Managed Security Services Provider (MSSP) Market News: 9 January 2024

Each business day MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. Product Launch: Deepwatch, a managed security platform provider, has launched Threat Signal, its standalone forensic-focused operations service. Deepwatch said Threat Signal enhances cybersecurity defenses and proactively identifies and helps mitigate attack vectors.

2. New Vulnerability Discovered: In a new research blog, Trustwave SpiderLabs has discovered a new vulnerability in the Kyocera Device Manager, a widely used device management tool for simplifying the upkeep of large printer fleets in mid- to large-sized enterprises. The vulnerability allows attackers to coerce authentication attempts to capture or relay Active Directory-hashed credentials and potentially gain unauthorized access to clients’ accounts, steal data or carry out other malicious activities on devices.

3. AI Security Release: Next DLP, a specialist in insider risk and data protection, has released XTND AI, an AI-powered assistant that enabling every member of the security team to contribute to the business at a higher level. XTND is a third layer in the Reveal Platform's already extensive detection and response capabilities.

4. Credit Card Security Protection: NordPass has updated its data breach scanner that monitors emails and credit cards for breaches. The updated feature checks various databases for leaked information, matching it with clients’ data stored in NordPass. When the tool identifies a potential security breach, it operates as an alarm system that pinpoints the location of the issue and provides actionable guidance.

5. Russian Internet Provider Hacked: Hackers from the Blackjack group, allegedly affiliated with Ukraine’s SBU security service, have hacked into Moscow's M9com internet provider and demolished its servers on January 9. The attack concerns 20 terabytes of deleted data from the company's official website, branch websites, mail server, cybersecurity services, etc. (Source: Yahoo News/The New Voice of Ukraine)

6. MDR Product Launch: Managed detection and response (MDR) provider CriticalStart has released its Asset Visibility offering. Asset Visibility helps customers become more proactive within their security program, helping them uncover assets that need protection, validate that endpoint security controls are working and identify areas of risk exposure due to gaps in security coverage, the company said.

7. How to Launch a Cybersecurity Startup: Venture in Security Press has released Cyber for Builders, a guide to building a cybersecurity startup. Author of the book, Ross Haleliuk, is the creator of Venture in Security, an award-winning blog and a source about the business of cybersecurity. The book is available on Amazon.

8. Malware Alert: Several organizations, including those managing U.S. critical infrastructure, have been targeted by an AsyncRAT malware campaign during the past 11 months, BleepingComputer reports. Three hundred unique loader samples and more than 100 domains have been leveraged as part of the campaign, which commenced with the delivery of malicious emails with a GIF attachment that would result in obfuscated JavaScript and PowerShell script downloads, according to a report from AT&T Alien Labs. (Source: SC Media)

9. Cyberattack Strikes Lender: Major mortgage lender loanDepot reported that it was the victim of a cyberattack that forced it to shut down some of its systems on January 8, according to an 8K filing with the Securities and Exchange Commission (SEC). The loanDepot case was among cyberattacks reported in the financial sector over the past five weeks, along with Fidelity National Financial, LoanCare and Mr. Cooper. (Source: SC Media)