Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS); managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Cybersecurity Partnership: Lookout, a data-centric cloud security company, has announced the availability of Lookout Mobile Endpoint Security to CrowdStrike channel partners and customers via the CrowdStrike Marketplace. As part of CrowdStrike’s ecosystem of compatible solutions from trusted partners, Lookout will be the first mobile threat defense solution in the CrowdStrike Marketplace, the company said.
2. Cyber Center Launches: GHD Digital, a global digital transformation business, has launched its Cyber Critical Infrastructure and Risk Center of Excellence (CoE). The center designed to protect organizations, their critical systems and sensitive information from the growing threat of cyberattacks.
3. Security Training Partnership: MITRE Engenuity, MITRE’s tech foundation for public good, has teamed with startup MAD20 Technologies to transfer management and scaling of MITRE ATT&CK Defender (MAD), the cybersecurity community’s MITRE ATT&CK training and credentialing program. Offering video-based training, testing and credentialing, MAD helps to close the persistent cybersecurity skill gap, teaching how best to use MITRE ATT&CK to gain the advantage over adversaries.
4. Security Partnership: Elevate Security has announced an out-of-the-box integration with the SailPoint Identity Security Platform. By embedding Elevate Security’s user risk intelligence into SailPoint identity and access governance workstreams, defenders enable smarter access decision-making, strengthen defense of valuable assets against attacks on high-risk users, and increase the maturity of identity capabilities, the company said.
5. Contract Management Solution for MSPs: Quoter, a quote-to-cash platform, has brought to market a contract management solution designed exclusively for managed service providers (MSPs). This latest addition to Quoter's platform will redefine how MSPs create, execute and manage contracts and renewals for clients, the company said.
6. CISA, NSA Release Identity Security Guidance: The Cyber Security & Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published Identity and Access Management: Developer and Vendor Challenges. The publication specifically addresses technology gaps that limit the adoption and secure employment of multifactor authentication (MFA) and single sign-on (SSO) technologies within organizations.
7. Malware Alert: The threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that "the law enforcement operation may not have impacted Qakbot operators' spam delivery infrastructure but rather only their command-and-control (C2) servers," Cisco Talos researcher Guilherme Venere said in a new report. (Source: The Hacker News)
8. Sony Suffers Cyberattack: Sony Interactive Entertainment has notified current and former employees and their family members about a cybersecurity breach that exposed personal information. The company sent the data breach notification to about 6,800 individuals, confirming that the intrusion occurred after an unauthorized party exploited a zero day vulnerability in the MOVEit transfer platform. (Source: Bleeping Computer)
