Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Tuesday, October 17, 2017:
12. Hacker Platform Price Cut: ShadowBrokers, which is suspected of hacking the National Security Agency (NSA), is cutting prices on its biweekly leaks and data dumps, according to The Hill. We’ll share more analysis soon.
10. Serious Microsoft Hack: A sophisticated hacking group broke into Microsoft’s secret internal database for tracking bugs in its own software in 2013, potentially giving the hackers a golden ticket to break into customer networks worldwide, according to Reuters. Microsoft has never publicly confirmed the hack. But after the alleged breach, the company walled the bug tracking database off from the corporate network started requiring two authentications for access, the report said.
6. Email Privacy Showdown: The Supreme Court on Monday accepted a second important case on digital privacy, agreeing to hear a dispute between the federal government and Microsoft about emails stored overseas, according to The Washington Post. The case could have major implications for MSPs and service providers that are striving to manage data and customer privacy worldwide.
5. Mobile Privacy: Independent phone maker OnePlus has overhauled its data collection strategy after the company was caught collecting data from its OxygenOS — without telling users, of course, TechCrunch says.
4. Internal Data Risks: Fully 92 percent of companies say their employees try to access information that is not necessary for their day-to-day work – with nearly one in four (23 percent) admitting this behavior happens frequently, according to new research from One Identity. Among the biggest offenders: IT security professionals who poke around their employers’ networks for confidential data. Not by coincidence, One Identity — which spun off from Dell last year — offers identity and management (IAM) solutions.
2. MSSP Partnership:Nine23, a mobile technology provider and MSSP, will leverage Mi3 Security‘s machine learning-based application security analysis technology in the company’s cyber services. Nine23 provides secure (accredited) end to end enterprise mobility management (EMM) solution and services to government and business customers in the UK.
1. Big MSSP Guarantee:AsTech, a security consulting company, has launched AsTech Vigilance for Managed Qualys Services. The offering includes a $1 million guarantee for securing perimeter networks when a customer adds the AsTech Perimeter Security Guarantee to their AsTech Managed Qualys Service subscription. PS: We haven’t read the fine print…