07Nov 2014 by nathan

November 2014 News and Updates

Uncategorized
What's New 2014 Holiday Schedule - Below is our 2014 holiday schedule.  As we move into the 2014 holiday season, we want to wish everyone a Happy Thanksgiving, a Merry Christmas and a Happy New Year.   Thanksgiving - Closed Thursday, 27 November and Friday, 28 November 2014. Christmas - Closed Wednesday, 24 December and Thursday, 25 Decmeber 2014. New Year - Closed Wednesday, 31 December [2014] and 1 January 2015. What do the Target Breach and Home Depot breach have in common?  In December of 2013, we learned that Target had suffered a massive security breach where the identities of more than 40 million people were exposed.  In September of 2014, we learned that Home Depot suffered a massive security breach where the identies of more than 50 million people…
Read More
03Nov 2014 by nathan

RAID is not a backup (and backup is not RAID).

Uncategorized
RAID is not a backup (and backup is not RAID) How can I use RAID and backups to protect my data?   Today, our lives revolve around data;  documents, spreadsheets, pictures, movies, contacts, calendars, emails, etc., and all of that data resides on a hard drive somewhere.  Those hard drives, how they're configured and how your data is (or is not) protected is the subject of this article.  If you have any data, grab a cup of coffee and a comfy chair and I'll try to explain RAID, backup and why the two aren't the same in human readable language :). Why are things like RAID and backups important?  The value or importance of things like RAID and backups are directly related to the value or importance of the data.  If…
Read More
29Oct 2014 by nathan

It’s (usually) free, easy and a really good idea to encrypt your smartphone and / or tablet.

Uncategorized
Do you have a smartphone?  If so, is it encrypted?  Smartphones (and / or tablets) like the iPhone and various Andriod phones have offered the option to encrypt the phone for some time now.  I've been a big fan of this for some time and have a number of clients that routinely store sensitive information (emails from clients, documents, photos, etc.) on their phones or have VPN access to their offices on their phones that also make extensive use of the encryption options available.  It's always been hard though to get folks that don't know that they have sensitive information on their phones to encrypt them though because it's perceived as an extra layer of complexity without any real benefit.  That may no longer be the case though.  According to…
Read More
17Oct 2014 by nathan

Beware of fake support calls!! We’ve had 3 calls on this in the last week.

Uncategorized
Beware of fake support calls! The scam artists are at it again.  If you get a phone call reporting to be 'Microsoft Support', beware. Ring, Ring (You) Hello (Bad Guy) Yes, this is <name> from Microsoft Support.  I am sorry to inform you that your computer has a virus. (You) Oh my!! (Bad Guy) Yes, it could have been bad, but it looks like we caught it just in time.  If you have a moment, I would be happy to remove it for you. (You) Yes, please do.  Is there a cost for this? (Bad Guy) Absolutely not, we just want you to be safe.  Would you like to proceed? (You) Oh, thank you!!  Yes, please proceed. (Bad Guy) Ok, it looks like you're running Microsoft Windows, is that correct? (You)…
Read More
14Oct 2014 by nathan

HP Laptop Adapter Recall

Uncategorized
Back in August HP announced a voluntary recall for a number of their power adapters that came with laptops sold between September 2010 and June 2012. HP indicates that not all laptops sold within those dates are affected but advises those who purchased a laptop during that time period to check with their website to see if your adapter is a part of the recall. HP warns that those adapters affected, "may pose a risk of a fire and burn hazard to customers" and assures customers, "We are taking this action as part of our commitment to provide the highest quality of service to our notebook customers." According to HP, if your power cord has the markings "LS-15" molded into the plastic of the adapter then it is advised you follow the link…
Read More
10Oct 2014 by nathan

October 2014 News and Updates

Uncategorized
What's New New vulnerability pottentially affecting all USB devices.  At BlackHat 2014, Karsten Nohl and Jakob Lell gave a presentation on what they called BadUSB, a vulnerability at the core of USB devices that allows an attacker to literally reprogram pretty much any USB device so that it can be used for evil.  The code for the exploit was not released at Black Hat but was later released at Derbycon in Kentucky and is now being spotted 'in the wild'.  At this time there is no defense against BadUSB and, to make matters worse, there is no way to detect it.  It's not realistic to tell people "don't use USB devices at all" but there are a few things that you can do to mitigate the risk until a method for detecting…
Read More
06Oct 2014 by nathan

Mac users take note. The “Shellshock” bug affects you.

Uncategorized
Important information for Mac users regarding the Shellshock bug The Shellshock bug was announced on 24 September as a vulnerability in the Bash shell, present on many Unix and Unix like operating systems.  Somewhat burried in the story was that this also affected Mac OSX based computers becuase, on the backend, they are basically Unix (ok, so it's BSD, but the important thing to remember is that it's got Bash).  We originally shared this article via our Facebook page on 25 September and it mentioned the fact that Macs were vulnerable, but we've gotten a number of questions on the subject and I wanted to get the word out there.  The short story is that, if you have a Mac that's running any version of OSX, this vulnerabilty can affect you.…
Read More
09Sep 2014 by nathan

September 2014 News and Updates

Uncategorized
What's New Get off your can and do what you can.  I'm excited about our program to refurbish previously loved Windows XP workstations with Ubuntu Linux and getting them in the hands of folks that otherwise would not have a computer.  In case you missed it, here are the details of the program, but the short story is that if you or someone that you know doesn't have a computer but would like one, we are giving away working computers pre-loaded with Ubuntu Linux.  These are computers that had Windows XP installed but were not upgraded (for whatever reason) to Windows 7 but will run Ubuntu Linux just fine.  These are first-come, first-served. The Home Depot Breach?  By now, you've likely heard that The Home Depot has suffered a massive data breach…
Read More
12Aug 2014 by nathan

Significant Security Updates from Adobe

Uncategorized
Ok, so this is ripped direct from the article on SANS, but Adobe has released several updates with the August updates.  The download in the earlier email also work but, looking at the issues addressed, this is worth a separate post.   Adobe has released security updates for Adobe Flash Player, Adobe AIR, Adobe Reader, and Acrobat. The updates are rated as critical and an impressive number of CVE entries. CVE-2014-0538, CVE-2014-0540, CVE-2014-0541, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545, CVE-2014-0546. Summary: update now. http://helpx.adobe.com/security/products/flash-player/apsb14-18.html http://helpx.adobe.com/security/products/reader/apsb14-19.html  Cheers,Adrien de BeaupréIntru-shun.ca Inc.My SANS Teaching Schedule   All users are encouraged to install these updates.  These updates will be automatically applied at the next reboot for Cyber Tech Cafe MyIT clients.
Read More
08Aug 2014 by nathan

August 2014 News and Updates

Uncategorized
What's New Internet Explorer is the new Java?  According to the news, Internet Explorer seems to have dethroned Adobe and even Java as the most popular way the bad guys use to gain access to your computer.  According to the article, the number of vulnerabilities in Internet Explorer have increased more than 100% over 2013 levels.  What does this mean to you?  Don't use Internet Explorer.  Use Google Chrome, Mozilla Firefox or even Apple Safari but avoid Internet Explorer. Encryption is the wave of the future.  The Internet first 'met' Cryptolocker in September of 2013 and, since then, it's made a pretty significant splash and there have been a number of similar viruses (think Synolocker) that have started claiming their share of victims.  Basically, you get a virus (through an…
Read More