27Nov 2018 by nathan

November Updates 2018

Monthly Newsletters
  Executive Summary - The Cyber Tech Cafe Managed Services (MyIT) continue to be an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work". News DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org .  Our speaker for the November meeting is the world famous TBD.   Microsoft - Microsoft reported 79 vulnerabilities, 12 of which were classified [by Microsoft] as CRITICAL with the remaining 67 rated important, moderate or low. Not to…
Read More
13Oct 2018 by nathan

October Updates 2018

Monthly Newsletters
  Executive Summary - The Cyber Tech Cafe Managed Services (MyIT) continue to be an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work". News We're Hiring - If you or someone you know is looking for an entry level IT Support position with a growing company, send them our way.  Additional information and an online application is available here. DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org .  Our speaker for…
Read More
22Aug 2018 by nathan

August 2018 News and Updates

Monthly Newsletters
Executive Summary - The Cyber Tech Cafe Managed Services (MyIT) have been an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work". News We're Hiring - If you or someone you know is looking for an entry level IT Support position with a growing company, send them our way.  Additional information and an online application is available here. DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org .  Our speaker for the September…
Read More
13Jul 2018 by nathan

July 2018 News and Updates

Monthly Newsletters
Executive Summary - The Cyber Tech Cafe Managed Services program was, by all metrics, an overwhelming success.  It's always good to see organizations taking a more proactive role in securing their infrastructure and even better to be able to play a part in it.  There were significant updates from Microsoft and Adobe this month but Adobe certainly took the cake with over 100 patches issued. News Managed Firewall Services - We announced in April that we were considering offering a managed firewall option.  The initial offer was very well received and we'd like to expand it to 5 additional clients.  The price for the base package is $169 per month and includes a firewall and daily reporting on it's performance and activity.  All of the routine management (license renewals, firmware updates,…
Read More
30Apr 2018 by nathan

April 2018 News and Updates

Monthly Newsletters
Executive Summary - There were significant updates from Microsoft and Adobe this month as long as a minor update to Java.  The most interesting updates that I've seen thus far address a vulnerability in the Windows Font Library (CVE-2018-1010, -1012, -1013, -1015, -1016).  These could be exploited remotely by an attacker via social engineering attack (phishing, etc.) to get access as the logged-on user and then chained together with a privilege escalation vulnerability (like CVE 2018-1034) to gain administrative or system level access. News Managed Firewall Services - We are considering offering a managed firewall solution and are looking for 3 to 5 clients that would be interested in helping us to pilot the program.  Test sites would need to have a minimum of 5 workstations and a maximum of 10…
Read More
09Jan 2018 by nathan

January 2018 News and Updates

Monthly Newsletters
Updates News Spectre and Meltdown vulnerabilities - There's a LOT of buzz about the two of these.  I won't be going into any detail in this newsletter about either but we've been pushing information out to social media as we get it and will likely be posting an article here later. Mailing List - The response to (finally) getting the mailing list back online has been overwhelmingly positive (and appreciated).  We have a sign-up form on the right-column of our website if you'd like to sign up. MyIT - The newest version of the Network Ninja (NNv2.1) is finally operational and has been deployed to a number of MyIT clients already with stellar results.  We finished with the beta group last week and will be reaching out to all of…
Read More
16Nov 2017 by nathan

November 2017 News and Updates

Monthly Newsletters
Updates News Mailing List - We're excited to announce that the mailing list is back up and running.  We generally only send emails once per month (the News and Updates), so it's a low volume list.  We have a sign-up form on the right-column of our website if you'd like to sign up. Holiday Schedule - Please be sure to check out our 2017 holiday schedule here.  If you have projects that you'd like to complete by year end, please let us know as soon as possible. MyIT - We are working on some exciting changes to the MyIT Options, including updates to the Network Ninja, for 2018 that we hope to announce in the December newsletter. Executive Summary - Critical vulnerabilities were patched by Microsoft and Adobe this month,…
Read More
09Aug 2017 by nathan

August 2017 News and Updates

Monthly Newsletters
Updates Executive Summary - In addition to the normal Microsoft, Adobe and Oracle / Java updates, Google released an update to patch 10 critical bugs in the Android operating system and Mozilla released an update to patch 29 vulnerabilities in Firefox including making Adobe Flash objects Click-To-Enable.  The excitement from WannaCry and Petya / Not-Petya seems to be calming down but it looks like the Mamba ransomware (gained fame in the end of 2016 by taking the San Francisco transit system offline) seems to be making a comeback.  It only seems to be impacting Saudi Arabia and Brazil at the moment but it would be wise for blue teams to take note and make sure that you're ready (Are you all patched up?  Network segmented to minimize the damage of…
Read More
19Jul 2017 by nathan

July 2017 News and Updates

Monthly Newsletters
Updates Executive Summary - 2017 has been an explosive year for ransomware and a wake-up call for administrators of the importance of installing updates in a timely fashion.  The WannaCry virus in May wreaked havoc when it took advantage of an already patched bug in Microsoft Windows.  The Petya and Not Petya viruses struck in June, leveraging the same already patched vulnerability. Microsoft - Microsoft patched a total of 54 vulnerabilities this month in Windows, Edge, Internet Explorer Office and Exchange, 19 of which were rated critical, 32 rated important and three rated as moderate.  Several of the critical vulnerabilities are remotely exploitable and could give an attacker full control with little or no action on the part of the user. Microsoft releases regular updates the second Tuesday of each…
Read More
10Jan 2017 by nathan

January 2017 News and Updates

Monthly Newsletters, Uncategorized
   Updates Executive Summary - 2017 is starting out with a relatively low number of updates with only four bulletins from Microsoft (Edge, Office and Windows [LSA]) and two updates from Adobe (Flash, Acrobat & Reader) but all resolve issues that could allow an attacker full access (remote code execution or RCE) to vulnerable systems.   Microsoft - Microsoft released 4 bulletins this month (MS17-001 through MS17-004). The bulletins affect Microsoft Edge (oddly enough, nothing mentioned about Internet Explorer), Microsoft Office, Adobe Flash and an internal component of Windows called LSA (Local Security Authority).  The bulletins for Microsoft Office and Adobe Flash Player are rated critical and allow remote code execution (RCE) and the bulletins for Microsoft Edge and LSA are rated important allowing privilege escalation and denial of service respectively.  Multiple…
Read More