2021-03 March Roundup Newsletter

BEWARE THE IDES OF MARCH! Well thankfully, we're past it now. March has been a relatively quiet month compared to the first two this year

Here are the highlights: 🙂

• Domotz was in the spotlight! This month with Domotz under the spotlight, Giancarlo, CTO of Domotz, and our very own Martyn Keigher hosted the GeekCast. Read below for more information. Vendor Spotlight is a program, created by us, so that we can continue bringing high-quality educational content to the community in the form of Geekcasts.
• Channels, channels galore. This month brings us 4 new victi- vendor channels. Vendors who come and engage with us do so with the understanding that they come primarily to help... not sell! We appreciate their willingness to be a true partner to Service Providers and are looking forward to their community contributions. Please be sure to check them out.

New Vendors, Welcome!

Nuvolex (#v-nuvolex) is a vendor everyone should be keeping an eye on! If you've read Gavin's blog post you'll notice that this vendor has a product that is very much in-line with the new modern RMM, although it still has some ways to go.

usecure (#v-usecure) is another vendor from the future, making an attempt to blend Automation with the Human Risk Factor, usecure brings a platform that merges Security Awareness Training with automated processes for analysis, risk detection, and remedial training. Usecure also includes modules for centralized policy management, built-in continuous dark-web monitoring of your users, and threat simulations to score your users and assign micro training.

ScopeStack (#v-scopestack), You ever had that dreaded feeling while quoting a professional services engagement? Unsure if you'd be accounting for all the pitfalls and how much you'll profit or lose on the engagement? ScopeStack comes in with a platform and ability to standardize and modularize your business services, allowing for more accurate scopes and maximizing margins while reducing risk. 

Comptia ISAO (#v-comptia-isao) For those unfamiliar, an ISAO is a Threat Intelligence Sharing Community, and official ISAO communities are generally given special dispensation for sharing threat intelligence that may otherwise be restricted from the public; in the interest of allowing "crowd-sourcing" analysis and information gathering so that the threat can be appropriately responded to. CompTIA started their ISAO in an effort to provide members with breaking news of ongoing threats.

Vendor Spotlight

As a quick recap, Vendors are offered a chance to enroll in the Spotlight program, where they will have one month being front and center on our website. To qualify for this they must submit the details for a Geekcast session that will be held by MSPGeek on the third week of their selected month. 

Domotz, was selected as the vendor for the March Vendor Spotlight! The Domotz Geekcast focuses on basic network monitoring with SNMP. Join CTO Giancarlo and CPO JB with our very own Martyn as they attempt to demystify network monitoring by putting the S back into NMP. Domotz has a very active vendor channel within MSPGeek and in general has webinars often in an effort to educate and train on network monitoring and troubleshooting.

Titled "Take your MSP to the next Level with SNMP", you'll be given a high level overview of the SNMP architecture as well as how to setup basic network sensors as monitors on various devices. You can catch their Geekcast from March here and see the Domotz spotlight on MSPGeek here.

This Month in Security

The first bombshell of March started with Microsoft announcing that nearly every version of exchange currently in use today is currently vulnerable to several CRITICAL exploits. Patches were released for Exchange Versions 2010, 2013, 2016 and 2019. 

• https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
• https://www.msspalert.com/cybersecurity-news/microsoft-exchange-hafnium-attack-timeline/

This started a storm like no-other as vendors like Perch and Huntress (two popular vendors on MSPGeek) did deep dives into what later became known as the HAFNIUM exploit, in addition other SOC platforms like Rocketcyber also released new code to check for affected versions of Exchange. Key takeaway is, look up your version and then upgrade to the minimum required CU, after which you should install the mitigating patch. Make sure to check for compromises that already happened after you're patching is complete.

Remember Acer? So did the cyber group who ransomed them...in a possibility related event to the above mentioned exploit Acer got hit hard with a 50 million dollar ransom, which was just one of many companies that got hit this month as well. Always be vigilant and test your response plans for when disaster hits. Changing your thought process from "If we get hit" to "When we get hit" allows you to be prepare for handling the dangers that are out there.

• https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/
• https://www.bleepingcomputer.com/news/security/compucom-msp-expects-over-20m-in-losses-after-ransomware-attack/

For those who remember earlier this year Ubiquiti had a massive breach in one of their "third party hosting providers" that seemed fairly routine, Ubiquiti sent out mass notifications for everyone to change their login credentials, however this month newly released information shines light on the incident that exposes a terrifying set of circumstances both in regards to WHAT happened and HOW it was handled.

• https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

 

Community Shoutout!

We'd like to thank everyone, vendor's and MSP's alike, for actively engaging the community and helping make us who we are today!! 

We are always focusing on bettering the Information Technology field by improving the quality of information in all three pillars; Technology, Business, and Customer Service. 

If you want to see a specific topic covered in a GeekCast or an item addressed either in a blog post or in the monthly newsletter, please reach out and let us know. Topics covered can be focused on technical, operational, or service.

Other miscellaneous announcements...

Please remember we do maintain a community calendar for Vendors to earmark webinars and events they're having so that you can view them (for all participating vendors) in one easy place and select which ones you'd like to register for. These events also get announced in the Slack channel #vendor-events-announcements be sure to join that channel and enable Alerts for all messages so you can stay in the loop if you like.

Please be mindful of unsolicited messages. Vendors are under strict agreement for no solicitation (check our Code of Conduct), however, just like any other social media platform there could be other nefarious purposes for someone messaging you. As a reminder do not give out personally identifiable information or information that can lead back to your systems.  

This is a free public community and we want to make sure to remind you occasionally that security should always be your first thought, even when trying to get help. Also, if you get any suspicious DM's or requests for information please do a /adminrequest command, and an admin member will reach out to help you. All Admins are identifiable by name and are listed on our website About Us page.

Thank you for the being the community we love to serve,
MSPGeek Admin Team