Content, Generative AI, Breach, Channel partners, Malware, MSSP, Channel partner programs, Phishing, Ransomware

Managed Security Services Provider (MSSP) Market News: 30 June 2023

Alert icon isolated on Abstract design bright red banner background

Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

  • The Content: Written for MSSPs and MSPs; threat hunters security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
  • Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
  • Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. MSSP Partnership: L&T Technology Services has partnered with Palo Alto Networks to provide clients with security services and solutions in 5G and Operations Technology (OT) areas. Under the agreement, LTTS will become a Palo Alto Networks MSSP, delivering a suite of security services to end customers in industrial verticals.

2. Industry Recognition: (ISC)², the world's largest nonprofit association of certified cybersecurity professionals, announced that it's Certified in Cybersecurity (CC) certification has won the Best Professional Training or Certification Program award at the 2023 SC Awards Europe. The award win was confirmed as part of the SC Awards Europe ceremony in London on June 20.

3. Funding Boost: Nokod Security, a company developing security for low-code/no-code custom applications and robotic process automation (RPA), has received an $8 million seed round. The funding will be used to establish a presence in the United States market, as well as to expand the R&D teams and support novel research of security vulnerabilities in the low-code/no-code domain. Funds were raised from Acrew Capital, Meron Capital and Flint Capital,

4. Data Breach: Community Research Foundation (CRF) experienced a data security incident that may have involved personal and protected health information belonging to individuals who sought medical services through various medical and/or social service programs that CRF supports. CRF has sent notification of this incident by way of the United States Postal Service to potentially impacted individuals and provided resources to assist them, according to a prepared statement.

5. Product Release: SuperCom, a global provider of secure solutions for the e-Government, IoT, and cybersecurity sectors, announced today the integration of cutting-edge artificial intelligence (AI) capabilities into its PureSecurity electronic monitoring platform. The new AI capabilities will help customers to achieve higher levels of efficiency and effectiveness through new real-time data insights and enhanced decision-making processes, according to the company.

6. Hacker Alert: The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in phishing attacks. "Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from the command-and-control (C2) server," Kaspersky said in a new report. Also called Silent Chollima and Stonefly, Andariel is associated with North Korea's Lab 110, a primary hacking unit that also houses APT38 (aka BlueNoroff) and other subordinate elements collectively tracked under the umbrella name Lazarus Group. (Source: The Hacker News)

7. Malware Alert: Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift as it incorporates the malicious components directly within the Flutter code," Fortinet FortiGuard Labs researcher Axelle Apvrille said in a recent report. (Source: The Hacker News)

8. Hacking Suspect Arrested: A notable Russian cybersecurity expert was detained in Kazakhstan last week at the request of the U.S., prompted authorities in Moscow on Wednesday to also seek his extradition. Although the details and reasoning for the arrest are unclear, Nikita Kislitsin was charged with selling usernames and passwords belonging to American customers of the social media company Formspring in 2012. Kislitsin worked as the head of network security at Group-IB, as well as its Russia-based spinoff company known as F.A.C.C.T. after Group-IB exited the country earlier this year. (Source: The Record)

Annual In-Person MSSP and Cybersecurity Conferences

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.