What are the opening hours?

Monday 9am - 5pm Tuesday 9am - 5pm Wednesday 9am - 5pm Thursday 10am - 6pm Friday 9am - 5pm

Capricorn I.T.

Name: Capricorn I.T.
Address: Kerang, VIC, AU
Telephone: +611300451337
Price range: $$

Home
Australia
Kerang, VIC
Capricorn I.T.

Complete IT services providing on-site support within 100km/1hr of Kerang at no extra cost.

19/02/2026

New chrome 0day that mitre has coined CVE-2026-2441 - Google has released a patch. This is being actively exploited so don't delay.

06/02/2026

𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟭𝟱𝟱𝟱𝟲 𝗡𝗼𝘁𝗲𝗽𝗮𝗱++ 𝗖𝗼𝗺𝗽𝗿𝗼𝗺𝗶𝘀𝗲

If you thought a simple text editor was too simple a program to be an attack surface, best think again.

Notepad++ is a text editor that pretty much every Windows based power user has on their machine. The automatic update mechanism of the software has been revealed to be compromised, so please check your systems, refer to the CVE and the project website for updated packages.

MITRE reports on the CVE page that this is still under analysis. If your organization needs a security audit, pe*******on system or other advice, let us know!

25/12/2025

Wishing our clients a very Merry Christmas, and hope that everyone has a great day no matter what you are doing today.

13/12/2025

A paper entitled "Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers" by Gegenhuber et al detailed how read receipts in messaging apps, even supposedly "secure" ones like Whatsapp and Signal, could be used to silently obtain information on the device state by tracking the round trip time. As a crude example, someone on LTE would have a higher round trip time than a person at home on fixed broadband.

The obvious fix is to delay read receipts by an arbitrary time with a minimum delay that exceeds that of the slowest likely connection and then add a random component to that, making the data less useful to bad actors but still achieving the original purpose. There's no need for the read notification to be sent immediately. Introducing a random delay between 200-400ms would render this far less useful. More importantly, no ability for a corrupt message to be sent that doesn't appear but does get acknowledged should exist, and there should be a rate limit.

Our advice is to disable read and delivered reporting in your messaging apps as unfortunately this has yet to be rectified by any of the players in the secure messaging space, and now proof of concept code has been released making this an attack that can and will be used. Those interested in reading more are encouraged to check the github page for gommzystudio/device-activity-tracker

21/11/2025

You always need to make sure you use primary sources when at all possible. Some of the rumors circulating around are downright nutty, and I can't even post a few of them as they're sheer bonkers.

❌ No, this was not an attack on Cloudflare infrastructure.
❌ Nation state actors, and other fanciful stories did not play a part.

The true answer is far less interesting, but code got pushed into production that updated a table with bad data periodically which likely gave rise to the initial queries as to whether this was some kind of automated attack.

For those who wish to know all of the information, straight from Matthew Prince himself, the CEO and co-founder of Cloudflare (take the praise during earnings reports etc, but this guy at least is present when things don't go their way) you can read his post (which is very complete, but an after action report will no doubt also be created so lessons can be learned) at the Cloudflare blog at https://blog.cloudflare.com/18-november-2025-outage/

Do I still trust cloudflare? Absolutely. Their record speaks for itself, and this is merely a blip on an otherwise excellent company.

18/11/2025

If you experienced intermittent connectivity to a large array of websites this evening, you're not alone. Cloudflare, probably one of the largest CDN around experienced an intermittent issue routing traffic from the public facing addresses, and the proxied hosts. Multiple theories went around from denial of service (unlikely given that Cloudflare is in the business of protecting against DDoS), to DNS/BGP and the usual offenders. The cloudflare blog, which is open to the public will include an after action report when things normalize.

Cloudflare reported at 1120 AEDT (UTC+11) that the issue was resolved and services were recovering, albeit warning that end users may see "higher-than-normal error rates".

Having had some experience with the company and the techs behind it, they run a very tight ship and I've got zero doubt that they pulled in all hands to get this sorted. Unlike some recent outages this was dealt with promptly and communication with both news media and users was excellent. An excellent lesson in how to manage a crisis.

The Cloudflare name and logo are property of Cloudflare, a US based company providing DDoS protection and CDN services.

27/10/2025

A Forbes article posted today has caused some confusion, with the headline "Gmail Passwords Confirmed As Part Of 183 Million Account Data Breach" - and people jumping to conclusions that Alphabet, the parent company of Google bears some responsibility for the credential leak (erroneously).

Credential stuffing - only made possible from password reuse and crypto stealing trojans are more likely causes than some leak within the company and many are missing the point the author makes. Our long form article is in the comments - no external blogs, no subscriptions, no BS, it's just there to read.

20/10/2025

(Updated 0920Z/2020AEDT, see further below)

Snapchat refusing to post an image or update your latest story? It's not just you. Vast swathes of the Internet aren't functioning as expected.

Amazon's AWS, whose CDN and distributed cloud compute powers many corners of the web is having issues with the company now admitting to the fault on their website, stating that "We can confirm increased error rates and latencies for multiple AWS Services in the US-EAST-1 Region [...] We are actively engaged and working to both mitigate the issue and understand root cause."

Given they have a SLA and downtime costs Amazon large amounts of money, it would be expected that the issue would be resolved quickly, likely within the next hour but if BGP was involved with the outage it may take longer for all AS (autonomous systems, each individual network providers' segment within BGP) route views to converge.

★ Updated 0920Z/2020AEDT: the Amazon service health page now states they have identified the root cause of the problem in a distributed database platform known as DynamoDB, which they claim "appears to be related to DNS resolution of the DynamoDB API endpoint in US-EAST-1."

They furthermore state that they are working on multiple parallel paths to attempt to hasten recovery but this may be a matter of waiting out the TTL.

Hidden in their update was what we already knew but Amazon hadn't yet admitted, that the incident "also affects other AWS Services in the US-EAST-1 Region. Global services or features that rely on US-EAST-1 endpoints such as IAM updates and DynamoDB Global tables may also be experiencing issues."

Perhaps ironically, Amazon's own trouble ticket system for AWS customers relies on DynamoDB meaning that new issues cannot be lodged or are at least severely rate limited.

14/10/2025

Today (Oct 14) marks the day that Windows 10 will be buried as "end of life" (EOL) and security updates will cease.

Contact Capricorn IT for a chat if you have legacy Windows 10 machines, and we can work with you to develop a plan to upgrade those machines to Windows 11 (it is possible in most cases, even without a TPM bypass many motherboards of the era had a TPM header) or for those that can't be upgraded develop a risk mitigation plan, which may include extended security updates (ESU).

We understand this process can be confusing to small businesses, so by all means, drop us an email or DM and we can discuss the issues at hand and even arrange an on-site visit.

19/05/2025

★ Mobile / Fixed Wireless Issues ★

📵 intermittent cellular internet issues reported between Leitchville and Cohuna, these appear to have been largely resolved as at 1800 this evening (May 19).

⌚Pyramid Hill based NBN Fixed Wireless clients may have issues from intermittent connectivity to wholesale loss of service on the last two days of May. Your provider should advise you if you are affected.

21/04/2025

Do yourself a favor and pause windows 11 updates for a few days using the button within Settings→Updates, as KB5055523 is causing instability and blue screens of death when installed. If you read this any later than April 23, a fix will have been pushed and there's no need to act.

26/03/2025

Windows users of chrome, make sure your browser is updated to fix CVE-2025-2783, a high-severity vulnerability that is actively being exploited in the wild.

Address

Kerang, VIC

Opening Hours

Monday	9am - 5pm
Tuesday	9am - 5pm
Wednesday	9am - 5pm
Thursday	10am - 6pm
Friday	9am - 5pm

Telephone

+611300451337

Website

https://capricornit.com.au/

Alerts

Be the first to know and let us send you an email when Capricorn I.T. posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Capricorn I.T.:

Shortcuts

Address
Telephone
Opening Hours
Alerts
Contact The Business
Claim ownership or report listing