Bitdefender

Bitdefender Update

Industry News Security

Google Fixes Critical Security Flaw in Chrome’s Blink Engine – Patch Now! (https://www.bitdefender.com/blog/hotforsecurity/google-fixes-critical-security-flaw-in-chromes-blink-engine-patch-now/)

Google this week is rolling out an incremental update to Chrome users to address multiple security flaws, including many labeled high risk. One flaw, discovered in the browser’s rendering engine, is rated critical. Chrome 99 has been around since the beginning of March [https://www.bitdefender.com/blog/hotforsecurity/chrome-99-rolls-out-with-dozens-of-security-fixes-update-now/] . In the meantime, researchers have kept busy mining the browser’s code for bugs, not just to keep users safe from hackers, but also to fetch a well-deserved bug bounty. Yesterday personally I dealt with 3 gmail scams account be hacked and sending encrypted messages on compromised mail accounts

Researchers Identify Backdoor Infection Spike on Several GoDaddy-Hosted Websites

Researchers Identify Backdoor Infection Spike on Several GoDaddy-Hosted Websites (https://www.bitdefender.com/blog/hotforsecurity/researchers-identify-backdoor-infection-spike-on-several-godaddy-hosted-websites/)
Security researchers have noticed a surge in backdoor infections on hundreds of websites hosted on GoDaddy’s Managed WordPress service, all compromised by the same payload. The incident affects websites such as tsoHost, MediaTemple, Domain Factory, Heart Internet,

Beware and update your security and change your passwords at least every 30-60 days

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / Distributor

“Where Service and Technical Skills Count”

More Orgs Suffered Successful Phishing Attacks in 2021 Than in 2020

Enterprise organizations appear to be falling even further behind in their battle against phishing threats despite heightened awareness of the problem and efforts to curb it.

A new study shows that in 2021 more organizations experienced at least one successful email-based phishing attack than the year before. There were also more opportunistic and targeted phishing attacks last year compared with 2020, as well as phishing attacks involving ransomware and business email compromise (BEC).

Researchers recently analyzed data from a survey of 600 IT and security professionals and another survey of 3,500 employees from seven countries, including the US, UK, France, Germany, and Australia. The researchers also analyzed data gathered from some 100 million simulated phishing attacks and more than 15 million emails that end users reported as being suspicious.

Seventy-eight percent of organizations experienced a ransomware attack in which a phishing email was the initial infection vector. Seventy-seven percent reported a phishing-related BEC incident — an 18-point increase from 2020. Overall, 12% more organizations reported being victims of an indiscriminate or opportunistic phishing attack, while organizations reporting more targeted spear-phishing and BEC attacks went up 20%.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender and Barracuda Distributor for Msp’s
“Where Service and Technical Skills Count”

Hackers slip into Microsoft Teams chats to distribute malware

Hackers slip into Microsoft Teams chats to distribute malware

Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation.

More than 270 million users are relying on Microsoft Teams every month, many of them trusting the platform implicitly, despite the absence of protections against malicious files.
Simple but efficient method

Researchers at Avanan, a Check Point company that secures cloud email and collaboration platforms, found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform.

The attacks started in January, the company says in a report today, and the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it.

Once executed, the malware writes data into the system registry installs DLLs and establishes persistence on the Windows machine.
“In this Teams attack, hackers have attached a malicious Trojan document to a chat thread. When clicked on, the file will eventually take over the user’s computer” – Avanan

Manage Microsoft Teams settings for your organization
Here you can turn on or turn off file sharing and cloud file storage options. read Article and turn off file sharing

Users can upload and share files from cloud storage services in Teams channels and chats. Cloud storage options in Teams currently include Dropbox, Box, Citrix files, Google Drive, and Egnyte. Turn on the switch for the cloud storage providers that your organization wants to use.

Using either the above solution and fixing the issues or

Use Bitdefender/MspPortal Partners malware protection in combination of Barracuda/MspPortal Partners Spam, Phishing malware protection

Roy Miehe | MspPortal Partners Inc. | Ceo/President Bitdefender /MSP Aggregator – Distributor “Where Service and Technical Skills Count”

The two agencies also shared a list of measures that can help admins mitigate BlackByte attacks: 2-14-2022

The two agencies also shared a list of measures that can help admins mitigate BlackByte attacks: 2-14-2022

Thanks to Bleeping Computer

  1. Implement regular backups of all data to be stored as air gapped, password protected copies offline.
  2. Ensure these copies are not accessible for modification or deletion from any system where the original data resides.
  3. Implement network segmentation, such that all machines on your network are not accessible from every other machine.
  4. Install and regularly update MspPortal Partners/Bitdefender antivirus software on all hosts, and enable real time detection.
  5. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released be careful of this look at KB’s first.
  6. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
  7. Audit user accounts with administrative privileges and configure access controls with least privilege in mind. Do not give all users administrative privileges.
  8. Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs for any unusual activity.
  9. Consider adding an email banner to emails received from outside your organization.
  10. Disable hyperlinks in received emails MspPortal Partners/Barracuda
  11. Use double authentication when logging into accounts or services.
  12. Ensure routine auditing is conducted for all accounts
  13. Ensure all the identified IOCs are input into the network SIEM for continuous monitoring and alerts.
  14. Do you want Security Updates Emailed to you Subscribe to blog (bottom  of News page)

     

    Roy Miehe | MspPortal Partners Inc. | Ceo/President

    Bitdefender /MSP Aggregator – Distributor

    “Where Service and Technical Skills Count”

Bitdefender and Microsoft O365 Information IMPORTANT

Bitdefender Policy Update- please apply

Network Protection ->General Settings Section- Check off Besides SSL Scan RDP.  Brute Force attacks are happening..it surprises me considering the whole world I thought shutdown RDP on the public side.

Microsoft Changes to O365 user and Resellers agreements

Dear Reseller,  

We’d like to take the opportunity to provide you with an overview of upcoming changes Microsoft is making to their CSP experience. 

Historically, Microsoft has not enforced their annual subscription terms which has allowed customers flexibility in modifying licenses throughout the annual term. Effective March 10, 2022, Microsoft will be enforcing annual terms, and offering monthly terms for customers who wish to maintain flexibility with license changes.  Monthly-term license subscriptions will be charged a 20% premium, however, to help support this new enforcement, Microsoft is offering a promotion for most of the monthly-term licenses.  This promotion is effective through June 2022 and is for designated SKUs where the customer has under 2,400 of the same licenses within the same tenant. Customers who do not want to pay a 20% premium for this flexibility will need to move their license to an annual term before Microsoft’s promotion ends in June. 

In addition to enforcement of term policies, Microsoft is only allowing a 72-hour time frame during which new subscriptions can change terms or quantities. After 72-hours from the initial purchase, subscriptions cannot be modified until the next renewal period (either monthly or annual).

Think about this the headache you will have trying to do co-terming with you clients. Remember this withing the same tenant, with no time to adjust. We are working to provide a solution and alternative to Micorsoft’s actions

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP Aggregator – Distributor

“Where Service and Technical Skills Count”

Bitdefender New Portfolio email

This will not effect MspPortal Partners pricing on all Gravity Zone pricing will remain the same. Per my Distribution Manager 1-6-2021

Yes a la carte refers only to annual enterprise solution – not MSP. You will continue to distribute Cloud Security for MSP + ATS + EDR, etc. with no change 😊

I will let you know details ASAP on the annual pricing changes to the enterprise only (no change to annual bundles).

The message sent was a little confusing and concerning to a lot of MSP and Resellers

The a-la-carte licensing model is being updated: advanced security capabilities (Cloud Sandbox, HyperDetect and Root Cause Analysis) will now be included in the base license to provide an even higher security level with the base tier. We are also consolidating SKUs and will support both on-premises and cloud console deployments from the same SKU/license.

The current a-la-carte products and GravityZone Advanced Business Security will move to End-of-Sale for new customers starting April 1st, 2022. This is due to the introduction of the enhanced a-la-carte licensing mentioned above and to optimize the number of packages in our business solutions portfolio from four to three.

Something to think about as an opinion and comment if you bill your clients annually you might change to monthly as soon as feasible and financially acceptable to you.  Annual contracts both with your vendor and your clients could backfire or be detrimental to you .

Roy Miehe | MspPortal Partners Inc ” Where Service and Technical Skills Count”

 

Bitdefender BEST 7.4.2.142 (Windows) Release Notes – Fast Ring

BItdefender updates The release notes are available here.

Folks stay up to date on Product 7.4.2.142 and  engine 7.90782 last update 1-4-2022

Also Bitdefender alerts via email .. they are still struggling and still using Mailchimp hence you’re not receiving all alerts that you have requested. Very important to login daily..and review your endpoints if they have red on them more then likely it is a  engine update but could be a product update is needed. If you are with a RMM solution using Bitdefender my suggestion is to convert to the real Gravity Zone platform. Not all distributors are the same, pricing should be the same based upon Bitdefender guidelines but some will try to buy your business. Pricing is not always the best way to select your distributor, interview them and find out if you have a questions or issue do they pick up the phone and do they have tech support available to answer and fix your solution and or questions. Safe Safe folks malware is on the rise

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender /Distributor
“Where Service and Technical Skills Count”

You think Apache Log4j Security Vulnerabilities is bad look at Mimikatz Malware

Mimikatz Malware

Attacks everything basically once there it will run additional tools to encrypt and do a search find for all machines to encrypt

The susceptible world is Windows of course.

Keep yourself up to date with Bitdefender (An update process has been completed successfully. (Product version: 7.4.1.111. Engines version: 7.90522 (10841006) This may sound like an add to promote Bitdefender but nobody needs Ransomeware.

Use there Gravity Zone basic with the Add-on of ATS/Sandboxing. Lock down in the policy also with no additional costs. This is a tech dashboard

I am having Bitdefender look at this and possibly develop a unencrypted key for the Ransomeware

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / – Distributor

“Where Service and Technical Skills Count”

Disclosure MspPortal Partners only sells and works with MSP’s and Resellers.

Security Advisory: Bitdefender Response to Critical Zero-Day Apache Log4j2 Vulnerability 12-11-2021

As normal Bitdefender is on top of this:

Link for Article

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score) – affecting Apache Log4j2, a Java-based logging framework widely used in commercial and open-source software products. The vulnerability affects versions 2.0 through 2.14.1; version 2.15.0 is not vulnerable.  

Bitdefender is already seeing and monitoring several malicious actors running active exploitation campaigns. 

The CVE-2021-44228 vulnerability has been assigned the highest possible risk score (CVSS 10) due to its exploitation impact (ability to remotely execute code on targeted hosts). Likely, this vulnerability will linger in computing infrastructures for an extensive period of time due to the widespread use of the Log4j2 logging framework. It is important to note this vulnerability is easy to exploit and applications using the affected Log4j2 versions are subject to an extensive attack surface. Immediate action is advisable.

Double check you other Vendors and RMM systems or remote Control programs

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP  – Distributor

“Where Service and Technical Skills Count”

Bitdefender Endpoint Security for Mac 7.2.6.200021 and 7.4.8.200006 Release Notes – Fast Ring

Hello everyone,

Bitdefender has today released on fast ring the following versions of Endpoint Security for Mac:
• Version 7.2.6.200021 – enables migration to 7.4.8.200006.
• Version 7.4.8.200006 – brings new features, improvements and bug fixes. It requires 7.2.6.200021.
The release notes are available here (English only) (https://www.bitdefender.com/business/support/en/77209-78218-macos-agent.html).

Should you have any questions or suggestions regarding the GravityZone technical documentation, please contact us (gravityzone-docs@bitdefender.com).

Thank you,
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender /MSP – Distributor
“Where Service and Technical Skills Count”