CyberSecurity & Infrastructure Security Agency
Known Exploited Vulnerabilities Catalog
Great place to start if you are curious if you need to do an update. Lot of Apple and Google and of course Microsoft updates.
Even Solarwinds now called N-able name change..go figure lastest 11-17-2021
Known Exploited Vulnerabilities Catalog
Site URL
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender /MSP Aggregator – Distributor
“Where Service and Technical Skills Count”
August 26, 2021
New Phishing Attack on Microsoft O365 Users Leverages Open Redirects to Avoid Detection
Widespread credential phishing campaign abuses open redirector links
Microsoft 365 Defender Threat Intelligence Team Link Article
MspPortal Partners along with Barracuda does have a solution
Read what Essentials complete will provide for you Includes ESS, Message Archiver and O365 Backup
One Drive, Exchange, Sharepoint,Teams (PDF)
MspPortal Partners
Will be offering to all partners a Bitdefender Gravity Zone Policy review and update
Free of charge
This will only be offered to MspPortal Partners for a limited time through the middle of October 2021 on Tuesdays and Thursdays from 8 am to 11:30 am MST/NO DST
If you are not one of the 425 partners you are more than welcome to change out your existing Distributor/Partner
Existing partners and new partners are welcome go to the website www.mspportalpartners.net and fill out the contact form
MspPortal Partners specializes in Bitdefender Gravity Zone Malware protection
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Bitdefender / Distributor
“Where Service and Technical Skills Count”
Dark Reading Staff 9-8-2021
Microsoft has issued an advisory containing mitigations and workarounds for a remote code execution flaw in Windows it says is being exploited in targeted attacks.
CVE-2021-40444 exists in MSHTML, the proprietary browser engine built into Windows that allows the operating system to read and display HTML files. MSHTML, also known as Trident, was mainly used by Internet Explorer but is also used by Microsoft Office, Broadcom notes in its advisory on the vulnerability. It allows developers to add Web browsing into their applications.
Microsoft reports the targeted attacks it has observed use specially crafted Office documents. In explaining how an attack would work, it says an adversary could create a malicious ActiveX control to be used by an Office document that hosts the MSHTML browser-rendering engine. An attacker would have to convince a victim to open the file. Officials note victims with fewer user privileges on the system could be less affected than those with administrative user rights.
The company credits four external researchers with finding the vulnerability: Dhanesh Kizhakkinan, Genwei Jiang, and Bryce Abdo of Mandiant, and Haifei Li of EXPMON, in addition to Rick Cole with the Microsoft Security Threat Intelligence Center (MSTIC).
Read the full advisory for more details.
