Archives
Posted a couple of days ago Here is the solution and facts (run a cron job and resync please)
There have been users facing an issue where Google authenticator codes do not work. As it turns out, this can often happen due to the time correction for codes being out of sync. Google authenticator works on the principle of TOTP which is also known as the Time-based One-time Password Algorithm. If the time of the codes being generated by the application is out of sync, the codes generated won’t work when you try to use them for 2FA or two-factor authentication. As a result, you stumble upon the Google authenticator not working issue.
Your the 3rd firm to have this happen between yesterday and today, Bitdefender, Barracuda
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”
Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks
Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks
Posted: June 23, 2025 by Pieter Arntz
Russian hackers have bypassed Google’s multi-factor authentication (MFA) in Gmail to pull off targeted attacks, according to security researchers at Google Threat Intelligence Group (GTIG).
The hackers pulled this off by posing as US Department of State officials in advanced social engineering attacks, building a rapport with the target and then persuading them into creating app-specific passwords (app passwords).
App passwords are special 16-digit codes that Google generates to allow certain apps or devices to access your Google Account securely, especially when you have MFA enabled.
Normally, when you sign in to your Google account, you use your regular password plus a second verification step like a code sent to your phone. But since some older or less secure apps and devices—like certain email clients, cameras, or older phones—are unable to handle this extra verification step, Google provides app passwords as an alternative way to sign in.
However, because app passwords skip the second verification step, hackers can steal or phish them more easily than a full MFA login.
Link (https://www.malwarebytes.com/blog/news/2025/06/gmails-multi-factor-authentication-bypassed-by-hackers-to-pull-off-targeted-attacks?utm_source=iterable&utm_medium=email&utm_campaign=b2c_pro_oth_20250630_juneweeklynewsletter_nonpaid_v5_2_175102171575&utm_content=Gmail_logo)
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”
CrowdStrike announces 5% job cuts, says AI is ‘reshaping every industry’
By Jordan Novet
CrowdStrike, a leading cybersecurity firm, recently announced plans to lay off approximately 500 employees, representing about 5% of its global workforce. CEO George Kurtz attributed this decision to the company’s strategic shift towards leveraging artificial intelligence (AI) to enhance operational efficiency and accelerate innovation. Kurtz emphasized that AI is foundational to CrowdStrike’s operations, streamlining processes across various departments and enabling faster product development .
This move aligns with a broader trend in the tech industry, where companies are increasingly adopting AI to automate tasks and reduce costs. In the first few months of 2025 alone, over 52,000 tech jobs have been cut, with firms like Salesforce, Workday, and Shopify also implementing layoffs to focus on AI-driven strategies .csoonline.com
However, CrowdStrike’s reputation has faced challenges due to a significant incident in July 2024. A faulty update to its Falcon Sensor software led to a global IT outage, affecting approximately 8.5 million Microsoft Windows systems. This disruption impacted various sectors, including airlines, healthcare, and financial services . Delta Air Lines was notably affected, canceling over 7,000 flights and filing a lawsuit against CrowdStrike seeking $500 million in damages .lemonde.fr+5techcrunch.com+5marketwatch.com+5cybersecuritydive.com+2messageware.com+2reuters.com+2asisonline.org+7reuters.com+7en.wikipedia.org+7
In response to the incident, CrowdStrike has taken steps to improve its update processes, including implementing staggered rollouts and allowing customers to choose their update timing . Despite these efforts, the company continues to face scrutiny and legal challenges related to the outage.theguardian.com+1en.wikipedia.org+1reuters.com
Investors and clients are advised to monitor CrowdStrike’s ongoing legal proceedings and operational adjustments as the company navigates the aftermath of the 2024 outage and its strategic pivot towards AI-driven solutions.
CrowdStrike Faces Legal and Operational Challenges Amid AI Transition

theguardian.com
CrowdStrike apologizes for global IT outage in congressional testimony
Sep 24, 2024
Rooy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”
Apple, Google and Facebook Among Services Exposed In Massive Leak of More Than 16 Billion Login Records
Apple, Google and Facebook Among Services Exposed In Massive Leak of More Than 16 Billion Login Records
June 19, 2025 1:57 PM 2 min read
Apple, Google and Facebook Among Services Exposed In Massive Leak of More Than 16 Billion Login Records
by Murtuza J Merchant Benzinga Staff Write
Has surfaced online, marking one of the most extensive exposures of personal data in history, according to cybersecurity researchers tracking infostealer activity.
Cybersecurity researchers have uncovered 30 massive data collections this year alone, each containing tens of millions to over 3.5 billion user credentials, Cybernews reported.
These previously unreported datasets were briefly accessible through misconfigured cloud storage or Elasticsearch instances, giving the researchers just enough time to detect them, though not enough to trace their origin.
The findings paint a troubling picture of how widespread and organized credential leaks have become, with login information originating from malware known as infostealers.
These malicious programs siphon usernames, passwords, and session data from infected machines, usually structured as a combination of a URL, username, and password.
The leaked credentials span a wide range of services from tech giants like Apple, Facebook, and Google, to platforms such as GitHub, Telegram, and various government portals.
Some datasets were explicitly labeled to suggest their source, such as “Telegram” or a reference to the Russian Federation.
Others bore generic names like “logins” or “credentials.”
Researchers say these leaks are not just a case of old data resurfacing.
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”
## **MspPortal Partners Steps Up with Premier Security Solutions for MSPs**
**MspPortal Partners** is proud to continue serving as a trusted distributor of industry-leading security software at **wholesale prices** exclusively for Managed Service Providers (MSPs), both small and large. We do **not** sell direct to end users — our commitment is to empower **tech firms** with the best tools at the best value.
We’re not here to buy your business — our **aggressive pricing** and **expert service** speak for themselves.
—
### 🛡️ **Barracuda Email Security — Three Wholesale Tiers**
**1) Advanced Email Protection**
* Combines secure email gateway with AI-powered threat detection
* Protects against **13+ email threat types**
* Includes **post-delivery threat remediation**
**2) Complete Mail Protection**
* Includes all features of Advanced
* Adds **cloud backup** for **Microsoft 365 and Google Workspace (Gsuite)** components
* Backup occurs **off-platform** for enhanced redundancy
**3) Total Mail Protection**
* Includes everything from Complete
* Adds **lateral attack protection** across Microsoft 365 apps
* Includes full **data recovery and restore capabilities**
—
### 🖥️ **RMM – Remote Monitoring and Management**
We provide Remote Management tools (RMM) designed for proactive IT monitoring. This includes:
* Real-time system status tracking
* Automated remediation
* Efficient **remote device management**
* Reduces the need for on-site support
—
### 🔐 **Bitdefender — Elite Endpoint Security Solutions**
MspPortal Partners offers **multiple wholesale tiers** for Bitdefender, the global cybersecurity leader. Our customers report **superior performance** to platforms like **CrowdStrike** and **SentinelOne**.
**Available for**:
* Small Businesses
* Midsize Firms
* Enterprise Environments
**Core Features**:
* **GravityZone Platform**: Instantly scalable endpoint protection
* Compliance-ready: Supports **PCI DSS**, **NIS2**, **HIPAA**
* Simple integration with powerful reporting
* Multi-layered defense — next-gen AV, EDR, and behavioral analytics
* MDR — next-gen AV, EDR, and behavioral analytics managed 24x7x365 by humans and AI with alerts
—
### 🛠️ **Support & Training That Sets Us Apart**
We offer up to **Level 3 support**, plus **in-depth training** — a rarity in wholesale distribution.
* **24x7x365 support** always available
* **Phone support** available **Monday–Friday, 7:30 AM to 5:00 PM MST/Arizona** — and yes, **we actually pick up the phone**.
—
### 👤 **Contact**
**Roy Miehe**
CEO/President, MspPortal Partners Inc.
Security Software Distributor: **Bitdefender**, **Barracuda**, **Axcient**
*“Where Service and Technical Skills Count”*
Bitdefender Update EDR
When Bitdefender first started EDR (Endpoint Detection and Response) it was for a unlimted time.
They have now decide to make money paid for a service “retension” with that EDR service.
Option 1 No Data Retention (no cost)
Option 2 Data Retention 90 days(added cost)
Option 1 Data Retention 180 days(added cost)
Option 1 Data Retention 1 year (added cost)
Unless you need the option for auditing purpose do not waste you money.
Roy | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
Hackers Manipulate Stock Markets in $700 Million Illicit Trading Spree-Plus CloudFlare Issues
Stock Markets and Power Grids issues
Hackers Manipulate Markets in $700 Million Illicit Trading Spree
Aya Wagatsuma, Ryo Horiuchi and Takashi Nakamichi
Mon, April 28, 2025 at 7:12 AM MST 7 min read
(Bloomberg) — Criminals are hijacking online brokerage accounts in Japan and using them to drive up penny stocks around the world. The wave of fraudulent trading has reached ¥100 billion ($710 million) since it started in February and shows no signs of cresting. The scams typically use the hacked accounts to buy thinly traded stocks both domestically and overseas, allowing anyone who has built up a position earlier to cash out at inflated values. In response, some Japanese securities firms have stopped processing buy orders for certain Chinese, US and Japanese stocks. Eight of the country’s biggest brokers including Rakuten Securities Inc. and SBI Securities Co. have reported unauthorized trading on their platforms. The breaches have exposed Japan as a potential weak point in efforts to safeguard global markets from hackers.They also threaten to undermine the Japanese government’s push to get more people to invest for their retirement, particularly since some victims say they are baffled as to how their accounts were broken into and the securities companies have so far largely refrained from covering the losses.
Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase.
These figures come from Cloudflare’s 2025 Q1 DDoS Report, where the company says it mitigated a total of 21.3 million DDoS attacks in 2024.
However, 2025 is looking to be an even bigger problem for online entities and companies, with Cloudflare already responding to 20.5 million DDoS attacks in just the first quarter of 2025.
These attacks include Cloudflare itself, whose infrastructure was targeted directly in 6.6 million attacks over an 18-day multi-vector campaign.
Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase.
These figures come from Cloudflare’s 2025 Q1 DDoS Report, where the company says it mitigated a total of 21.3 million DDoS attacks in 2024.
However, 2025 is looking to be an even bigger problem for online entities and companies, with Cloudflare already responding to 20.5 million DDoS attacks in just the first quarter of 2025.
These attacks include Cloudflare itself, whose infrastructure was targeted directly in 6.6 million attacks over an 18-day multi-vector campaign.
Link Markets
https://finance.yahoo.com/news/hackers-manipulate-markets-700-million-141234302.html
Link CloudFare
https://www.bleepingcomputer.com/news/security/cloudflare-mitigates-record-number-of-ddos-attacks-in-2025/
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”
To all MSP’s,Resellers Vars’s and Distribotors (Called “MSP”) Read your EULA’s
To all MSP’s,Resellers Vars’s and Distributors (Called “MSP”)
Read your EULA’s
HAVE ALL MANUFACTURERS ADD ONE LINE TO THE AGREEMENT ADDRESSED TO YOUR FIRM (“Documentation ” Called “MFG”)
If a security breach is caused by the manufacturer..All agreements are nul and void immediately at the digression of the MSP.
Example Crowdstrike adding a bad sys file, that took down thousands of computers at on time via update distributed by Microsoft and Cloudfare.
Link
ClowdStrike EULA (https://www.crowdstrike.com/en-us/legal/software-terms-of-use/)
6. No Warranty.
6.1 Disclaimer. THE SOFTWARE AND ALL OTHER CROWDSTRIKE OFFERINGS ARE PROVIDED “AS-IS” AND WITHOUT WARRANTY OF ANY KIND. CROWDSTRIKE AND ITS AFFILIATES DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, CROWDSTRIKE AND ITS AFFILIATES AND SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT WITH RESPECT TO THE SOFTWARE AND ALL OTHER CROWDSTRIKE OFFERINGS. THERE IS NO WARRANTY THAT THE SOFTWARE OR ANY OTHER CROWDSTRIKE OFFERINGS WILL BE ERROR FREE, OR THAT THEY WILL OPERATE WITHOUT INTERRUPTION OR WILL FULFILL ANY OF SOFTWARE USER’S PARTICULAR PURPOSES OR NEEDS. THE SOFTWARE AND ALL OTHER CROWDSTRIKE OFFERINGS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. NEITHER THE SOFTWARE OR ANY OTHER CROWDSTRIKE OFFERINGS ARE FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. SOFTWARE USER AGREES THAT IT IS SOFTWARE USER’S RESPONSIBILITY TO ENSURE SAFE USE OF SOFTWARE AND ANY OTHER CROWDSTRIKE OFFERING IN SUCH APPLICATIONS AND INSTALLATIONS. CROWDSTRIKE DOES NOT WARRANT ANY THIRD PARTY PRODUCTS OR SERVICES.
6.2 No Guarantee. SOFTWARE USER ACKNOWLEDGES, UNDERSTANDS, AND AGREES THAT CROWDSTRIKE DOES NOT GUARANTEE OR WARRANT THAT IT WILL FIND, LOCATE, DISCOVER, PREVENT OR WARN OF, ALL OF SOFTWARE USER’S OR ITS AFFILIATES’ SYSTEM THREATS, VULNERABILITIES, MALWARE, AND MALICIOUS SOFTWARE, AND SOFTWARE USER AND ITS AFFILIATES WILL NOT HOLD CROWDSTRIKE RESPONSIBLE THEREFOR.
7. Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW CROWDSTRIKE SHALL NOT BE LIABLE TO SOFTWARE USER (UNDER ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STATUTE, TORT OR OTHERWISE) FOR: (A) ANY LOST PROFITS, REVENUE, OR SAVINGS, LOST BUSINESS OPPORTUNITIES, LOST DATA, OR SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, EVEN IF CROWDSTRIKE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES OR SUCH DAMAGES OR LOSSES WERE REASONABLY FORESEEABLE; OR (B) AN AMOUNT THAT EXCEEDS IN THE AGGREGATE $100. THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY REMEDY SPECIFIED IN THESE TERMS. MULTIPLE CLAIMS SHALL NOT EXPAND THE LIMITATIONS SPECIFIED IN THIS SECTION 7.
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”
America’s biggest phone Carriers preparing to hike prices!!!
America’s biggest phone Carriers preparing to hike prices!!!
Brian Sozzi · Executive Editor
Fri, April 25, 2025 at 5:25 AM MST 3 min read
Verizon, AT&T, and T-Mobile prepare to raise prices on consumers because of Trump’s trade war. Personal opinion its just Corp Greed.
Suggestion Boost and Mint Mobile Wireless are much less expensive..Phones are not computers
The smartphone ecosystem has avoided the biggest brunt of President Trump’s tariffs, for now.
But if that for now ends, major phone carriers appear poised to dump the higher costs of smartphones onto the laps of consumers.
Trump earlier this month exempted smartphones and some other electronics from his reciprocal tariffs, though he left a 20% fentanyl tariff on China intact. The exemption could prove temporary, keeping the prospect of 145% tariffs on China (where Apple (AAPL) makes its iPhones in play.
With regards to Apple.. a phone is a phone the toys that Apple provides are not loss leader products..Apple made a choice to move manufacturing to China based upon my opiion pure greed to line there pocket books…
Article
(https://finance.yahoo.com/news/verizon-att-and-t-mobile-prepare-to-raise-prices-on-consumers-because-of-trumps-trade-war-122549340.html)
Bitdefender MDR
When it is working..it works fine and does what it was designed to do.
Like I told them GET RID OF INTUITS MAILCHIMP AS A SMTP OUT
I spun up another partner yesterday no issue’s with 15 companies..beware if you try to enter Verification code and it fails do not waste you time its broken just report up here (Reddit r/bitdefender)
Roy Miehe | MspPortal Partners Inc. | Ceo/PresidentSecurity Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Coun