New Phishing Attack on Microsoft O365

August 26, 2021
New Phishing Attack on Microsoft O365 Users Leverages Open Redirects to Avoid Detection
Widespread credential phishing campaign abuses open redirector links
Microsoft 365 Defender Threat Intelligence Team Link Article

MspPortal Partners along with Barracuda does have  a solution
Read what Essentials complete will provide for you Includes ESS, Message Archiver and O365 Backup
One Drive, Exchange, Sharepoint,Teams (PDF)

MspPortal Partners will be offering to all partners a Bitdefender Gravity Zone Policy review and update

MspPortal Partners

Will be offering to all partners a Bitdefender Gravity Zone Policy review and update

Free of charge

This will only be offered to MspPortal Partners for a limited time through the middle of October 2021 on Tuesdays and Thursdays from 8 am to 11:30 am MST/NO DST

If you are not one of the 425 partners you are more than welcome to change out your existing Distributor/Partner

Existing partners and new partners are welcome go to the website www.mspportalpartners.net and fill out the contact form

MspPortal Partners specializes in Bitdefender Gravity Zone Malware protection

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / Distributor

“Where Service and Technical Skills Count”

Microsoft Windows Zero-Day Under Attack

Dark Reading Staff 9-8-2021

Microsoft has issued an advisory containing mitigations and workarounds for a remote code execution flaw in Windows it says is being exploited in targeted attacks.

CVE-2021-40444 exists in MSHTML, the proprietary browser engine built into Windows that allows the operating system to read and display HTML files. MSHTML, also known as Trident, was mainly used by Internet Explorer but is also used by Microsoft Office, Broadcom notes in its advisory on the vulnerability. It allows developers to add Web browsing into their applications.

Microsoft reports the targeted attacks it has observed use specially crafted Office documents. In explaining how an attack would work, it says an adversary could create a malicious ActiveX control to be used by an Office document that hosts the MSHTML browser-rendering engine. An attacker would have to convince a victim to open the file. Officials note victims with fewer user privileges on the system could be less affected than those with administrative user rights.

The company credits four external researchers with finding the vulnerability: Dhanesh Kizhakkinan, Genwei Jiang, and Bryce Abdo of Mandiant, and Haifei Li of EXPMON, in addition to Rick Cole with the Microsoft Security Threat Intelligence Center (MSTIC).

Read the full advisory for more details.

FBI Requests to Pass a Bill Over Ransomware Attacks

FBI Requests to Pass a Bill Over Ransomware Attacks – Reporting Ransomware Immediately To Be A Law?

By Consider The Consumer on August 9, 2021
FBI’s Plead for Mandatory Reporting of Ransomware Attacks but in reality nothing has happened

The FBI and Department of Justice are pleading with Americans to assist them in avoiding cyberattacks, stating that companies may withhold information out of fear of being sued.
Appeal for a Bill

Tuesday, during a congressional hearing, top federal cybersecurity officials urged Congress to pass a bill requiring businesses and consumers inside the United States to disclose ransomware attacks when they occur.

Richard Downing, Deputy Assistant Attorney General, told a U.S. Hearing before the Senate Judiciary Committee that investigation opportunities are lost without quick reporting. The capacity to assist other victims experiencing similar attacks is diminished, and the government and Congress lack a complete picture of the threat confronting American companies.

The request follows a series of high-profile assaults on U.S. private and public sites, including hospitals, schools, and a fuel pipeline.

The ransomware attack on Colonial Pipeline Co., which carries over half of the East Coast’s diesel, gasoline, and jet fuel, prompted the pipeline’s temporary shutdown, resulting in significant ripple effects currently being studied.

Based on Tuesday’s testimony, roughly three-quarters of all cyberattacks in the country go unreported, making it more difficult for authorities to counteract.

According to reports, Executive Assistant Director of the Cybersecurity and Infrastructure Security Agency Eric Goldstein stated that without such visibility, they are unable to communicate information efficiently, issue timely alerts, assist victims, or comprehend the consequences of these attacks on the critical national functions on which they all rely.

President Joe Biden decided to sign an executive order, following several high-profile cyberattacks on national utilities and services in May. The order requires government contractors in the information technology industry to disclose cyberattacks.
Persuading the Victims of Ransomware Attacks

On Tuesday, Assistant Director of the FBI’s Cyber Division Bryan Vorndran stated that victims of cybercrime should be compelled to inform authorities about cybercriminals’ ransom requests and whether they paid the extortion.

Additionally, the idea of shielding companies from accountability if they do report law enforcement to the cyberattacks was considered. Certain companies may be hesitant to disclose their cyberattacks for fear of litigation, such as class action lawsuits. Unfortunately they all hide behind EULA agreements on their websites, non-responsibility if you get infected.

Downing stated that victims should not be penalized for cooperating with the government. Victims should retain any legal privilege they may have had over the information before releasing it.

Numerous companies and businesses are facing class action lawsuits over their lack of ransomware protection.
Editor’s Note on FBI Requests to Pass a Bill Over Ransomware Attacks:

This article is written to inform you of the latest FBI’s request to pass a bill that would force companies and citizens to report ransomware attacks immediately.