Managed Security Services Provider (MSSP) Market News: 28 April 2023

Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. Leadership Move: Outpost24, a cyber risk management provider, has appointed Brendan Hogan as chief strategy officer. Hogan is responsible for spearheading M&A strategy, corporate development and alliance strategy for the company.

2. Cybersecurity Partnership: AppOmni has partnered with Ignition Technology, to extend its presence in the Nordics, Baltics and Benelux regions. The collaboration will offer AppOmni and Ignition Technology customers access to a number of MSSPs, MSPs and value-added resellers, as well as local language support and technical expertise.

3. Dark Web Book Release: Searchlight Cyber, a dark web intelligence company, has released "The Practitioner’s Guide To The Dark Web," a book that dives into the dark web and uncovers exclusive threat insights hidden across 850,000 dark web forums, chats and websites. Searchlight Cyber has also launched The Dark Web Hub.

4. Cyber Collaboration: Pindrop, a provider of voice security and authentication solutions, announced a strategic partnership with NTT DATA, a global digital business and IT services company, to bring next-generation voice fraud detection and authentication technology to the Japanese market.

5. Industry Recognition: Lighthouse has won the Diversity in Security award in the Microsoft Security Excellence Awards 2023. The company’s achievements have helped it rise to the top of the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and MSSPs that have integrated their security products and services with Microsoft’s security technology, Lighthouse stated.

6. Hacker Alert: A Chinese APT hacking group known as Evasive Panda is linked to a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app. Evasive Panda is a cyberespionage group active since at least 2012 that has previously targeted organizations and individuals in mainland China, Hong Kong, Macao, Nigeria and various countries in Asia. (Source: Bleeping Computer)

7: Malware Group Active: South Korean education, construction, diplomatic and political institutions are receiving new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. Active since at least 2009, Tonto Team has a track record of targeting various sectors across Asia and Eastern Europe. Earlier this year, the group was attributed to an unsuccessful phishing attack on cybersecurity company Group-IB. (Source: The Hacker News)

8. Ransomware Alert: RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on VMware ESXi servers. The RTM (Read The Manual) cybercrime gang has been active in financial fraud since at least 2015, known for distributing a custom banking trojan used to steal money from victims. This month, Trellix reported that RTM Locker had launched a new ransomware-as-a-service operation and had begun to recruit affiliates, including those from the former Conti cybercrime syndicate. (Source: Bleeping Computer)

9. UN Cybercrime Treaty Update: The first draft of the UN Cybercrime Treaty will be released in June 28 after years of debate and concern over what the document might cover. The UN General Assembly voted in December 2019 to begin negotiating a treaty centered around cybercrime after Russia took issue with a previous agreement, the Budapest Convention, and demanded something new to address the issue. Jane Lee, senior counsel for computer crime and intellectual property at the U.S. Justice Department, made the announcement at the RSA Conference this week. (Source: The Record)

B. Annual In-Person MSSP and Cybersecurity Conferences