Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the update for Tuesday, October 9, 2018.
15. Google+ Data Exposure, Shutdown: Google will shut down the consumer version of its failed social network Google+ and tighten its data sharing policies after announcing on Monday that private profile data of at least 500,000 users may have been exposed to hundreds of external developers, Reuters notes. Google disclosed the leak in March, and the company is under fire for not disclosing the data leak in a more timely manner. Internal documents suggest the search giant was worried about negative feedback and more compliance scrutiny. Ironically, Google's belated disclosure may trigger even more scrutiny.
14. Google Cloud Marketplace: Panorays, a provider of automated third-party security management, now promotes its services via Google Cloud Marketplace.
13. Privacy Policy & Employment: Amazon.com fired an employee who disclosed customer email addresses to a third-party merchant on the site in violation of the e-commerce giant’s policies, Bloomberg reports. Amazon alerted the shoppers, although the company said no action such as changing passwords was needed, the report says.
12. IT Support Fraud: India officials have arrested 24 people who are accused of running 10 fake call centers that offered fraudulent Microsoft support services.
11. S&P 500 Index: Fortinet will replace Envision Healthcare in the S&A 500 index.
10. Spin-Off: Privileged access management (PAM) and identity as a service specialist Centrify is spinning office its IDaaS business as a standalone company named Idaptive.
9. Research - Web Attacks: IIS, Drupal, and Oracle WebLogic web technologies experienced increased attacks in Q2 2018, according to a new threat report from eSentire, a Top 20 Managed Detection and Response (MDR) provider.
8. Research - Biggest Threats: Cryptomining has leapfrogged ransomware as top threat in 2018, according to Webroot’s Mid-Year Threat Report for 2018.
7. Research - Home Router Security: Roughly 83 percent of home routers are vulnerable to known cyberattack techniques, according to The American Consumer Institute.
6. Endpoint Protection: Sophos has added Endpoint Detection and Response (EDR) to its Intercept X endpoint protection portfolio. With Sophos Intercept X Advanced with EDR, businesses of all sizes can add threat tracking and SOC-like capabilities to their security defenses, the company claims.
5. Symantec Updates: Symantec has made several cloud-centric product upgrades that focus on protecting cloud infrastructure (Cloud Workload Assurance); cloud application security (CloudSOC CASB) and expanded Cyber Security Services (Managed Cloud Defense).
4. Container Security: Alert Logic, a provider of Security-as-a-Service solutions, has updated its Network Intrusion Detection System (NIDS) for software containers. The release adds container log management and extends capabilities beyond Amazon Web Services (AWS) to Microsoft Azure, on-premises and hosted environments, Alert Logic says.
3. Partnership - SD-WANs: Amdocs, Fortinet and Versa Networks have partnered to launch a new multi-domain, service provider SD-WAN, SDN and NFV orchestration packaged solution. The offering allows service providers to deploy and monetize managed SD-WAN and security services, while reducing deployment and operational costs, Amdocs asserts.
2. Partnership - Network Security: Menlo Security has joined the Palo Alto Networks NextWave Partner Ecosystem. The partnership integrates the Palo Alto Networks Security Operating Platform with the Menlo Security Isolation Platform to provide joint customers with another technique to eliminate the risk of exploitations and further combat these threats as part of a defense in depth approach, Menlo asserts.
1. Next Up: MSSP Alert is set to attend Carbon Black Connect 2018 conference this week in New York. If you’d like to potentially meet at the event please email me ([email protected]).
