candidate a particular voter intends to vote for. For more information, check out some links to articles below. More Info: ZDNet UpGuard (Security Research Who Disclosed the Breach)
Official Launch of the new Cyber Tech Cafe Website
I'm excited to announce the official launch of the new Cyber Tech Cafe website. I expect that we'll be making some tweaks and changes over the coming days and weeks to wring out any bugs but welcome your feedback and input.
February Microsoft Updates Delayed till March!
[UPDATE] February Monthly Updates [UPDATE] Microsoft has officially announced that February's updates will be released next month as part of the March regularly scheduled updates. https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/ We strongly recommend that users set a reminder and install the March updates as soon as possible following their March 14th release as there are several known vulnerabilities currently in the wild for several Microsoft products/services. **Cyber Tech Cafe MyIT Customers** To all MyIT customers, Java, Adobe, and other 3rd party software updates will continued to be installed this month as part of your regularly scheduled updates.
Last Minute Delay from Microsoft in February 2017 Updates
Updates Executive Summary - For the first time that I can remember, Microsoft has delayed the monthly updates for February 2017 because of a last minute problem that was discovered in the new process. Additional information is available here but there is no date (yet) for when the updates will be released. Microsoft - (crickets) Microsoft releases regular updates the second Tuesday of each month, often referred to as 'Patch Tuesday'. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or…
January 2017 News and Updates
Updates Executive Summary - 2017 is starting out with a relatively low number of updates with only four bulletins from Microsoft (Edge, Office and Windows [LSA]) and two updates from Adobe (Flash, Acrobat & Reader) but all resolve issues that could allow an attacker full access (remote code execution or RCE) to vulnerable systems. Microsoft - Microsoft released 4 bulletins this month (MS17-001 through MS17-004). The bulletins affect Microsoft Edge (oddly enough, nothing mentioned about Internet Explorer), Microsoft Office, Adobe Flash and an internal component of Windows called LSA (Local Security Authority). The bulletins for Microsoft Office and Adobe Flash Player are rated critical and allow remote code execution (RCE) and the bulletins for Microsoft Edge and LSA are rated important allowing privilege escalation and denial of service respectively. Multiple…
Merry Christmas and Happy New Year from all of us at Cyber Tech Cafe
Cyber Tech Cafe will be closed on Monday, 26 December 2016 to enjoy Christmas and to spend time with family, friends and loved ones. We will re-open on Tuesday, 27 December 2016 during normal business hours and will respond to any non-emergency support requests at that time. If you need emergency support before Tuesday, 27 December 2016, please include the word 'emergency' in the subject line of any email requests. From all of us here at Cyber Tech Cafe, we wish you and yours a Merry Christmas and a Happy New Year. Nathan and Kristy Underwood
December 2016 Updates
Updates Executive Summary - Microsoft released a total of 12 bulletins, half of which are rated critical and most of those can allow an attacker full access to a vulnerable computer remotely (remote code execution, or RCE). As has been the theme of 2016, the first two bulletins address vulnerabilities in Internet Explorer and Edge (Edge is supposed to be a completely separate product from Internet Explorer, but the two seem to share a lot of similar vulnerabilities). Adobe has patched a handful of vulnerabilities in it's product line (including Acrobat, Reader and Flash, most notably) with several of those listed as critical with successful exploitation leading to remote code execution. Microsoft - Microsoft released 12 bulletins this month (MS16-144 through MS16-155). Six of the 12 are rated critical and…
Happy Thanksgiving from Cyber Tech Cafe!!
Happy Thanksgiving from Our Family to Yours!! Cyber Tech Cafe will be closed on Thursday and Friday to celebrate the Thanksgiving holiday and spend time with family and friends. Any non-emergency support requests will be responded to on a first come, first served basis on Monday morning. If you need emergency technical support Thursday through Sunday, our emergency on-call technicians will be available. You can page the emergency on-call technician by including the word 'emergency' in the subject of your email request. Please note that holiday rates will apply.
Adobe released an emergency update to patch a vulnerability currently being exploited in targeted attacks
Emergency patch for Zero Day Vulnerability Under Attack Additional details are available in the linked article below but Adobe has released an update to the Adobe Flash Player that is currently being exploited in targeted attacks. According to the article, the vulnerability is multi-platform and affects Windows (Windows 7, Windows 8, Windows 8.1 and Windows 10 and presumably Windows Server OSs if Flash Player is installed there as well), Mac and Linux. The Flash version affected is 23.0.0.185 and earlier and users with [now] out-of-date versions should update to 23.0.0.205 as soon as possible. Cyber Tech Cafe MyIT customers will be protected after their next computer reboot. Others should navigate to the Adobe Security page for additional information on the update and to download and install. ThreatPost Article - https://threatpost.com/adobe-patches-flash-zero-day-under-attack/121567/…