News You Might’ve Missed. 2-6 March

What are tech companies doing instead of the conferences they're canceling due to the coronavirus? All that and more in this week's news for MSPs.

Conferences Canceled by Google and Microsoft

We're all hearing about firms canceling their events this year due to concerns over COVID-19; Google and Microsoft have just joined the ranks. However, the only difference is they've gone digital instead of just canceling. That's right, Google's Cloud Next and Microsoft's MVP Summit will be streaming virtually instead. Google plans to refund all attendees the cost of the hotel and event tickets.

On top of that, they are giving free access to a digitally streamed version of the event. Microsoft have announced they are transitioning their MVP Summit to a digital platform, and the event will take place from March 16th to 20th.

The cancellations are very concerning and point to a bleak future for these and other upcoming and larger-scale technology events.

Google Debuts Anthos for Telecom

Aiming to assist telcos digitally transform themselves, Google has launched a new version of their application development platform, Anthos. Their goals are to help telcos monetize 5G, assist them in engaging with customers with better data-driven experiences, and improve their operational efficiency.

Anthos provides a platform for mobile-centric applications. Anthos for Telecom will provide a similar platform for network-centric apps, according to Eyal Manor, general manager and vice president of engineering for Anthos and developer products and tools at Google Cloud.

Microsoft Defender ATP Stand-Alone Is Now Available

Since the announcement of Microsoft Defender Advanced Threat Protection for macOS and Linux last year, Microsoft customers have needed to buy a Windows 10 E5 license to gain access to MD ATP. Now Microsoft Defender ATP stand-alone is available! The new Microsoft Defender ATP stand-alone retail cost is $5.20 per month per user for up to five machines.

Most consider this pricing as great news, compared to the previous option. Besides, Gartner consistently ranks Microsoft in the Leader quadrant in their Magic Quadrant reports. Microsoft Defender ATP is a significant factor in this.

PwndLocker Ransomware Targets Municipalities and Enterprise Networks

Security researchers have found a new ransomware family called "PwndLocker", which is targeting municipalities and enterprise networks. It has been active since late 2019, according to Bleeping Computer, and has targeted many US cities and organizations during this time.

In the sample examined by Bleeping Computer, the ransomware used the "net stop" command to disable several Windows services, such as Microsoft SQL Server, MySQL, and Exchange. Additionally, it targeted many processes and terminated them if detected. Some of the processes targeted include Firefox, Word, Excel, Access, and other processes related to security software, backup applications, and database servers.

Railroad Firm Hit by Ransomware Attack

Railworks Corp, a railroad construction and maintenance firm, has revealed a ransomware attack that possibly exposed personally identifiable information.

Following the attack on January 27th, they sent email notifications to those affected. The stolen data had names, addresses, driver license numbers, government-issued IDs, social security numbers, dates of birth, and other employee information. Employees, family members, and independent contractors were affected.

Customer Data Protection Failure by Cathay Pacific Results in £500,000 Fine

The Information Commissioner's Office (ICO) has fined Cathay Pacific Airways £500,000 for failing to protect customers' personal data. As a result of the timing of the issue, that fine is significantly less than it could have been since the enactment of the new GDPR rules.

It was March 2018 when Cathay suffered a "brute force" password-guessing attack and reported it to the ICO. The regulator said it subsequently uncovered numerous errors during a follow-up investigation, including:

• backup files that were not password-protected
• internet-facing servers without the latest patches
• operating systems that were no longer supported by the developer
• inadequate anti-virus protection

In a statement about the fine, Cathay Pacific said it "would once again like to express its regret, and to sincerely apologize for this incident".

T-Mobile Suffers a Data Breach, Again

Wireless carriers are an excellent target for hackers. They have large databases of customers and data that are a high-value commodity on the black market. Unfortunately, this is not the first security incident for T-Mobile; the company suffered a similar event in November 2019, and in 2018 a data breach jeopardized the private data of 2.3 million customers.

In a message to customers, the company said, "Our cybersecurity team recently identified and shut down a malicious attack against our email vendor that led to unauthorized access to certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees. An investigation was immediately commenced, with assistance from leading cybersecurity forensics experts, to determine what happened and what information was affected."

Traveller Data Exposed by Rail Station Wi-Fi Provider

Email addresses and travel details of about 10,000 people who used free Wi-Fi at UK railway stations have been exposed online. Network Rail and the service provider, C3UK, confirmed the incident three days after being contacted by BBC News about the matter.

A security researcher discovered the database online, containing 146 million records, including personal contact details and dates of birth. C3UK said it had secured the exposed database - a backup copy that included about 10,000 email addresses - as soon as it had been drawn to their attention by researcher Jeremiah Fowler, from Security Discovery.

Network Rail says its data protection team will contact the ICO, and that it has "strongly suggested" to C3UK that it should consider reporting the vulnerability.

PowerShell 7.0 Released by Microsoft

Now available is the latest update to PowerShell, a cross-platform (Windows, Linux, and macOS) automation tool and configuration framework optimized for dealing with structured data (e.g., JSON, CSV, XML, etc.), REST APIs, and object models. What are the updates? Here are a few:

Out-Gridview, Show-Command, and Get-Help -ShowWindow Are Back

The PowerShell team has brought back some of the popular graphical tools and cmdlets, such as Out-Gridview, Show-Command, and Get-Help -ShowWindow.

ForEach-Object -Parallel

By adding the -Parallel parameter to the ForEach-Object cmdlet, you can execute a scriptblock in parallel, similar to the option that was available with PSWorkflow.

Import Windows PowerShell Modules

In PowerShell 7, the PowerShell team have added the ability to import a Windows PowerShell module directly using Import-Module and -UseWindowsPowerShell, without the need for WinRM. Windows PowerShell 5.1 will still need to be on the machine.

Clipboard Cmdlets

Get-Clipboard and Set-Clipboard can be used on Windows, Linux, and macOS. Right now, only text is supported, and, on Linux, xclip is needed.

All in all, PowerShell 7 contains many great new features, and some that have been added back in, for professionals to use. Be sure to check them all out.

That's a Wrap

That's the week in summary. I hope this overview has been helpful. MSP360 is your resource for MSP news. Check back next week for more highlights.