Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. CISA Advisory Over China Cyber Actors: The Cybersecurity and Infrastructure Security Agency (CISA), along with other national and international agencies, have issued a Joint Cybersecurity Advisory that shares technical details regarding malicious activity by a People’s Republic of China (PRC) state-sponsored cyber actor. The advisory provides the cybersecurity community and critical infrastructure organizations with new insights into the specific tactics, techniques and procedures used by PRC cyber actors to gain and maintain persistent access into critical infrastructure networks.
2. U.S. City Reports Cyberattack: The city of Augusta, Georgia has confirmed that its recent IT system outage was caused by unauthorized access to its network. The administration has not disclosed the nature of the cyberattack, but the BlackByte ransomware gang has published the City of Augusta as one of its victims. (Source: Bleeping Computer)
3. Funding Boost: Sekoia.io, the European cybertech company that develops the Sekoia.io XDR platform for real-time detection of cyberattacks, has raised €35M from Banque des Territoires, European investor Bright Pixel (former Sonae IM) and its historical investors Omnes Capital, Seventure and BNP Paribas Développement. The fundraising follows a previous round of €10M in 2020, the company said.
4. Industry Award: Salt Security, an API security company, has been named a winner at the National Technology Awards in London this week. The company took home the trophy for Cybersecurity Solution of the Year, highlighting the impact application programming interfaces (APIs) are having as the digital economy evolves, driving the need to protect APIs from misuse and attackers.
5. Italy Reports Cyberattack: The Italian Industry Ministry's web portal and applications were hit by a "heavy cyberattack" on Friday and were out of order. Technicians were working to "mitigate the consequences" of the attack, it wrote in a statement, adding that initial checks showed no evidence of data theft. (Source: Reuters)
6. Cybersecurity Partnership: CISO Global, a cybersecurity and compliance specialist, and Halcyon, a cyber resilience platform provider, have joined forces to better enable enterprises to ward off ransomware and extortion attacks, the companies announced. They will now offer each other's services to deliver integrated offerings to defeat ransomware and address other pressing cybersecurity concerns, such as malware and phishing.
7. Security Integration: Circle Security has formed a new integration with Ping Identity, leveraging PingOne DaVinci, a no-code identity orchestration service. The partnership will enable zero trust, credential-free authentication, end user privacy and data security and frictionless user experience, the companies said.
8. Malware Alert: Mandiant security researchers have discovered a new malware called CosmicEnergy, designed to disrupt industrial systems and linked to Russian cybersecurity outfit Rostelecom-Solar (formerly Solar Security). The malware specifically targets IEC-104-compliant remote terminal units (RTUs) commonly used in electric transmission and distribution operations across Europe, the Middle East, and Asia. (Source: Bleeping Computer)
9. Product Launch: Kaspersky has brought to market a new edition of its endpoint security product containing enterprise-level capabilities for small and medium-sized business. Kaspersky Endpoint Security Cloud Pro includes new features such as root-cause analysis, cloud discovery and blocking, data discovery and integrated cybersecurity training for IT administrators. The cloud-based solution offers diverse functionality making it easy to use and enables companies to protect their business with no additional capital investments, the company said.