Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Threat Intelligence Summit: On July 18, Centripetal will host the inaugural Cyber Threat Intelligence (CTI) Summit, a consortium of threat intelligence experts committed to advancing the role of threat intelligence in modern cybersecurity strategies. This first-of-its kind virtual event features speakers from leading threat intelligence vendors, including ESET, GreyNoise Intelligence, IBM X-Force, Recorded Future and Sophos.
2. Product Launch: BlueVoyant unveiled MXDR for Splunk at Splunk.conf23. The new service integrates Splunk SIEM (security information and event management) capabilities with supported EDR (endpoint detection and response) partner expertise to provide a cloud-native, fully integrated security solution enabling risk illumination, alert validation through multiple sources and remediation across multiple platforms.
3. Product Launch: Redbot Security, a penetration testing company, announced today that its new Security Management Platform Cymbiotic is now scheduled for release in the first quarter of 2024. The Cymbiotic powered by Redbot Security platform will revolutionize business cybersecurity as a scalable multi-tenant management console, enabling companies to have much greater security access by unifying critical controls across any organization, the company said.
4. Malware Alert: Government entities, military organizations and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023, leverages phishing lures and decoy documents to deploy a downloader malware called PicassoLoader, which acts as a conduit to launch Cobalt Strike Beacon and njRAT. "The attacks used a multistage infection chain initiated with malicious Microsoft Office documents, most commonly using Microsoft Excel and PowerPoint file formats," Cisco Talos researcher Vanja Svajcer said in a new report. (Source: The Hacker News)
5. Password-Stealing Malware Detected: Cybersecurity researchers and threat actors are being targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. Uptycs analysts discovered the malicious PoC during their routine scans when detection systems flagged irregularities such as unexpected network connections, unauthorized system access attempts and atypical data transfers. (Source: Bleeping Computer)
6. Cisco Acquires Oort: Cisco Systems has acquired Oort Inc., a startup focused on defending enterprises’ identity and access management tools from hacking. The acquisition’s financial terms were not disclosed. Boston-based Oort previously raised $15 million in funding, a portion of which was provided by Cisco’s venture capital arm last year. Oort sells a software platform that functions as a kind of antivirus for identity and access management systems. (Source: SiliconANGLE)
7. Cyberattack on North Carolina Town: A cyberattack on the Town of Cornelius, North Carolina, was detected early, officials said, and the town was able to contain the damage. Hackers tried to attack the town with ransomware, which Cornelius staff discovered Tuesday. The town said its IT department is working with state and county staff to scan and clean the computer system. Some town services may not be available as the town restores its systems, officials said. (Source: Spectrum News 1)
8. Security Partnership: Guardsquare, a mobile application security provider, has formed a strategic partnership with Redbelt Security, a consultancy firm specializing in information and cybersecurity. The partnership enables Redbelt to expand its solution offerings as a reseller with Guardsquare's multi-platform mobile app security products.
Annual In-Person MSSP and Cybersecurity Conferences
- The Official Cyber Security Summit Series (Multiple dates and locations)
- 2023 International Cybersecurity Championship and Conference (IC3) (July 31-August 4, 2023, San Diego, California)
- Black Hat (August 5-10, Las Vegas, Nevada)
- Infosec World (September 25-27, Lake Buena Vista, Florida)