October 2016 News and Updates

Monthly Newsletters, Uncategorized
   Updates Executive Summary - Microsoft released a total of 10 bulletins, most of which are rated critical and most of those can allow an attacker full access to a vulnerable computer remotely (remote code execution, or RCE).  Once again, the first two bulletins address vulnerabilities in Internet Explorer and Edge (Edge is supposed to be a completely separate product from Internet Explorer, but the two seem to share a lot of similar vulnerabilities).  Adobe has patched an impressive 81 vulnerabilities in it's product line (including Acrobat, Reader and Flash, most notably) with several of those listed as critical with successful exploitation leading to remote code execution.   Microsoft - Microsoft released 10 bulletins this month (MS16-118 through MS16-127). Six of the 10 are rated critical, one is rated moderate (information disclosure)…
Read More

September 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DC770 - A quick reminder that DC770 meets the first Tuesday of each month at 7:00pm EDT in the basement at Jefferson's. Updates Executive Summary - This month's Microsoft updates looked oddly familiar to last month, with the descriptions of many of the issues patched sounding eerily similar to last month, which as you may remember was a particularly "exploitable" month of updates. As always, it is extremely important for all available updates to be installed as soon as possible. Adobe is back on the   Microsoft - Microsoft released 14 bulletins this month (MS16-104 through MS16-117). Seven of the 14 are rated critical and the remaining are rated important (by Microsoft).  It should come as no surprise that updates for Internet Explorer and Edge are leading the pack (again)…
Read More

August 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DEF CON 24 - Huge thank you to the folks at Piratica for the invite to DEF CON in Las Vegas, NV.  Definitely an eye opening experience to see things from a different perspective.  DC770 - A quick reminder that DC770 meets the first Tuesday of each month at 7:00pm EDT in the basement at Jefferson's. Updates Executive Summary - No patches for Adobe Flash Player this month.  For the first time since January, the monthly Adobe patch release does not include a patch for Flash Player.  In an interesting bit of irony though, there is a bulletin from Microsoft (MS16-102) that patches a vulnerability in the Microsoft PDF Library that could lead to remote code execution.  Also, MS16-099 affects multiple versions of Office including Office for Mac…
Read More

July 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New Windows 10 - Microsoft's aggressive push to get every Windows 7 and Windows 8 computer upgraded to Windows 10 has gone from light speed to ludicrous speed.  Per Microsoft, Windows 7 is still supported until January of 2020 and we have had very good results with the Never10 utility from GRC.  If you have Windows 8, Windows 10 may be a better option.  Otherwise, it may be worth delaying the Windows 10 upgrade. DEF CON 24 - Piratica has invited the crew from Cyber Tech Cafe to join them at DEF CON 24 this year (4 August to 7 August) in Las Vegas.  Most of us will be leaving Thursday evening but we will be leaving a skeleton crew behind Friday and Monday to cover things.  Everyone will…
Read More

June 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New Windows 10 - Microsoft's aggressive push to get every Windows 7 and Windows 8 computer upgraded to Windows 10 has gone from light speed to ludicrous speed.  Per Microsoft, Windows 7 is still supported until January of 2020 and we have had very good results with the Never10 utility from GRC.  If you have Windows 8, Windows 10 may be a better option.  Otherwise, it may be worth delaying the Windows 10 upgrade. Helpdesk Changes - We are excited to announce that the changes that we mentioned a few months ago to the Cyber Tech Cafe helpdesk are going well.  If all goes well, we should have some exciting news in the next 10 to 14 days. DEF CON 24 - Piratica has invited the crew from Cyber…
Read More

May 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DEF CON 24 - Piratica has invited the crew from Cyber Tech Cafe to join them at DEF CON 24 this year (4 August to 7 August) in Las Vegas.  Most of us will be leaving Thursday evening but we will be leaving a skeleton crew behind Friday to cover things.  Everyone will be back for normal business hours Monday. Updates Executive Summary - May delivered several updates from Microsoft to patch critical vulnerabilities in Windows, Internet Explorer, Edge, Office and .NET.  I've noticed it a few times and more frequently lately, but MS16-064 was an update to Adobe Flash Player for Windows 8.1, Server 2012, Server 2012 R2, RT 8.1 and Windows 10.  Two important things to note here is that Microsoft is issuing Flash Player updates…
Read More

April 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New Disable Windows 10 Notification - Our policy regarding Operating System (or any other major) upgrade has always been to proceed with caution and upgrade when a) you have a need to, b) your environment (hardware, software, etc.) supports it and c) it's stable.  Microsoft has been pushing Windows 10 since it's release and has gotten more and more aggressive with the rollout with each monthly update cycle.  Our policy is still, if you are currently on Windows 7 and have no business requirement to upgrade, stay with Windows 7.  If you have Windows 8.x, Windows 10 is a slight upgrade but Windows 7 is battle tested, well supported by third parties and is scheduled to be supported by Microsoft until January of 2020.  All of that said,…
Read More

March 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New Hacker Playdate - The Q2 2016 Hacker Playdate "Business Edition" is scheduled for 23 April 2016 at the Bartow County Library.  Huge thank you to the Bartow County Library for all of their support and for the new venue.  Additional details are available here. Ransomware & Rogue Tech - We continue to see computers that are infected with ransomware that encrypts the data and demands a ransom (generally payable by Bitcoin) and rogue tech support calls.  Backup your data.  Don't let strangers onto your computer.  That is all (for now) :)  Windows 10 -  We are seeing a LOT of folks who are installing Windows 10 'accidentally'.  Two very important things to note on this are that you have 30 days from the time you do the…
Read More

February 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New Hacker Playdate - The Q1 2016 Hacker Playdate, despite some weather concerns, was a huge success.  Many thanks again to our sponsors and participants Cisco ASA Vulnerabilit - A vulnerability in Cisco ASAs (firewalls) was disclosed last week that could allow a remote attacker full access to an affected Cisco ASA.  Scans for vulnerable devices have been very aggressive since the disclosure Cisco, to my knowledge, has not released an update to patch the hole.  Some sites have reportedly disabled host-to-site IPSec VPNs as a result.  Additional information is available at SANS here. DMA Locker - We have reported on ransomeware (I believe that this was our first article on it back in 2013) and it looks like the genre has experienced another evolution.  This latest variant encrypts…
Read More

January 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New Hacker Playdate - The Q1 2016 Hacker Playdate is right around the corner and we're starting to get excited.  We're doing this one a little different and are specifically targeting the presentations and the villages toward business owners, managers and IT professionals.  One of the new things that we're trying this time is a CTF village with multiple vulnerable machines and several 'attack' laptops setup to give attendees an opportunity to try the tools and tactics that attackers are using in the wild (and we'll have solutions available for those who just want to get to the end).  As always, it's free and open to anyone.  We will be in the meeting room at Primo's Mexican Cocina from 12:00pm EST to 5:00pm EST on Saturday, 23 January…
Read More