Cyber Tech Cafe

05/28/2026

Heads up if your business uses WordPress or cPanel for website hosting:

CISA (the government's cybersecurity team) just issued an emergency order for all federal agencies to patch a critical cPanel vulnerability by FRIDAY. That's less than 4 days from disclosure to deadline.

Here's why this matters for you:

⚠️ The vulnerability affects a popular cPanel plugin used for WordPress management
⚠️ Threat actors are ALREADY using it to install backdoors
⚠️ Once infected, attackers can maintain access even after you patch

This isn't theoretical — it's happening now. And while the feds got the memo, most small businesses didn't.

The harsh reality: If your website runs on cPanel and you haven't patched yet, you could already be compromised.

This is exactly why proactive IT matters. CTC's MyIT service monitors these threat alerts in real-time and patches fast — not "when we get around to it."

Your website is your digital storefront. Don't let it become an attacker's backdoor.

Read more: https://www.bleepingcomputer.com/news/security/cisa-gives-feds-4-days-to-patch-actively-exploited-cpanel-plugin-flaw/

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks.

05/23/2026

If you're a business owner, manager, or IT decision maker — be careful who you hire as your MSP.

Hiring an MSP means extending a LOT of trust. And with that trust comes a LOT of power. Any MSP can shine during onboarding, but the real test is how they act when business needs change and you need to move on.

We onboarded this client 11 years ago. Managed their environment for nine years. Two years ago, they wanted to explore other options. We made sure the offboarding was professional and painless.

They remembered that.

They gave their now former MSP notice in February that they needed to move on — and we're only getting them onboarded in mid-May. Three months of "technical complications" and dragging feet.

The lesson: How an MSP handles your departure tells you everything about their character. Trust is given. Professionalism is revealed when it's inconvenient.

Have you experienced a smooth — or nightmare — MSP transition? Drop a story in the comments or read the full post here:

Client Nightmare – The Rogue MSP May, Thu, 2026 nathan CTC NEWS , IT Nightmare , Mailing List Case Study: Why Clean Offboarding Brings Clients Back The Timeline Eleven years ago, we onboarded a new client. For nine years, we managed their entire IT environment—servers, workstations, network infr...

05/22/2026

FRIDAY FUNNY — The Ancient Wisdom

"Hello, IT support. Have you tried turning it off and on again?"

We say it. You hear it. It works. Every time.

The Real Timeline:
🕐 Minute 1: "My computer is frozen"
🕑 Minute 2: "IT asks if I've restarted"
🕒 Minute 3: "I restart it"
🕓 Minute 4: "It works now"
🕔 Minute 5: "I pretend I already tried that"

We went to school for this. We got certifications. We learned cloud architecture and cybersecurity protocols.

And 70% of the time? The answer was right there in the power button.

But hey — we're not complaining. When YOUR computer acts up, you don't want to remember whether the restart fixes it. You just want it FIXED.

That's why we're here. (And yes, we still ask if you tried restarting it. Old habits die hard.)

Happy Friday! May your devices behave and your weekends be long.

Send a message to learn more

05/21/2026

A city’s water system was hacked this week. Not by fancy malware or zero-days—but because a former employee's account was still active months after they left.

"Zombie accounts" are more common than you think. Most businesses don't have a formal offboarding process. They have a sticky note that says "tell IT sometime."

At CTC, we work with our clients to understand and document their onboarding and offboarding processes so that, when the time comes, all the client has to remember is to submit the request and we handle and document all of the details behind the scenes. Not only is the work done, it's done consistently each time and it's documented.

If your offboarding process lives in someone's memory instead of a system, let's talk.

Source: The Register — "Zombie user account let hackers control the city's water"

Failing to disable a former employee’s account was a huge mistake

05/20/2026

Healthcare cyberattacks are hitting record levels—and it's not just the big hospitals.

So far in 2026, over 9.6 million patient records have been exposed across 118+ reported breaches. Recent victims include:

• Yale New Haven Health – 5.56M records (SSNs, demographic data)
• Conduent – 25M+ records (ransomware)
• NYC Health + Hospitals – 1.8M records (including biometric data like fingerprints)
• TriZetto & CareCloud – 3.4M each (third-party vendor compromise)

The Pattern: Attackers aren't breaching hospitals directly—they're hitting vendors (billing, scheduling, EHR platforms) and riding in through trusted connections.

What this means for small practices:
If you're a dental office, medical clinic, or healthcare-adjacent business, your risk isn't just your own network—it's your third-party software, your IT vendors, and your supply chain.

MyIT clients: We monitor vendor access, audit third-party integrations, and verify that "secure" doesn't just mean your server—it means your whole ecosystem.

Questions about your vendor security posture? Drop a comment or DM us.

---

05/19/2026

1️⃣ "Reaper" macOS Malware
A new stealer targets Mac users—harvests passwords, crypto wallets, and installs backdoors. Clever twist: it spoofs Apple, Microsoft, and Google domains to look legit.

2️⃣ npm Supply Chain Attacks
The "Shai-Hulud" worm is poisoning JavaScript libraries through compromised GitHub Actions caches. Popular dev tools like TanStack are getting hit.

The Pattern? Both exploit trust in familiar brands and automated update systems.

🔗 Sources:
- The Register (Reaper): https://www.theregister.com/security/2026/05/19/do-fear-the-reaper-stealer-swipers-macos-users-passwords-wallets-then-backdoors-them/
- The Register (Shai-Hulud): https://www.theregister.com/cyber-crime/2026/05/18/shai-hulud-copycat-hits-another-npm-package/

How MyIT Helps:
Proactive patch management isn't just about Windows updates anymore. We monitor hundreds of third party applications, drivers, MacOS security configs, and supply chain risks before they hit your endpoints.

---

Send a message to learn more

05/18/2026

Cyber Tech Cafe will be closed on Monday, 25 May 2026 in observance of Memorial Day.

We will be closed Monday, 25 May 2026 for Memorial Day May, Mon, 2026 nathan CTC NEWS Cyber Tech Cafe will be closed Monday, 25 May 2025 in observance of Memorial Day. We would like to extend our heartfelt gratitude to all of the men and women that have made the ultimate sacrifice for our great nati...

05/16/2026

📰 CNN: Iranian hackers breached US gas station tank gauges.
📅 Rapid7: Published the same vulnerability research in 2015.
🔧 The fix: Close port 10001. Add a password. Segment your network.
⏰ The reality: 10 years later, thousands of systems still wide open.

This is the gap between "we know it's broken" and "we fixed it." If you're running a business with fuel tanks, industrial systems, or remote monitoring — that gap is your risk.

Let's talk.

Sources:
• CNN: Iranian hackers breach gas station systems - https://share.google/3VCmouukYShOMPDV8
• Rapid7: "The Internet of Gas Station Tank Gauges" (Jan 2015) - https://www.rapid7.com/blog/post/2015/01/22/the-internet-of-gas-station-tank-gauges/

US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity.

05/15/2026

User : "My computer is slow."

IT : Checks last update: 847 days ago

IT : We see this a lot. The good news? It's fixable. The bad news? It's been fixable for 846 days.

Send a message to learn more

05/14/2026

May 2026 News & Updates.

May 2026 News & Updates May, Thu, 2026 nathan CTC NEWS , Industry News , Mailing List , Monthly Newsletters CTC News New pricing starting in June 2026 – We will be implementing a slight price increase on 1 June 2026. Additional information will be posted to our Policies and Procedures page here. U...

05/14/2026

Quick status check: It's Thursday. Patch Tuesday was two days ago.

MyIT clients:

Fully patched, zero-days neutralized, sleeping well.

Everyone else:

Still on the "to-do" list, hoping this isn't the month they get hit.

This week had some particularly nasty vulnerabilities under active attack. Our MyIT clients didn't have to panic—because we handled it Tuesday night while they were home with their families.

When your IT is actually managed, the threats are neutralized before your coffee gets cold on Wednesday morning.

Curious how that feels? Message us.

https://ctc.co/my-it

Every clients support needs are different a rigid, one-size-fits-all approach simply doesn’t work in many cases. To address this, we provide a number of simple, flexible support options with no term agreements to ensure that our clients get all of the support that they need without add-ons or arbi...