16Nov 2017 by nathan

November 2017 News and Updates

Monthly Newsletters
Updates News Mailing List - We're excited to announce that the mailing list is back up and running.  We generally only send emails once per month (the News and Updates), so it's a low volume list.  We have a sign-up form on the right-column of our website if you'd like to sign up. Holiday Schedule - Please be sure to check out our 2017 holiday schedule here.  If you have projects that you'd like to complete by year end, please let us know as soon as possible. MyIT - We are working on some exciting changes to the MyIT Options, including updates to the Network Ninja, for 2018 that we hope to announce in the December newsletter. Executive Summary - Critical vulnerabilities were patched by Microsoft and Adobe this month,…
Read More
09Aug 2017 by nathan

August 2017 News and Updates

Monthly Newsletters
Updates Executive Summary - In addition to the normal Microsoft, Adobe and Oracle / Java updates, Google released an update to patch 10 critical bugs in the Android operating system and Mozilla released an update to patch 29 vulnerabilities in Firefox including making Adobe Flash objects Click-To-Enable.  The excitement from WannaCry and Petya / Not-Petya seems to be calming down but it looks like the Mamba ransomware (gained fame in the end of 2016 by taking the San Francisco transit system offline) seems to be making a comeback.  It only seems to be impacting Saudi Arabia and Brazil at the moment but it would be wise for blue teams to take note and make sure that you're ready (Are you all patched up?  Network segmented to minimize the damage of…
Read More
19Jul 2017 by nathan

July 2017 News and Updates

Monthly Newsletters
Updates Executive Summary - 2017 has been an explosive year for ransomware and a wake-up call for administrators of the importance of installing updates in a timely fashion.  The WannaCry virus in May wreaked havoc when it took advantage of an already patched bug in Microsoft Windows.  The Petya and Not Petya viruses struck in June, leveraging the same already patched vulnerability. Microsoft - Microsoft patched a total of 54 vulnerabilities this month in Windows, Edge, Internet Explorer Office and Exchange, 19 of which were rated critical, 32 rated important and three rated as moderate.  Several of the critical vulnerabilities are remotely exploitable and could give an attacker full control with little or no action on the part of the user. Microsoft releases regular updates the second Tuesday of each…
Read More
20Feb 2017 by nathan

February Microsoft Updates Delayed till March!

Uncategorized
   [UPDATE] February Monthly Updates [UPDATE]   Microsoft has officially announced that February's updates will be released next month as part of the March regularly scheduled updates. https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/   We strongly recommend that users set a reminder and install the March updates as soon as possible following their March 14th release as there are several known vulnerabilities currently in the wild for several Microsoft products/services.   **Cyber Tech Cafe MyIT Customers** To all MyIT customers, Java, Adobe, and other 3rd party software updates will continued to be installed this month as part of your regularly scheduled updates.    
Read More
14Feb 2017 by nathan

Last Minute Delay from Microsoft in February 2017 Updates

Uncategorized
   Updates Executive Summary  - For the first time that I can remember, Microsoft has delayed the monthly updates for February 2017 because of a last minute problem that was discovered in the new process.  Additional information is available here but there is no date (yet) for when the updates will be released.   Microsoft - (crickets) Microsoft releases regular updates the second Tuesday of each month, often referred to as 'Patch Tuesday'.  These updates are categorized as Low, Moderate, Important or Critical.  Details on the categories are available here.  The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server.  If you have one or more of these products installed, especially if the update is listed as Important or…
Read More
10Jan 2017 by nathan

January 2017 News and Updates

Monthly Newsletters, Uncategorized
   Updates Executive Summary - 2017 is starting out with a relatively low number of updates with only four bulletins from Microsoft (Edge, Office and Windows [LSA]) and two updates from Adobe (Flash, Acrobat & Reader) but all resolve issues that could allow an attacker full access (remote code execution or RCE) to vulnerable systems.   Microsoft - Microsoft released 4 bulletins this month (MS17-001 through MS17-004). The bulletins affect Microsoft Edge (oddly enough, nothing mentioned about Internet Explorer), Microsoft Office, Adobe Flash and an internal component of Windows called LSA (Local Security Authority).  The bulletins for Microsoft Office and Adobe Flash Player are rated critical and allow remote code execution (RCE) and the bulletins for Microsoft Edge and LSA are rated important allowing privilege escalation and denial of service respectively.  Multiple…
Read More
26Oct 2016 by nathan

Adobe released an emergency update to patch a vulnerability currently being exploited in targeted attacks

Uncategorized
Emergency patch for Zero Day Vulnerability Under Attack Additional details are available in the linked article below but Adobe has released an update to the Adobe Flash Player that is currently being exploited in targeted attacks.  According to the article, the vulnerability is multi-platform and affects Windows (Windows 7, Windows 8, Windows 8.1 and Windows 10 and presumably Windows Server OSs if Flash Player is installed there as well), Mac and Linux.  The Flash version affected is 23.0.0.185 and earlier and users with [now] out-of-date versions should update to 23.0.0.205 as soon as possible.  Cyber Tech Cafe MyIT customers will be protected after their next computer reboot.  Others should navigate to the Adobe Security page for additional information on the update and to download and install.   ThreatPost Article - https://threatpost.com/adobe-patches-flash-zero-day-under-attack/121567/…
Read More
17Oct 2016 by nathan

October 2016 News and Updates

Monthly Newsletters, Uncategorized
   Updates Executive Summary - Microsoft released a total of 10 bulletins, most of which are rated critical and most of those can allow an attacker full access to a vulnerable computer remotely (remote code execution, or RCE).  Once again, the first two bulletins address vulnerabilities in Internet Explorer and Edge (Edge is supposed to be a completely separate product from Internet Explorer, but the two seem to share a lot of similar vulnerabilities).  Adobe has patched an impressive 81 vulnerabilities in it's product line (including Acrobat, Reader and Flash, most notably) with several of those listed as critical with successful exploitation leading to remote code execution.   Microsoft - Microsoft released 10 bulletins this month (MS16-118 through MS16-127). Six of the 10 are rated critical, one is rated moderate (information disclosure)…
Read More
22Sep 2016 by nathan

September 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DC770 - A quick reminder that DC770 meets the first Tuesday of each month at 7:00pm EDT in the basement at Jefferson's. Updates Executive Summary - This month's Microsoft updates looked oddly familiar to last month, with the descriptions of many of the issues patched sounding eerily similar to last month, which as you may remember was a particularly "exploitable" month of updates. As always, it is extremely important for all available updates to be installed as soon as possible. Adobe is back on the   Microsoft - Microsoft released 14 bulletins this month (MS16-104 through MS16-117). Seven of the 14 are rated critical and the remaining are rated important (by Microsoft).  It should come as no surprise that updates for Internet Explorer and Edge are leading the pack (again)…
Read More
10Aug 2016 by nathan

August 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DEF CON 24 - Huge thank you to the folks at Piratica for the invite to DEF CON in Las Vegas, NV.  Definitely an eye opening experience to see things from a different perspective.  DC770 - A quick reminder that DC770 meets the first Tuesday of each month at 7:00pm EDT in the basement at Jefferson's. Updates Executive Summary - No patches for Adobe Flash Player this month.  For the first time since January, the monthly Adobe patch release does not include a patch for Flash Player.  In an interesting bit of irony though, there is a bulletin from Microsoft (MS16-102) that patches a vulnerability in the Microsoft PDF Library that could lead to remote code execution.  Also, MS16-099 affects multiple versions of Office including Office for Mac…
Read More