Managed Security Services Provider Morning News: 18 August 2017
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Friday, August 18, 2017:
11. Apple iOS Encryption Hacked: A hacker Thursday afternoon published what he says is the decryption key for Apple iOS’ Secure Enclave Processor (SEP) firmware, ThreatPost reports. The hacker, identified only as xerub, told Threatpost that the key unlocks only the SEP firmware, and that this would not impact user data. Apple has not confirmed whether the decryption key is legitimate.
10. Talent: Morphisec has hired Lieberman Software veteran Paul Laracy as senior director for U.S. channels. Laracy now drives the endpoint threat prevention company’s North American channel program.
9. Absolute Revenues: Absolute Software, which specializes in endpoint visibility and control, says Q4 fiscal 2017 revenue was $23.2 million, up 5 percent from the corresponding quarter last year. Among the quarter’s highlights: Absolutely delivered Security Posture and Data Risk dashboards for at-a-glance measures of endpoint health, risk, and compliance—both on and off the corporate network.
8. FBI vs. Kaspersky Lab?: The FBI has been briefing private sector companies on intelligence claiming to show that the Moscow-based cybersecurity company Kaspersky Lab is an unacceptable threat to national security, current and former senior U.S. officials familiar with the matter tell CyberScoop. CEO Eugene Kaspersky and his company have repeatedly denied the alleged ties to Russia’s government. Nevertheless,, the U.S. federal government has asked 22 government agencies for documents and communications about Kaspersky Lab products dating back to 2013. Responses to the request were due Aug. 11. We haven’t received a status update about the responses…
7. Shadow Brokers’ Impact: The mysterious Shadow Brokers hacker group had a major impact on cybersecurity in Q2 2017. The organization’s publication of the “Lost In Translation” archive, which contained a large number of exploits for different versions of Windows, was a defining moment in the quarter. Kaspersky Lab explains why here.
5. New DDoS Attack Method: A new method of carrying out DDoS attacks named Pulse Wave is causing problems to certain DDoS mitigation solutions, allowing attackers to down servers previously thought to be secured, Bleeping Computer reports. Pulse Wave was discovered byDDoS mitigation firm Imperva Incapsula.
4. MSSP Growth: Secure-24‘s managed security services and global security governance risk and compliance (GRC) services generated 30 percent growth in the first half of 2017, the company says.
3. MSP Security Operations Centers: Arctic Wolf Networks now offers Security Operations Center (SOC) as a service to MSPs. The service includes security engineer support; incident response and compliance support; and fixed monthly pricing. We’ll share more details soon.
2. MSSPs On Inc. 5000 List: Numerous IT security companies and MSSPs landed on the annual Inc. 5000 list for 2017. Among the honorees: DirectDefense, which grew nearly 2,500 percent over the past three years to $5.9 million in revenues for 2016. We’ll share more details soon.
1. Top 50 MSSPs: Who are they? Participate in our Top MSSPs survey and your company could be ranked among them. Deadline for submissions is August 31.We’ll also put a special spotlight on smaller, emerging MSSPs — so participate in the survey regardless of your company size. We’ll reveal research results and the honorees during our September 28 webcast (registration is open).