Security

Security

Bitdefender and Microsoft O365 Information IMPORTANT

Bitdefender Policy Update- please apply

Network Protection ->General Settings Section- Check off Besides SSL Scan RDP.  Brute Force attacks are happening..it surprises me considering the whole world I thought shutdown RDP on the public side.

Microsoft Changes to O365 user and Resellers agreements

Dear Reseller,  

We’d like to take the opportunity to provide you with an overview of upcoming changes Microsoft is making to their CSP experience. 

Historically, Microsoft has not enforced their annual subscription terms which has allowed customers flexibility in modifying licenses throughout the annual term. Effective March 10, 2022, Microsoft will be enforcing annual terms, and offering monthly terms for customers who wish to maintain flexibility with license changes.  Monthly-term license subscriptions will be charged a 20% premium, however, to help support this new enforcement, Microsoft is offering a promotion for most of the monthly-term licenses.  This promotion is effective through June 2022 and is for designated SKUs where the customer has under 2,400 of the same licenses within the same tenant. Customers who do not want to pay a 20% premium for this flexibility will need to move their license to an annual term before Microsoft’s promotion ends in June. 

In addition to enforcement of term policies, Microsoft is only allowing a 72-hour time frame during which new subscriptions can change terms or quantities. After 72-hours from the initial purchase, subscriptions cannot be modified until the next renewal period (either monthly or annual).

Think about this the headache you will have trying to do co-terming with you clients. Remember this withing the same tenant, with no time to adjust. We are working to provide a solution and alternative to Micorsoft’s actions

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP Aggregator – Distributor

“Where Service and Technical Skills Count”

Bitdefender New Portfolio email

This will not effect MspPortal Partners pricing on all Gravity Zone pricing will remain the same. Per my Distribution Manager 1-6-2021

Yes a la carte refers only to annual enterprise solution – not MSP. You will continue to distribute Cloud Security for MSP + ATS + EDR, etc. with no change 😊

I will let you know details ASAP on the annual pricing changes to the enterprise only (no change to annual bundles).

The message sent was a little confusing and concerning to a lot of MSP and Resellers

The a-la-carte licensing model is being updated: advanced security capabilities (Cloud Sandbox, HyperDetect and Root Cause Analysis) will now be included in the base license to provide an even higher security level with the base tier. We are also consolidating SKUs and will support both on-premises and cloud console deployments from the same SKU/license.

The current a-la-carte products and GravityZone Advanced Business Security will move to End-of-Sale for new customers starting April 1st, 2022. This is due to the introduction of the enhanced a-la-carte licensing mentioned above and to optimize the number of packages in our business solutions portfolio from four to three.

Something to think about as an opinion and comment if you bill your clients annually you might change to monthly as soon as feasible and financially acceptable to you.  Annual contracts both with your vendor and your clients could backfire or be detrimental to you .

Roy Miehe | MspPortal Partners Inc ” Where Service and Technical Skills Count”

 

You think Apache Log4j Security Vulnerabilities is bad look at Mimikatz Malware

Mimikatz Malware

Attacks everything basically once there it will run additional tools to encrypt and do a search find for all machines to encrypt

The susceptible world is Windows of course.

Keep yourself up to date with Bitdefender (An update process has been completed successfully. (Product version: 7.4.1.111. Engines version: 7.90522 (10841006) This may sound like an add to promote Bitdefender but nobody needs Ransomeware.

Use there Gravity Zone basic with the Add-on of ATS/Sandboxing. Lock down in the policy also with no additional costs. This is a tech dashboard

I am having Bitdefender look at this and possibly develop a unencrypted key for the Ransomeware

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / – Distributor

“Where Service and Technical Skills Count”

Disclosure MspPortal Partners only sells and works with MSP’s and Resellers.

Security Advisory: Bitdefender Response to Critical Zero-Day Apache Log4j2 Vulnerability 12-11-2021

As normal Bitdefender is on top of this:

Link for Article

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score) – affecting Apache Log4j2, a Java-based logging framework widely used in commercial and open-source software products. The vulnerability affects versions 2.0 through 2.14.1; version 2.15.0 is not vulnerable.  

Bitdefender is already seeing and monitoring several malicious actors running active exploitation campaigns. 

The CVE-2021-44228 vulnerability has been assigned the highest possible risk score (CVSS 10) due to its exploitation impact (ability to remotely execute code on targeted hosts). Likely, this vulnerability will linger in computing infrastructures for an extensive period of time due to the widespread use of the Log4j2 logging framework. It is important to note this vulnerability is easy to exploit and applications using the affected Log4j2 versions are subject to an extensive attack surface. Immediate action is advisable.

Double check you other Vendors and RMM systems or remote Control programs

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP  – Distributor

“Where Service and Technical Skills Count”

Per Bitdefender “Managed services provider hosts the most in endpoint security”

MspPortal Partners simplifies and strengthens security in the cloud:

MspPortal Partners is a managed services provider (MSP) for internet service providers, resellers, value added
resellers and other MSPs. The company delivers comprehensive endpoint security, secure email, and networking in an OEM
arrangement with major manufacturers, hosted in a multitenant cloud environment.

An MSP takes on considerable responsibility by hosting critical business services for its
clients. That responsibility is multiplied when you’re the MSP for hundreds of other service
providers. Such a responsibility requires absolute confidence and trust in the solutions you
provide. Just ask MspPortal Partners.
This innovative MSP supports hundreds of MSPs, ISPs and resellers with everything they
need to offer their customers robust business solutions, such as endpoint security. MspPortal
Partners’ success is built on providing delivery and support services of the highest quality to
its clients.

Bitdefender Cloud Security for MSPs enables MspPortal Partners to deliver comprehensive
endpoint security services, including built-in firewall protection with intrusion detection,
content filtering and advanced antimalware and antivirus capabilities. The solution also gives
MspPortal Partners a multitenant dashboard for granular client specific policy management,
extensive reporting, and easy deployment of endpoint protection to multiple clients.

MspPortal Partners’ reputation for delivering reliable, economical, easy-to-manage endpoint
security has helped the company attract more than 76 new resellers in six months. And by
reselling Bitdefender Cloud Security for MSPs, these service provider customers also have
increased their revenue streams 33-40 percent. Not surprisingly, customer loyalty to MspPortal
Partners is also strong.

MspPortal Assisted a reseller to Deployed security to 52,000
endpoints in three days at 26 different school sites

Bitdefender-Business-CaseStudy-Msp-Portal-Partners

CyberSecurity & Infrastructure Security Agency Catalog

CyberSecurity & Infrastructure Security Agency
Known Exploited Vulnerabilities Catalog
Great place to start if you are curious if you need to do an update. Lot of Apple and Google and of course Microsoft updates.
Even Solarwinds now called N-able name change..go figure lastest 11-17-2021
Known Exploited Vulnerabilities Catalog
Site URL

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP Aggregator – Distributor

“Where Service and Technical Skills Count”

New Phishing Attack on Microsoft O365

August 26, 2021
New Phishing Attack on Microsoft O365 Users Leverages Open Redirects to Avoid Detection
Widespread credential phishing campaign abuses open redirector links
Microsoft 365 Defender Threat Intelligence Team Link Article

MspPortal Partners along with Barracuda does have  a solution
Read what Essentials complete will provide for you Includes ESS, Message Archiver and O365 Backup
One Drive, Exchange, Sharepoint,Teams (PDF)

MspPortal Partners will be offering to all partners a Bitdefender Gravity Zone Policy review and update

MspPortal Partners

Will be offering to all partners a Bitdefender Gravity Zone Policy review and update

Free of charge

This will only be offered to MspPortal Partners for a limited time through the middle of October 2021 on Tuesdays and Thursdays from 8 am to 11:30 am MST/NO DST

If you are not one of the 425 partners you are more than welcome to change out your existing Distributor/Partner

Existing partners and new partners are welcome go to the website www.mspportalpartners.net and fill out the contact form

MspPortal Partners specializes in Bitdefender Gravity Zone Malware protection

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / Distributor

“Where Service and Technical Skills Count”

Microsoft Windows Zero-Day Under Attack

Dark Reading Staff 9-8-2021

Microsoft has issued an advisory containing mitigations and workarounds for a remote code execution flaw in Windows it says is being exploited in targeted attacks.

CVE-2021-40444 exists in MSHTML, the proprietary browser engine built into Windows that allows the operating system to read and display HTML files. MSHTML, also known as Trident, was mainly used by Internet Explorer but is also used by Microsoft Office, Broadcom notes in its advisory on the vulnerability. It allows developers to add Web browsing into their applications.

Microsoft reports the targeted attacks it has observed use specially crafted Office documents. In explaining how an attack would work, it says an adversary could create a malicious ActiveX control to be used by an Office document that hosts the MSHTML browser-rendering engine. An attacker would have to convince a victim to open the file. Officials note victims with fewer user privileges on the system could be less affected than those with administrative user rights.

The company credits four external researchers with finding the vulnerability: Dhanesh Kizhakkinan, Genwei Jiang, and Bryce Abdo of Mandiant, and Haifei Li of EXPMON, in addition to Rick Cole with the Microsoft Security Threat Intelligence Center (MSTIC).

Read the full advisory for more details.

FBI Requests to Pass a Bill Over Ransomware Attacks

FBI Requests to Pass a Bill Over Ransomware Attacks – Reporting Ransomware Immediately To Be A Law?

By Consider The Consumer on August 9, 2021
FBI’s Plead for Mandatory Reporting of Ransomware Attacks but in reality nothing has happened

The FBI and Department of Justice are pleading with Americans to assist them in avoiding cyberattacks, stating that companies may withhold information out of fear of being sued.
Appeal for a Bill

Tuesday, during a congressional hearing, top federal cybersecurity officials urged Congress to pass a bill requiring businesses and consumers inside the United States to disclose ransomware attacks when they occur.

Richard Downing, Deputy Assistant Attorney General, told a U.S. Hearing before the Senate Judiciary Committee that investigation opportunities are lost without quick reporting. The capacity to assist other victims experiencing similar attacks is diminished, and the government and Congress lack a complete picture of the threat confronting American companies.

The request follows a series of high-profile assaults on U.S. private and public sites, including hospitals, schools, and a fuel pipeline.

The ransomware attack on Colonial Pipeline Co., which carries over half of the East Coast’s diesel, gasoline, and jet fuel, prompted the pipeline’s temporary shutdown, resulting in significant ripple effects currently being studied.

Based on Tuesday’s testimony, roughly three-quarters of all cyberattacks in the country go unreported, making it more difficult for authorities to counteract.

According to reports, Executive Assistant Director of the Cybersecurity and Infrastructure Security Agency Eric Goldstein stated that without such visibility, they are unable to communicate information efficiently, issue timely alerts, assist victims, or comprehend the consequences of these attacks on the critical national functions on which they all rely.

President Joe Biden decided to sign an executive order, following several high-profile cyberattacks on national utilities and services in May. The order requires government contractors in the information technology industry to disclose cyberattacks.
Persuading the Victims of Ransomware Attacks

On Tuesday, Assistant Director of the FBI’s Cyber Division Bryan Vorndran stated that victims of cybercrime should be compelled to inform authorities about cybercriminals’ ransom requests and whether they paid the extortion.

Additionally, the idea of shielding companies from accountability if they do report law enforcement to the cyberattacks was considered. Certain companies may be hesitant to disclose their cyberattacks for fear of litigation, such as class action lawsuits. Unfortunately they all hide behind EULA agreements on their websites, non-responsibility if you get infected.

Downing stated that victims should not be penalized for cooperating with the government. Victims should retain any legal privilege they may have had over the information before releasing it.

Numerous companies and businesses are facing class action lawsuits over their lack of ransomware protection.
Editor’s Note on FBI Requests to Pass a Bill Over Ransomware Attacks:

This article is written to inform you of the latest FBI’s request to pass a bill that would force companies and citizens to report ransomware attacks immediately.