Archives

Continued from July 19th 3 Cause’s of the Crowdstrike down in reality

Keep in mind this is my personal opinion..please prove me wrong if you can.

3 Cause’s of the CrowdStrike down
1) Bad Developer file uploaded/downloaded
2) Microsoft Software runs the operating systems sort of like a monopoly, we all know it in reality it is.
3) Distribution of software via Cloudflare

Keep in mind this is my personal opinion..please prove me wrong if you can.

I read something today that shocked me. CloudStrike was going pay techs globally $10.00 coffee vouchers to remove sys file issue. I work with four hundred plus tech firms through out the US I have never heard of a computer Tech working for a $10.00 coffee voucher.
Normal Tech rates run from entry level $50.00 to $500.00 a hour.

(Bloomberg) — Microsoft Corp. said Delta Air Lines Inc. turned down repeated offers for assistance following last month’s catastrophic system outage, echoing claims by CrowdStrike Holdings Inc. in an increasingly contentious conflict between the carrier and its technology partners.
Now I am not a strong proponent of Ed Bastien (to full of himself) nor do I fly Delta.

If read/sift through all the garbage it really was all 3 firms that caused the outage.
No matter what OS Delta was running, Windows, Apple, Linux, The Falcon Platform runs on all 3. So in my opinion Delta does deserve the money for the down time.

Even thou in my opinion Mark S Cheffo when :“Even though Microsoft’s software had not caused the CrowdStrike incident, Microsoft immediately jumped in and offered to assist Delta at no charge,” I did not hear they were going to fly Techs to fix all Delta’s machines, for that matter globally let alone Delta

When does a end user or SMB company ever able to talk to Microsoft Support and receive a response within a reasonable amount of time?

So right now I see 2 parties at fault (Microsoft & CroudStrike)
But there is a 3rd party involved, CloudFlare, have you ever asked yourself what they do:Protecting it from online threats and optimizing performance there web Site.

Cloudflare is a company that provides services like content delivery network (CDN), cloud cybersecurity, DDoS mitigation, Domain Name Service (DNS), and domain registration. They help improve website speed, security, and reliability by acting as a mediator between a website’s server and its visitors, protecting it from online threats and optimizing performance.

Cloudflare
American internet infrastructure and website security company
cloudflare.com

Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, Domain Name Service, and ICANN-accredited domain registration services. Cloudflare’s headquarters are in San Francisco, California. According to The Hill, Cloudflare is used by more than 20% of the Internet for its web security services, as of 2022. Wikipedia

Now all this is my opinion but should help create and finish a Class Action Law Suit, all 3 need to named as defendants.

Last Pay Your developers and Tech Support folks more money, Take it out of the C-Levels paychecks/bonuses. It appears that most firms have forgotten with out staff the company would be nothing.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Windows update may present users with a BitLocker recovery screen

Windows update may present users with a BitLocker recovery screen

Posted: July 25, 2024 by Pieter Arntz

Some Windows users may see a BitLocker Recovery screen after applying the Microsoft patch Tuesday updates. BitLocker is a Windows security feature that encrypts entire drives. It prevents someone that has obtained a stolen or lost device from reading the files stored on that drive.

Unfortunately, though, Microsoft launched an update this month that has caused problems for some Windows systems. Without telling the public what, exactly, has gone wrong, Microsoft provided some details about what might happen on the Windows release health dashboard.

Affected systems are running Windows 10 and 11 or one of the server versions (Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008.). And the affected systems are very likely to have Device Encryption enabled.

You can find out if you have Device Encryption enabled by looking at:
Settings
Privacy & Security
Device encryption

If Device encryption doesn’t appear under Privacy & Security, it isn’t available for your system.

Under normal circumstances you wouldn’t see the BitLocker Recovery screen unless you enter the wrong PIN too many times or when you’ve made some hardware or firmware changes.

If you are affected by this faulty update, you will be presented with a screen similar to this one when you boot the system.

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training

“Where Service and Technical Skills Count”

CrowdStrike Blames Crash on Buggy Security Content Update

It is amazing that a security company would even make this type of comment.
They are a Wallstreet “darling” CrowdStrike Response & Mitigation Continues, this will go on for a longer period of time then affected companies will disclose publicly.

CrowdStrike remains in the hot seat — quite literally, as the company’s CEO George Kurtz has been called on to testify before Congress about the incident — and has considerable work to do to salvage its reputation in the wake of the incident

Personally I believe the next shoe to fall will be Sentinel One also wall street traded

A buggy “security content configuration update” to CrowdStrike’s Falcon sensor, which is aimed at gathering telemetry on novel threat techniques for Windows, has been confirmed as the root cause of the problem that crashed computers around the world on July 19, and is still having an impact on global IT teams, the vendor says.

Personal opinion
Uninstall and cancel your agreement with Crowdstrike strike 2 with the current CEO
If a Class action lawsuit is actually filed join in at least try to recoup some of your losses.
In todays world of Antivirus/Malware there is only one product that allows full control of your environment

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Lead Article=Elizabeth Montalbano, Contributing Writer

https://www.darkreading.com/endpoint-security/crowdstrike-crash-buggy-security-content-update?_mc=NL_DR_EDT_DR_weekly_20240725&cid=NL_DR_EDT_DR_weekly_20240725&sp_aid=124803&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=54465

3 Cause’s of the Crowdstrike down in reality

Keep in mind this is my personal opinion..please prove me wrong if you can.

3 Cause’s of the Crowdstrike down
1) Bad Developer file uploaded
2) Microsoft Software ( Be a developer of software not a security expert
3) Distribution of software via Cloudfare

Keep in mind this is my personal opinion..please prove me wrong if you can.

A faulty kernel driver developed by cybersecurity company CrowdStrike has caused a massive Microsoft outage that is currently causing chaos around the world. Windows machines have been crippled by the Blue Screen of Death (BSOD) on a global scale. The situation is so serious that flights are being grounded, major banks are experiencing problems with their systems, while key emergency 911 services have also been affected.

Cloudflare (down more then its up we have logs) Expands Relationship with Microsoft, Makes Industry Leading …
Jan 12, 2023Cloudflare and Microsoft announce new integrations between Cloudflare One and Microsoft Azure Active Directory to help customers deploy Zero Trust security across applications, users, devices and networks. The partnership also includes features such as Remote Browser Isolation

“The criticality of CrowdStrike as a security platform tends to, I think, outweigh some of those issues in the sense of customers can’t afford to just turn them off and not renew because of one incident. They’re just too tied into the ecosystem,” Walsh tells Yahoo Finance. “They’re too critical of a tool and what kind of within the overall stack. So I think those conversations certainly have the potential to emerge…”

Josh Lipton and Julie Hyman
Fri, Jul 19, 2024, 1:19 PM MST

Comments like this are foolish, of course you can change software providers..Comments like this are like the early 90’s when Symantec and McAfee dominated the AV industry (Techs comments back then were we will never get fired if we use the 2 products mentioned above, but we all managed to survive with better products that did not peg the CPU’s)

Defused Cyber Deception Researcher and Founder Simo Kohonen joins to discuss the implications for CrowdStrike and the broader cybersecurity landscape.

Kohonen explains that CrowdStrike “pushed out a faulty update” that, when installed, “broke everything,” affecting industries globally. He emphasizes CrowdStrike’s reputation as the “top number one cybersecurity company in the world” and notes that their extensive customer base amplifies the scale of this issue. While the issue is fixable, he cautions that the timeline for resolving this problem may vary.

Simo Kohonen – Aalto University | LinkedIn
Sep 2021 – Present 2 years 7 months. Helsinki Metropolitan Area. Key contributor in the technology-related major fundraising at the Aalto University. Managing key accounts in a client and data driven manner utilizing the Microsoft Dynamics CRM system. Identifying, cultivating, soliciting, and stewarding

Crowdstrike EULA (https://www.crowdstrike.com/terms-conditions/)
8.5 No Guarantee. CUSTOMER ACKNOWLEDGES, UNDERSTANDS, AND AGREES THAT CROWDSTRIKE DOES NOT GUARANTEE OR WARRANT THAT IT WILL FIND, LOCATE, OR DISCOVER ALL OF CUSTOMER’S OR ITS AFFILIATES’ SYSTEM THREATS, VULNERABILITIES, MALWARE, AND MALICIOUS SOFTWARE, AND CUSTOMER AND ITS AFFILIATES WILL NOT HOLD CROWDSTRIKE RESPONSIBLE THEREFOR.

My opinion every major provider write EULA’s like this..They take your money and say sorry..right now Crowd Strke does not have enough employees to remove the file that broke it, the firms that use Crowdstrike also do not have enough techs to to fix all systems affected, including Chase .

Personally I would like to see a law firm create a class action law suit, for loss’s incurred..

I do know about this matter I recommended a RMM soultion to one of my partners..The firms  development team pushed the wrong patch out in a  update that deleted over 4000 endpoints of one of  the largest and most reliable AV solutions back then and even today. Personally my firm and along with myself restored all endpoints, I did drop the RMM when they basically said sorry but would not pay for costs to restore, this still happens to be a client today still..its all about service.

I wish you all luck to get your services restored, hire a qualified tech

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count” 40 years in the AV business.

After being fined for fraudulent ads, Meta tries to discredit researchers

Updated on: June 14, 2024 6:47 AM Paulina Okunytė Journalist (Good Job)

The legal action was based on NetLab’s findings, which indicated that Meta did not take down 1817 paid ads containing scams.

The fraudulent ads used the name of a popular government program to assist indebted individuals, called Desenrola, and kept running even after months after official notification.

To all MSP and Tech’s do what you can to block Facebook / Meta just for security purposes

Meta has received backlash after trying to discredit researchers who identified fraudulent ads on its platforms as “unable to produce technical evidence.”

Meta’s lawyers called researchers from NetLab, a research group affiliated with one of Brazil’s top universities – Federal University of Rio de Janeiro (UFRJ) – “biased” and “unable to produce technical evidence.”

The accusation comes as part of the company’s defense in an ongoing case in Brazil. The country’s federal watchdog for consumer issues, Senacon, sued the tech giant in November 2023 for failures in ad moderation on the company’s main platforms, Facebook and Instagram.

The legal action was based on NetLab’s findings, which indicated that Meta did not take down 1817 paid ads containing scams.

The fraudulent ads used the name of a popular government program to assist indebted individuals, called Desenrola, and kept running even after months after official notification.

The formal document, obtained by journalists at Brazilian tech news outlet Nucleo, describes Netlab as a “partial third party” and questions its ability for neutrality.
Accusation of bias

Meta accused NetLab’s report of containing “a series of imperfections, biased responses, distorted conclusions, and reliability that is, at best, dubious.”

However, the company failed to specify what the alleged errors were.

“Netlab has an institutional political opinion that is manifestly opposed to Facebook Brazil [Meta’s legal name in Brazil],” the company argued.

“And not only that: the coordinator of the laboratory herself, Professor Rose Marie Santini, has publicly expressed strong criticisms of digital platforms,” the document reads.

One of Meta’s attempts to undermine the group is to argue that NetLab’s report lacked links to each of the ads it identified as fraudulent.

Apparently, the researchers shared the URLs and IDs of each ad with Nucleo reporters.

“This is a strategy to make us work for them, given that they have already made money from an ad, and this request transfers to us the responsibility of cleaning up their platform,” said Santini to Nucleo.
Meta condemned by activists

Meta’s actions have been condemned by activists. 70 organizations, research centers, digital rights watchdogs, and think tanks have signed a note of repudiation.

“This is an attack on scientific research work and attempts to intimidate researchers who are carrying out excellent work in the production of knowledge based on empirical analyses that have been fundamental in qualifying the public debate on platform accountability,” they stated in the note.

Microsoft 365 suite status changed to WARN

warn status (MspPortalPartners Status Page)

Microsoft 365 suite is now WARN
Previous status was UP
Users’ file related operations may fail within various Microsoft 356 services
Title: Users’ file related operations may fail within various Microsoft 356 services User impact: Users’ file related operations may fail within various Microsoft 356 services. More info: The impacted scenarios may include but not are limited to the following: -Android and iOS users may be unable to preview Microsoft Word and Microsoft PowerPoint files within the Microsoft Teams mobile app -Users may be unable to open .zip downloads in Microsoft Teams. -Users may be unable to view PDF and image files shared with download disabled in Microsoft Teams desktop client and Microsoft Teams on the web. OneDrive for Business and SharePoint Online: -Users may be unable to view image files and HTML files in OneDrive for Business app and OneDrive for Business on the web. – Users may be unable to download folders from SharePoint Online. – Additionally users may experience issues with image viewing, video streaming, and multi-file download in SharePoint Online. – Users may be unable to play videos in Microsoft Stream Current status: We’re observing improvements in the affected functionalities after we reverted the impacting update, and we’re continuing to monitor for a period to ensure these problems are comprehensively resolved for all users. Scope of impact: Users who are attempting to perform file-related operations within various Microsoft 365 services may be impacted. Start time: Thursday, June 13, 2024, at 12:30 AM UTC Root cause: A deployment for one of our file operation services is causing impact. Next update by: Thursday, June 13, 2024, at 10:00 AM UTC

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Bitdefender loaded a bad file so in most case if you look at this it will of a issue

To all my partners login to Gravity Zone and review but it is easier to look at  say multiple desktops (Show)

The error is this: ( even though  you are a partner please take the time to do random check on your clients IMPORTANT) I have already reported it to Romania

Update Process Failed because the endpoint could not resolve the update server address Please contact your system administrator. Error-1002

For at least the time being go to the dashboard and grab all the systems on line and run a UPDATE task that will for the time being bring it back on line and clean.

One last thing Bitdefender uses O365 and MailChimp..in the case if you are as concerned about security as myself I use GEO blocking globally except the US please start using to protect your clients, for the time being until Bitdefender fixs the issue mail will at best be random but your client will be protected.

In my mail filter product we can activate for you.

If you are struggling with your RMMs system lack of support come on board as a partner

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training

“Where Service and Technical Skills Count”

 

Top 5 Most Dangerous Cyber Threats in 2024 Must Read article !!

SANS Institute experts weigh in on the top threat vectors faced by enterprises and the public at large.

Ericka Chickowski, Contributing Writer May 14, 2024

RSA CONFERENCE 2024 – San Francisco – Only five months into 2024, and the year has been a busy one for cybersecurity practitioners, with multiyear supply chain attacks, nation-state actors exploiting multiple vulnerabilities in network gateways and edge devices, and multiple ransomware incidents against large healthcare entities. What’s ahead for the rest of year?

At last week’s RSA Conference, Ed Skoudis, president of the SANS Technology Institute, convened his annual panel of SANS Institute instructors and fellows to dig into topics that should be top of mind for cyber defenders for the remaining months of the year.

Security Impact of Technical Debt

The security cracks left behind by technical debt may not sound like a pressing new threat, but according to Dr. Johannes Ullrich, dean of research for SANS Technology Institute, the enterprise software stack is at an inflection point for cascading problems. What’s more, “It affects more and more not only just our enterprise applications, but also our security stack,” he said.

Technical debt is the accumulation of work in software engineering or system design that’s left undone or put off until tomorrow for the sake of getting a minimum viable product up and running today. The debt may be accrued intentionally to optimize for speed or cost reasons, or it could build up unintentionally due to immature software engineering practices. Either way, it tends to raise a ton of cybersecurity risks as the debt grows.

And according to Ullrich, the rising accrual of technical debt combined with the growing complexity of the software supply chain is increasing the profile of this threat vector.

“Even as a developer myself, it is very easy to say, ‘Hey, this new library doesn’t really have any new features and doesn’t fix any security vulnerabilities, so I’m not going to apply that update,” he says. “The problem is that five years from now, after you skip 10 to 15 different incremental updates, then the big security vulnerability hits that library and now you have to work through all of these little quirks that have added up over the years so you can fix it.”

Article (https://www.darkreading.com/cyber-risk/top-5-most-dangerous-cyber-threats-in-2024?_mc=NL_DR_EDT_DR_weekly_20240516&cid=NL_DR_EDT_DR_weekly_20240516&sp_aid=123517&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=53519)

In my world of tech support it is happening with 98% of all manufacturers today Microsoft being the leader in my opinion.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Celebrating Barracuda’s 2024 CRN Women of the Channel winners

MspPortal Partners Inc is a large partner of Barracuda and does large investments in tech firms for it 400 plus MSP partners from the East Coast to the West Coast Alaska and Canada service over 4000 companies amongst the 400 plus partners.

Congrats to the ladies below..But in my opinion they failed to mention 2 ladies that are part of the glue that keeps Barracuda alive

Both these ladies are the glue that  run and mange support teams and staff inside the Barracuda organization (West Coast and East Coast)

Kris Louie and Ginger Janukaitis, they both run the folks who answer the phones for support calls and informs the staff who to direct the calls to if need depending the nature of the support call

Today, CRN announced its highly respected Women of the Channel list for 2024. We’re excited to share that a total of six Barracuda team members made the list!

This annual award highlights a list of women who have made significant strides in their respective fields and at their organizations, underscoring their leadership and dedication to promoting continuous innovation and success. This year, six of our very own female leaders have been featured on the list. The honorees include:

Maria Martinez, VP of Channels, North America

Karen Ward, Regional VP, MSP Sales, Americas, Barracuda MSP

Lindsay Faria, Senior Director, MSP Marketing, Americas, Barracuda MSP

Jenna Renaud, Director of National Accounts

Alli Oneal, Senior Manager, Global Partner Programs & Partner Experience

Aisha Eugene, Senior Manager, Partner Enablement, Barracuda MSP

To help get a sense of their roles and responsibilities, we asked these six women about some of their channel-related accomplishments over the last year as well as a few goals that they have for our channel business in the coming months.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

About RMM’s and Bitdefender and Barracuda

MspPortal Opinions A Security Software Value Add Distributor for MSP’s we work for a living. Flat monthly rate pricing, no contracts

Bitdefender: 3rd leval Support use only Basic AV, ATS, and if client wants EDR, Do not waste you money on MDR or other add-ons What they lacke in “Verbal Tech Support” MspPortal makes up for it we answer calls and emails M-F and have a 24x7x365 answering service to assist us.

Barracuda: Spam Filtering best in the business, RMM-below,
Do not waste you money on there SOC, XDR especially there Intronis Backup, they lack Development and support

Keep in mind at MspPortal Partners we are techs and believe in Tech dashboards not pretty pictures

Guide To The Best RMM Software of 2024

Best Tools By Paulo Gardini Miguel

1) SuperOps.ai – Best user experience(No knowledge)

2) Barracuda RMM – Best for robust security features (MspPortal Partners Choice ***, Distribute, the most secure and oldest RMM.)
Barracuda RMM is a leading name in the field of remote monitoring and management, focusing on delivering top-notch security features. Serving various industries, it plays a critical role in safeguarding IT systems and networks, making it especially appealing for businesses prioritizing strong security measures.

3) OptiTune – Best for customizable user experience (No knowledge)
4) ITarian RMM – Best for integration capabilities (Poor Support)
5) Syxsense – Best for real-time monitoring (No knowledge)
6) Naverisk – Best for network management efficiency (Not Impressed)
7) MSP360 RMM – Best for cross-platform compatibility (Pretty Web Site)
8) ManageEngine ServiceDesk Plus MSP – Best for helpdesk functionality (No knowledge)
9) N-able – Best for small to medium MSPs (Stay Away SOLARWINDS issue, one of my Partners callis “Disable”)
10) ConnectWise RMM – Best for automation (up and down not reliable)

11) NinjaOne – Best for growing teams (I was a X disrtibutor till they deleted 4000 endpoints of Bitdefender, Now they spend more time in maintence mode or up and down like a YoYo. To be fair MspPortal Partners still has thousands of end points and partners still using the product. MspPortal Partners just will not resell the product. (We have reports to support this)
Reporting is disappointing compared to some other platforms
There’s no plan for teams managing fewer than 50 devices at this time

12)ManageEngine RMM Central – Best for customer service (No knowledge)
13) Atera – Best range of features ( We displace more of this product)
14) GoTo Resolve – Best for providing IT support (No knowledge)
15) LogMeIn Central – Best for internal IT teams ( a Wanna Be for the revenue)
16) Syncro – Best for unlimited endpoints (You had be a tech they have no Vocal Tech Support only email)
17) Domotz – Best value for money (No knowledge)
18) Pulseway – Best for mobile app management (Out of the country and will just take your money lack support)
19) Auvik – Best for network monitoring(No knowledge)
20) Addigy – Best for managing Apple devices (No knowledge)
21) Intermapper – Best for network mapping (No knowledge)
22) Kaseya VSA – Best for easy onboarding and migration (Bad News anything they touch including Datto)
23) VNC Connect RPort – Best for managing IoT devices ((No knowledge)
24) TeamViewer – Best for supporting remote teams (over priced)
25) AnyDesk – Best for remote desktop access (folks moving off this platform)
26) Splashtop – Best for enterprise IT support (Be careful folks are moving off this Remote Platform)
27) Action1 – Good for endpoint management and security (No knowledge)
28) Datto RMM – Good for cloud-based remote management (Kaseya Buyout and up and down good PSA at one time pricey)
29) Hexnode UEM – Good for unified endpoint management (No knowledge)
30) PRTG Network Monitor – Good for network monitoring and reporting (No knowledge)

Whether you’re managing employee devices on a bring-your-own-device (BYOD) policy, installing patches, or monitoring potential security risks to your network, RMM software is essential for any situation where you need to manage IT systems in multiple locations.

Speed, uptime and ease of use, and automation capabilities are all critical factors to consider, but it can be tricky to narrow down the best solutions for your needs.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”