Tech Troubleshooters

18/05/2026

Your computer just got a new weak spot, and attackers are already testing it.

A security researcher has published a working proof-of-concept for a Windows vulnerability called "MiniPlasma." It lets an attacker gain full system-level access on fully patched Windows machines. That means if someone gets a foothold on a device, this flaw could hand them complete control.

What this means for you

For business owners and office managers, this is about more than a technical bug. If an attacker uses something like this, they could access files, emails, client records, or internal systems without you knowing. That can lead to downtime, lost data, or even reputational damage if client information is exposed.

For home users, the risk is just as real. A compromised device can mean stolen passwords, scams, or losing important files and photos. It can also open the door to someone accessing your email or online accounts.

What to watch for

- Unexpected pop-ups or prompts asking for admin access
- Programs installing or changing settings without your input
- Unfamiliar software appearing on your device
- Slower performance or unusual network activity
- Emails or messages you did not send

What you can do now

- Keep Windows and all software up to date
- Be cautious with email attachments and links
- Use strong, unique passwords and enable multi-factor authentication
- Make sure you have reliable, tested backups of important files
- Use layered protection on your devices, including email and web filtering

As an MSP, we help businesses and home users put these layers in place before something becomes urgent. If you are not sure where you stand, we can review your setup and close the gaps.

If you are concerned or just want peace of mind, reach out to us.

Website: http://www.techtroubleshooters.com.au
Carisa's Direct Mobile: 0448 017 919
Kelly's Direct Mobile: 0429 727 091
Office: 07 4401 5760
Email: [email protected]

07/05/2026

Education Data Breach
Action May Be Required

A major global cyberattack has just been revealed targeting Instructure (Canvas), the learning platform behind Queensland's QLearn system — and it has affected the personal details of 200+ million users worldwide.

What was stolen:

• ✅ Names and email addresses
• ✅ Student ID numbers
• ✅ Location of study
• ✅ Messages between students and teachers

What was NOT stolen (per Instructure):

• ❌ Passwords
• ❌ Dates of birth
• ❌ Financial information
• ❌ Government IDs

Who is affected:
Queensland and Tasmania state schools, multiple Australian universities, and TAFE institutions have all been confirmed. If your child attends a Queensland state school since 2020, their basic details may be in the hackers' hands.

Private and Catholic schools — some may use the Canvas platform, but not all. Contact your school directly if you're unsure.

Here's how to protect yourself right now:

🛡️ Check your antivirus and secuirty — Make sure you have reputable security software installed and it hasn't expired. Run a scan to be sure.

📧 Watch your email — Scam emails spike after breaches like this. If you get any unexpected message claiming to be from a school, teacher, or government agency — especially with links or attachments — do NOT click. Go directly to the school's official website to verify.

🔒 Enable email filtering — Gmail, Outlook and other providers have built-in spam/phishing filters. Check yours are switched on. For Microsoft 365 or Google Workspace users, ask your IT provider about advanced filtering.

🔑 Be phishing-aware — Hackers use convincing emails to trick people. Watch for urgency, generic greetings, and requests for passwords or personal info.

💡 Monitor your accounts — Keep an eye on any unusual logins or activity.

I'll keep you updated as more details come to light. If something looks off or you'd like help reviewing your home or business security, get in touch.

27/04/2026

🚨 New Malware Alert: "Snow" Attacks via Microsoft Teams

A sophisticated threat group (UNC6692) is targeting businesses through a clever social engineering campaign — and it starts with a Microsoft Teams call.

Here's how it works:

1. You receive a flood of spam emails (intentionally to distract you)
2. Someone calls claiming to be from "IT Helpdesk" on Microsoft Teams
3. They pressure you to click a link to "block the spam"
4. You actually install the "Snow" malware suite

What can Snow malware do?

• Steal your browser passwords & data
• Take screenshots of your screen
• Run hidden commands on your computer
• Steal your entire Active Directory database (usernames, passwords)
• Move laterally across your network

How to protect yourself:
✅ Never trust unsolicited calls claiming to be IT support
✅ Tech Troubleshooters will NEVER cold-call you asking you to click links
✅ We proactively monitor and secure your systems — no panic needed
✅ Enable multi-factor authentication on everything
✅ Keep your team trained — awareness is your first line of defence

If you're concerned about your business's security, talk to us. We offer security awareness training and managed IT that keeps threats like this out.

👇 Questions? Drop them below.

15/04/2026

Tech Troubleshooters Client Alert

Booking.com has warned that some customer reservation data may have been accessed, including names, contact details, booking information, and information shared with accommodation providers.

While payment card details have not been reported as exposed, travellers are already being targeted with phishing emails, calls, and WhatsApp messages linked to real bookings.

If you have upcoming travel booked through Booking.com, be extra cautious of any unexpected message asking you to confirm details, make a payment, or click a link.

What you should do:
• Don’t click payment links sent by email, SMS, or WhatsApp
• Verify requests only through the official Booking.com app or website
• Contact your accommodation directly through trusted contact details if unsure
• Be cautious of urgent messages pressuring you to act quickly

If you’re unsure, check with us before clicking or paying.
Tech Troubleshooters can help you identify phishing attempts, verify suspicious booking messages, and make sure your devices and accounts stay secure.

14/04/2026

🚨 Adobe Acrobat/Reader Zero-Day: Patch NOW 🚨

Attackers are actively exploiting an Adobe Acrobat/Reader zero-day (via malicious PDFs). If your team opens PDFs, this is urgent.

What we do for clients (patch management included):

• If you’re on our Patch Management plan, we push the emergency Acrobat updates automatically
• We run managed detection & threat hunting for suspicious PDF activity
• We use protective DNS to block malicious/phishing delivery attempts

Want us to get you protected today?
Comment PATCH or DM us.

06/03/2026

New “Coruna” iPhone Threat Shows Why Mobile Security Matters
A newly reported iPhone threat known as Coruna is a strong reminder that mobile phones and tablets are now a real target for cyber attacks. Threats like this show that a phone is no longer just a device for calls and messages. It can hold access to email, banking, passwords, photos, cloud accounts, business apps, and sensitive personal or company data.
For both home users and businesses, that means a compromised mobile device can lead to much bigger problems.
That is why the Tech TroubleShooters Mobile Solution is so important. It helps add another layer of protection by helping to:
• detect suspicious or risky activity
• warn about phishing links and unsafe websites
• identify unsafe or risky apps
• check for outdated or vulnerable devices
• use deep packet analysis to help uncover hidden malicious traffic
help spot signs a device may already be compromised
Just as importantly, one of the best ways to protect yourself against threats like Coruna is to make sure your phone or tablet is fully updated. Security updates are designed to patch newly discovered weaknesses, and delaying those updates can leave your device exposed.
Whether you use your mobile device for personal use, online banking, work email, or business systems, mobile security should not be overlooked.
Want to better protect your phone, tablet, or business mobile devices?
Contact Tech TroubleShooters today to ask about our Mobile Solution.
Tech TroubleShooters
Protecting home users and businesses across Townsville
07 4401 5760
www.techtroubleshooters.com.au

20/12/2025

🚨 Heads up: “Apple Support” scam doing the rounds — and it’s NEXT LEVEL 🚨

We’re seeing a new scam where someone calls (or texts/emails) claiming to be from Apple Support and it looks shockingly legitimate. They use urgency, case numbers, and convincing language to get you to “verify” your account.

Why it’s next level:
They’re not just sending dodgy links anymore — they’re trying to get you to hand over the keys by:

reading out a one-time verification code, or

tapping Approve / Accept / Authorise on a login prompt you didn’t start

Once that happens, they can potentially get into your Apple account and linked services.

✅ What we want our customers to do (simple rule):
If anyone contacts you claiming to be from Apple (or Microsoft / Telstra / NBN / your bank) — take yourself out of the equation.
Say: “Please contact our IT department, Tech TroubleShooters.”
Then hang up and call us.

❌ Never do this (no matter how convincing they sound):

Never share a verification code

Never press Approve/Accept/Authorise unless you just tried to sign in

Never install remote access software because someone on the phone told you to

🎥 Here’s a good video showing how convincing this scam can be:
https://www.youtube.com/watch?v=fEO3ehvSs28

🛡️ Extra protection matters too:
We strongly recommend proper security protection on all devices — phones, tablets, laptops and PCs.
Good protection helps block malicious links, unsafe apps, and suspicious activity before it becomes a bigger problem

Need us? Contact Tech TroubleShooters:
📞 07 4401 5760
📧 [email protected]

🌐 www.techtroubleshooters.com.au

If you think you may have clicked something or approved a prompt — call us ASAP (speed matters).

https://www.youtube.com/watch?v=fEO3ehvSs28

🇺🇸 Try The Epoch Times here: https://ept.ms/RomanSale🥔 Ready to give MASA a try? Go to https://MASAChips.com/ROMAN for25% off your first order. Episode Re...

03/12/2025

🚨 SECURITY ALERT: Malicious Chrome & Edge Extensions Found Tracking Users 🚨
A major security report has uncovered over 100 Chrome and Microsoft Edge extensions that were secretly spying on users and even creating backdoors inside their browsers.
These malicious extensions — created by a group known as “ShadyPanda” — looked completely normal for years before being quietly weaponised through updates.
What these extensions were doing:
📊 Tracking every website you visit
🍪 Reading your cookies to create unique identifiers
🕵️ Profiling your interests in real time
💻 Running remote code inside your browser
📤 Sending encrypted data to overseas servers
🔗 Injecting affiliate links for profit
Some had millions of downloads and were even marked as “Featured” or “Verified” before turning malicious.
Google and Microsoft have now removed the identified extensions — but similar copycats appear regularly.
🔒 What you should do right now:
1️⃣ Review your browser extensions
If you don’t recognise it or no longer use it — remove it.
2️⃣ Only install extensions from trusted developers
Free “cleaners,” “new tab tools,” and “productivity boosters” often carry the highest risk.
3️⃣ Keep Chrome & Edge fully updated
Updates include security patches that block known threats.
Need help checking your browser security?
We’re helping local clients secure their devices and remove risky extensions before they cause problems.
📞 Tech TroubleShooters – 07 4401 5760
🌐 www.techtroubleshooters.com.au
📩 [email protected]
Proactive protection keeps you safer — and this is a good reminder to review your browser regularly.

28/10/2025

⚠️ Reports Claim 182 Million Gmail Accounts Hacked — Here’s What’s Really Going On
You might have seen headlines saying up to 183 million Gmail accounts were caught up in a massive data leak.
✅ Google has confirmed there’s no new Gmail breach — Gmail itself is still secure.
🔍 But cybersecurity expert Troy Hunt found that millions of Gmail addresses and passwords have still been exposed — mostly through malware infections, phishing, and old website breaches.
So even if Gmail wasn’t hacked, your details could still be out there if your password was stolen elsewhere or reused on other sites.
If you’d like us to check your Gmail address safely and see if it’s appeared in any breach lists, just send us a quick PM or email [email protected]
We’ll let you know what we find and how to keep your account secure.
🔒 Tech TroubleShooters — keeping Townsville families and businesses safe online, one account at a time.

11/10/2025

🚨 URGENT WORDPRESS SECURITY WARNING 🚨

Hackers are actively hijacking WordPress websites worldwide using a newly discovered vulnerability — no passwords, no login required.

A major flaw (CVE-2025-5947) in the Service Finder theme and bundled Service Finder Bookings plugin allows attackers to log in as any user — including administrators — and completely take control of a website.

🧨 Severity: Critical (CVSS 9.8)
🧩 Affected versions: up to 6.0
🛠 Fixed version: 6.1 (released 17 July 2025)
⚔️ Over 13,000 attack attempts detected globally since August.

Once exploited, attackers can:

Deface or delete your website

Steal customer data and credentials

Inject malware or redirect visitors to fake or malicious pages

⚠️ If your site isn’t professionally managed…

You may already be vulnerable — and not even know it.
Many low-cost hosting providers don’t include real-time malware protection, patch management, or a proper Web Application Firewall (WAF).
That’s why small business websites are often the first to fall victim.

🛡 Why Tech TroubleShooters Clients Are Safe

All websites hosted with Tech TroubleShooters are actively protected by an enterprise-grade, AI-powered website security platform.

Here’s what that means for our clients:
✅ Real-time malware scanning & cleanup — blocks and removes threats automatically
✅ Advanced WAF (Web Application Firewall) — stops attacks before they reach your site
✅ Proactive patching — automatically fixes known vulnerabilities in WordPress, themes, and plugins
✅ Reputation protection — prevents your domain from being blacklisted if malware is detected

Your site is not just hosted — it’s defended.

If you’re unsure whether your website is properly protected or regularly updated, now is the time to check.
We can perform a quick audit and bring your website under managed protection before attackers find it.

💻 Tech TroubleShooters Townsville — Real Protection. Local Experts.
📞 07 4401 5760 🌐 www.techtroubleshooters.com.au