Managed Security Services Provider (MSSP) News: 29 October 2020

Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

A. Today’s MSSP Alerts

1. Cybersecurity Lessons for MSPs: Huntress shares them in this blog.

2. Kimsuky APT Warning: The U.S. government has issued a warning about Kimsuky, an advanced persistent threat (APT) allegedly tied to North Korea.

3. Hacker Releases Georgia County Election Data: A computer hacker who took over networks maintained by Hall County, Georgia, escalated demands this week by publicly releasing election-related files after a ransom wasn’t paid, heightening concerns about the security of voting from cyberattacks, The Wall Street Journal reports.

4. Ransomware Targets Hospitals, FBI & CISA Warn: Hospitals and healthcare organizations in the United States are facing imminent ransomware attacks, according to a warning from The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS). Some hospitals have already suffered attacks in this new wave of attacks, CNN reports.

5. Baltimore Cyber Insurance: A panel of Baltimore’s top officials is set to renew $20 million worth of cybersecurity insurance acquired last year in the wake of a massively disruptive ransomware attack, Baltimore Business Journal reports.

6. Microsoft Detects Attacks: Microsoft has detected and attempted to stop a series of cyberattacks from Phosphorus, which the company described as an 'Iranian actor', with the attacks aimed to target over 100 high-profile individuals, Reuters reports.

7. NSA Back Doors? The U.S. National Security Agency (NSA) is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place so-called back doors into commercial technology products, in a controversial practice that critics say damages both U.S. industry and national security, Reuters reports.

8. Cisco SecureX Next Moves: They're described here.

9. Is XDR a New Idea?: Cisco weighs in here.

10. Breach Protection Warranty: A new Cybereason Breach Protection Warranty provides up to $1 million in coverage in the event of a breach, the company says. The  warranty covers attacks involving zero-day, malware and ransomware incidents, and is available free of charge to customers who qualify with the Cybereason Ultimate package, the company says.

11. Identity and Access Management (IAM): vArmour, a provider of Application Relationship Management, has unveiled the vArmour Application Access & Identity Module. The release enables organizations to use relationships to understand whether users are accessing critical business applications and data in a safe and secure fashion, the company says.

12. Funding - Application Security Posture Management (ASPM): Enso Security has raised $6 million in seed funding led by YL Ventures. Founded by former Wix.com application security experts Roy Erlich (CEO), Chen Gour Arie (CPO) and Barak Tawily (CTO). Enso’s platform is designed to be the inventory of record for all things AppSec. The goal: Enable teams to manage application security at scale with an automated and standardized program, the company says. Additional investors in the round include:

13. DDoS Attack Mitigation: Lumen Technologies has upgraded its DDoS Mitigation Service with such capabilities as rapid threat defense, a three-tiered scrubbing architecture and DDoS Hyper for self-service capabilities.

B. MSSP and Cybersecurity Virtual Events and Conferences