Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS); managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. NSA Offers Security Capability: Cyber actors have been exploiting internet-accessible and vulnerable operational technology (OT) assets, according to the National Security Agency (NSA). To counter this threat, NSA has released a repository for OT Intrusion Detection Signatures and Analytics to the NSA Cyber GitHub. The capability, known as ELITEWOLF, can enable defenders of critical infrastructure, defense industrial base, and national security systems to identify and detect potentially malicious cyber activity in their OT environments.
2. IronNet Files for Bankruptcy Protection: Cybersecurity company IronNet has filed for bankruptcy protection in Delaware, seeking to sell its assets. U.S. Bankruptcy Judge Brendan Shannon on October 13 signed off on some of the company's initial steps in bankruptcy during a court hearing. The MacLean, Virginia-based company terminated its 104 employees and shut down operations on September 29 after a series of setbacks, including a shareholder lawsuit, delayed payments from foreign government clients, difficulties finalizing new client contracts, and the termination of key cloud computing services provided by Amazon Web Services. (Source: Reuters)
3. WiFi for MSPs: Zyxel Networks, a specialist in delivering AI- and cloud-powered business and home networking solutions, has launched its WiFi 7 access point for managed service providers (MSPs) and small- to medium-sized businesses (SMBs).
3. Leadership Appointments: Redpoint Cybersecurity, a military-grade provider of digital forensics, incident response and cloud security services, has named six individuals to leadership roles: Harris Schwartz, vice president of Cyber Risk Advisory; John Jewsbury, vice president of Sales; Paul Engelbert, director of Risk Advisory Services; Carissa Salvatore, operations manager; Ryan Sparkman, CISSP – cyber operations manager; and Nicholas Gram, security sales specialist.
4. Cybersecurity Education: American Public University System (APUS) has been designated as a National Center of Academic Excellence in Cybersecurity through the 2027-28 academic year. APUS was initially designated as a Center of Academic Excellence in Cyber Defense in 2018. This five-year re-designation is the result of APUS meeting rigorous requirements set forth by the National Security Agency (NSA), the program's sponsor. Designated institutions commit to educate cybersecurity professionals that will help reduce vulnerabilities in national infrastructure.
5. Product Launch: Fortinet has announced the expansion of its SASE Points-of-Presence (POPs) to new locations through a partnership with Google Cloud. The partnership allows Fortinet to leverage Google Cloud’s global network edge locations closest to their regions of presence to accelerate the expansion of Fortinet’s Universal SASE solution, the company said.
6. Company Fined Over Data Breach: Britain's Financial Conduct Authority (FCA) has fined consumer credit rater Equifax Ltd 11 million pounds ($13.4 million) for its role in "one of the largest" cybersecurity breaches in history. The FCA said that in 2017 Equifax's U.S. parent company, Equifax Inc., was subject to one of the biggest cybersecurity breaches in history when the personal details of as many as 147.9 million U.S. consumers were accessed during the hack. (Source: Reuters)
7. Hacker Alert: Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as CVE-2023-38831," Cluster25 said in a report published last week. The archive contains a booby-trapped PDF file that, when clicked, causes a Windows Batch script to be executed, which launches PowerShell commands to open a reverse shell that gives the attacker remote access to the targeted host. (Source: The Hacker News)