We’re excited to introduce MSP360 Managed Backup 7.0, with the new Backup Storage Browser feature, the ability to seamlessly add network shares to the backup plan source directly from the management console, Windows Server restore directly to cloud-based virtual machines, an Overdue status for endpoints on the Computers page, and the ability to authorize computers in a single user flow with a new Authorize group action. Continue reading
Networking isn't always effective, but when it is, MSPs benefit in the long run. They typically end up generating more business, finding new opportunities and educating themselves on emerging industry trends, which benefits not only them but their customers. Continue reading
What's new this week in the news for MSPs?
Google launches a new cloud file storage tier; AWS adds a new data migration device; AWS solves a 2.3 Tbps DDOS attack; fake data breach notification malware caught by Google; and Black Kingdom ransomware hack manipulating Pulse VPN flaws.
Let's see what it's all about.
Google has announced the launch of its new product Filestore High Scale, a cloud-based file storage tier for businesses operating high-performance computing workloads. It is said to be the next step in the development of Google's Cloud Filestore service.
With Filestore High Scale, Google has integrated the capabilities of data storage startup Elastifile Ltd., which it acquired in July 2019. The new tier lets users send shared file systems that can expand to a capacity that permits hundreds of thousands of input/output operations per second, with tens of gigabytes per second throughput and hundreds of terabytes.
Google said that other workloads that may benefit from Filestore High Scale's scale-out storage are electronic design automation, financial modeling, genomics, and video processing.
AWS Snowcone is a new device added by Amazon to its family of data migration devices. This device is small and very portable, weighing only 4.5 pounds and measuring just nine by six by three inches. It provides up to 8 terabytes of storage for businesses using edge computing workloads, where space, power, and cooling features are limited.
AWS Snowcone operates on two central processing units. It has 4 gigabytes of memory for computing operations, a USB-C connection, and an optional battery unit.
In a blog post, Amazon Chief Evangelist Jeff Barr shared that Snowcone's primary objective is data migration, “Internet of Things,” transportation, content distribution and tactical edge computing, logistics, and autonomous vehicles use cases. What's more, the device is tamper-proof, dust-tight, water-resistant, and can transfer data using the AWS DataSync service.
AWS Snowcone will be available first in the AWS East (Northern Virginia) and AWS West (Oregon) regions, and additional regions will be added soon.
Amazon Web Service reported that it was able to diminish a distributed denial-of-service attack of 2.3 terabits per second in February. It is the most massive DDoS attack on record to date. According to the details given in the AWS Shield Threat Landscape Report- Q1 2020, this attack continued for three days. Those behind the attack failed to knock Amazon cloud services offline.
The method used is the so-called Connection-less Lightweight Directory Access Protocol reflection-based attack. In this type of attack, the attacker sends a CLDAP request to an LDAP server with a spoofed sender IP address — the target's IP address. The server then mounts a bulked-up response to the target's IP address, causing the reflection attack, hence the name.
The server is unaware of the attack when it receives multiple, apparently legitimate requests to establish communication, according to Imperva. From each open port, it answers each attempt with an SYN-ACK packet. This will eventually cause the server's connection overflow tables to flood and genuine clients will be denied access.
To distribute malware and scams, bad actors have begun pushing fake notices about data breaches at big company names. These direct people to risky websites. The groups behind them are mixing Google Sites, black SEO, and spam pages.
Google Alerts, which uses predefined terms set by users to monitor search results, has helped in the spread of these false notifications. Some companies found in the notifications include Dropbox, Hulu, Ceridian, Shein, PayPal, Target, Chegg, EA, Canva, HauteLook, Mojang, InterContinental Hotels Group, and Houzz. These companies have suffered a data breach at some point in the past.
If a user follows any of these links picked up by Google Alerts, they find themselves on landing on pages with download offers for undesired extensions and malware, and fake giveaways.
Aside from using compromised websites, these groups also make their own pages. In many instances, they have used Google Sites to host their content.
A fake giveaway of iPhone 11 devices was one of the malicious links used as a redirect, claiming to have been set up by Google for its “Membership Rewards” program.
Using spam pages to redirect users to pages that pose a risk is not new; this is just the latest example by a malware group.
Businesses with unpatched Pulse Secure VPN software or initial access on the network are the target of the operators of the Black Kingdom ransomware. The malware was captured in a honeypot computer system that let security researchers examine and document its methods of operation.
A Pulse Secure VPN (CVE-2019-11510) critical vulnerability affecting earlier versions of its software was leveraged by the malware operators.
Researchers noted that the ransomware built endurance by mimicking a legitimate scheduled task for Google Chrome. According to REDTEAM.PL's analysis, it's likely that a scheduled task runs base64-encoded string code in a hidden PowerShell window to get a script named “reverse.ps1”, and then opens a reverse shell on the infected host.
Security researcher GrujaRS first spotted Black Kingdom ransomware in February, when it appeared to have appended a .DEMON extension to encrypted files.
The sample examined communicated with the same IP address seen in REDTEAM.PL's report. The ransom note sought $10,000, to be deposited to a bitcoin wallet, and threatened that failure to do so would lead to the data being destroyed or sold.
Learn about common ransomware attack scenarios and what to do if one of these attacks affects your clients:
Further reading Ransomware Attack Scenarios
I hope this update has been helpful. MSP360 is your resource for MSP news. Stay home, stay safe and healthy, and remember to check back next week for more highlights.
Because Microsoft 365 is a cloud-based SaaS platform, it’s easy for customers to assume that the data they create or store on it is always safe. Of course, MSPs know that that is not the case; there are a variety of ways in which data can be lost in a Microsoft 365 environment, which is why managed backup services for the platform can be a profitable offering for an MSP business. Continue reading
In the mid-1970s, when I was working in the Navy’s new cybersecurity group, we had it easy.
Not that we felt like that, of course. Automation was still pretty primitive, and encrypting messages often took hours (if not days). But looking back, we had one huge advantage over the cybersecurity engineers of today: we didn't let anyone touch our equipment. Everyone had to go through us to send messages and protect data, and so we could make sure that this was done correctly. Continue reading
What's new this week in the news for MSPs?
AWS Launches AMD-based C5a; IBM Cloud Outage Takes Customer Websites Down Worldwide; Snake Ransomware Attack on Honda Factories; Tycoon Ransomware Uses Obscure Java Image Format; Trickbot Malware Using Fake “Black Lives Matter” Voting Campaign; and a Phishing Campaign Is Targeting Microsoft Office 365 Accounts.
Cloud is becoming so cheap, reliable, and safe that more and more companies are moving workloads there. Anything from database management to IoT, from data storage and backup to email exchange servers, can nowadays be run in the cloud in a scalable and cost-efficient manner. In fact, you can build a company solely upon the infrastructure of one of the cloud giants: Amazon Web Services, Microsoft Azure, or Google Cloud. And, in fact, many companies do this.
The nationwide lockdown has many people going up the wall during the COVID-19 pandemic. However, you can reduce the boredom by keeping yourself occupied. How about getting a certification? It will not only be a better use of time, but it will also make you more marketable. Getting a certification can keep you focused on your career goals and validate your newly acquired skills.
A successful managed services business requires the right technology stack. Some tools within the stack, such as remote monitoring and management software, may be obvious. Others, like finance and accounting tools, are less so. But in order to work as efficiently as possible, it's important to be sure your MSP technology stack addresses all of your business' needs. Continue reading
What's new this week in the news for MSPs?
Azure Maps Previewed by Microsoft; USBCulprit Malware Group Stealing SE Asia Government Data; NASA Contractor Allegedly Attacked by DopplePaymer Ransomware Group; Valak Malware Lifting Credentials from Exchange Servers; Cisco Servers Hacked; More US Colleges Hit by Netwalker Ransomware; and Office365 Targeted with Phishing Scam. Let's see what's going on.
Convincing businesses to leverage your IT services can be tough. What can you do to demonstrate the value your MSP provides to clients? Well, numbers are more persuasive than words. Here is a list of 17 statistics broken down into three categories for you to use the data to drive your MSP sales approach. Continue reading
As always, we are really glad to tell you about the new features we have implemented in our Office 365 / G Suite Backup Solution. The most popular features you have requested previously were carefully chosen, “weighted” and added to the development roadmap. Now let me dive in with some more details of these features: Continue reading
