Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
Here’s the daily business update for Friday, August 9, 2019.
A. Today’s MSSP Alerts
1. M&A - Software Container Security: McAfee has acquired NanoSec, a multi-cloud, zero-trust application and security platform for software containers.
2. Hackers Disable MSP Backups: Hackers are now breaking into MSP networks, secretly disabling backup and disaster recovery (BDR) systems, and then launching ransomware attacks, ChannelE2E has confirmed.
3. Ransomware & Cyber Insurance: Truman Medical Center of Kansas City recently "paid the ransomware" following a malware attack, but cyber insurance will apparently cover the costs...
4. Health Care MSSP: CynergisTek claims to be gaining MSSP momentum in the health care market. The anecdotal evidence: Over the past year, 60 percent of contracts involved existing Compliance Assist Partner Program (CAPP) clients expanding to leverage CynergisTek's Medical Device Security Service engagements. Still, actual revenue dollar figures were not disclosed.
5. State Farm Breach: Here are details, care of ZDnet.
6. Password Spraying Attacks: The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on, the warning notes.
7. Printer Security Bugs: At least 35 significant vulnerabilities in six commonly used enterprise printers have been uncovered, manufactured by HP, Ricoh, Xerox, Lexmark, Kyocera and Brother, according to Threat Post.
8. Cyber Testing - Antitrust Investigation: The U.S. Department of Justice is getting involved in an antitrust case against Symantec and others over malware resting standards, National Law Review reports. Ironically, the dust-up surfaces just as Broadcom works to acquire Symantec's enterprise business unit.
9. Cyber Research: Nearly 58 percent of organizations are heavily impacted by a lack of automation, and 53 percent by lack of visibility, and according to Fidelis Cybersecurity.
B. MSSP Partner Programs and Strategic Alliances
C. Next Five Technology Conferences
- EnergySec Security and Compliance Summit 2019 (August 19-21, Anaheim, California)
- GSX 2019: Global Security Exchange Conference (September 8-12, Chicago, Illinois)
- MSSP Accelerator – Sales and Marketing Summit (September 10-11, Cedar Rapids, Iowa)
- CISA Cybersecurity Summit 2019 (September 18-20, National Harbor, Maryland)
- Exabeam Spotlight19 (September 30-October 2, San Francisco)
- Bonus: The complete MSSP Alert calendar
Email me your news, rumors and tips for potential coverage here on MSSP Alert.