Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. Gurucul and Zimperium Honors: Gurucul has been named Most Innovative Security Company in Artificial Intelligence (AI) by the 19th Annual 2023 Globee Cybersecurity Awards. Also, Zimperium was named as Gold winner in Enterprise Mobile Threat Defense and Management and a Silver winner in Mobile Application Security. The awards recognize cybersecurity companies and professionals for their innovative approaches and effective solutions in ensuring security in the digital age.
2. CISO Program Launched: CISOs Connect, an invitation-only membership community dedicated to the professional advancement of chief information security officers (CISOs)across the globe, launched its CISO in Residence program. Dr. Kevin McKenzie, an industry-recognized leader in information technology and security, will inaugurate the role.
4. Cybersecurity Partnership: Resecurity, a U.S. cybersecurity and intelligence company, is partnering with Crestan to expand Resecurity's AI-driven cybersecurity solutions and threat intelligence services in the Middle East and North Africa.
5. Federal Courts Target Cybersecurity: The federal judiciary is preparing to hire a chief information officer, a position Congress's watchdog agency said will bring much-needed oversight to its tech projects. A July 2022 report by the Government Accountability Office, a non-partisan congressional watchdog, that found insufficient oversight had hampered some of the judiciary's biggest tech projects and caused gaps in its IT workforce's cybersecurity skills. (Source: Reuters)
6. Malware Alert: The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads, including Vidar Stealer and Ursnif. According to cybersecurity company eSentire, the malicious ads are used to spoof a wide range of legitimate apps and services, such as Adobe, OpenAPI's ChatGPT, Spotify, Tableau and Zoom. BATLOADER is a loader that's responsible for distributing next-stage malware such as information stealers, banking malware, Cobalt Strike, and even ransomware. (Source: The Hacker News)
7. Ransomware Incident: The Clop ransomware gang has begun extorting companiesswhose data was stolen using a zero day vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution. In February, the GoAnywhere MFT file transfer solution developers warned customers that a zero day remote code execution vulnerability was being exploited on exposed administrative consoles. GoAnywhere is a secure web file transfer solution that allows companies to securely transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files. (Source: Bleeping Computer)
8. Industry Recognition: Iron Bow Technologies has become a Palo Alto Networks NextWave Diamond Innovator. Iron Bow joins a select group of channel partners who have met the Diamond Innovator performance, capabilities, and business requirements of the Palo Alto Networks NextWave Channel Partner Program.