November 2024 News and Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Upcoming End of Life for Windows 10 - We're officially under one year before the Windows 10 End of Life (EOL), currently scheduled for 14 October 2025. Prior to that date, you will need to make certain that all Windows 10 computers are either upgraded (Windows 11 Requirements) or replaced. Additional information is available from Microsoft here. Holiday Schedule Thanksgiving - We will be closed Thursday, 28 November and Friday, 29 November 2024 for the Thanksgiving holiday and the office will open for regular business hours on Monday, 2 December 2024. Christmas - We will be closed Tuesday, 24 December and Wednesday, 25 December 2024 for the Christmas holiday and the office will open for regular business hours on Thursday, 26 December 2024. New Year - We will be closed…
Read More

September 2024 News and Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Apple / Mac Security Updates - In addition to the usual suspects, significant security updates have been released by Apple for multiple products including iOS / iPadOS 17.7, iOS / iPadOS 18, MacOS 13.7, 14.7 and 15, tvOS 18, watchOS 11, visionOS 2 and more. Additional info is available from CISA here. Basically, if you've got an Apple device, update it :) Microsoft Recall - The short version is that Microsoft Recall is apparently not as dead as we thought (hoped) that it was and I've not seen anyone state this better than Brian Krebs here. "...But last week, the software giant clarified that what it really meant was that the ability to disable Recall was a bug/feature in the preview version of Copilot+ that will not be available to…
Read More
After Action Report – CrowdStrike

After Action Report – CrowdStrike

Industry News, Tech news
As many of you know, an issue with an update to CrowdStrike, a security platform installed on literally millions (if not billions) of computers worldwide, caused a global IT Outage on Friday and many organizations (and IT workers) are still feeling the sting of that outage today. The root issue appears to have been a bad configuration update from CrowdStrike that prevented affected systems from booting. We are thankful that none of our clients were directly impacted but the incident provides an excellent opportunity to "sharpen the saw" and update our internal processes. In this email, I'd like to quickly summarize what happened, some key things that we took away from the incident and some changes that we're making in as a result. What happened? CrowdStrike released a corrupt configuration…
Read More

July 2024 News and Updates

CTC NEWS, Industry News, Monthly Newsletters, Tech news
Client Forms - In an effort to make requesting support easier for common tasks (onboarding and offboarding users, for example), we are launching a number of forms that clients can use to request support. Links to the forms are located at the top of our website under Client Forms. Windows Recall - We received a surprising amount of feedback on the blurb about Windows Recall in last months newsletter and, not surprisingly, literally none of it was positive. The common thread in all of the feedback was basically what are the alternatives? We don't really have a plan, just yet, but we do have some ideas. Expect more on this next month and, if you're concerned about Windows Recall for whatever reason (privacy, regulatory compliance, etc.), keep an eye out…
Read More

Please update your FortiGate

Industry News, Tech news
What is this about? In February of this year, Fortinet disclosed multiple vulnerabilities in the FortiOS firmware, the operating system for their entire line of products. The vulnerability was highly publicized by Fortinet, The U.S. Cybersecurity and Infrastructure Security Agency (CISA), news outlets, message boards and on social media and we reached out directly to all of our MyIT Clients. The vulnerability is significant because it's position in a network, often running on the Internet facing firewall protecting that network from Internet borne threats, means it's exploitable from anywhere on the Internet and successful exploitation could give an attacker full access to a vulnerable device. It's also important to note that state sponsored threat actors are known to favor (and target) these types of vulnerabilities. What do I need to…
Read More

CDK Breach – Threat actors now contacting CDK customers directly.

CTC NEWS, Tech news
We are working with a number of clients who have been impacted by what is, I believe, now officially being referred to publicly by CDK as an attack and, specifically, multiple attacks. This latest development (the threat actors are reaching out to CDK Customers directly) confirms that there was data, at the very least customer lists and contact info, taken during the attack. Details are sketchy and there are a lot of moving parts behind the scenes so this post will be a) short, b) in no particular order and c) vague but there are a number of common questions / concerns / comments that we're getting that I'm hoping to address with this post. For those who don't know who CDK is or why this may be important, CDK…
Read More

February 2024 News and Updates

CTC NEWS, Industry News, Tech news
We're Moving Cyber Tech Cafe will be moving our office to 319 North Tennessee Street, Cartersville GA on 15 March 2024. Our mailing address will remain the same. Urgent Update from Fortinet - Fortinet disclosed on 8 February 2024 a significant vulnerability in basically their entire firewall product line. The vulnerability can allow an attacker with access to the VPN interface on the affected device the ability to run code on the device. According to reports, the vulnerability is being actively exploited in the wild. If you are a MyIT Client, you should have received an email on Tuesday with details on the vulnerability and, in most cases, your firewall has already been updated. If you are not a MyIT Client, we would recommend installing the update immediately if at…
Read More

November 2023 News and Updates

CTC NEWS, Monthly Newsletters, Tech news
End of Life for Windows Server 2012 - October was the last month of updates, including bug fixes, security updates, etc., for Microsoft Windows Server 2012. If you still have Windows Server 2012 installed in your environment, Microsoft strongly recommends making plans to decommission it as soon as possible. Changes to the MyIT Program - We are in the process of making some changes to the MyIT Program that we're pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related to communications. There will be some changes to the monthly report as well as some reminders about systems that may need extra attention. More on this to come but we're excited about the opportunity to provide more value to our MyIT Customers! 2023…
Read More

October 2023 News & Updates

CTC NEWS, Monthly Newsletters, Tech news
End of Life for Windows Server 2012 - This will be the last month of updates, including bug fixes, security updates, etc., for Microsoft Windows Server 2012. If you still have Windows Server 2012 installed in your environment, Microsoft strongly recommends making plans to decommission it as soon as possible. Changes to the MyIT Program - We are in the process of making some changes to the MyIT Program that we're pretty excited about. The biggest and most visible change for most MyIT Customers will likely be related to communications. There will be some changes to the monthly report as well as some reminders about systems that may need extra attention. More on this to come but we're excited about the opportunity to provide more value to our MyIT Customers!…
Read More

Quickbooks Update Scam

Tech news
We often get emails forwarded from customers (and soon to be customers :) ) that they get from scammers and suspected scammers and I often wonder just how many folks actually fall for the scam. We got one today that is a perfect example of what to look for if you suspect you're looking at a scam email and, at the same time, how to put together a really bad phishing email. So, starting at the top, the domain name intuitquickbookssupports.com. A quick search at CentralOps confirms that this domain name was just registered in January of this year and that it's registered at GoDaddy. Looking up intuit.com on the same site confirms that that's not where Intuit registers their domain names. Moving on down to the grammar of the…
Read More