Author: nathan

What's New Cyber Tech Cafe - We announced last month that we would had partnered with Domain.com for all of our website and email hosting and that we would begin migrating all of our current website and email hosting customers to Domain.com in the coming months.  I'm excited to announce that this has been going well and feedback has been overwhelmingly positive.  As you're reading this, some of you have already been migrated and some are already on the schedule.  We will be contacting each of our hosting customers directly to schedule the migration and expect to have everyone migrated by July of this year.  If you missed the original announcement, it is still available on our website here.  If you have any questions about the transition or would like to…

The so called 'FBI Virus' has come back with a vengence and appears to be using well known and highly publicized vulnerabilities in Adobe products and Java to propagate.  If you have a computer and are not 100% certain that you are up-to-date, use the links at the bottom of this email to make certain.   What it is? - The premise is simple.  Attackers scare victims into giving up money valuable information by convincing them that the FBI or DHS is somehow 'after them'.  Typically, the intended victim gets a virus that causes a 'splashscreen' to pop up on their computer with an official looking seal (traditionally FBI but, according to US CERT, they're using DHS now) and a warning that, if the intended victim doesn't pay up, they…

The short story We are making some internal changes at Cyber Tech Cafe that may result in some email 'weirdness' on Saturday and Sunday.  These issues will be resolved by 6:00am Monday morning but, if you send emails to us Saturday and Sunday, some messages may be delayed or bounced.  If you send us an email over the weekend and do not a) get an autoresponse from the helpdesk (some folks have requested that these be disabled so, if that's you, you won't get an autoresponse) and b) you don't hear back from us first thing Monday morning, your email was likely fodder for our new fangled SPAM filter (or, it was just unlucky enough to come in while Nathan was tweaking something).   For those craving details :) New…

So, you want to learn how to 'hack' email.  Well, you've sortof come to the right place.  The purpose of this article is to explain a little bit about how email works and what actually happens when you click that send button.  The process noted here can actually be used to diagnose email problems and / or confirm that a server (in this case, mail.foo.com) will actually accept email for the domain foo.com.   For this example, we will assume that our email address is bob@foo.com and we're trying to send an email to tom@bar.com.  We won't get into any detail about what email software we're using but will instead focus on what's going on behind the scenes.  We need to get to a command prompt (or DOS prompt or…

It's hard to believe, but it's update time again already.  This is the monthly update and news letter with the details of what's going on and I'm going to try something a little different this month.  After talking with a lot of the folks that get this monthly newsletter though, I'm going to try making a few changes to make it more user friendly and readable and I'd love to get your feedback on how we can make it easier to read and / or more usable for you.   What's New Cyber Tech Cafe - As many of you already know, we are in the proces of suspending our hosting operation.  Website and email hosting was one of the first services that we offered when we started the company…

When we first opened Cyber Tech Café ten years ago, our goal was simple; to be a complete technology resource for residential and small to medium business customers. Our plan for achieving that goal was to provide exceptional quality products and services where we could and develop strategic partnerships with complimentary companies for those products and services that we were not equipped to provide directly. We would then continuously re-evaluate our client’s needs, our abilities and the market to make certain that we were providing the best solutions to our clients and not just the best that we could provide directly. A number of years ago, it became clear that our clients low-voltage needs exceeded our low-voltage capabilities and we began looking for local low-voltage companies that shared our commitment…

Symantec has done a very good job of putting together a very quick and easy to follow write-up on this latest Java vulnerability including disclosing the IP of at least one of the C&C servers (below).  For the impatient, the IP listed is 110.173.55.187.  I did a quick whois on it (details below) and it's part of the 110.173.48.0/12 network and is registered to CHINADEDICATED-HK (a Chinese company, big surprise there).  At this time, unless you have a specific need to communicate with hosts in this network range, we are recommending users block all traffic to / from the entire netblock (I suspect that the C&C is not limited or will not stay limited to this single IP, but that may be me being paranoid). Article -> http://www.symantec.com/connect/blogs/latest-java-zero-day-shares-connections-bit9-security-incident Whois info:% Whois data copyright terms…

I Am posting this from my phone, so short details and likely typos.  Massive hole in Java.  No patch.  Actively being exploited.  Disable Java.   Details ->http://www.theregister.co.uk/2013/03/01/another_day_another_java_zero_day/