Release date:
Fast Ring: 2020.12.15
Slow Ring: 2020.12.17
New Features and Improvements
General
• Added improvements for product crash scenarios.
Antimalware
• Added improvements for better resource consumption.
Resolved Issues
Installation
• The security agent failed to install on a Red Hat Enterprise 6.5 Korean system.
Antimalware
• The Antimalware module appeared as disabled in the local interface when the mount point used NFSv4.
• The product caused system crashes on Red Hat Enterprise 8.3.
Endpoint Detection and Response (EDR)
• The security agent consumed a large amount of memory triggering Linux Out of Memory Killer on some Ubuntu systems
Hey SolarWinds Customers… Looking for a Safe Haven?
By now, you have seen the disaster that is the breach caused by the tainted SolarWinds update. Earlier today, even Microsoft confirmed that its network was hacked. SolarWinds said earlier in the week that attackers penetrated its software build system and inserted malicious code into software updates. The updates were then sent out to more than 33,000 organizations around the world, of which 18,000 actually installed the update. Among the organizations were thousands of managed service providers responsible for supporting thousands of companies.
It’s no secret that as a managed service provider, MspPortal Partners, has a vested interest in this story and potentially the organizations that were overconfident in their network security. Because the update came from what was a trusted partner, SolarWinds, more than half of those organizations targeted likely installed the update without a second thought. Unfortunately, the number and locations of the victims of this attack are likely going to grow over the next several days and weeks. Now is a time for SolarWinds customers to consider their security partners, and if a partner with a more hands-on approach can prevent these attacks from happening in the future.
MspPortal Partners, a boutique distributor of security solutions, has already started to support dozens of SolarWinds customers and is prepared to support as many as are ready to change. In addition to live training and support 24x7x365, MspPortal can add and scale accounts as needed as a result of our negotiating power with our solution providers and our bulk licensing agreements. We offer security through one of the most established and trusted platforms in the industry, and with attacks only increasing, now may be the best time to switch.
3 month migration pricing available
Contact us for more information.
How’s your Malware security software support?
We know you have options when it comes to deploying Bitdefender software. In fact, you could buy from multiple brand name distributers in the United States. Some of them are Remote Management and Monitoring providers working with a number of solution providers while others are simply generating sales for Bitdefender passing the money back and and support back to Bitdefender. Pricing for these distributors is the same, so you’re not going to find many differences in working with one or the other.
MspPortal is a boutique distributor that specializes in Bitdefender, along with other complementary product lines. We are a top hands-on trainer in the United States, offering three levels of support 24x7x365. MspPortal never refers you back to Bitdefender; rather we use our expertise working with the software for the past several years to support your software needs. Our largest deployment of Bitdefender was to a reseller for 60,000 endpoints in 26 different locations across California. We negotiated the pricing with Bitdefender for a three-year contract. The customer, the reseller and Bitdefender walked away satisfied in the contract and the ongoing level of support from MspPortal.
We can provide all licenses within minutes and scale your account as needed because of our negotiating power that allows us to acquire buckets of licenses in our monthly Gravity Zone.
If you are in the market for endpoint security software or better support, look no further than MspPortal.
Contact us at…our contact page on the web site
Bitdefender’s Response to FireEye and SolarWinds Breaches and Recommendations for Organizations
December 17 2020
Bitdefender’s Response to FireEye and SolarWinds Breaches and Recommendations for Organizations (Article)
Measures Bitdefender took to ensure its internal operations were not impacted:
An audit of our suppliers, partners, contractors and outsources concluded SolarWinds solutions are not incorporated into any products or services we procure.
Although Bitdefender does not use any SolarWinds solutions in its operations, a thorough systems check concluded no indication of compromise from the attack.
We have hardened our environment against specific techniques used in this attack and will continue to fortify through evaluations and tabletop exercises as new information becomes available.
Bitdefender is an undisputed world leader in its field, with its technology used in 38% of all security solutions worldwide. Acknowledged by prestigious independent testing labs as the world’s best prevention firm, Bitdefender is the provider of the first and only integrated security platform that unifies hardening, prevention, detection, response and services across endpoint, network and cloud.
MspPortalPartner is proud to be one of Bitdefenders Largest MSP Distributors in the US “Where Service and Technical Skills Count” From pricing to training and tech support level 1,2,3
SolarWinds Malware Security Breach Spares No One
December 16 2020
Details about the Russian-based malware security threat that infected an estimated 18,000 organizations continue to unfold. Over the last several days, targets and victims of the campaign, which originated from a seemingly legitimate software update of the Orion network management product from SolarWinds, have emerged and include a who’s who of the U.S. government, numerous Fortune 500 companies and potentially over 22,000 managed service providers. The U.S. Treasury Department, the Department of Homeland Security, the State Department, the Justice Department, and potentially entities from all five branches of the U.S. military installed the compromised software on their systems. SolarWinds also counts 499 of the top Fortune 500 companies as customers, so the extent of the security breach is extensive.
According to stories published on DarkReading.com and ZDNet, security vendor FireEye uncovered the malware campaign while investigating a breach on its own network. FireEye recently published a description of the malware, “SolarWinds.Orion.Core.BusinessLayer.dll is a SolarWinds digitally-signed component of the Orion software framework that contains a backdoor that communicates via HTTP to third party servers. We are tracking the trojanized version of this SolarWinds Orion plug-in as SUNBURST.
“After an initial dormant period of up to two weeks, it retrieves and executes commands, called ‘Jobs,’ that include the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services. The malware masquerades its network traffic as the Orion Improvement Program (OIP) protocol and stores reconnaissance results within legitimate plugin configuration files allowing it to blend in with legitimate SolarWinds activity. The backdoor uses multiple obfuscated blocklists to identify forensic and anti-virus tools running as processes, services, and drivers.”
On Monday, Dec. 16th, the U.S. Cybersecurity and Infrastructure Security Agency issued an emergency directive, only the fifth since 2015, advising “all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.”
DarkReading.com reported, “The targeted attack has once again focused attention on the long-standing issue of supply chain and third-party security. It has also raised alarm about the extent to which Russian advanced persistent threat (APT) actors and threat actors from other countries may have insinuated themselves into, and are lurking on, U.S. critical infrastructure and networks, ready to activate at a moment’s notice.”
SolarWinds’ Orion technology monitors networks of hundreds of thousands of organizations in government, banking, healthcare and other industries..
During the past month, more than 30 SolarWinds’ MSPs have signed up with MspPortal Partners Inc, and they are now protected on one of the oldest, most established and trusted security platforms.
