Blog
  • Register

Subscribe to our blog

CTN Blog

CTN Solutions has been serving the greater Philadelphia area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Microsoft is Retiring Two Major Operating Systems

Alert: Microsoft is Retiring Two Major Operating Systems

Windows is a great operating system, but unless you’re keeping track of which version you have, you’ll be in for a rude awakening when it comes time to upgrade. In just six short months, there will be two Windows End of Life events for major technology solutions: Windows 7 and Windows Server 2008 R2. You need to start thinking about upgrading now before it’s too late to do so.

0 Comments
0 Comments
Continue reading

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

Intel recently found itself (once again) in hot water, mere months after many flaws were discovered in the firmware that enables all of their chips to do their job. This time, the issue could have potentially caused a permanent dip in the CPU’s capacity to function properly. This has come to be known as the Meltdown vulnerability.

0 Comments
0 Comments
Continue reading

Hitman Email Scam Threatens Your Life, Instead of Your Data

Hitman Email Scam Threatens Your Life, Instead of Your Data

Email scams have become a sort of punchline, often featuring Nigerian princes or wealthy, unknown relatives in need of funds to get home. However, another email scam is anything but amusing, using a unique possession of the target to entice compliance: his or her own life.


This email appears in the target’s inbox with the subject line “Please read this it can be the most important information in your life,” a clear example of clickbait. However, the story that unfolds is worth accessing the email--or at least, it would be, if we weren’t going to tell you the story here.

Once opened, the recipient will find a message that suggests a great drama is unfolding on the periphery of the recipient’s life. According to the email, the recipient has had a contract put out on their head, the sender of this message being the hitman who is charged with taking them out. As the email says, “I received an order to kill you, because your activity causes trouble to a particular person.”

However, in a twist of events, the contract killer has decided to give their target the opportunity to save themselves after studying them. This is clearly a big deal, as the “business rules” of his or her profession do not allow this kind of activity, and so sending the target this message will destroy a twelve-year-long track record of executions. However, since the contract killer intends for this to be their last job, this rule was one that could be broken.

The apparent assassin then goes into the details of this arrangement. For 0.5 Bitcoin, the assassin will hand over the name of the person who arranged the hit as well as any evidence in their possession to bring to the police.

However, the target should not yet call the police, as it would take longer than the two days the target has for the authorities to investigate. The hired gun ends the letter promising to reach out again once the funds have changed hands, and with a pseudo-apology:

“I really regret that you became my prey.”

Perhaps in part because the letter plays out like an assignment from a creative writing class, and perhaps due to the high, high price implied by 0.5 Bitcoin, the scammer responsible has yet to gain any funds. Don’t be the first person to hand over a few grand.

If you happen to receive one of these emails, make sure that you mark it as spam. This helps inform spam filters that this email is unwanted, and might save someone else from contributing to the responsible party’s cache.

For more information on how to avoid scams and cyberthreats, lean on the professionals at CTN Solutions. Give us a call at (610) 828-5500.

0 Comments
Tags:
0 Comments
Continue reading

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.


Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries, its error messages divulge enough information that, after a short time, they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack.”

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that, with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact CTN at (610) 828-5500.

0 Comments
0 Comments
Continue reading

ALERT: Major Wi-Fi Vulnerability Discovered - What You Should Know

ALERT: Major Wi-Fi Vulnerability Discovered - What You Should Know

A major vulnerability has been discovered that affects everyone who uses Wi-Fi. Key Reinstallation Attack, or KRACK, affects the core encryption protocol that most Wi-Fi users depend upon to shield their browsing from others, Wi-Fi Protected Access 2 (WPA2).

0 Comments
0 Comments
Continue reading

30 Schools Shut Down In Montana After Cyber Attack

30 Schools Shut Down In Montana After Cyber Attack

Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.


TheDarkOverlord Solutions also went as far as to make graphic death threats against the children attending the schools, taking advantage of the memory of recent school shootings. This hack resulted from the Columbia Falls district server being targeted, which contained all sorts of personal data belonging to residents of the school district. This includes addresses, medical histories, behavioral history, and other information that’s helpful to cybercriminals. Thanks to these events, 30 schools closed and canceled any weekend activities. When class resumed, there was more security in place.

TheDarkOverlord Solutions, true to its name, targets individuals that have particularly lucrative data on the line. In July 2017, they were responsible for a major information harvest from healthcare providers which resulted in almost 9.5 million records going up for sale on the black market. These records were reportedly stolen from a clinic, a healthcare provider, and a health insurance provider.

This same group also reached out and made their name known by stealing media from Netflix. The popular series Orange is the New Black was released prior to its actual release date, thumbing the nose of the audio post-production studio that provided a ransom of $50,000. It just goes to show that you can never trust a thief!

All signs point toward the Columbia Falls school district to not pay the ransom demanded of them. They made the correct choice by not giving in to the demands of hackers, as there is no reasonable expectation that the data will be handed back. If they do decide to pay the ransom, it’s money that’s just going toward funding further ransomware attacks. Plus, if they are willing to pay, it just shows that the tactic actually works.

The best way to stay secure is to protect your organization against all types of threats. To learn more, reach out to CTN at (610) 828-5500.

0 Comments
0 Comments
Continue reading

ALERT: Equifax Data Breach Potentially Exposes 44 Percent of All Americans

  Authentication required.

This is a password protected blog, please kindly enter the password into the password field below to view the blog.

Warning: Google Docs Hit With Phishing Attack

Warning: Google Docs Hit With Phishing Attack

On Wednesday, several users found themselves the victim of a convincing phishing attack. The attack was designed to look like an invitation to view and edit a Google Doc, and is designed to steal your Google credentials and spread through your contacts.

0 Comments
0 Comments
Continue reading

Tip of the Week: Today is National Clean Out Your Computer Day. 5 Ways to Show Your PC Some Love

Tip of the Week: Today is National Clean Out Your Computer Day. 5 Ways to Show Your PC Some Love

It’s National Clean Out Your Computer Day! To kick off this important day, we’d like to remind business owners that this is a valuable opportunity to make sure that you’re taking good care of one of your greatest assets: your company’s technology. Let’s go over some of the best ways that you can optimize the performance of your office computers.

0 Comments
0 Comments
Continue reading

Alert: Malware Locks Up Your PC and Offers Fake Tech Support Phone Number

b2ap3_thumbnail_hack_attack_400.jpgThere’s an intrusive malware on the Internet that locks a user out of their PC and directs them to a fake IT support phone number. In addition to being inconvenient, it can lead to the theft of sensitive information. If this happens to you, whatever you do, don’t call the fake phone number!

0 Comments
0 Comments
Continue reading

Warning: Malicious Adware Finds New Way to Spread on Android Devices

b2ap3_thumbnail_security_for_your_it_400.jpgWith many organizations heavily relying on mobile computing, malicious operators have begun targeting the “low-lying fruit” of a business’ IT infrastructure, which is often a company’s mobile devices. Kemoge, a malicious adware strain designed to corrupt Android mobile operating systems, is the latest mobile threat that your business needs to protect itself against.

0 Comments
0 Comments
Continue reading

How to Remove the Harmful Superfish App Off Your PC

b2ap3_thumbnail_lenovo-superfish_400.jpgOne would assume that software preinstalled on a new PC is secure and has been properly vetted by the manufacturer. This is the case 99 percent of the time, but an exception has recently been discovered with the Superfish app, which came installed on new Lenovo computers sold between September and December of 2014. How can you protect your PC from this fishy security threat?

0 Comments
0 Comments
Continue reading

Windows Server 2003’s End of Support Date is Fast-Approaching

b2ap3_thumbnail_windows_server_2003_400.jpgLast year, Microsoft pulled the plug on Windows XP’s support. Now, one year later, Windows Server 2003 is scheduled to meet its demise. If your servers are still running Windows Server 2003 as their operating system, it’s important to upgrade before the end of support date of July 14th. Otherwise, you could be running a server operating system without necessary patches and security updates.

0 Comments
0 Comments
Continue reading

Caution: Enhanced Cryptowall Ransomware Threatens Networks

b2ap3_thumbnail_cryptowall_2_0_400.jpgAs a business owner, you have an obligation to keep your data and network files safe from prying eyes and criminals. The latest threats, like the new Cryptowall 2.0 ransomware, can be a difficult hurdle to jump, especially when they are disguised and designed to ruin you. Thankfully, you don’t have to take on these threats alone.

0 Comments
0 Comments
Continue reading

Mobile? Grab this Article!

QR Code

Latest News & Events

Drew was pleased to present a gift of financial assistance to the Joy of Life program in Sarajevo, Bosnia on behalf of his non-profit ABLE (American Balkan Leadership Enterprise) and my company CTN Solutions. Unfortunately in many countries...

Latest Blog

Smartphones are a marvel of modern ingenuity. After looking at employee smartphone use as a problem for much of the past few years, today’s businesses have begun to amend that strategy and are now using employee devices to their advantage. ...

Contact Us

Learn more about what CTN can do for your business.

Call us today
(610) 828-5500

610 Sentry Parkway
Suite 110
Blue Bell, Pennsylvania 19422