Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. Industry Recognition: UL Solutions, a specialist in applied safety science, has issued the first Cybersecurity Assurance Program Certificate for ISO/SAE 21434:2021, Road Vehicles — Cybersecurity Engineering to LG Innotek. The UL Solutions Cybersecurity Assurance Program (CAP) Certificate recognizes that LG Innotek's cybersecurity management system meets the requirements of the ISO/SAE 21434:2021 standard.
2. Leadership Move: InQuest announced that Vincent Stewart, a retired lieutenant general in the United States Marine Corps, who most recently served as Deputy Commander at United States Cyber Command, has joined the company as an advisor. Stewart served in key U.S. Department of Defense cyber intelligence roles, including Director, Defense Intelligence Agency (DIA); and Deputy Commander, United States Cyber Command (USCYBERCOM).
3. Cybersecurity Research: Malwarebytes has released its annual cybersecurity trend and threat intelligence report: 2023 State of Malware. The report shares key cybersecurity developments of 2022 and explains why organizations that protect against the five most dangerous cyberthreat archetypes today will be better secured this year.
4. Product Launch: Contrast Security has announced the expansion of its Contrast Serverless Application Security offering to support Microsoft Azure functions and enable customers to quickly scan for security vulnerabilities on multi-cloud environments. With the addition of Microsoft Azure Functions support, organizations will be able to evaluate their serverless application risk on both Amazon Web Services (AWS) and Microsoft platforms from a single offering.
5. Ransomware Research: Trend Micro has published a new report warning that although only 10% of ransomware victims pay their extorters, they are enabling attacks on numerous other organizations by doing so. The Trend Micro report delivers threat intelligence and leverages advanced data science to list various threat actor metrics. These metrics can be used to compare ransomware groups, estimate risks and model threat actor behaviors.
6. Product Launch: Talon Cyber Security has released its TalonWork offering to the Microsoft Azure Marketplace. Talon customers can now take advantage of the scalability, high availability and security of Azure. Azure customers can allocate their multi-year committed Azure spend to purchase Talon’s secure enterprise browser.
7. Product Launch: Kaspersky has launched Successive Plus MSA, a new maintenance service agreement exclusive to Kaspersky’s managed service provider (MSP) community in the U.S. and Canada. This new offering will provide MSPs with support for their clients by protecting them through assistance from Kaspersky’s local team of certified engineers for a low monthly cost. Successive Plus MSA offers a more flexible model for MSPs that need assistance with configuration and best practices, as well as 24x7 support for critical issues, Kaspersky asserts.
8. Malware Alert: An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender has named the malware "S1deload Stealer" for its use of DLL side-loading techniques to get past security defenses and execute its malicious components. (Source: The Hacker News)
9. Hackers Using Atharvan Malware: Security researchers have observed a hacking group targeting companies in the materials research sector with a unique toolset that includes a custom remote access trojan (RAT) called Atharvan. The threat actor is being tracked as Clasiopa by Symantec, whose analysts found a clue pointing to an Indian threat actor. (Source: Bleeping Computer)