Bitdefender Still does not have MDR ready

1-17-2025
Still not ready for prime time..I sent a email to the product manger..asking if they were fully staffed 1 month ago ans still no reply..If BD is going to charge for manged services, with the count they already maintain globally this is important to have eyes on 24x7x365 including Romania Holidays..in the tech industry, if we buy a product and pay for it support will call backs are important, other wise we might as well go to the product back in 94-95..Keep in mind this is always my opinon. My firm mange’s over 200K endpoints. MY MSP Partners depend upon my being correct and accurate

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training

“Where Service and Technical Skills Count”

As I reported earlier Bitdefender MDR is still not ready for Prime Time

If you are Partner with my firm MspPortal Partners will will keep you informed and do a hands on setup for you..

This is now posted on the splash page when you login to Gravity Zone

As you all know I am a strong supporter of Bitdefender but are lacking Developers to make MDR a reality, it all the same products as in Gravity Zone..MDR runs hooks into Gravity Zone..( It is the best possible product to run to protect you clients

Requirements

For a company to enroll others:

The company type must be a Partner.
The company must have all the add-ons and services included in the product trial available for resell.

For a company to be enrolled:
The company type must be a Customer.
The company must be directly managed or using the same license as the company that wants to enroll them.
The company must not have all add-ons and services included in the trial enabled for own use.
The company must be using a monthly subscription, and the Endpoint Security product type.
The company must use the A la carte protection model.
Important
Additional restrictions may apply. If you meet all the trial requirements but are unable to access the feature, contact MspPortal Partners your Partner (mdr@mspportal.net if your interested in finding out more information).
The MDR Product Trial feature will be released in stages and has limited availability at the moment. Check the release notes for news and updates.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Microsoft Is Forcing Its AI Assistant on People—and Making Them Pay

Microsoft is trying a new approach to build excitement for its artificial-intelligence assistant Copilot: Give it to customers whether they want it or not.

The tech company recently added Copilot to its consumer subscription service for software including Word, Excel and PowerPoint in Australia and several Southeast Asian countries. Along with the AI feature, it raised prices for everyone who uses the service, called Microsoft 365, in those countries.

What about people who don’t want to pay for an AI assistant to spruce up their documents and summarize emails? They are out of luck.

Alistair Fleming uses Word to write scripts for his YouTube channel about 1990s Japanese wrestling. The Australian noticed that every time he finished a line, Copilot’s rainbow logo would pop up on screen and ask if it could help with his writing.

“It was very keen to be used, and this was irritating to me as a user,” Fleming said.

Fleming also noticed his monthly bill for 365 increased to 16 Australian dollars from A$11.

Some users said on social media that Copilot pop-ups reminded them of Clippy, Microsoft’s widely derided Office helper from the late 1990s, that would frequently offer unsolicited help.

A Microsoft spokesman wouldn’t comment on the strategy behind the forced addition of Copilot in certain regions and whether the company plans a similar approach in other markets.

The change demonstrates the lengths to which Microsoft is going to try to profit from its huge investments in AI. Copilot, which is built with technology from OpenAI, is a key part of Chief Executive Satya Nadella’s plan to keep expanding Microsoft’s software business for consumer and corporate customers.

Microsoft is OpenAI’s biggest investor, having plowed close to $14 billion into the ChatGPT maker.
Article:
https://finance.yahoo.com/news/microsoft-forcing-ai-assistant-people-103000840.html

Bitdefender MDR Product

I have had several interactions with Dev. Currently as I mentioned it was designed for enterprise not MSP’s I am working with Dev to modify some code to allow MSP’s to sell to there clients..great concept even backed by a million dollar insurance policy (that is the good news), Apparently it will not be ready for prime time till the end of Q1. I am currently working on pricing to prime my partners and get ready for MDR gold code. I will keep you posted.

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training

“Where Service and Technical Skills Count”

This update is a direct message from Roy Miehe, CEO of MspPortal Partners, addressing Managed Service Providers (MSPs). Here are the key points covered:

1. **Beware of AI Technology**: Roy warns MSPs about the rapid advancements in AI, particularly its ability to simplify tasks like writing PowerShell scripts. While this may seem like a positive development, the implication is that AI could affect the income of MSPs by automating tasks that once required specialized skills.

2. **Limited Product Recommendations**: The message advises MSPs to focus on a small selection of essential cybersecurity products, which MspPortal endorses:
– **Firewall**: Meraki is recommended as a reliable, moderately priced solution compared to Palo Alto Networks.
– **Antivirus/Malware Detection**: Bitdefender is praised for being a leader in malware detection.
– **Spam Detection**: Barracuda is recommended for spam detection and remote monitoring solutions.
– **RMM (Remote Monitoring and Management)**: Barracuda’s RMM solution is suggested as a reliable, long-standing option.
– **Anti-Phishing Training**: Phishing Box is suggested as a trusted provider for large corporations.

3. **Cost Efficiency**: MspPortal claims that all these services can be bundled for under $6.50 per month, with flat-rate pricing and no contracts, making it an affordable solution for both workstations and servers.

4. **Support and Expertise**: MspPortal offers 24/7/365 support at no extra charge, with a team that brings 30 years of experience in the industry. The emphasis is on service and technical skills, which they believe will help MSPs survive in the evolving tech landscape.

The message is a call to action, encouraging MSPs to adapt to the changing landscape, focus on essential services, and trust in MspPortal’s offerings to keep their businesses profitable.

CISA Warns of Hurricane-Related Scams

CISA Warns of Hurricane-Related Scams
09/25/2024 08:00 AM EDT

CISA encourages users to review the following resources to avoid falling victim to malicious cyber activity:

1) Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity,

2) Consumer Financial Protection Bureau’s Frauds and scams, and

3) CISA’s Phishing Guidance, Stopping the Attack Cycle at Phase One to help organizations reduce likelihood and impact of successful phishing attacks.

MspPortal Partners provides a solution that works with the Fortune 500 firms (PhishingBox) the best in the business.
If you are a partner with MspPortal Partners we will set up a full admin panel so you can protect your clients.

Bitdefender End of Life (EOL) – December 31, 2024 Please Read

This is an announcement regarding Bitdefender Endpoint Security Tools (BEST) for GravityZone Cloud MSP Security. It details the End of Life (EOL) and End of Support (EOS) dates for older versions of BEST across different operating systems.
Key Dates and Versions:

1) End of Life (EOL) – December 31, 2024
* BEST Windows: 7.9.4.313 and older
* BEST macOS: 7.14.32.200015 and older
* BEST Linux: 7.0.3.2271 and older

2) End of Support (EOS) – February 28, 2025
*Same versions as above.

After these dates, versions older than the ones mentioned will no longer be supported or licensed. To continue receiving updates and security, users are encouraged to:

* Enable automatic updates in GravityZone.
* Manually run the Update agent task on endpoints if needed.

This ensures continuous protection for your systems.

RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus , Plus Bonus

By Guru Baran –
September 23, 2024

The Infection Chain Of The RansomHub Utilizing EDRKillShifte (This makes me nervous for for weak Networks and great Security Products in place)

“The EDRKillShifter tool functions as a “loader” executable, serving as a delivery mechanism for a legitimate driver that is susceptible to abuse to terminate applications related to antivirus solutions”, researchers said.

The RansomHub ransomware exploits the Zerologon vulnerability (CVE-2020-1472). Researchers said that if left unpatched, it might allow attackers to take over a whole network without requiring authentication.

In a particular instance, RansomHub used for batch script files—named “232.bat,” “tdsskiller.bat,” “killdeff.bat,” and “LogDel.bat”—as a form of evasion.

232.bat turns off Windows Defender’s real-time monitoring capability and uses a brute-force attack method called password spraying.

A batch script called tdsskiller.bat is used to disable antivirus software. Killdeff.bat uses advanced methods to hide notifications and enable or disable Windows Defender’s functionality, including obfuscated inline expressions, environment-variable readings, and conditional logic.

Article (https://cybersecuritynews.com/ransomhub-edr-antivirus-bypass/)

Must Read Article
Kaspersky deletes itself, installs UltraAV antivirus without warning: UltraAV force-installed on Kaspersky users’ PCs
By Sergiu Gatlan
September 23, 2024 01:16 PM
Article (https://www.bleepingcomputer.com/news/security/kaspersky-deletes-itself-installs-ultraav-antivirus-without-warning/)

FBI-Alert Number I-011822-PSA Public Announcement Cybercriminals Tampering with QR Codes

FBI-Alert Number I-011822-PSA Public Announcement

Cybercriminals Tampering with QR Codes to Steal Victim Funds

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

A QR code is a square barcode that a smartphone camera can scan and read to provide quick access to a website, to prompt the download of an application, and to direct payment to an intended recipient. Businesses use QR codes legitimately to provide convenient contactless access and have used them more frequently during the COVID-19 pandemic. However, cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.

Cybercriminals tamper with both digital and physical QR codes to replace legitimate codes with malicious codes. A victim scans what they think to be a legitimate code but the tampered code directs victims to a malicious site, which prompts them to enter login and financial information. Access to this victim information gives the cybercriminal the ability to potentially steal funds through victim accounts.

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

Businesses and individuals also use QR codes to facilitate payment. A business provides customers with a QR code directing them to a site where they can complete a payment transaction. However, a cybercriminal can replace the intended code with a tampered QR code and redirect the sender’s payment for cybercriminal use.

While QR codes are not malicious in nature, it is important to practice caution when entering financial information as well as providing payment through a site navigated to through a QR code. Law enforcement cannot guarantee the recovery of lost funds after transfer.

PS: Follow up on CrowdStrike if you are a tech, you will understand this: In this case was a bad SYS file..Since most and CTO’s should know this CrowdSrike has full access to your system (like most AV firms) since everything is cloud based, do you understand how easily CrowdStrike could be compromised. I would think long and hard before adding or for that matter keeping CrowdStrike in my security rollout/arsenal. Ask for a refund and get a good product, not a Wall Street Darling. This is my personal opinion since I have been in the AV industry for 30 years

FCC: AT&T Didn’t Adequately Protect Customers’ Cloud Data

Dark Reading Staff, Dark Reading
September 18, 2024
My personal opinion all software providers should be held liable, the claim to hide behind EULA’s

Couple come to mind: Crowd Strike, Microsoft, Cloud Flare, FaceBook, Most RMM Systems (https://cloudstatus.mspportalpartners.net/)

The Federal Communications Commission fined AT&T $13 million and ordered it to tighten up its privacy and security practices in the wake of a catastrophic third-party compromise.

The commission also used its authority under the Communications Act of 1934 to extend consumer protections to the cloud, finding AT&T failed to maintain proper oversight of a third-party provider.

That vendor, data warehousing provider Snowflake, reportedly was compromised in January 2023, exposing a host of organizations’ sensitive data, among them AT&T’s. In the weeks that followed the breach, AT&T acknowledged “nearly all” its customers were affected by exfiltrated call and text records, phone numbers, and other personally identifiable information.

Following an investigation, the FCC ruled on Sept. 16 that Snowflake should have been required to “destroy or return” the information years prior to the incident, and finding AT&T responsible for failing to appropriately protect its customer data.

ArticleATT Fined 13 million (https://www.darkreading.com/cybersecurity-operations/fcc-att-did-not-protect-cloud-data?_mc=NL_DR_EDT_DR_weekly_20240919&cid=NL_DR_EDT_DR_weekly_20240919&sp_aid=125812&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=55121)