Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Industry Recognition: CrowdStrike has been named to the 2023 UK Best Workplaces list for the second year in a row. The annual list recognises and celebrates exceptional and trusted brands.
2. Company Rebrand: L7 Defense, an API security solutions provider, announced that it has rebranded as ammune.ai. ammune.ai is a cybersecurity company that helps organizations protect their infrastructure, applications, customers, employees and partners from the growing risk of API-borne attacks.
3. Product Launch: Cybersecurity startup KnectIQ has launched SelectiveTRUST, a zero trust-based platform that prevents credential misuse to mount initial intrusions and credential-based privilege escalation by bad actors.
4. MSSP Partner Program Debuts: SOOS has launched a comprehensive partner program tailored for MSSPs and managed cybersecurity & compliance partners (MCCPs). The program empowers MCCPs/MSSPs to integrate SOOS' SBOM Manager and DevSecOps tools for vulnerability scanning and license management into their service offerings, enabling clients to meet governmental compliance requirements and enhance application security infrastructure.
5. Partnership Launched: Omada, an identity governance and administration (GA) company, announced that it is partnering with CyberSolve, an identity & access management (IAM) and cybersecurity services organization. The partners will work closely in the U.S. market to deliver best-in-class IGA.
6. Malware Alert: The North Korean threat actor known as ScarCruft has started experimenting with oversized LNK files as a delivery route for RokRAT malware, as early as July 2022, the same month Microsoft began blocking macros across Office documents by default. "RokRAT has not changed significantly over the years, but its deployment methods have evolved, now utilizing archives containing LNK files that initiate multi-stage infection chains," Check Point said in a new technical report. (Source: The Hacker News)
7. New Malware Toolkit Identified: An analysis of more than 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed Decoy Dog targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling in which a series of queries are transmitted to the command-and-control (C2) domains so as to not arouse any suspicion. (Source: The Hacker News)