Managed Security Services Provider (MSSP) News: 23 February 2018
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Friday, February 23, 2018:
8. Healthcare Breach: A hacker breached the University of Virginia Health System, infecting physician devices with malware that allowed a hacker to access medical records of 1,882 patients for 19 months, according to Healthcare IT News.
7. DDoS Attack Costs: The financial impact of a Distributed Denial of Service (DDoS) attack is continuing to rise globally – totaling over $120,000 for SMBs and costing enterprises over $2 million, per attack on average, Kaspersky Lab research says.
6. Talent: — Exabeam has hired Imperva, HyTrust, Lumension and Niksun veteran Bill Aubin as vice president of federal sales. Exabeam specializes in SIEM, user analytics and security data lake products.
5. Investigation: Data analytics and security company Palantir Technologies must open its books to early investor Marc Abramowitz, who wants to investigate possible fraud and mismanagement at the highly valued private U.S. company, Reuters says.
4. Arrest – Cryptocurrency: The operator of a shuttered bitcoin-denominated exchange was arrested on Wednesday on federal charges that he lied to U.S. securities regulators to avoid taking responsibility for the theft by hackers of virtual currency now worth nearly $70 million, according to Reuters. Federal prosecutors in Manhattan announced the charges against BitFunder founder Jon Montroll the same day the U.S. Securities and Exchange Commission filed a lawsuit accusing him and the company of running an unregistered securities exchange that defrauded its users, the report says.
3. Meltdown, Spectre Mismanagement?: Intel did not tell U.S. cyber officials about the Meltdown and Spectre chip flaws until the situation was made public, Reuters says. The company now faces dozens of shareholder lawsuits over the vulnerabilities, though Intel sales have remained strong.
2. Meltdown & Spectre Vulnerability Updates: The latest Meltdown and Spectre vulnerability alerts, fixes and associated statements are here.