Security

Security

Google Releases Security Updates for Chrome (Must Apply)

Google Releases Security Updates for Chrome (Must Apply) (Review update)
02/15/2022 07:25 AM EST

Original release date: February 15, 2022

Google has released Chrome version 98.0.4758.102 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities has been detected in exploits in the wild.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

I have always supported Firefox. As bad as I personally think Facebook is, I think Google products and browser are worse.

Roy Miehe | MspPortal Partners Inc. | Ceo/President Bitdefender /MSP Aggregator – Distributor “Where Service and Technical Skills Count”

CISA Adds Nine Known Exploited Vulnerabilities to Catalog

Original release date: February 15, 2022

CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.
CVE Number CVE Title Remediation Due Date
CVE-2022-24086 Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability 3/1/2022
CVE-2022-0609 Google Chrome Use-After-Free Vulnerability 3/1/2022
CVE-2019-0752 Microsoft Internet Explorer Type Confusion Vulnerability 8/15/2022 not good
CVE-2018-8174 Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability 8/15/2022 not good
CVE-2018-20250 WinRAR Absolute Path Traversal Vulnerability 8/15/2022
CVE-2018-15982 Adobe Flash Player Use-After-Free Vulnerability 8/15/2022
CVE-2017-9841 PHPUnit Command Injection Vulnerability 8/15/2022
CVE-2014-1761 Microsoft Word Memory Corruption Vulnerability 8/15/2022 not good
CVE-2013-3906 Microsoft Graphics Component Memory Corruption Vulnerability 8/15/2022 not good

The two agencies also shared a list of measures that can help admins mitigate BlackByte attacks: 2-14-2022

The two agencies also shared a list of measures that can help admins mitigate BlackByte attacks: 2-14-2022

Thanks to Bleeping Computer

  1. Implement regular backups of all data to be stored as air gapped, password protected copies offline.
  2. Ensure these copies are not accessible for modification or deletion from any system where the original data resides.
  3. Implement network segmentation, such that all machines on your network are not accessible from every other machine.
  4. Install and regularly update MspPortal Partners/Bitdefender antivirus software on all hosts, and enable real time detection.
  5. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released be careful of this look at KB’s first.
  6. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
  7. Audit user accounts with administrative privileges and configure access controls with least privilege in mind. Do not give all users administrative privileges.
  8. Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs for any unusual activity.
  9. Consider adding an email banner to emails received from outside your organization.
  10. Disable hyperlinks in received emails MspPortal Partners/Barracuda
  11. Use double authentication when logging into accounts or services.
  12. Ensure routine auditing is conducted for all accounts
  13. Ensure all the identified IOCs are input into the network SIEM for continuous monitoring and alerts.
  14. Do you want Security Updates Emailed to you Subscribe to blog (bottom  of News page)

     

    Roy Miehe | MspPortal Partners Inc. | Ceo/President

    Bitdefender /MSP Aggregator – Distributor

    “Where Service and Technical Skills Count”

The Texas attorney general’s office sued Meta’s Facebook on Monday

Mon, February 14, 2022, 10:10 AM
WASHINGTON (Reuters) -The Texas attorney general’s office sued Meta’s Facebook on Monday, alleging that the social media giant violated state privacy protections with facial-recognition technology that collected the biometric data of millions of Texans without their consent.

The lawsuit accuses Facebook of capturing biometric information from photos and videos that users uploaded without consent, disclosing the information to others and failing to destroy it within a reasonable time.

“This is yet another example of Big Tech’s deceitful business practices and it must stop. I will continue to fight for Texans’ privacy and security,” Attorney General Ken Paxton said in a statement.

The lawsuit was first reported by the Wall Street Journal, which cited a person familiar with the matter as saying that the state was seeking hundreds of billions of dollars in civil penalties

“The scope of Facebook’s misconduct is staggering,” the lawsuit said. “Facebook repeatedly captured Texans’ biometric identifiers without consent not hundreds, or thousands, or millions of times — but billions of times,” the lawsuit said.

Bitdefender and Microsoft O365 Information IMPORTANT

Bitdefender Policy Update- please apply

Network Protection ->General Settings Section- Check off Besides SSL Scan RDP.  Brute Force attacks are happening..it surprises me considering the whole world I thought shutdown RDP on the public side.

Microsoft Changes to O365 user and Resellers agreements

Dear Reseller,  

We’d like to take the opportunity to provide you with an overview of upcoming changes Microsoft is making to their CSP experience. 

Historically, Microsoft has not enforced their annual subscription terms which has allowed customers flexibility in modifying licenses throughout the annual term. Effective March 10, 2022, Microsoft will be enforcing annual terms, and offering monthly terms for customers who wish to maintain flexibility with license changes.  Monthly-term license subscriptions will be charged a 20% premium, however, to help support this new enforcement, Microsoft is offering a promotion for most of the monthly-term licenses.  This promotion is effective through June 2022 and is for designated SKUs where the customer has under 2,400 of the same licenses within the same tenant. Customers who do not want to pay a 20% premium for this flexibility will need to move their license to an annual term before Microsoft’s promotion ends in June. 

In addition to enforcement of term policies, Microsoft is only allowing a 72-hour time frame during which new subscriptions can change terms or quantities. After 72-hours from the initial purchase, subscriptions cannot be modified until the next renewal period (either monthly or annual).

Think about this the headache you will have trying to do co-terming with you clients. Remember this withing the same tenant, with no time to adjust. We are working to provide a solution and alternative to Micorsoft’s actions

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP Aggregator – Distributor

“Where Service and Technical Skills Count”

Bitdefender New Portfolio email

This will not effect MspPortal Partners pricing on all Gravity Zone pricing will remain the same. Per my Distribution Manager 1-6-2021

Yes a la carte refers only to annual enterprise solution – not MSP. You will continue to distribute Cloud Security for MSP + ATS + EDR, etc. with no change 😊

I will let you know details ASAP on the annual pricing changes to the enterprise only (no change to annual bundles).

The message sent was a little confusing and concerning to a lot of MSP and Resellers

The a-la-carte licensing model is being updated: advanced security capabilities (Cloud Sandbox, HyperDetect and Root Cause Analysis) will now be included in the base license to provide an even higher security level with the base tier. We are also consolidating SKUs and will support both on-premises and cloud console deployments from the same SKU/license.

The current a-la-carte products and GravityZone Advanced Business Security will move to End-of-Sale for new customers starting April 1st, 2022. This is due to the introduction of the enhanced a-la-carte licensing mentioned above and to optimize the number of packages in our business solutions portfolio from four to three.

Something to think about as an opinion and comment if you bill your clients annually you might change to monthly as soon as feasible and financially acceptable to you.  Annual contracts both with your vendor and your clients could backfire or be detrimental to you .

Roy Miehe | MspPortal Partners Inc ” Where Service and Technical Skills Count”

 

You think Apache Log4j Security Vulnerabilities is bad look at Mimikatz Malware

Mimikatz Malware

Attacks everything basically once there it will run additional tools to encrypt and do a search find for all machines to encrypt

The susceptible world is Windows of course.

Keep yourself up to date with Bitdefender (An update process has been completed successfully. (Product version: 7.4.1.111. Engines version: 7.90522 (10841006) This may sound like an add to promote Bitdefender but nobody needs Ransomeware.

Use there Gravity Zone basic with the Add-on of ATS/Sandboxing. Lock down in the policy also with no additional costs. This is a tech dashboard

I am having Bitdefender look at this and possibly develop a unencrypted key for the Ransomeware

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / – Distributor

“Where Service and Technical Skills Count”

Disclosure MspPortal Partners only sells and works with MSP’s and Resellers.

Security Advisory: Bitdefender Response to Critical Zero-Day Apache Log4j2 Vulnerability 12-11-2021

As normal Bitdefender is on top of this:

Link for Article

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score) – affecting Apache Log4j2, a Java-based logging framework widely used in commercial and open-source software products. The vulnerability affects versions 2.0 through 2.14.1; version 2.15.0 is not vulnerable.  

Bitdefender is already seeing and monitoring several malicious actors running active exploitation campaigns. 

The CVE-2021-44228 vulnerability has been assigned the highest possible risk score (CVSS 10) due to its exploitation impact (ability to remotely execute code on targeted hosts). Likely, this vulnerability will linger in computing infrastructures for an extensive period of time due to the widespread use of the Log4j2 logging framework. It is important to note this vulnerability is easy to exploit and applications using the affected Log4j2 versions are subject to an extensive attack surface. Immediate action is advisable.

Double check you other Vendors and RMM systems or remote Control programs

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP  – Distributor

“Where Service and Technical Skills Count”

Per Bitdefender “Managed services provider hosts the most in endpoint security”

MspPortal Partners simplifies and strengthens security in the cloud:

MspPortal Partners is a managed services provider (MSP) for internet service providers, resellers, value added
resellers and other MSPs. The company delivers comprehensive endpoint security, secure email, and networking in an OEM
arrangement with major manufacturers, hosted in a multitenant cloud environment.

An MSP takes on considerable responsibility by hosting critical business services for its
clients. That responsibility is multiplied when you’re the MSP for hundreds of other service
providers. Such a responsibility requires absolute confidence and trust in the solutions you
provide. Just ask MspPortal Partners.
This innovative MSP supports hundreds of MSPs, ISPs and resellers with everything they
need to offer their customers robust business solutions, such as endpoint security. MspPortal
Partners’ success is built on providing delivery and support services of the highest quality to
its clients.

Bitdefender Cloud Security for MSPs enables MspPortal Partners to deliver comprehensive
endpoint security services, including built-in firewall protection with intrusion detection,
content filtering and advanced antimalware and antivirus capabilities. The solution also gives
MspPortal Partners a multitenant dashboard for granular client specific policy management,
extensive reporting, and easy deployment of endpoint protection to multiple clients.

MspPortal Partners’ reputation for delivering reliable, economical, easy-to-manage endpoint
security has helped the company attract more than 76 new resellers in six months. And by
reselling Bitdefender Cloud Security for MSPs, these service provider customers also have
increased their revenue streams 33-40 percent. Not surprisingly, customer loyalty to MspPortal
Partners is also strong.

MspPortal Assisted a reseller to Deployed security to 52,000
endpoints in three days at 26 different school sites

Bitdefender-Business-CaseStudy-Msp-Portal-Partners

CyberSecurity & Infrastructure Security Agency Catalog

CyberSecurity & Infrastructure Security Agency
Known Exploited Vulnerabilities Catalog
Great place to start if you are curious if you need to do an update. Lot of Apple and Google and of course Microsoft updates.
Even Solarwinds now called N-able name change..go figure lastest 11-17-2021
Known Exploited Vulnerabilities Catalog
Site URL

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender /MSP Aggregator – Distributor

“Where Service and Technical Skills Count”