Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
1. GenAI Security Partnership: Blue Mantis, a provider of managed services, cybersecurity and cloud solutions, has formed a strategic partnership with AI Technology Partners (AITP), a specialist in transformative AI strategy and Microsoft Copilot implementations. The partnership combines Blue Mantis’ managed IT and cybersecurity services expertise with AITP’s consulting, data, analytics and AI capabilities. Blue Mantis and AITP have developed a joint go-to-market strategy and service offering for mid-market enterprise clients, the companies said.
2. Threat Intelligence Collaboration: Reveald, a continuous threat exposure management provider, has expanded its capabilities by acquiring rThreat and creating the Epiphany Validation Engine (EVE) to enhance AI-driven cyber resilience. EVE is an emulation technology that enables security operators to assume the role of attackers to validate cybersecurity readiness and controls while allowing analysts to view the full attack path and identify material risks, the company said.
3. Cyber Risk Solution Debuts: Bitsight, a cyber risk management specialist, has brought to market AI-powered technology to provide enterprises with a continuously updated view of internet-connected assets, third- and fourth-party relationships and overall risk posture. The new Discovery and Attribution Engine creates a dynamic map of an organization’s internet-connected assets, making it faster and easier to view exposure across the extended attack surface, assess risk and prioritize remediation, the company said.
4. CRA Issues Cybersecurity Buyer Intelligence Report: CyberRisk Alliance's latest Cybersecurity Buyer Intelligence Report, "Incident Response: Incident Response Team Burnout and Resource Constraints Give Attackers the Advantage," offers groundbreaking solutions to the widespread challenges of slow remediation times and team burnout exacerbated by resource shortages. "The results of this survey drive home the growing problem of burnout among incident responders," said Bill Brenner, senior vice president of Audience Content Strategy for CyberRisk Alliance (CRA). "They need more resources which may not be coming any time soon. The question we tried to answer is what organizations can do to have a rock-solid incident response while also finding ways to alleviate the pressure."
5. Security Partnership: Accenture and Mandiant, part of Google Cloud, are teaming up to collaboratively deliver cyber resilience services to help organizations more efficiently detect, investigate, respond to and recover from cyberattacks. Accenture will utilize Mandiant threat intelligence and its expertise in its cyber resilience services. In addition, Accenture Federal Services has been awarded a 10-year, $789 million contract to support global U.S. Navy maritime forces with conducting unified cybersecurity operations across the SHARKCAGE environment, the Navy’s shared set of systems built to protect a single, common, continuous security perimeter.
6. CISA Releases Advisories: The Cybersecurity & Infrastructure Security Agency (CISA) has released four Industrial Control Systems (ICS) advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS:
- ICSA-24-130-01 Rockwell Automation FactoryTalk Historian SE
- ICSA-24-130-02 alpitronic Hypercharger EV Charger
- ICSA-24-130-03 Delta Electronics InfraSuite Device Master
- ICSA-24-107-03 Rockwell Automation ControlLogix and GuardLogix (Update A)
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.
7. Leadership Move: CyXcel, a cybersecurity business with operations in the U.K. and North America, has appointed Simon Church as chief strategy officer. Church has held executive leadership positions at cybersecurity and technology companies such as Maxive Cyber Security (acquired by Thales), Optiv, Vodafone, NTT Security, Verisign and NetIQ. His experience includes strategic roles in identity management, networking and managed services.
8. Spam Alert: AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service. AT&T customers this week began reporting they could no longer receive email from Microsoft 365 email addresses. When Microsoft 365 customers attempted to email an address at @att.com, @sbcglobal.net, or @bellsouth.com, AT&T servers would refuse the connection and not accept the email for delivery. (Source: Bleeping Computer)
9. Hacker Alert: The Sysdig Threat Research Team has observed a new attack that used stolen cloud credentials to target 10 cloud-hosted large language model (LLM) services, known as LLMjacking. The credentials were obtained from a popular target, a system running a vulnerable version of Laravel (CVE-2021-3129). In this case, attackers intend to sell LLM access to other cybercriminals while the cloud account owner pays the bill.
10. Threat Report Issued: VIPRE Security Group, a cybersecurity, privacy and data protection company, has released its Q1 2024 Email Threat Trends report, based on an analysis of 1.8 billion emails. The findings reveal the evolving landscape of email-based threats and emerging tactics malicious actors are employing. The manufacturing, government and IT sectors are the most victimized by malicious actors. In Q1 2024, the manufacturing sector suffered 43% of email-based attacks, with the government (15%) and IT (11%) trailing well behind. This is a change from Q1 2023, when attackers targeted the financial (25%), healthcare (22%), and education (15%) sectors most often, the report said.