Managed Security Services Provider (MSSP) Market News: 10 April 2023
Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Cyberattack Fears: Americans now see a cyberattack as the greatest threat facing the country, suggesting that cyber fears have outflanked concern over climate change, immigration, terrorism or nuclear weapons. The national obsession with computer-on-computer attacks, documented in a 2023 Gallup poll and a 2022 Pew Research survey, comes at a time when cyberattacks seem to be everywhere and nowhere. (Source: The Hill)
2. Industry Recognition: Bluefin, a company specializing in encryption and tokenization technologies that protect payments and sensitive data, has won the gold award in the 2023 Cybersecurity Excellence Awards for its ShieldConex tokenization platform.
3. Cybersecurity Company Under Scrutiny: The U.S. Department of Commerce is weighing an enforcement action against Russian cybersecurity company Kaspersky Lab. The Biden administration is looking at an enforcement action against the company under its online security rules, the report said. The administration ramped up its national security probe into Kaspersky Lab’s antivirus software last year as fears grew about Russian cyberattacks after Russia invaded Ukraine. (Source: Reuters)
4. Cyberattack Reported: Taiwanese PC company MSI (Micro-Star International) confirmed it was the victim of a cyberattack on its systems. The company said it “promptly” initiated incident response and recovery measures after detecting “network anomalies.” It also said it alerted law enforcement agencies of the matter. MSI did not disclose any specifics about when the attack took place and if it entailed the exfiltration of any proprietary information, including source code. (Source: The Hacker News)
5. New Cybercrime Outfit Identified: A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and public authorities. The actor emerged on Telegram in late 2021 and has been associated with the RansomHouse ransomware operation and the data leak platform, KelvinSecurity, and the network access group Adrastea. (Source: Bleeping Computer)
6. Iran Hacking Group Warning: The Iranian nation-state group known as MuddyWater has been observed carrying out cyberattacks on hybrid environments under the guise of a ransomware operation. That’s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed DEV-1084. (Source: The Hacker News)
7: Phishing Scam: A new YouTube phishing campaign is making rounds in the wild, urging users to read and accept so-called changes in YouTube’s rules and policies. YouTube has published a warning, stating that several users have raised complaints about this ongoing phishing campaign. (Source: Cyware)
8: Leadership Move: Orca Security has appointed James Love as president of field operations. Love will be responsible for all revenue-generating activities including global sales, customer success and channel partner teams, to support the company’s cloud-native application protection platform (CNAPP). Under Love’s leadership, Orca Security will implement a 100% channel-led go-to-market strategy.
9: Industry Recognition: IONIX has won the Best Attack Surface Management (ASM) solution award in the 2023 Cybersecurity Excellence Awards program for its Attack Surface Management (ASM) platform, powered by IONIX Connective Intelligence technology.
10. FBI Issues Advisory: The FBI warns consumers against using free public charging stations, saying crooks have managed to hijack public chargers that can infect devices with malware or software that can give hackers access to your phone, tablet or computer. “Avoid using free charging stations in airports, hotels or shopping centers,” a tweet from the FBI’s Denver field office said. “Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead.” (Source: CNBC)
B. Annual In-Person MSSP and Cybersecurity Conferences
- The Official Cyber Security Summit Series (Multiple dates and locations)
- RSA Conference 2023 (April 24-27, San Francisco, California)
- Identiverse 2023 (May 30 – June 2, Las Vegas, Nevada)
- Infosec World (September 25-27, Lake Buena Vista, Florida)