Managed Security Services Provider (MSSP) News: 30 December 2021
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe.Panettieri@CyberRiskAlliance.com.
A. Today’s MSSP, MDR, XDR and Cybersecurity News Alerts
1. Big MSSP and MDR Merger: Herjavec Group and Fishtech Group are merging, Robert Herjavec and Gary Fish disclosed.
2. MSSP M&A List: Here’s our updated look at 85 MSSP mergers and acquisitions…
4. Log4j Exploit?: Aquatic Panda, a China-based hacker group, has attempted to infiltrate an academic institution through the Log4j vulnerability, CrowdStrike reported. The bug involved VMware’s software, according to SC Media.
5. Log4j and Crypto Trading: One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyberattack on its payment system running a vulnerable Log4j version, Bleeping Computer reported. Threat actors approached ONUS to extort a $5 million sum and threatened to publish customer data should ONUS refuse to comply, the report said.
6. Microsoft Fixes False Log4j Positives: Microsoft Defender for Endpoint suffered some Log4j false positive reports, but Microsoft has updated the security software to correct the issue, VentureBeat reported.