10Jan 2017 by nathan

January 2017 News and Updates

Monthly Newsletters, Uncategorized
   Updates Executive Summary - 2017 is starting out with a relatively low number of updates with only four bulletins from Microsoft (Edge, Office and Windows [LSA]) and two updates from Adobe (Flash, Acrobat & Reader) but all resolve issues that could allow an attacker full access (remote code execution or RCE) to vulnerable systems.   Microsoft - Microsoft released 4 bulletins this month (MS17-001 through MS17-004). The bulletins affect Microsoft Edge (oddly enough, nothing mentioned about Internet Explorer), Microsoft Office, Adobe Flash and an internal component of Windows called LSA (Local Security Authority).  The bulletins for Microsoft Office and Adobe Flash Player are rated critical and allow remote code execution (RCE) and the bulletins for Microsoft Edge and LSA are rated important allowing privilege escalation and denial of service respectively.  Multiple…
Read More
23Dec 2016 by nathan

Merry Christmas and Happy New Year from all of us at Cyber Tech Cafe

Uncategorized
Cyber Tech Cafe will be closed on Monday, 26 December 2016 to enjoy Christmas and to spend time with family, friends and loved ones.  We will re-open on Tuesday, 27 December 2016 during normal business hours and will respond to any non-emergency support requests at that time.  If you need emergency support before Tuesday, 27 December 2016, please include the word 'emergency' in the subject line of any email requests. From all of us here at Cyber Tech Cafe, we wish you and yours a Merry Christmas and a Happy New Year.    Nathan and Kristy Underwood  
Read More
23Dec 2016 by nathan

December 2016 Updates

Uncategorized
   Updates Executive Summary - Microsoft released a total of 12 bulletins, half of which are rated critical and most of those can allow an attacker full access to a vulnerable computer remotely (remote code execution, or RCE).  As has been the theme of 2016, the first two bulletins address vulnerabilities in Internet Explorer and Edge (Edge is supposed to be a completely separate product from Internet Explorer, but the two seem to share a lot of similar vulnerabilities).  Adobe has patched a handful of vulnerabilities in it's product line (including Acrobat, Reader and Flash, most notably) with several of those listed as critical with successful exploitation leading to remote code execution.   Microsoft - Microsoft released 12 bulletins this month (MS16-144 through MS16-155). Six of the 12 are rated critical and…
Read More
21Nov 2016 by nathan

Happy Thanksgiving from Cyber Tech Cafe!!

Uncategorized
Happy Thanksgiving from Our Family to Yours!!   Cyber Tech Cafe will be closed on Thursday and Friday to celebrate the Thanksgiving holiday and spend time with family and friends.  Any non-emergency support requests will be responded to on a first come, first served basis on Monday morning.  If you need emergency technical support Thursday through Sunday, our emergency on-call technicians will be available.  You can page the emergency on-call technician by including the word 'emergency' in the subject of your email request.  Please note that holiday rates will apply.
Read More
26Oct 2016 by nathan

Adobe released an emergency update to patch a vulnerability currently being exploited in targeted attacks

Uncategorized
Emergency patch for Zero Day Vulnerability Under Attack Additional details are available in the linked article below but Adobe has released an update to the Adobe Flash Player that is currently being exploited in targeted attacks.  According to the article, the vulnerability is multi-platform and affects Windows (Windows 7, Windows 8, Windows 8.1 and Windows 10 and presumably Windows Server OSs if Flash Player is installed there as well), Mac and Linux.  The Flash version affected is 23.0.0.185 and earlier and users with [now] out-of-date versions should update to 23.0.0.205 as soon as possible.  Cyber Tech Cafe MyIT customers will be protected after their next computer reboot.  Others should navigate to the Adobe Security page for additional information on the update and to download and install.   ThreatPost Article - https://threatpost.com/adobe-patches-flash-zero-day-under-attack/121567/…
Read More
21Oct 2016 by nathan

DDOS attack against Dyn Managed DNS service leaves East Coast without access to most of internet

Uncategorized
Reports are coming in about a large scale DDOS attack against Dyn's Managed DNS services that took place this morning. As of currently, most websites have mitigated the issues and access to popular sites like Amazon, Twitter, Reddit, and more are functioning with minimal problems. It is not clear at this time who is responsible for the attack and / or if the attack is still ongoing. For now, users on the East Coast may experience issues loading websites or portions of websites. As of writing, Twitter.com will load only a portion of its content with many elements of the page timing out altogether. We will attempt to keep this post as well as our social media pages updated with more information as it breaks.   [UPDATE]: There appears to…
Read More
17Oct 2016 by nathan

October 2016 News and Updates

Monthly Newsletters, Uncategorized
   Updates Executive Summary - Microsoft released a total of 10 bulletins, most of which are rated critical and most of those can allow an attacker full access to a vulnerable computer remotely (remote code execution, or RCE).  Once again, the first two bulletins address vulnerabilities in Internet Explorer and Edge (Edge is supposed to be a completely separate product from Internet Explorer, but the two seem to share a lot of similar vulnerabilities).  Adobe has patched an impressive 81 vulnerabilities in it's product line (including Acrobat, Reader and Flash, most notably) with several of those listed as critical with successful exploitation leading to remote code execution.   Microsoft - Microsoft released 10 bulletins this month (MS16-118 through MS16-127). Six of the 10 are rated critical, one is rated moderate (information disclosure)…
Read More
22Sep 2016 by nathan

September 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DC770 - A quick reminder that DC770 meets the first Tuesday of each month at 7:00pm EDT in the basement at Jefferson's. Updates Executive Summary - This month's Microsoft updates looked oddly familiar to last month, with the descriptions of many of the issues patched sounding eerily similar to last month, which as you may remember was a particularly "exploitable" month of updates. As always, it is extremely important for all available updates to be installed as soon as possible. Adobe is back on the   Microsoft - Microsoft released 14 bulletins this month (MS16-104 through MS16-117). Seven of the 14 are rated critical and the remaining are rated important (by Microsoft).  It should come as no surprise that updates for Internet Explorer and Edge are leading the pack (again)…
Read More
10Aug 2016 by nathan

August 2016 News and Updates

Monthly Newsletters, Uncategorized
   What's New DEF CON 24 - Huge thank you to the folks at Piratica for the invite to DEF CON in Las Vegas, NV.  Definitely an eye opening experience to see things from a different perspective.  DC770 - A quick reminder that DC770 meets the first Tuesday of each month at 7:00pm EDT in the basement at Jefferson's. Updates Executive Summary - No patches for Adobe Flash Player this month.  For the first time since January, the monthly Adobe patch release does not include a patch for Flash Player.  In an interesting bit of irony though, there is a bulletin from Microsoft (MS16-102) that patches a vulnerability in the Microsoft PDF Library that could lead to remote code execution.  Also, MS16-099 affects multiple versions of Office including Office for Mac…
Read More
20Jul 2016 by nathan

July 2016 Quarterly Update from Oracle (276 vulnerabilities patched)

Uncategorized
   Oracle Patches 276 Vulnerabilities with July 2016 Update, including 13 for JavaSE Oracle's official update cycle is quarterly (unofficially, it's been as frequently as daily at times, before Adobe Flash stepped up to the plate as the target du jour for attackers) and the updates for July have just been published.  For most of our customers, the primary impact is JavaSE (which we'll discuss in more detail below) but updates were also released for most everything in the Oracle fleet.  There's a good write-up on ThreatPost here.   Java - The latest version of Java is 8 update 101 and patches 13 vulnerabilities, 9 of which are remotely exploitable without authentication.  If you have JavaSE installed and it is not the latest version (or if you have multiple versions installed),…
Read More