30Apr 2021 by nathan
But the HIPAA Security Rule doesn’t explicitly say anything about patches and updates!?!?

But the HIPAA Security Rule doesn’t explicitly say anything about patches and updates!?!?

Industry News, Tech news
Technology is a requirement for business and is deeply embedded in modern healthcare. Although no specifics for patch management is available in the HIPAA Security Rule, healthcare providers who fall victim to threats like phishing, malware, ransomware or other cyber criminals may be subject to significant fines if they do not have a documented patch management program in place. Most of the software that powers the technology used in healthcare contains "bugs" that can negatively affect how the software works and create risks to the confidentiality, integrity and availability of the data. These "bugs" are regularly fixed with updates and patches by the manufacturers, but it's generally the users responsibility to test, approve and install these updates and patches. While the HIPAA Security Rule doesn't explicitly detail a patch management…
Read More
17Nov 2020 by nathan

November 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Executive Summary We will be closed Thursday, 26 November 2020 and Friday, 27 November 2020 to celebrate Thanksgiving with family and friends. We are currently beta testing our device to tether your office network to your mobile phone / hotspot to provide emergency / backup Internet access to your office network. We hope to have a production version available mid December.Microsoft patched 112 vulnerabilities this month, tipping the 100 vulnerabilities in a month scale again. One update, rated as Important by Microsoft, is being chained with a Google Chrome vulnerability and exploited in the wild. Microsoft patched 112 vulnerabilities this month, 17 were classified [by Microsoft] as CRITICAL, 93 rated important and 2 rated moderate. One vulnerability patched this month , CVE-2020-17087, is rated by Microsoft as important but is…
Read More
10Jun 2020 by nathan
June 2020 News & Updates

June 2020 News & Updates

Industry News, Monthly Newsletters, Tech news
Executive Summary Criminals continue to take advantage of remote workers connecting to work resources via home networks with (often) lax security controls. In many cases, these unprotected home networks that are connected via VPN connections back to the office are giving attackers an opportunity to completely bypass the corporate firewall.Based on number of bugs patched, June 2020 marks Microsoft's largest Patch Tuesday to date with 129 (or 130, depending on who you ask) bugs patched, with 115 in March 2020 and 113 in April 2020 pulling a close second and third.Adobe released significant security updates for Flash Player and Framemaker that could allow an attacker remote access to vulnerable systems.Windows 7 and Windows Server 2008 are now six months out of support from Microsoft, meaning they are no longer being…
Read More
14Mar 2020 by nathan

March 2020 News & Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
  Executive Summary COVID-19 Response - The health and safety of our team, our clients and our business partners is of paramount importance to us at Cyber Tech Cafe.  We are still offering on-site service, however, we have a number of clients who have opted for remote support only for a time to minimize the risk of spreading the virus.  We will continue to monitor and heed the recommendations of the CDC and other subject matter experts on this topic and will post any policy changes to our website and social media pages.  Our thoughts and prayers go out to those affected by this virus and to those working so diligently to fight it. Microsoft released patches for at least 115 vulnerabilities, including 26 that are rated as critical and…
Read More
15Nov 2019 by nathan

November 2019 Updates

CTC NEWS, Monthly Newsletters, Uncategorized
News Holiday Schedule - Cyber Tech Cafe will be closed on Thursday, 28 November 2019 and Friday, 29 November 2019 for Thanksgiving.DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org .  Executive Summary In addition to the normal pressure of Patch Tuesday, we have more than dozen vulnerabilities that are listed as critical this month with at least one being actively exploited in the wild. November 2019 also brings us one month closer to the 14 January 2020 end of life (retirement) for Windows 7 and Windows Server 2008. If you or your organization still has Windows 7 or Windows…
Read More
21Mar 2019 by nathan

March 2019 Updates

CTC NEWS, Industry News, Monthly Newsletters
Executive Summary The Cyber Tech Cafe Managed Services (MyIT) continue to be an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work".  A new version of our website / blogging software brings a new format to these posts, all the same content you know and love with a fresh coat of paint to hopefully make consumption more enjoyable and pleasing. As always, we welcome comments, feedback, concerns, etc. News DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available…
Read More
12Dec 2018 by nathan

December Updates 2018

Monthly Newsletters
Executive Summary The Cyber Tech Cafe Managed Services (MyIT) continue to be an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work". A new version of our website / blogging software brings a new format to these posts, all the same content you know and love with a fresh coat of paint to hopefully make consumption more enjoyable and pleasing. As always, we welcome comments, feedback, concerns, etc. News! DC770 – Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson’s restaurant in Cartersville on the first Tuesday of each month. More information is available at…
Read More
27Nov 2018 by nathan

November Updates 2018

Monthly Newsletters
  Executive Summary - The Cyber Tech Cafe Managed Services (MyIT) continue to be an overwhelming success.  It's exciting to see organizations taking a proactive approach when it comes to their IT Infrastructure and it's incredibly rewarding to hear those organizations comment about how "things just seem to work". News DC770 - Cyber Tech Cafe is a proud supporter and co-sponsor of the DC770 DEF CON group that meets monthly at 7:00pm ET at Jefferson's restaurant in Cartersville on the first Tuesday of each month. More information is available at https://dc770.org .  Our speaker for the November meeting is the world famous TBD.   Microsoft - Microsoft reported 79 vulnerabilities, 12 of which were classified [by Microsoft] as CRITICAL with the remaining 67 rated important, moderate or low. Not to…
Read More
30Apr 2018 by nathan

April 2018 News and Updates

Monthly Newsletters
Executive Summary - There were significant updates from Microsoft and Adobe this month as long as a minor update to Java.  The most interesting updates that I've seen thus far address a vulnerability in the Windows Font Library (CVE-2018-1010, -1012, -1013, -1015, -1016).  These could be exploited remotely by an attacker via social engineering attack (phishing, etc.) to get access as the logged-on user and then chained together with a privilege escalation vulnerability (like CVE 2018-1034) to gain administrative or system level access. News Managed Firewall Services - We are considering offering a managed firewall solution and are looking for 3 to 5 clients that would be interested in helping us to pilot the program.  Test sites would need to have a minimum of 5 workstations and a maximum of 10…
Read More
14Feb 2018 by nathan

February 2018 News and Updates

Monthly Newsletters
Executive Summary - Spectre and Meltdown dominated the news during the last update cycle but seem to be winding down.  The good news here is that strides are being made to mitigate the problem, including a Meltdown and Spectre Detector tool in Microsoft Windows Analytics.  The bad news though is that a number of other critical vulnerabilities in Microsoft Outlook and Adobe Flash Player have stepped up to take the place of Spectre and Meltdown. News DC770 In The News - DEF CON North Atlanta, or DC770, made the front page of the Cartersville Daily Tribune on Wednesday, 6 February 2018.  DC770 is a DEF CON group that meets monthly at Jefferson's in Cartersville.  More information is available at the DC770 website and the article is available at the Daily…
Read More