Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the daily business update for Wednesday, December 19, 2018.
14. NASA Data Breach Disclosure: Details are here...
13. More Facebook Privacy Controversy: Facebook said it did not give some companies access to people’s data without their permission, after the New York Times reported on Tuesday that the social network allowed some large technology companies greater access to user data, Reuters notes. However, the Times said Facebook allowed Microsoft's Bing search engine to see the names of virtually all Facebook users' friends without their consent, citing documents from 2017...
12. Twitter Data Exposure: Twitter has apologized for a November security issue that exposed user data, including the country codes of phone numbers and account statuses, Law360 notes.
11. Marriott Data Breach Cost: The recent Marriott data breach disclosure could cost the hotel chain about $600 million in insurable losses, AIR Worldwide estimates.
10. Germany Hacker Warning: Germany’s Office for Information Security (BSI) has issued warnings to several German firms named by the United States as possible victims of hacking attacks, adding that Chinese activity against German firms had increased, this report says.
9. Is Cyber Insurance Worthless?: Before you purchase cyber insurance... consider this reality check.
8. Funding - Risk Management: Egress, a provider of data privacy and compliance software designed to secure unstructured data, has raised $40 million in a Series C financing round led by FTV Capital, with continued participation from existing backer AlbionVC, the company says.
7. Talent - Threat Hunters: Jask has grown its Special Operations (SpecOps) threat hunter and incident response team to include veterans of IBM X-Force, RiskIQ and the DoD. Key team members include RSA veteran Kevin Stear; RiskIQ veteran Darren Spruell; IBM X-Force veteran Brian Gardiner; CERT veteran Greg Longo; DoD veteran Ellie Soto; and Akamai veteran David McEwan. The team conducts about 50 investigations per month, of which 15 percent are ruled active incidents, Jask says.
6. Cyber Espionage: Symantec has revealed new research related to Seedworm (also known as MuddyWater or Zagos) and the alleged espionage group APT28 (aka Swallowtail, Fancy Bear). Details about the research findings are here.
5. Office 365 Phishing Attacks: Keep an eye out for this new Office 365 phishing attack technique...
4. Phishing Mitigation: KnowBe4 has launched PhishER, a platform that allows security teams analyze, prioritize and manage email that has been reported as suspect by employees, the company claims.
3. Top 100 MSSP - AWS Partnership: Delta Risk, a Top 100 MSSP, is now an Advanced Partner within the Amazon Web Services (AWS) Partner Network (APN).
2. Top 100 MSSP - Donation: Accenture, a Top 100 MSSP, will donate more than $500,000 over the next 12 months to the Georgia Institute of Technology’s Online Master of Science in Cybersecurity (OMS Cybersecurity) degree program.
1. MSSP Platform Upgrade: Seceon has upgraded aiMSSP, allowing MSSPs to offer tiered Managed Security Service (MSS) and Managed Detection and Response (MDR) services, and empowering large services providers to turn into Master-MSSPs, the company claims. We'll share more details soon.
