UPDATE 1-Amazon.com’s Ring gave police data without user consent 11 times in 2022

WASHINGTON, July 13 (Reuters) – Amazon.com’s Ring doorbell unit, which makes videos of the outside of an owner’s home, gave footage to law enforcement without the user’s consent 11 times so far this year, the company said.

Amazon said it provided the video under emergency circumstances. Senator Edward Markey, a lawmaker interested in privacy, on Wednesday released a letter from Amazon on the topic that was a response to his inquiry to the company.

“In each instance, Ring made a good-faith determination that there was an imminent danger of death or serious physical injury to a person requiring disclosure of information without delay,” wrote Brian Huseman, vice president of public policy for Amazon.

The company also said that it had 2,161 law enforcement agencies on its Neighbors Public Safety Service, which allows police and others to ask Ring owners for footage.

“Increasing law enforcement reliance on private surveillance creates a crisis of accountability,” Markey said in a statement.

Amazon’s Ring said in a statement that it followed the law.

“The law authorizes companies like Ring to provide information to government entities if the company believes that an emergency involving danger of death or serious physical injury to any person, such as a kidnapping or an attempted murder, requires disclosure without delay,” the company said in a statement.

In the letter, Huseman declined to specify when Ring technology can capture audio and how sensitive the audio recordings are. Users can easily disable audio.

He also declined to pledge to make end-to-end encryption the default for Ring data. End-to-end encryption is available although it would disable some features.

Markey said that he was concerned that Amazon and other tech companies would begin using biometric data in their systems and noted that he and others had introduced a bill aimed at restricting law enforcement access to such information. Hold Your Breath
(Reporting by Diane Bartz; Editing by Cynthia Osterman)

In closing you might want to remove SPYING DEVICES this is one of them

Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs

Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs
By Sergiu Gatlan July 12, 2022 01:02 PM

Microsoft says a massive series of phishing attacks has targeted more than 10,000 organizations starting with September 2021, using the gained access to victims’ mailboxes in follow-on business email compromise (BEC) attacks.

The threat actors used landing pages designed to hijack the Office 365 authentication process (even on accounts protected by multifactor authentication (MFA) by spoofing the Office online authentication page.

In some of the observed attacks, the potential victims were redirected to the landing pages from phishing emails using HTML attachments that acted as gatekeepers ensuring the targets were being sent via the HTML redirectors.

After stealing the targets’ credentials and their session cookies, the threat actors behind these attacks logged into the victims’ email accounts. They subsequently used their access in business email compromise (BRC) campaigns targeting other organizations.

“A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA),” the Microsoft 365 Defender Research Team and Microsoft Threat Intelligence Center (MSTIC) said.

“The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC) campaigns against other targets.”

Article (https://www.bleepingcomputer.com/news/security/microsoft-phishing-bypassed-mfa-in-attacks-against-10-000-orgs/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient
“Where Service and Technical Skills Count”

Barracuda is the play from a security standpoint

CISA orders agencies to patch new Windows zero-day used in attacks

By Sergiu Gatlan
CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild.

This high severity security flaw (tracked as CVE-2022-22047) impacts both server and client Windows platforms, including the latest Windows 11 and Windows Server 2022 releases.

Microsoft has patched it as part of the July 2022 Patch Tuesday, and it classified it as a zero-day as it was abused in attacks before a fix was available.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft explained in a security advisory published today.

Redmond says the vulnerability was discovered internally by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC).

BleepingComputer has also reached out to Microsoft earlier today with questions about how this vulnerability was used in attacks.
Federal agencies given three weeks to patch

CISA has given the agencies three weeks, until August 2nd, to patch the actively exploited CVE-2022-22047 vulnerability and block ongoing attacks that could target their systems.
Article (https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-new-windows-zero-day-used-in-attacks/)

You head off malware by using Bitdefender #1 in malware protection

 

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

Hackers impersonate cybersecurity firms in callback phishing attacks

By Bill Toulas July 12, 2022 03:54 PM
Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks.

Most phishing campaigns embed links to landing pages that steal login credentials or emails that include malicious attachments to install malware.

However, over the past year, threat actors have increasingly used “callback” phishing campaigns that impersonate well-known companies requesting you call a number to resolve a problem, cancel a subscription renewal, or discuss another issue.

When the target calls the numbers, the threat actors use social engineering to convince users to install remote access software on their devices, providing initial access to corporate networks. This access is then used to compromise the entire Windows domain.

Article (https://www.bleepingcomputer.com/news/security/hackers-impersonate-cybersecurity-firms-in-callback-phishing-attacks/)

Folks you need to head off these attacks (Barracuda Anti-Spam) at least scan before  mail is delivered to your inbox

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

OpenSSL Releases Security Update

Original release date: July 06, 2022

OpenSSL has released a security update to address a vulnerability affecting OpenSSL 3.0.4. An attacker could exploit this vulnerability to take control of an affected system. 

CISA encourages users and administrators to review the OpenSSL advisory and upgrade to the appropriate version. 

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

Bitdefender releases update BEST 7.6.1.202 (Windows) Release Notes – Slow Ring

  

Bitdefender has released version 7.6.1.202 of Bitdefender Endpoint Security Tools (for Windows) on slow ring. 

The release notes are available here.

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

Google patches new Chrome zero-day flaw exploited in attacks Attack details not revealed

he zero-day bug fixed today (tracked as CVE-2022-2294) is a high severity heap-based buffer overflow weakness in the WebRTC (Web Real-Time Communications) component, reported by Jan Vojtesek of the Avast Threat Intelligence team on Friday, July 1.

The impact of successful heap overflow exploitation can range from program crashes and arbitrary code execution to bypassing security solutions if code execution is achieved during the attack.

Although Google says this zero-day vulnerability was exploited in the wild, the company is yet to share technical details or a any info regarding these incidents.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google said.

“We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

With this delayed release of more info on the attacks, Chrome users should have enough time to update and prevent exploitation attempts until Google provides additional details.

Fourth ChRome zero-day fixed this year

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

 

Microsoft quietly fixes ShadowCoerce Windows NTLM Relay bug

Microsoft has confirmed it fixed a previously disclosed ‘ShadowCoerce’ vulnerability as part of the June 2022 updates that enabled attackers to target Windows servers in NTLM relay attacks.

This NTLM relay attack method can be used by threat actors to force unpatched servers to authenticate against servers under the attacker’s control, leading to a takeover of the Windows domain.

As BleepingComputer was told by a Microsoft spokesperson, while there was no public announcement made regarding this issue, the “MS-FSRVP coercion abuse PoC aka ‘ShadowCoerce’ was mitigated with CVE-2022-30154, which affected the same component.”

BleepingComputer emailed Redmond after ACROS Security CEO Mitja Kolsek discovered that ShadowCoerce was silently patched while researching it with the 0Patch team to issue a micropatch.

While it is good that Microsoft has fixed this vulnerability, they have not yet provided any details publicly and is yet to assign a CVE ID.

This has prompted security firms and researchers [1, 2, 3, 4] to ask Redmond for more transparency and to include more info on what’s fixed in its security bulletins.

Article Beeping Computer

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

Bitdefender will be the leader in Extended Detection & Response (XDR)

Datasheet• Consolidates observations and events across the business environment
• Built-in machine learning algorithms for high confidence detections
• Cross-source root cause analysis and context for rapid triage and action
• Guided or automated threat response directly from the platform

At-a-Glance
Bitdefender GravityZone XDR is a cloud-delivered solution built to secure
the entire business environment. The solution provides detection and response
capabilities across an organization’s users and systems, including endpoints, network,
and cloud.
With an easy-to-use interface, GravityZone
XDR is designed to intelligently analyze and automatically correlate and triage security
events from across the organization, resulting in a key set of benefits to
organizations looking to secure complex environments.
Key Benefits
• Comprehensive visibility with easy to
deploy and manage sensors that collect
data from across the organization
• Out-of-the-box automated detection and
triage of alerts based on correlation
and detection algorithms delivered both
locally to the sensor and at the cloud
platform level
• Easy investigation using the Incident
Advisor, a single dashboard highlighting
comprehensive analysis with
recommended automated or guided
response actions
• Rapid response for complete incident
containment executed directly from
within the XDR Platform. This will replace all SOC’s

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

Read (PDF)

Microsoft has revealed that this week’s Microsoft 365 worldwide outage

By Sergiu Gatlan June 22, 2022 07:23 AM

Microsoft has revealed that this week’s Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions.

Starting on Monday, June 20, at 11:00 PM UTC, customers began experiencing and reporting several issues while trying to access and use Microsoft 365 services.
Microsoft reveals cause behind this week’s Microsoft 365 outage

According to Microsoft, problems encountered during the incident included delays and failures when accessing some Microsoft 365 services.

Customer reports also shared info on continuous re-login requests, emails not getting delivered after being stuck in queues, and the inability to access Exchange Online mailboxes despite trying all available connection methods.

The affected services included the Microsoft Teams communication platform, the Exchange Online hosted email platform, SharePoint Online, Universal Print, and the Graph API.

Microsoft’s response while investigating the root cause behind the outage also brought to light some issues related to how the company fails to share new incident-related info with customers.

Even though Microsoft told customers they could find out more about this incident from the admin center under EX394347 and MO394389, user reports suggest that those incident tickets were not showing up, effectively keeping the customers in the dark.

This is the reason we will not sell O365..We do not want to support the product. MspPortal Partners has a relationship with RackSpace hosting email, we have a 99.9 uptime..nothing is perfect but we/RackSpace is far superior to O365

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”