Free Trial
Products Products
MSP360 Backup Backup and Recovery
MSP360 Backup Backup and Recovery
Overview
back up DATA FROM
Windows VMware/Hyper-V MacOS Microsoft 365 Linux Google Workspace
BACK UP DATA TO
AWS Google Wasabi Azure B2 Local
MSP360 RMM IT Management MSP360 Connect included
MSP360 RMM IT Management
Overview
MONITOR AND MANAGE
Windows macOS Linux
Prevent cyber threats
Endpoint threat prevention and protection (powered by Deep Instinct)
MSP360 Connect Remote Access
MSP360 Connect Remote Access
Overview
Connect FROM
Windows Android MacOS iOS
Connect TO
Windows MacOS
Pricing
Pricing Pricing
MSPs Internal IT
Solutions Solutions
Business type
Industries
MSP IT Departments Small Busness
Healthcare Education
Business type
MSP IT Departments Small Busness
INDUSTRIES
Healthcare Education
use cases
ENDPOINT PROTECTION
Ransomware Protection Endpoint Threatbr
Prevention and Protection
powered by Deep Instinct
Remote Access
Web-Based Remote Access Remote Support Remote Access Remote Work Remote Collaboration
IT Management
Patch Management Monitoring and Alerting Remote Device Management SNMP Monitoring
Backup and Recovery
Server Backup Backup for Windows Backup to AWS Desktop Backup Backup for MacOS Backup to Wasabi File Backup Backup for Linux Backup to B2 Image-Based Backup Backup for VMware/Hyper-V Backup to Azure SQL Server Backup Backup for Google Workspace (GSuite) Backup to Google Cloud Synology NAS Backup Backup for Microsoft 365 (O365) Back Up Locally Recovery
Not sure if MSP360 is for you?
Request a Call
Resources Resources
MSP University Blog Whitepapers and Assets Videos Webinars Events Customer Stories Forum
Support Support
US-Based Support My Cases Open a Case Knowledge Base Online Help
Partners Partners
technology partners
AWS Wasabi Backblaze Google Cloud Microsoft Azure Deep Instinct
Partners
Resellers Distributors Become a Partner
ALLIANCE PARTNERS
Leet Cyber Security
Company Company
About Legal Information Events Careers Leadership Team Contact Us Trust Center
Blog Articles
Read MSP360’s latest news and expert articles about MSP business and technology
News header

News You Might’ve Missed. 21 – 25 Sep

News You Might’ve Missed. 21 – 25 Sep

What's new this week in the news for MSPs?

Microsoft extends Azure Arc's hybrid cloud abilities; Google adds Anaplan's business planning tools to its cloud offerings; US DHS Cybersecurity and Infrastructure Agency issues warning on LokiBot malware; IPG Photonics Corp. hit by ransomware attack; and QNAP NAS devices target of AgeLocker ransomware attacks. Let's see what it's all about.

Microsoft Extends Azure Arc's Hybrid Cloud Abilities

According to Microsoft Corp., it is extending the hybrid cloud abilities of its Azure cloud platform. They made the comments at their Ignite 2020 virtual conference. The new services will simplify running applications and workloads in any environment, multiple clouds, across on-premises data centers, and the network edge.

They also announced a new communications service built on top of Azure that will allow developers to add unified communications abilities, such as chat, video call, and SMS text, to their apps.

Google Adds Anaplan's Business Planning Tools to Its Cloud Offerings

Google is teaming up with Anaplan in a partnership that aims to help its clients benefit from its unique cloud abilities.

Presently, Anaplan sells an enterprise platform used for business planning and marketed under the same name. Centered on an in-memory database and calculation engine called HyperBlock, its platform allows clients to organize and analyze disparate data sets. These sets span various business operations, such as human resources, finance, and sales, among others.

Its Excel-style functionality is considered a primary advantage of Anaplan's platform. It helps make it more accessible to ordinary business workers. Several modules are included in the software that help it to make data-driven decisions in specific categories, such as demand, quota and workforce planning, budgeting, planning and forecasting, commission calculation, financial consolidation, and profitability modeling.

According to Google, Anaplan stands to gain better performance and more scalability, and benefit from a more secure infrastructure by running its platform on Google Cloud. Additionally, the partnership allows Anaplan to extend its global reach.

US DHS Cybersecurity and Infrastructure Agency Issues Warning on LokiBot Malware

The US Department of Homeland Security's Cybersecurity and Infrastructure Agency issued an advisory on the increased spread of the LokiBot malware, which was developed to steal confidential information.

  New call-to-action

LokiBot was discovered in 2016, but there has been a massive increase in detections of the malware since July of this year, and this has the authorities concerned. Furthermore, various forms of LokiBot for Android and Windows have been offered as open source on the dark web. These were spotted by CISA's automated intrusion detection system known as “Einstein”.

"Throughout this period, CISA's EINSTEIN Intrusion Detection System, which protects federal, civilian executive branch networks, has detected persistent malicious LokiBot activity," CISA said in the advisory.

The trojan functionality found across various versions of LokiBot is designed to steal sensitive information such as passwords, usernames, cryptocurrency wallets, and other credentials. Other functionality can include a keylogger to monitor desktop and browser activity. LokiBot can also make a back door that allows cyberattackers to install other payloads.

CISA is advising government agencies and departments and those in the private sector to apply the best cybersecurity practices to strengthen their security postures.

IPG Photonics Corp. Hit by Ransomware Attack

The cyberattack on IPG Phototonics Corp. involved the RansomExx strain of ransomware, which is sometimes also dubbed Ransom X and was first reported by BleepingComputer.

RansomExx was initially detected in July, when Konica Minolta Inc., a Japanese technology company, was attacked. It is believed that RansomExx is a newer strain of a previous form of ransomware known as Defray777.

The ransom demand against IPG Photonics, like the Konica Minolta attack, included a message that stated that law enforcement should not be contacted because ransom payments could be blocked. Some suspect that the cybercriminals behind RansomExx and Defray777 are Russian state-sponsored hackers. Nevertheless, the motivation seems to be financial.

"The ransomware attack against IPG Photonics highlights a concerning trend," according to Andrea Carcano, co-founder of operational technology and "Internet of Things" security company Nozomi Networks Inc. "Attackers are demanding higher ransoms and targeting larger and more critical organizations. These threats should be a serious concern for security professionals responsible for keeping not only IT but OT and IoT networks safe."

Poster Pack
MSP's Ransomware Awareness Poster Pack

4 white-label posters to help you educate your end-users on how not to get hit by ransomware.

New call-to-action

QNAP NAS Devices Target of AgeLocker Ransomware Attacks

AgeLocker ransomware is targeting QNAP NAS devices. The malware encrypts the device's data, and it will remove files from the victim in some cases. AgeLocker is ransomware that utilizes an encryption algorithm called Age (Actually Good Encryption), designed to replace GPG for encrypting files, backups, and streams. AgeLocker, or some other ransomware that uses identical encryption, has been publicly targeting exposed QNAP NAS devices since August 2020 and encrypting their files.

Michael Gillespie has confirmed that AgeLocker activity has picked up from the end of August, and continues to attack QNAP devices everywhere.

The ransomware leaves a ransom note titled “HOW_TO_RESTORE_FILES.txt” when it encrypts files. The message tells the victim that their QNAP device was explicitly targeted in the attack.

QNAP has provided the following steps to make sure you are running the latest firmware, and that vulnerabilities are patched:

  • Log on to QTS as an administrator.
  • Go to Control Panel > System > Firmware Update.
  • Under “Live Update”, click “Check for Update”.
  • QTS downloads and installs the latest available update.

QNAP also suggests that users update the Photo Station software with the following steps:

  • Log on to QTS as an administrator.
  • Open the App Center, and then click the search icon. A search box will appear.
  • Type "Photo Station," and then press enter. The Photo Station application appears in the search results list.
  • Click “Update”. A confirmation message appears.
  • Note: The “Update” button is not available if you are using the latest version.
  • Click “OK”.
  • The application is updated.

All QNAP owners should go through the following checklist to further secure their NAS and check for malware:

  • Change all passwords for all accounts on the device
  • Remove unknown user accounts from the device
  • Make sure the device firmware is up-to-date, and all of the applications are also updated
  • Remove unknown or unused applications from the device
  • Install the QNAP MalwareRemover application via the App Center functionality
  • Set an access control list for the device (Control panel -> Security -> Security level)

Learn about ransomware protection strategies and get tips on how to protect your and your customers' businesses in this guide:

Further reading How to Protect Against Ransomware

That's a Wrap for News You Might've Missed

I hope this update has been helpful. MSP360 is your resource for MSP news. Stay home, stay safe and healthy, and remember to check back every week for more highlights.

WP icon

New call-to-action
The MSP’s Response Guide to a Ransomware Attack

Read our free guide to learn about:

  • Common MSP vulnerabilities;
  • How to prepare for a ransomware attack to keep your clients safe;
  • Which actions response to a ransomware attack should involve;
  • How to manage clients while handling an attack.