Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS); managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Industry Recognition: Stellar Cyber, a specialist Open eXtended detection and response (XDR) technology, has been included as a Sample Vendor in the Gartner report, "Hype Cycle for Security Operations, 2023." The report offers detailed analyses of software technologies available to SecOps teams, including XDR and others. “Our founders saw from the beginning that unifying and analyzing information from across the infrastructure is essential to spotting and responding to complex attacks, which is why we pioneered Open XDR technology,” said Steve Garrison, senior vice president of Marketing at Stellar Cyber. “We believe this recognition by Gartner helps validate our approach.”
2. Company Expansion: CYBERIA, an internet and information security services provider, announced that one of its key partners Akamai Technologies, will be launching a DDOS scrubbing center in Saudi Arabia. According to CYBERIA, this scrubbing center will be the first of its kind in Saudi Arabia and is part of a largely distributed platform (Prolexic) dedicated only for DDoS scrubbing. The new scrubbing center is expected to go live by November.
3. Cybersecurity Education Initiative: Infosec Institute, a cybersecurity education provider, has expanded partnership its with EdAssist by Bright Horizons, a provider of workplace education benefits, which will provide Infosec training courses to employees through EdAssist's direct bill model where employers pay all costs upfront. In addition to eliminating upfront costs that were previously paid by employees (and later reimbursed by employers), this partnership will also expands EdAssist offerings to include Infosec boot camps, which are designed to build and validate in-demand cyber skills like threat hunting, ethical hacking and red teaming.
4. Funding Round: Protos Labs, a cyber risk management provider based in Singapore, announced a successful seed round funding of SGD $3 million. The company plans to use the funds to accelerate its global expansion and product development, as it works to revolutionize the cyber insurance and risk management landscape.
5. CISA Issues Alert: The Cybersecurity & Infrastructure Security Agency (CISA) and its partners are responding to active, widespread exploitation of two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). Cisco's IOS XE Web UI is a system management tool for IOS XE, which is a network operating system for use on various Cisco products. An unauthenticated remote actor could exploit these vulnerabilities to take control of an affected system, CISA said. Specifically, these vulnerabilities allow the actor to create a privileged account that provides complete control over the device.
6. New York Casinos, Hospital Cyberattacks: New York state’s casino operation and two hospitals were hit with cyberattacks recently. The New York Gaming Commission confirmed that its central operating system serving the state’s slot parlors was impacted by a cybersecurity attack, forcing the closure of Jake 58 casino in Islandia, Suffolk County. HealthAlliance Hospital and Margaretville Hospital in Hudson Valley were forced to divert patients elsewhere following cybersecurity incidents. The cyber hack also impacted the Mountainside nursing home. (Source: New York Post)