August 2024 News and Updates
- Labor Day – Cyber Tech Cafe will be closed on Monday, 2 September 2024 in observance of Labor Day.
- CrowdStrike – I’ve had a lot of conversations with folks on this and believe that, in addition to the takeaways in the original post, there are three things that could have been done different. First, test the changes before you deploy it. In the case of the CrowdStrike incident, that likely would have saved the day. Second, fail gracefully. The bug caused an error at a very low level in Windows that prevented Windows from booting and required physical access to impacted systems to revive them. The fix was a very simple fix but it required physical access. Allowing the application to fail gracefully so that the systems was able to boot and connect to the network (and be repaired remotely) would have been a game changer. Lastly, stage the rollout. Even if the change broke things because the code wasn’t reviewed and even if it caused the system to be unbootable, rolling it out to a few systems, a few hundred or even a few thousand systems would have been far better than rolling it out to millions upon millions of mission critical production systems at once. Just my two cents and hindsight is always 20/20 but worth noting.
- Project Lazarus – The idea with Project Lazarus is to get our MyIT clients a way to boot otherwise non-bootable systems and get our team remote access in to fix them remotely. I believe that we have a working prototype and are currently running through some test scenarios to see how it would work in production but I believe that we’re close to a release. Additional information on our Project Lazarus is available here.
- Client Forms – In an effort to make requesting support easier for common tasks (onboarding and offboarding users, for example), we are launching a number of forms that clients can use to request support. Links to the forms are located at the top of our website under Client Forms.
- Election Year Antics – In the US, this year is an election year and it’s safe to assume that criminals will leverage election related topics in their pretexting for attacks (phishing, vishing, smishing, all of the ishings), so be sure to consider that when planning your security awareness training.
Updates
The July 2024 Patch Tuesday from Microsoft addresses at least 139 issues and includes at least two zero-day vulnerabilities (CVE-2024-38080 and CVE-2024-38112) that, per Microsoft, are being actively used to attack systems already. At least five of the vulnerabilities patched in this month’s Patch Tuesday release are rated as Critical with the remaining rated Important or Moderate. In addition to security concerns that have been patched, there has already been a presentation on an “Undetectable Downgrade Attack” at the Black Hat security conference in Las Vegas already.
Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critical, it’s important that the updates are installed.
Additional details on this months Microsoft updates are available from Krebs on Security and the Patch Tuesday Dashboard.
Adobe has published three security bulletins for this month in a number of products including Adobe Premier Pro, InDesign and Bridge. We recommend keeping your Acrobat or Reader software up to date, you should be able to check/install updates by going to the “Help” tab, then “Check for updates”.
Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc
Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.
Need IT Support for your Home or Business? We’d love to help!
Are you a small to medium sized business looking to leverage technology and enable your business and workforce to work smarter and more efficiently? Do you already have computers, servers, firewalls, VPNs or other technology that you’re not taking full advantage of? Are you looking for an IT Service Provider who understands small to medium sized businesses needs and the challenges that we face that can work with you to grow your business rather than just sell you time?
Cyber Tech Cafe an IT Service Company with a focus on helping small to medium business get the most out of their technology investment. As a small business ourselves, we understand the challenges you face and have designed our service offerings to help you get the most out of your technology dollar. We offer on-call, as needed support if you just need a quick fix or extra set of hands right now. We also offer maintenance plans that we call “MyIT” that are designed to address the most common concerns (patch management, disaster recovery / backup, log review, etc.) that are based on the number of workstations and servers that you have and have no term contract. We believe that, if you find value in what we’re doing, you’ll find a way to keep us around without contract saying that you have to.
If you have questions about the MyIT plans or have an IT need that you need addressed right now, let us know. We look forward to the opportunity to earn your business.
Article Submitted by Nathan J. Underwood, CEH