MSPs Archives

Winsage

May 21, 2026

Microsoft Defender Zero-Day Vulnerabilities RedSun and UnDefend Actively Exploited on Windows 10, 11, and Server (April 2026 CVE Analysis)

In April 2026, two zero-day vulnerabilities, RedSun and UnDefend, were discovered in Microsoft Defender, affecting Windows 10, Windows 11, and Windows Server platforms. These vulnerabilities allow attackers to escalate privileges to SYSTEM and bypass Defender’s protections. RedSun exploits a flaw in Defender's remediation process, enabling low-privileged users to overwrite critical system files. UnDefend allows attackers to disrupt Defender’s updates, keeping it outdated and ineffective. Both vulnerabilities are actively being exploited, with attackers leveraging them to gain persistent access and deploy ransomware. The primary targets are organizations using Windows systems with Defender enabled, particularly in sectors like finance, healthcare, and government. Mitigation strategies include applying updates for related vulnerabilities, monitoring for suspicious activities, and implementing additional security measures.

Winsage

March 2, 2026

NTLM is going away: what Microsoft’s phaseout means for MSPs and IT teams

The migration from NTLM to Kerberos authentication is essential for improving security in Windows systems, but it faces challenges such as legacy systems and hardcoded authentication. Organizations must identify NTLM usage, conduct testing with NTLM disabled, and make necessary adjustments or upgrades to migrate successfully. Ongoing monitoring is crucial post-migration to prevent NTLM from re-entering the network. NTLM is associated with significant security vulnerabilities and has been exploited by various threat groups, making its elimination a priority for organizations despite potential hesitations to invest in the migration process. Transitioning to Kerberos is seen as a strategic security investment.

Tech Optimizer

December 12, 2025

The digital impersonators: How cybercriminals hijack your brand to launch malvertising attacks

Brand trust is highly valued by consumers, leading cybercriminals to exploit it through malvertising, which embeds malicious code in legitimate ads. Malvertising can redirect users to phishing sites or download malware. Cybercriminals create fake ads that mimic trusted brands, targeting high-traffic moments and using real-time bidding to distribute these ads on reputable sites. The process involves setting up fake accounts, creating convincing ads, purchasing ad space, and delivering malware through exploit kits. The consequences include identity theft and financial loss for consumers, and reputational damage for brands. To protect against these threats, organizations should implement regular software updates, continuous employee training, protective tools, and consider partnering with managed service providers for enhanced security measures.

Tech Optimizer

October 17, 2025

Bitdefender Antivirus Review for Businesses & MSPs

Bitdefender has been operating since 2001 and is recognized for its antivirus solutions for individual users, small businesses, and large enterprises. It offers various plans, including a free version for consumers and multiple options under its GravityZone line for businesses and managed service providers (MSPs). The pros of Bitdefender include reliable threat detection, strong performance in independent tests, an easy-to-use interface, low system resource impact, seamless setup, and the availability of free antivirus software. The cons include scalability limitations based on the initial plan chosen. For consumers, Bitdefender offers two subscription tiers: Bitdefender Free and Bitdefender Antivirus Plus, priced at free and .99 for the first year, respectively. The business plans include GravityZone Small Business Security, GravityZone Business Security Premium, and Secure (EDR), with prices starting at .49 for one year. Bitdefender’s business solutions received accolades from AV-TEST in April 2025, detecting 100% of widespread malware and zero false positives. AV-Comparatives awarded it the Approved Enterprise & Business Security Product Award in 2024. Key features of Bitdefender’s business solutions include multilayered defenses against various threats, centralized dashboards for visibility, built-in device controls, and advanced capabilities in higher-tier plans. The GravityZone platform offers tailored solutions for MSPs, including Secure (EDR), Secure Plus (MDR), and Secure Extra (MXDR). Bitdefender’s Risk Analytics capabilities assist MSPs in identifying vulnerabilities and automating compliance reporting. User feedback from third-party forums highlights its effectiveness, high detection rates, affordability, and strong real-time threat prevention. In June 2025, Bitdefender acquired Mesh Security to enhance its XDR and MDR offerings against email threats.