MTR – Management Threat Response

The Kaseya Ransomware attack is yet another example of how Hackers are leveraging RMM software to gain access to entire customer bases. The way they have evolved is proving that traditional Endpoint and Firewall are not enough, as the number one beach type is Hacking and 80% of the time that is leveraging legit credentials. These sophisticated, Human led attacks, require a human-led defense, such as an MTR service.

Link to VSA Breach Webinar recording – https://register.gotowebinar.com/recording/8003881016914860300

For the main topic today, I have a couple of very interesting news on Microsoft Office 365. The first one you have probably already seen in the news, but Microsoft is experiencing some issue that causes random OneDrive for Business, SharePoint, and Teams files disappearing, apparently as an aftershock of the massive Office 365 outage back on Monday. So if you’re still not backing up your Office 365 data because your management does not think this is necessary, this makes it a solid justification to start now… if this does not help to convince them, then I don’t know what will > Mysterious bug is deleting Microsoft Teams, SharePoint files
Now, of course, such bugs are quite rare indeed. Most commonly, a data loss is caused by users themselves – and worst of all is when malicious actors are involved because they will definitely ensure the destroyed information is not recoverable. In that light, taking care of Office 365 access credentials is super important – and unfortunately, they are too easy to steal. One of our system engineers has made a 9 min video showing how you don’t need advanced skills to hack Office 365 with some “help” from an end-user. Clearly, the worst part is that once a hacker takes over just one account, which requires only ONE person out of hundreds to make a mistake, then further phishing emails can be sent from under this account – which makes them look completely legit, thus dramatically increasing clicks! I’m just thinking about people like myself who are working under constant pressure with huge email traffic, and need to action many documents shared through OneDrive for Business links – I certainly would not be surprised falling for this despite all my years in IT! Check out the video > Simple phishing and access to Office 365
Something for color-blind folks: I ran into this tip on Reddit, and saw people saying that enabling a color filter that corresponds to their type of colorblindness in Windows settings under Start > Settings > Ease of Access > Color filters has changed their lives, so I thought I’d share this here too!

This next news made me remember the peak of Windows vs. Linux holy wars on the Internet back 20 years ago. One of the absolute top and unbeatable arguments from Linux supporters was that being open-source, Linux is infinitely more secure “because all the source code is open and so many eyes are looking for potential vulnerabilities”. But some folks from the University of Minnesota have just proved this is really not the case, by getting some patches that purposely add multiple vulnerabilities of various degrees accepted into the Linux kernel as a part of their kernel security research. Needless to say, this type of attack is a big deal now that the SolarWinds hack made supply chain attacks a huge point of concern from both users and software vendors. Unfortunately though, while the research has helped to determine and confirm what is the valid issue before “bad guys” were able to exploit this attack vector, the immediate knee-jerk reaction of the Linux community was to just ban the entire university from contributing to the kernel… seems a bit unfair considering how much potential future damage from real attackers this research has prevented.

Also last week, an even bigger security issue has been disclosed by researchers: the next generation of Spectre-like CPU vulnerability which is able to bypass all current Spectre defenses.

https://www.sciencedaily.com/releases/2021/04/210430165903.htm

 And the worst part is, this new one looks to be impossible to fix without a very heavy impact to CPU performance. This is bad news! I mean, even those Spectre fixes have left some of you struggling with their performance impact up until now (yes I’m looking at you Hyper-V users) – so I can’t even imagine what fixing a much worse vulnerability would require?
And to finish off with this security-heavy digest, this seems important for Mac users > Update Your Mac Now: The Worst Hack In Years.  
https://www.forbes.com/sites/thomasbrewster/2021/04/26/update-your-mac-now-the-worst-hack-in-years-hits-apple-computers

Facebook
Twitter
Pinterest
LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *

Submit a Ticket...