Managed Security Services Provider (MSSP) Market News: 24 June 2022
by Joe Panettieri • Jun 24, 2022
Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR), threat hunters and MSP security providers — and those who need to partner with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Editorial Director Joe.Panettieri@CyberRiskAlliance.com. Thank you in advance for news tips.
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. Partner Program – Zero Trust: A new Cloudflare One Partner Program has launched to assist partners with Zero Trust, Network as a Service and Cloud Email Security offerings.
3. Distribution: Ingram Micro has launched a Cybersecurity Practice Builder program to help VARs and MSPs to build MSSP expertise.
4. VMware Horizon Cyberattacks Continue: Hackers — including state-sponsored advanced persistent threat (APT) actors — have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches, the CISA warned.
5. Smartphones Hacked: A spyware vendor known as RCS Labs targeted Apple iOS and Google Android users in Italy and Kazakhstan, Google reported.
6. China-Based Threat Actors: A group known as BRONZE STARLIGHT has been exploiting vulnerabilities in network perimeter devices, including known vulnerabilities for which patches are available, Secureworks reports. The threat actors deploy HUI Loader to decrypt and execute a Cobalt Strike Beacon for command and control. They then deploy ransomware and exfiltrate sensitive data from the victim’s environment, Secureworks warned.
7. HIPAA Breach Settlement: University of Pittsburgh Medical Center has agreed to settle a class action data breach lawsuit and will make $450,000 available to cover claims from individuals who have suffered losses due to the theft and misuse of their protected health information, HIPAA Journal reported.
8. Oracle Vulnerability: A critical Oracle Fusion Middleware vulnerability, that sat unpatched for six months after disclosure, exposed companies including Starbucks, Best Buy and Dell to potential pre-auth RCE attacks, The Stack reported.
9. Ransomware Attack Costs vs. Schools: CompariTech reported.attacks cost U.S. schools and colleges more than $3.5 billion in downtime during 2021,
10. VMware Horizon Cyberattacks Continue: Hackers — including state-sponsored advanced persistent threat (APT) actors — have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches, the CISA warned.
11. Executive Leadership – Attack Surface Management: Censys has appointed Matthew Hurley as chief revenue officer, and Bob Dickinson as chief technology officer.
12. Compliance – Audit Trail Software: Datadog Audit Trail is now available. Together with Datadog Sensitive Data Scanner and role-based access control (RBAC), Datadog Audit Trail “helps businesses build a more complete compliance strategy for their observability data by mitigating the risk of significant data breaches, unauthorized user access and unintended configuration changes,” the company said.
13. U.S. Legislation – Online Privacy: A U.S. House of Representatives panel passed a bipartisan online privacy bill on that aims to limit the collection of personal data, though doubts remain as to whether it will become law, Reuters reported. The bill would require companies like Alphabet’sGoogle and Meta’s Facebook, along with a long list of others, to only collect personal data that is necessary to provide services. Sensitive information like Social Security numbers would get even more protection, Reuters noted.
B. MSSP, MDR and Cybersecurity Virtual Events and Conference Calendar
- CyberArk Impact 2022 (July 12-14, Boston, Massachusetts)
- AWS re:Inforce (July 26-27, Boston, Massachusetts)
- Black Hat USA (August 6-11, Las Vegas)
- Defcon 30 (August 11-14, Las Vegas)
- Blue Team Con 2022 (August 27-28, Chicago)
- Join Us: MSSP Alert Live (September 19-21, Washington, D.C.)
- Bonus: MSSP Alert’s complete event calendar