Content, Content, Breach, Security Strategy, Plan, Budget, Security Program Controls/Technologies, Security Staff Acquisition & Development, Security Strategy, Plan, Budget, Malware, MSSP, Managed Services, Ransomware

Managed Security Services Provider (MSSP) Market News: 21 March 2023

Alert icon isolated on Abstract design bright red banner background

Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

  • The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
  • Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
  • Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

A. Today’s MSSP, MDR, XDR and Cybersecurity Market News

1. Cyber Education Partnership: Sonic Foundry announced that its Global Learning Exchange (GLX) business is partnering with EC-Council University (ECCU), the education arm of The International Council of Electronic Commerce Consultants (EC-Council). The partnership will provide GLX students with access to cybersecurity certifications, including Certified Ethical Hacker, Certified Network Defender and Certified Hacking Forensic Investigator.

2. Product Launch: Onapsis, a business application cybersecurity and compliance specialist, announced that its security platform is now an SAP-endorsed app and available for online purchase on the SAP Store. SAP-endorsed apps are a category of solutions from SAP’s partner ecosystem that help customers become best-run, intelligent enterprises, Onapsis said.

3. Industry Recognition: Neustar Security Services, a provider of cloud-based security services, has won eight 2023 Cybersecurity Excellence Awards. The awards, produced by Cybersecurity Insiders in partnership with the Information Security Community on LinkedIn, honor companies, products and professionals that demonstrate excellence, innovation and leadership in information security.

4. Company Launch: Arlington Capital Partners has announced the formation of Eqlipse Technologies. Eqlipse will offer a full-spectrum cyber and signals intelligence engineering, digital operations, identity management, and cutting-edge research and development. Eqlipse will serve key national security customers within the U.S. Department of Defense and the national intelligence community.

5. Partnership Launched: Stratodesk, a provider of secure managed endpoints for modern workspaces, and deviceTRUST, a contextual security specialist, have formed a security integration partnership. This partnership benefits customers by delivering an additional layer of security for workspace access and authorization, the companies said.

6. CISA Adds Experts: Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly announced the appointment of additional members to the CISA Cybersecurity Advisory Committee (CSAC). Said Easterly, “Chosen for their deep expertise in critical infrastructure, cybersecurity and governance, these members will add important new perspectives to the CSAC’s work, particularly given this year’s additional focus on corporate cyber responsibility, technology product safety, and efforts to raise the cyber hygiene baseline of ‘target rich-cyber poor’ entities, like hospitals, K-12 school districts and water utilities."

7. Cyberattack Reported: Italian luxury sports car maker Ferrari SpA reported that a hacker recently demanded ransom from the company related to certain client contact details, adding that the breach had no impact on the company's operations. Ferrari said it notified its customers of the potential data exposure and the nature of the incident. (Source: Reuters)

8. Malware Alert: A new piece of malware dubbed dotRunpeX is being used to distribute numerous known malware families, such as Agent Tesla, Ave Maria, BitRAT, FormBook, LokiBot, NetWire, Raccoon Stealer, RedLine Stealer, Remcos, Rhadamanthys and Vidar. DotRunpeX is a new injector written in .NET using the process hollowing technique and used to infect systems with a variety of known malware families, according to Check Point Software. (Source: The Hacker News)

9. Cybersecurity Acquisition: Mastercard has acquired cloud-based cybersecurity company Baffin Bay Networks. The acquisition strengthens its broader services offerings and value beyond the payment transaction, Mastercard said.

10. Company Rebrand: Cyberpion, a specialist in attack surface management, has rebranded as IONIX (pronounced "eye on x"). IONIX provides visibility into their customers' real attack surface, including an organization's internet-facing assets.

B. Annual In-Person MSSP and Cybersecurity Conferences

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.