Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. CISO Advisory Debuts: Trellix, an extended detection and response (XDR) specialist, has launched its new Mind of the CISO initiative, bringing global attention to the needs of the CISO community. The collaborative efforts span an inaugural CISO Council, research and webinars. Members will participate in Trellix-hosted events around the world and will also provide insightful contributed content.
2. Security Partnership: Chi Studios, the parent company of the Cybersecurity Studio, announced a partnership with longtime cybersecurity executive Roland Cloutier to bolster its innovative new executive learning and development services. Cloutier will oversee the curriculum buildout and growth strategy for the Cybersecurity Studio and will provide mentorship and advisory services to both sitting CISOs and high-performing direct reports to CISOs.
3. IronNet Names CEO: IronNet has appointed Linda Zecher as CEO. Cameron Pforr, the company’s current chief financial officer, has been appointed president of IronNet. GEN (Ret.) Keith Alexander will continue to serve as chairman of the board, transitioning to a non-executive role. John O’Hara has been appointed to senior vice president of Corporate Development and Partnerships.
4. Product Launch: AgileBlue has released the latest version of its Cerulean platform. Key enhancements include AI-assisted security orchestration and response (SOAR), a security rating dashboard, correlated case management and extended threat hunting.
5. Malware Discovery: Black Lotus Labs, the threat research arm of Lumen Technologies, has discovered a new malware that targets small office/home office (SOHO) routers. Discovery of the malware dubbed "AVrecon" came as the Cybersecurity and Infrastructure Security Agency (CISA) issued warnings about SOHO routers, including a binding operational directive in June and a cybersecurity advisory in May.
6. CISA Issues Advisory: In June, a U.S. federal agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft. CISA and Microsoft determined that advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data. CISA and the FBI are now releasing a joint cybersecurity advisory to provide guidance to critical infrastructure organizations on enhancing monitoring of Microsoft Exchange Online environments.
7. Hacker Alert: Chinese state-linked hackers since May have secretly accessed email accounts at approximately 25 organizations, including U.S. government accounts, in a stealthy cyberespionage campaign, Microsoft and U.S. officials said on Wednesday. The U.S. detected a breach of federal government accounts "fairly rapidly" and managed to prevent further breaches, White House national security adviser Jake Sullivan said. (Source: Reuters)
8. Hacker Alert: Hackers suspected of working for Russia's foreign intelligence agency targeted dozens of diplomats at embassies in Ukraine with a fake used car advertisement in a bid to break into their computers, according to a published report on Wednesday. The wide-reaching espionage activity targeted diplomats working in at least 22 of the roughly 80 foreign missions in Ukraine's capital, Kyiv, analysts at Palo Alto Networks' Unit 42 research division said in the report. (Source: Reuters)
Annual In-Person MSSP and Cybersecurity Conferences
- The Official Cyber Security Summit Series (Multiple dates and locations)
- 2023 International Cybersecurity Championship and Conference (IC3) (July 31-August 4, 2023, San Diego, California)
- Black Hat (August 5-10, Las Vegas, Nevada)
- Infosec World (September 25-27, Lake Buena Vista, Florida)