Managed Security Services Provider (MSSP) News: 13 December 2021
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe.Panettieri@CyberRiskAlliance.com.
A. Today’s MSSP, MDR, XDR and Cybersecurity News Alerts
1. Log4J Vulnerability Details for MSPs and MSSPs: Our coverage of the worldwide Log4J software vulnerability includes:
- Log4J and Log4Shell statements from MSP software and technology companies such as Datto, N-able and Pax8.
- Log4J vulnerability mitigation guidance from cybersecurity companies such Blackpoint Cyber, Cybereason, Huntress, Qualys and more.
- Log4J vulnerability guidance from the CISA (Cybersecurity and Infrastructure Security Agency).
2. MDR and Ransomware Defenses: TorchLight has launched MDR-Complete, which combines its managed detection and response (MDR) services with ransomware defense capabilities. MDR-Complete is the first solution to provide threat intelligence and research, endpoint detection and response, perimeter telemetry and incident management and response.
3. International Cyberattack Simulation: Israel on December 9 led a 10-country simulation of a major cyberattack on the global financial system in an attempt to increase cooperation that could help to minimize any potential damage to financial markets and banks, Reuters said.
4. Partnership – Cyber Incident Response Services: CrowdStrike has joined MOXFIVE’s Partner Ecosystem. The result: MOXFIVE clients and legal counterparts can more efficiently procure CrowdStrike’s Incident Response (IR) services and the CrowdStrike Falcon platform through MOXFIVE, the companies said.
5. Partnership – SASE and Risk Management: iboss has joined the ForgeRock Trust Network, a technology ecosystem of over 130 partners in authentication, risk and fraud management, biometrics and more. The iboss Cloud Platform integrates with ForgeRock Identity Cloud and the ForgeRock Identity platform to “enable employees to securely connect to any application on any device while working from anywhere,” the companies said.
6. Recent Cyberattacks and Recoveries: Updates on multiple cyberattacks…
- Hellmann Data Center Cyberattack Recovery: Details from Hellmann are here.
- Volvo Cyberattack: Details are here from AutoEvolution.
- Brazil Health Ministry Cyberattack: Brazil’s health ministry said its website was hit on December 10 by a hacker attack that took several systems down, including one with information about the national immunization program and another used to issue digital vaccination certificates, Reuters reported.
7. Mobile Vulnerabilities: Kryptowire has identified an AutoSLT application security vulnerability in mobile devices sold by Orange. Kryptowire and Orange are working together to audit the security devices and mitigate associated risks.