Author: nathan

Summary and Translation of Episode One, Setting the Hook.In Episode One, we saw Ian and Myles send a mass email with a malicious link disguised as a Facebook friend request, phishing for victims. We’re not sure how many others fell for the fake email, but we know that Nancy at Acme Widgetco clicked the link and, seconds later, Myles and Ian were watching her via her webcam and exploring the files on her local hard drive.  Episode One is available here. “Jake, I have an important meeting with potential investors in 12 minutes and I need to be able to connect my phone to the network to access my presentation”. Mr. Peters had apparently just discovered Chromecast and was planning to use his newfound streaming prowess to impress the potential…

What's New Resurgence of Crypto style malware - It looks like the Cryptowall style malware is making another round.  There are some details on one variant here but the biggest thing to keep in mind is that, if you get hit with this, you need to consider whatever data is encrypted gone.  There may be a chance that you may get it back if you send a large sum of money via untraceable currency (Moneypak, bitcoin, etc.) to an anonymous person likely in a non-extradition country but a much better (and cheaper) plan is to maintain good backups that you test regularly and make certain to install updates regularly and keep up-to-date antivirus.   Facebook Campaign - We continue to get good feedback on the Facebook page and appreciate you folks spreading the…

Inclimate Weather Plans for Cyber Tech Cafe for Thursday, 26 February 2015 We are currently watching the weather and road conditions and plan announcing our hours by 10:00am EST on Thursday, 26 February 2015.

What's New Facebook Campaign - Thanks to all of you guys, we have passed the 500 mark on our Facebook page and are using it to quickly get information out on things like out-of-band updates (like the 3 from Adobe) and general IT and security related topics (like the declaration of war by Anonymous on ISIS).  You can find us on Facebook here. 2015 Focus on Security - I noted in the January 2015 newsletter that we would be renewing our focus on security in 2015 and thought it proper that the first item in the 2015 newsletter gave more detail on the plans.    Better Communication - We are going to make better use of our website, newsletter and Facebook Page to keep you better informed.   We will publish important but low-priority / non-urgent stories to the website and link…

What's New Facebook Campaign - We have received a lot of good feedback on the news and articles that we've posted to our Facebook page and would like to take better advantage of it in 2015.  If you haven't checked out or Facebook page or don't already like us on Facebook, please consider checking it out or sharing it with your friends.  We often post news on new threats (malware, viruses, etc.), breaches (Target, Home Depot, JP Morgan Chase, etc.) or just general tech news on the Facebook page well before we're able to get the news out to our website or newsletter.  You can find us on Facebook here. 2015 Focus on Security - I noted in the December 2015 newsletter that we would be renewing our focus on security in 2015 and…

As it's name would suggest, Episode One - Setting the hook, is the first of hopefully several short stories written about the interactions of end users, systems administrators and the cyber criminals working hard to get in between them.  The stories are a mixture of completely fictional tales, my experiences in the better part of two decades in IT (the names have been changed to protect the innocent and the guilty alike) and, in some cases, a mixture of the two. My hope is that the stories are equally entertaining both to the non-technical and technical reader alike, possibly giving each a different perspective of the other and making everyone's job a little easier when it comes to using, managing and securing the technology that we all rely on day to day.…

Shadow IT - a term often used to describe IT systems and IT solutions built and used inside organizations without explicit organizational approval. It is also used, along with the term "Stealth IT," to describe solutions specified and deployed by departments other than the IT department. This has always been 'a thing' but we're definitely seeing a rise in shadow / rouge IT in many of the organizations that we support.  I can understand it from it's various different perspectives (end user, management and IT department) and can see merits for each but, as a contractor often responsible for a) finding and b) fixing the mess, I tend to side wiht the IT department in most cases.   From the users perspective, buying their own kit to do their job better,…