Threats

New Phishing Attack on Microsoft O365

August 26, 2021
New Phishing Attack on Microsoft O365 Users Leverages Open Redirects to Avoid Detection
Widespread credential phishing campaign abuses open redirector links
Microsoft 365 Defender Threat Intelligence Team Link Article

MspPortal Partners along with Barracuda does have  a solution
Read what Essentials complete will provide for you Includes ESS, Message Archiver and O365 Backup
One Drive, Exchange, Sharepoint,Teams (PDF)

MspPortal Partners will be offering to all partners a Bitdefender Gravity Zone Policy review and update

MspPortal Partners

Will be offering to all partners a Bitdefender Gravity Zone Policy review and update

Free of charge

This will only be offered to MspPortal Partners for a limited time through the middle of October 2021 on Tuesdays and Thursdays from 8 am to 11:30 am MST/NO DST

If you are not one of the 425 partners you are more than welcome to change out your existing Distributor/Partner

Existing partners and new partners are welcome go to the website www.mspportalpartners.net and fill out the contact form

MspPortal Partners specializes in Bitdefender Gravity Zone Malware protection

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Bitdefender / Distributor

“Where Service and Technical Skills Count”

Microsoft Windows Zero-Day Under Attack

Dark Reading Staff 9-8-2021

Microsoft has issued an advisory containing mitigations and workarounds for a remote code execution flaw in Windows it says is being exploited in targeted attacks.

CVE-2021-40444 exists in MSHTML, the proprietary browser engine built into Windows that allows the operating system to read and display HTML files. MSHTML, also known as Trident, was mainly used by Internet Explorer but is also used by Microsoft Office, Broadcom notes in its advisory on the vulnerability. It allows developers to add Web browsing into their applications.

Microsoft reports the targeted attacks it has observed use specially crafted Office documents. In explaining how an attack would work, it says an adversary could create a malicious ActiveX control to be used by an Office document that hosts the MSHTML browser-rendering engine. An attacker would have to convince a victim to open the file. Officials note victims with fewer user privileges on the system could be less affected than those with administrative user rights.

The company credits four external researchers with finding the vulnerability: Dhanesh Kizhakkinan, Genwei Jiang, and Bryce Abdo of Mandiant, and Haifei Li of EXPMON, in addition to Rick Cole with the Microsoft Security Threat Intelligence Center (MSTIC).

Read the full advisory for more details.

Bitdefender Gravity Zone Sandbox Analyzer Detection

Folks you need to add ATS (Hyperdetect with Sandbox combo package pricing)

Sandbox Analyzer Detection

Bitdefender Gravity Zone

Sandbox Analyzer has detected a threat on your network.
More information about the detected object can be found below.
________________________________________
Sandbox Detection Details
Company: This could have been your firm or your clients beware
Host Name/IP ACTIVITYLINK61 / x.x.x.x
Detection Timestamp 22 Jul 2021, 11:11:04
Threat Type Trojan
This bundle contained the following file(s):
File Name File Path File Size Remediation
ALProWebserver_Sunshine.exe C:/Home/alpro/Sunshine/Webportal 6.94 MB Quarantined

To view the behavioral events recorded during sandbox analysis, you can generate the Sandbox Analysis Results report from the Reports section in Control Center.