Gadgets in Microsoft Sidebar can be a security threat

Uncategorized
The sidebar is enabled by default in most new installations of MS Windows Vista and MS Windows 7.  Microsoft has confirmed potential security issues with this and has issued a fix that disables the Sidebar and Gadgets to mitigate the vulnerability. From the article: "Revision Note: V1.0 (July 10, 2012): Advisory published.Summary: Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables the Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7. Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets. In addition, Gadgets installed from untrusted sources can harm your computer and can access your computer's files, show you objectionable content, or change…
Read More

August 2012 Updates and News

Uncategorized
It's patch time again, and the August 2012 batch promises to be exciting.  Microsoft has 5 bulletins listed as critical and Adobe has an update to Acrobat Reader that's also critical.   Microsoft - The August 2012 Patch Tuesday updates includes 5 bulletins rated as critical and 4 rated as important with 8 bulletins addressing vulnerabilities that can allow remote code execution (the 5 critical can allow remote code execution without user intervention).  The updates seem to cover pretty much every Microsoft software product currently supported but the ones topping the list are all supported versions of Windows (including server), all supported versions of Office, all supported versions of Exchange, all supported versions of SQL Server and all supported versions of Internet Explorer.  It should be understood that any /…
Read More

RBL Bouncing emails

Uncategorized
Everyone, we were just notified that there had been an issue with one of the RBL (realtime blacklists) that we use for managing SPAM.  We have removed the RBL from our SPAM filter, but messages that were rejected were not received.  If you received an error with email sent to any address at Cyber Tech Cafe, please re-send the email.  We apologize for the inconvenience. The RBL appears to have gone down sometime around 6:51PM Eastern time.  The issue was resolved at 10:58PM Eastern time.
Read More

Rumors that Samsung may be ‘interested’ in RIM. Samsung responds quickly to nip rumor in the bud.

Uncategorized
It's no secret that Samsung has a good (great?) thing going with it's latest flagship smartphone, the Galaxy SIII, so it was kindof surprising to me to hear that they may be 'interested' in either buying RIM, buying into RIM or even licensing the latest OS offering from RIM.  The Samsung Galaxy SIII has the Android OS on it and was *built for* Android, so there's no need for them to go shopping around for a replacement OS on this device.  I suspect that this was a feeble attempt by someone to try to make / help RIM stay relevant.   http://news.cnet.com/8301-1035_3-57489816-94/no-samsung-isnt-interested-in-rim/?part=rss&subj=news&tag=title
Read More

New version of Zeus banking trojan targeting Blackberry

Uncategorized
The Zeus trojan [kit] has been HUGE in the past and is probably the favorite crimeware toolkit for those looking to break into the biz.  It's targetd Android devices for some time and now, apparently, is targeting Blackberry devices.  Blackberry users beware. http://www.v3.co.uk/v3-uk/news/2197291/mobile-zeus-malware-found-targeting-blackberry-devices
Read More

Attention – Anyone involved in payroll, in HR or anyone that gets a paycheck from these folks, you’re squarely in the crosshairs

Uncategorized
It's been said over and over and over (ad nauseum) but, just in case, I'll go ahead and say it again.  The folks that write (and use) viruses and malware are almost always in it for the same reason.... MONEY.  Whether it's using a compromised comptuer to store scammed credit card numbers from a skimmer at an ATM or to host porn or for extortion, a network of compromised computers is a significant asset for a dirtbag.  We have done demonstrations of how some of these work and how they can be used but the situation noted in the article linked below drives right to the point.  There's no three way relationship necessary to make money, you just get your warez installed on the right person's computer via carefully crafted…
Read More

‘Massive Security Breach’, known by Apple and Amazon and kept under wraps? Seriously?

Uncategorized
I've had a few people point me to this story (linked below), some legitimately concerned and some simply pointing it out, and I wanted to take a moment to add my $0.02 worth.  The facts in the story, vendors handle information differently and, as such, classify different sets of infomation with different levels of significance / importance / etc.  In this case, the reader (and a large number of other people) have determined that, using infomation from entity a, they can garner information from entity b and with the aggregate of that information do nasty, nasty things.  This is completely accurate and true, so the story isn't a farce, but this has been the case forever (I'm using 'forever' here in lieu of any real statistics) and will likely always…
Read More

Email conversation threads are getting broken during the transition to the new helpdesk

Uncategorized
Today is the first full day of use out of our new helpdesk and, so far, the feedback has been almost all positive.  One thing that we are noticing that we did not consider earlier though is that the email conversations / threads are getting / broken between replies that were sent to the old helpdesk and replies that are being sent to the new helpdesk.  This should be an isolated issue that will go away once all of the tickets on the old helpdesk are closed out (we expect less than 30 days) but it is causing some confusion in the interim.  We're working now to see if there is a good way to mitigate it but because it's two separate email conversations, I am not optimistic.  Again, this…
Read More

New Helpdesk is Live!!

Uncategorized
In September of 2011, I sent out an email asking for help, feedback to help us serve our customers better.  Since that email, we have been working to implement some of the changes requested to better serve you.  Some of the easier changes were the Priority Blocks and Regular Monthly Updates, which seem to be working very well.  Some of the other changes have taken a little longer to implement and are finally coming to fruition.  One of the things that was requested was a way for our customers to see their open tickets (work being done) and closed tickets (work already done).  The point was made that, although we try to keep everyone up-to-date via email, we often have the tool that our customers use for email, so the…
Read More