Opinion

“Should MSPs manage antivirus (AV) products separately from RMM software?

Improved Prompt Example: “Should MSPs manage antivirus (AV) products separately from RMM software? Many MSPs and CTOs try to manage everything in one platform, but I believe this leads to reduced quality in both support and security. RMM software was designed for remote management, but investor pressure has caused it to integrate AV products, which leads to issues like lack of third-level support.Along misconfiguration

A recent Crowdstrike issue involving a sys file was worsened by delivery mechanisms from Microsoft and Cloudflare. EULAs are often written to discourage lawsuits rather than compensate users for developer errors.

As a distributor of security products like Bitdefender and Barracuda, MspPortal Partners provides comprehensive support. We believe in training partners properly to manage AV and Mail solutions effectively, and our 24/7 support service sets us apart.”

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

 

Market share held by the leading computer (desktop/tablet/console) operating systems worldwide from January 2012 to February 2024

Long Short if the statics are correct 68.15 percent of the world uses Microsoft OS’s

Published by
Ahmed Sherif,
May 22, 2024

Microsoft’s Windows is the most widely used computer operating system in the world, accounting for 68.15 percent share of the desktop, tablet, and console OS market in February 2024. Apple’s macOS ranks as the next most widely used operating system, while its iOS mobile operating system, the standard installation on all iPad devices, ranks fourth. Linux OS versions serve as the primary option for users who prefer open-source software and intend to avoid the influence of major OS developers.
Operating Systems

Operating systems serve as the underlying platforms which connect computer hardware and software. They provide users with the graphical interface through which they issue commands and perform tasks on electronic devices. Billions of people make use of these devices and their operating systems on a regular basis, meaning that the companies that develop these widely used technologies have a great deal of influence on the daily lives of internet users around the world. Although Microsoft Windows is the clear leader in terms of desktop operating systems,

Article
(https://www.statista.com/statistics/268237/global-market-share-held-by-operating-systems-since-2009/)

Which we are and still are dealing with having even more security issue’s because the CrowdStrike  debacle
Based upon what I do for a living I see more Large Mega Cap Firms down to SMB firms struggling more then ever before.

Personally some attorney with a class action filed should request a huge Liquidated damages (LDs): Which is a sum of money specified in some contracts that are to be paid by one party to another as compensation for intangible losses.

Hopefully this will put huge firms like Crowdstrike, Microsoft, Cloudflare all on notice,if you are going to take money from clients/enduser you are responsible for damages and please do not try to hide behind a EULA..I still have not heard back about how many techs Crowdstrike or Microsoft were sending over to Delta Airlines,considering each machine had to be touched and continue to be touched since you cannot write a Power Shell Script nor remote to a machine, that is Blue Screened (BOD). There has been a lot of LIP SERVICE

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count

Continued from July 19th 3 Cause’s of the Crowdstrike down in reality

Keep in mind this is my personal opinion..please prove me wrong if you can.

3 Cause’s of the CrowdStrike down
1) Bad Developer file uploaded/downloaded
2) Microsoft Software runs the operating systems sort of like a monopoly, we all know it in reality it is.
3) Distribution of software via Cloudflare

Keep in mind this is my personal opinion..please prove me wrong if you can.

I read something today that shocked me. CloudStrike was going pay techs globally $10.00 coffee vouchers to remove sys file issue. I work with four hundred plus tech firms through out the US I have never heard of a computer Tech working for a $10.00 coffee voucher.
Normal Tech rates run from entry level $50.00 to $500.00 a hour.

(Bloomberg) — Microsoft Corp. said Delta Air Lines Inc. turned down repeated offers for assistance following last month’s catastrophic system outage, echoing claims by CrowdStrike Holdings Inc. in an increasingly contentious conflict between the carrier and its technology partners.
Now I am not a strong proponent of Ed Bastien (to full of himself) nor do I fly Delta.

If read/sift through all the garbage it really was all 3 firms that caused the outage.
No matter what OS Delta was running, Windows, Apple, Linux, The Falcon Platform runs on all 3. So in my opinion Delta does deserve the money for the down time.

Even thou in my opinion Mark S Cheffo when :“Even though Microsoft’s software had not caused the CrowdStrike incident, Microsoft immediately jumped in and offered to assist Delta at no charge,” I did not hear they were going to fly Techs to fix all Delta’s machines, for that matter globally let alone Delta

When does a end user or SMB company ever able to talk to Microsoft Support and receive a response within a reasonable amount of time?

So right now I see 2 parties at fault (Microsoft & CroudStrike)
But there is a 3rd party involved, CloudFlare, have you ever asked yourself what they do:Protecting it from online threats and optimizing performance there web Site.

Cloudflare is a company that provides services like content delivery network (CDN), cloud cybersecurity, DDoS mitigation, Domain Name Service (DNS), and domain registration. They help improve website speed, security, and reliability by acting as a mediator between a website’s server and its visitors, protecting it from online threats and optimizing performance.

Cloudflare
American internet infrastructure and website security company
cloudflare.com

Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, Domain Name Service, and ICANN-accredited domain registration services. Cloudflare’s headquarters are in San Francisco, California. According to The Hill, Cloudflare is used by more than 20% of the Internet for its web security services, as of 2022. Wikipedia

Now all this is my opinion but should help create and finish a Class Action Law Suit, all 3 need to named as defendants.

Last Pay Your developers and Tech Support folks more money, Take it out of the C-Levels paychecks/bonuses. It appears that most firms have forgotten with out staff the company would be nothing.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

CrowdStrike Blames Crash on Buggy Security Content Update

It is amazing that a security company would even make this type of comment.
They are a Wallstreet “darling” CrowdStrike Response & Mitigation Continues, this will go on for a longer period of time then affected companies will disclose publicly.

CrowdStrike remains in the hot seat — quite literally, as the company’s CEO George Kurtz has been called on to testify before Congress about the incident — and has considerable work to do to salvage its reputation in the wake of the incident

Personally I believe the next shoe to fall will be Sentinel One also wall street traded

A buggy “security content configuration update” to CrowdStrike’s Falcon sensor, which is aimed at gathering telemetry on novel threat techniques for Windows, has been confirmed as the root cause of the problem that crashed computers around the world on July 19, and is still having an impact on global IT teams, the vendor says.

Personal opinion
Uninstall and cancel your agreement with Crowdstrike strike 2 with the current CEO
If a Class action lawsuit is actually filed join in at least try to recoup some of your losses.
In todays world of Antivirus/Malware there is only one product that allows full control of your environment

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Lead Article=Elizabeth Montalbano, Contributing Writer

https://www.darkreading.com/endpoint-security/crowdstrike-crash-buggy-security-content-update?_mc=NL_DR_EDT_DR_weekly_20240725&cid=NL_DR_EDT_DR_weekly_20240725&sp_aid=124803&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=54465

3 Cause’s of the Crowdstrike down in reality

Keep in mind this is my personal opinion..please prove me wrong if you can.

3 Cause’s of the Crowdstrike down
1) Bad Developer file uploaded
2) Microsoft Software ( Be a developer of software not a security expert
3) Distribution of software via Cloudfare

Keep in mind this is my personal opinion..please prove me wrong if you can.

A faulty kernel driver developed by cybersecurity company CrowdStrike has caused a massive Microsoft outage that is currently causing chaos around the world. Windows machines have been crippled by the Blue Screen of Death (BSOD) on a global scale. The situation is so serious that flights are being grounded, major banks are experiencing problems with their systems, while key emergency 911 services have also been affected.

Cloudflare (down more then its up we have logs) Expands Relationship with Microsoft, Makes Industry Leading …
Jan 12, 2023Cloudflare and Microsoft announce new integrations between Cloudflare One and Microsoft Azure Active Directory to help customers deploy Zero Trust security across applications, users, devices and networks. The partnership also includes features such as Remote Browser Isolation

“The criticality of CrowdStrike as a security platform tends to, I think, outweigh some of those issues in the sense of customers can’t afford to just turn them off and not renew because of one incident. They’re just too tied into the ecosystem,” Walsh tells Yahoo Finance. “They’re too critical of a tool and what kind of within the overall stack. So I think those conversations certainly have the potential to emerge…”

Josh Lipton and Julie Hyman
Fri, Jul 19, 2024, 1:19 PM MST

Comments like this are foolish, of course you can change software providers..Comments like this are like the early 90’s when Symantec and McAfee dominated the AV industry (Techs comments back then were we will never get fired if we use the 2 products mentioned above, but we all managed to survive with better products that did not peg the CPU’s)

Defused Cyber Deception Researcher and Founder Simo Kohonen joins to discuss the implications for CrowdStrike and the broader cybersecurity landscape.

Kohonen explains that CrowdStrike “pushed out a faulty update” that, when installed, “broke everything,” affecting industries globally. He emphasizes CrowdStrike’s reputation as the “top number one cybersecurity company in the world” and notes that their extensive customer base amplifies the scale of this issue. While the issue is fixable, he cautions that the timeline for resolving this problem may vary.

Simo Kohonen – Aalto University | LinkedIn
Sep 2021 – Present 2 years 7 months. Helsinki Metropolitan Area. Key contributor in the technology-related major fundraising at the Aalto University. Managing key accounts in a client and data driven manner utilizing the Microsoft Dynamics CRM system. Identifying, cultivating, soliciting, and stewarding

Crowdstrike EULA (https://www.crowdstrike.com/terms-conditions/)
8.5 No Guarantee. CUSTOMER ACKNOWLEDGES, UNDERSTANDS, AND AGREES THAT CROWDSTRIKE DOES NOT GUARANTEE OR WARRANT THAT IT WILL FIND, LOCATE, OR DISCOVER ALL OF CUSTOMER’S OR ITS AFFILIATES’ SYSTEM THREATS, VULNERABILITIES, MALWARE, AND MALICIOUS SOFTWARE, AND CUSTOMER AND ITS AFFILIATES WILL NOT HOLD CROWDSTRIKE RESPONSIBLE THEREFOR.

My opinion every major provider write EULA’s like this..They take your money and say sorry..right now Crowd Strke does not have enough employees to remove the file that broke it, the firms that use Crowdstrike also do not have enough techs to to fix all systems affected, including Chase .

Personally I would like to see a law firm create a class action law suit, for loss’s incurred..

I do know about this matter I recommended a RMM soultion to one of my partners..The firms  development team pushed the wrong patch out in a  update that deleted over 4000 endpoints of one of  the largest and most reliable AV solutions back then and even today. Personally my firm and along with myself restored all endpoints, I did drop the RMM when they basically said sorry but would not pay for costs to restore, this still happens to be a client today still..its all about service.

I wish you all luck to get your services restored, hire a qualified tech

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count” 40 years in the AV business.

After being fined for fraudulent ads, Meta tries to discredit researchers

Updated on: June 14, 2024 6:47 AM Paulina Okunytė Journalist (Good Job)

The legal action was based on NetLab’s findings, which indicated that Meta did not take down 1817 paid ads containing scams.

The fraudulent ads used the name of a popular government program to assist indebted individuals, called Desenrola, and kept running even after months after official notification.

To all MSP and Tech’s do what you can to block Facebook / Meta just for security purposes

Meta has received backlash after trying to discredit researchers who identified fraudulent ads on its platforms as “unable to produce technical evidence.”

Meta’s lawyers called researchers from NetLab, a research group affiliated with one of Brazil’s top universities – Federal University of Rio de Janeiro (UFRJ) – “biased” and “unable to produce technical evidence.”

The accusation comes as part of the company’s defense in an ongoing case in Brazil. The country’s federal watchdog for consumer issues, Senacon, sued the tech giant in November 2023 for failures in ad moderation on the company’s main platforms, Facebook and Instagram.

The legal action was based on NetLab’s findings, which indicated that Meta did not take down 1817 paid ads containing scams.

The fraudulent ads used the name of a popular government program to assist indebted individuals, called Desenrola, and kept running even after months after official notification.

The formal document, obtained by journalists at Brazilian tech news outlet Nucleo, describes Netlab as a “partial third party” and questions its ability for neutrality.
Accusation of bias

Meta accused NetLab’s report of containing “a series of imperfections, biased responses, distorted conclusions, and reliability that is, at best, dubious.”

However, the company failed to specify what the alleged errors were.

“Netlab has an institutional political opinion that is manifestly opposed to Facebook Brazil [Meta’s legal name in Brazil],” the company argued.

“And not only that: the coordinator of the laboratory herself, Professor Rose Marie Santini, has publicly expressed strong criticisms of digital platforms,” the document reads.

One of Meta’s attempts to undermine the group is to argue that NetLab’s report lacked links to each of the ads it identified as fraudulent.

Apparently, the researchers shared the URLs and IDs of each ad with Nucleo reporters.

“This is a strategy to make us work for them, given that they have already made money from an ad, and this request transfers to us the responsibility of cleaning up their platform,” said Santini to Nucleo.
Meta condemned by activists

Meta’s actions have been condemned by activists. 70 organizations, research centers, digital rights watchdogs, and think tanks have signed a note of repudiation.

“This is an attack on scientific research work and attempts to intimidate researchers who are carrying out excellent work in the production of knowledge based on empirical analyses that have been fundamental in qualifying the public debate on platform accountability,” they stated in the note.

Top 5 Most Dangerous Cyber Threats in 2024 Must Read article !!

SANS Institute experts weigh in on the top threat vectors faced by enterprises and the public at large.

Ericka Chickowski, Contributing Writer May 14, 2024

RSA CONFERENCE 2024 – San Francisco – Only five months into 2024, and the year has been a busy one for cybersecurity practitioners, with multiyear supply chain attacks, nation-state actors exploiting multiple vulnerabilities in network gateways and edge devices, and multiple ransomware incidents against large healthcare entities. What’s ahead for the rest of year?

At last week’s RSA Conference, Ed Skoudis, president of the SANS Technology Institute, convened his annual panel of SANS Institute instructors and fellows to dig into topics that should be top of mind for cyber defenders for the remaining months of the year.

Security Impact of Technical Debt

The security cracks left behind by technical debt may not sound like a pressing new threat, but according to Dr. Johannes Ullrich, dean of research for SANS Technology Institute, the enterprise software stack is at an inflection point for cascading problems. What’s more, “It affects more and more not only just our enterprise applications, but also our security stack,” he said.

Technical debt is the accumulation of work in software engineering or system design that’s left undone or put off until tomorrow for the sake of getting a minimum viable product up and running today. The debt may be accrued intentionally to optimize for speed or cost reasons, or it could build up unintentionally due to immature software engineering practices. Either way, it tends to raise a ton of cybersecurity risks as the debt grows.

And according to Ullrich, the rising accrual of technical debt combined with the growing complexity of the software supply chain is increasing the profile of this threat vector.

“Even as a developer myself, it is very easy to say, ‘Hey, this new library doesn’t really have any new features and doesn’t fix any security vulnerabilities, so I’m not going to apply that update,” he says. “The problem is that five years from now, after you skip 10 to 15 different incremental updates, then the big security vulnerability hits that library and now you have to work through all of these little quirks that have added up over the years so you can fix it.”

Article (https://www.darkreading.com/cyber-risk/top-5-most-dangerous-cyber-threats-in-2024?_mc=NL_DR_EDT_DR_weekly_20240516&cid=NL_DR_EDT_DR_weekly_20240516&sp_aid=123517&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=53519)

In my world of tech support it is happening with 98% of all manufacturers today Microsoft being the leader in my opinion.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

Celebrating Barracuda’s 2024 CRN Women of the Channel winners

MspPortal Partners Inc is a large partner of Barracuda and does large investments in tech firms for it 400 plus MSP partners from the East Coast to the West Coast Alaska and Canada service over 4000 companies amongst the 400 plus partners.

Congrats to the ladies below..But in my opinion they failed to mention 2 ladies that are part of the glue that keeps Barracuda alive

Both these ladies are the glue that  run and mange support teams and staff inside the Barracuda organization (West Coast and East Coast)

Kris Louie and Ginger Janukaitis, they both run the folks who answer the phones for support calls and informs the staff who to direct the calls to if need depending the nature of the support call

Today, CRN announced its highly respected Women of the Channel list for 2024. We’re excited to share that a total of six Barracuda team members made the list!

This annual award highlights a list of women who have made significant strides in their respective fields and at their organizations, underscoring their leadership and dedication to promoting continuous innovation and success. This year, six of our very own female leaders have been featured on the list. The honorees include:

Maria Martinez, VP of Channels, North America

Karen Ward, Regional VP, MSP Sales, Americas, Barracuda MSP

Lindsay Faria, Senior Director, MSP Marketing, Americas, Barracuda MSP

Jenna Renaud, Director of National Accounts

Alli Oneal, Senior Manager, Global Partner Programs & Partner Experience

Aisha Eugene, Senior Manager, Partner Enablement, Barracuda MSP

To help get a sense of their roles and responsibilities, we asked these six women about some of their channel-related accomplishments over the last year as well as a few goals that they have for our channel business in the coming months.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”

New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts

FYI We do have Phishing Training Available..spend the money don’t get malware. Targets O365 and Gsuite which in reality are easy targets

By Bill Toulas March 25, 2024 12:56 PM

Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named ‘Tycoon 2FA’ to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection.

Tycoon 2FA was discovered by Sekoia analysts in October 2023 during routine threat hunting, but it has been active since at least August 2023, when the Saad Tycoon group offered it through private Telegram channels.

The PhaaS kit shares similarities with other adversary-in-the-middle (AitM) platforms, such as Dadsec OTT, suggesting possible code reuse or a collaboration between developers.

In 2024, Tycoon 2FA released a new version that is stealthier, indicating a continuous effort to improve the kit. Currently, the service leverages 1,100 domains and has been observed in thousands of phishing attacks.

Tycoon 2FA attacks

Tycoon 2FA attacks involve a multi-step process where the threat actor steals session cookies by using a reverse proxy server hosting the phishing web page, which intercepts the victim’s input and relays them to the legitimate service.

“Once the user completes the MFA challenge, and the authentication is successful, the server in the middle captures session cookies,” Skoia explains. This way, the attacker can replay a user’s session and bypass multi-factor authentication (MFA) mechanisms.

Sekoia’s report describes the attacks in seven distinct stages as described below Target :

Stage 0 – Attackers distribute malicious links via emails with embedded URLs or QR codes, tricking victims into accessing phishing pages.
Stage 1 – A security challenge (Cloudflare Turnstile) filters out bots, allowing only human interactions to proceed to the deceptive phishing site.
Stage 2 – Background scripts extract the victim’s email from the URL to customize the phishing attack.
Stage 3 – Users are quietly redirected to another part of the phishing site, moving them closer to the fake login page.
Stage 4 – This stage presents a fake Microsoft login page to steal credentials, using WebSockets for data exfiltration.
Stage 5 – The kit mimics a 2FA challenge, intercepting the 2FA token or response to bypass security measures.
Stage 6 – Finally, victims are directed to a legitimate-looking page, obscuring the phishing attack’s success.

An overview of the attack is described with the diagram below, which includes all the steps of the process.

Evolution and scale

Sekoia reports that the latest version of the Tycoon 2FA phishing kit, released this year, has introduced significant modifications that improve the phishing and evasion capabilities.

Key changes include updates to the JavaScript and HTML code, alterations in the order of resource retrieval, and more extensive filtering to block traffic from bots and analytical tools.

For example, the kit now delays loading malicious resources until after the Cloudflare Turnstile challenge is resolved, using pseudorandom names for URLs to obscure its activities.

Also, Tor network traffic or IP addresses linked to data centers are now better identified, while traffic is rejected based on specific user-agent strings.

Regarding the scale of operations, Sekoia reports that it’s substantial, as there’s evidence of a broad user base of cybercriminals currently utilizing Tycoon 2FA for phishing operations.

The Bitcoin wallet linked to the operators has recorded over 1,800 transactions since October 2019, with a notable increment starting August 2023, when the kit was launched.

Over 530 transactions were over $120, which is the entry price for a 10-day phishing link. By mid-March 2024, the threat actors’ wallet had received a total of $394,015 worth of cryptocurrency.

Tycoon 2FA is just a recent addition to a PhaaS space that already offers cybercriminals plenty of options. Other notable platforms that can bypass 2FA protections include LabHost, Greatness, and Robin Banks.

For a list of the indicators of compromise (IoCs) linked to the Tycoon 2FA operation, Sekoia makes available a repository with over 50 entries.

Article (https://www.bleepingcomputer.com/news/security/new-mfa-bypassing-phishing-kit-targets-microsoft-365-gmail-accounts/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishline Training
“Where Service and Technical Skills Count”

 

Google’s new AI search results promotes sites pushing malware, scams

Google’s new AI search results promotes sites pushing malware, scams  (Get off Google Chrome)

By Mayank Parmar March 25, 2024 07:32 AM

Google’s new AI-powered ‘Search Generative Experience’ algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.

Earlier this month, Google began rolling out a new feature called Google Search Generative Experience (SGE) in its search results, which provides AI-generated quick summaries for search queries, including recommendations for other sites to visit related to the query.

However, as SEO consultant Lily Ray first spotted, Google’s SGE is recommending spammy and malicious sites within its conversational responses, making it easier for users to fall for scams.
BleepingComputer found that the listed sites promoted by SGE tend to use the .online TLD, the same HTML templates, and the same sites to perform redirects.

This similarity indicates that they are all part of the same SEO poisoning campaign that allowed them to be part of the Google index.

When clicking on the site in the Google search results, visitors will go through a series of redirects until they reach a scam site.

In BleepingComputer’s tests, the redirects most commonly lead you to fake captchas or YouTube sites that try to trick the visitor into subscribing to browser notifications.

Browser notifications are a common tactic scammers use to send visitors a barrage of unwanted ads directly to the operating system desktop, even when you’re not on the website.

Once we subscribed to some of the notifications, we began to receive spam with advertisements for tech support affiliate scams, fake giveaways, and other unwanted sites.

In one instance, we received an alert for McAfee antivirus that led to a site claiming our system was infected with ten viruses, urging the visitor to “Scan now to remove viruses” or renew their license.

However, these misleading ads are simply designed to sell McAfee licenses so the fraudsters can earn affiliate commissions.

Finally, and while not as common, BleepingComputer saw some of the redirects pushing unwanted browser extensions that perform search hijacking, and potentially other malicious behavior.

Other scams promoted by the SGE results lead to fake Amazon giveaways that pretend to be loyalty programs giving away an Apple iPhone 15 Pro.

These giveaway scams are used to collect your personal information, which will be sold to other scammers and direct marketers.

Article (https://www.bleepingcomputer.com/news/google/googles-new-ai-search-results-promotes-sites-pushing-malware-scams/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishline Training
“Where Service and Technical Skills Count”