Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
- Developer Software Vulnerabilities: Atlassian, a software vendor that caters to software developers and project managers, has released security updates to address vulnerabilities in multiple Atlassian products. The Cybersecurity and Infrastructure Security Agency (CISA) warned that a threat actor could exploit these vulnerabilities to take control of an affected system. Products impacted include Confluence Data Center and Confluence, Atlassian Companion App for MacOS, Assets Discovery, and an additional vulnerability that impacts multiple products. All Atlassian vulnerabilities can be found here.
- BlackBerry’s New Boss, Restructuring: BlackBerry has named its cybersecurity president as the new CEO, effective immediately. John Giamatteo will replace interim CEO Richard Lynch. Giamatteo will oversee a new plan to separate the company’s Internet of Things (IoT) and cybersecurity divisions into standalone businesses. In addition, BlackBerry said it would no longer pursue an initial public offering (IPO) for the IoT business. The news follows an announcement on Oct 30 that CEO and Executive Chair of BlackBerry, John Chen, would retire from the company effective November 4.
- AWS Vulnerability: Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS), a web service that enables users to request temporary, limited-privilege access credentials, to access AWS resources without creating an AWS identity. Threat actors can use this vulnerability to impersonate user identities in cloud environments and infiltrate cloud accounts, according to a blog by Red Canary.
- Memory Safe Coding: CISA, in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international cybersecurity authorities from Australia, Canada, New Zealand, and the United Kingdom, has published a joint guide, The Case for Memory Safe Roadmaps: Why both C-Suite Executives and Technical Experts Need to Take Memory Safe Coding Seriously. It’s part of these governments’ collective Secure by Design campaign to address the critical issue of memory safety vulnerabilities in programming languages.
- Boot Security: Firmware vulnerabilities that may affect 95% of computers allow hackers to flout boot security and execute malware on startup, according to researchers at the firmware supply chain security company Binarly. Read the full story on the LogoFAIL vulnerability at SCmagazine.com.
- Microsoft Outlook Vulnerability: An espionage group linked to Russian military is continuing to use a zero-click vulnerability in Microsoft Outlook. So far the advanced persistent threat (APT) has targeted 30 organizations in 14 companies using an exploit for the bug, according to an analysis from network security firm Palo Alto Networks.
- Zero Trust Service: NuHarbor Security, a managed security provider, has launched a new Zero Trust service to support Zscaler products. The partnership enables NuHarbor to provide deployment services, health checks, and support services for Zscaler Internet Access, Zscaler Private Access, or Zscaler Client Connector.