Each business day MSSP Alert delivers a quick lineup of news, analysis and chatter from across the MSSP, MSP and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
1. Cisco Completes Acquisition of Splunk: Cisco announced on March 18 that it completed the acquisition of Splunk. Under the terms of the agreement, Cisco acquired Splunk for $157 per share in cash, representing approximately $28 billion in equity value. Splunk is a major player when it comes to tools and platforms used by the very largest MSSPs in the market. But the company doesn’t have much of a penetration with MSSPs below the top 10%. Cisco, on the other hand, has a long history with the channel. See our coverage from when the deal was announced here.
2. Endpoint Security Integration: Stellar Cyber, an Open XDR specialist, announced that it has achieved technical integration of the Stellar Cyber SecOps Platform with Trellix Endpoint Security HX, enabling customers to deploy more robust security solutions and better protect their assets from cyber threats. Through this partnership, Stellar Cyber and Trellix address a rising industry need to shorten response times from security events and more easily remediate compromised systems, leading to a simplified Threat Defense Lifecycle, the company said.
3. Leadership Move: Coalfire, a cybersecurity services and solutions company, has named Charles Henderson as executive vice president of Cyber Security services. He brings extensive experience in threat intelligence, incident response, penetration testing, adversary simulation and vulnerability management from his tenure leading IBM X-Force and Trustwave SpiderLabs, the company said.
4. Security Product Launch: Deloitte has launched CyberSphere, a vendor-neutral services and solutions platform to help clients simplify their organizations' cyber program data, workflows, reporting and third-party technologies. Deloitte built CyberSphere to help organizations quickly manage risks with the use of automation, AI and machine learning, while also reducing cyber program costs, duplicative efforts and threat alert fatigue, the company said.
5. Hacker Alert: Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. AZORult, also called PuffStealer and Ruzalto, is an information stealer first detected around 2016. It's typically distributed via phishing and malspam campaigns, trojanized installers for pirated software or media and malvertising. (Source: The Hacker News).
6. Aerospace Security Report Issued: A new report from Resecurity highlights recent cyber incidents targeting the aerospace and aviation sectors and emphasizes the importance of rigorous cybersecurity risk assessments for airports. Resecurity's report discusses how cybersecurity risk assessments can help the aerospace sector prevent cyberattacks and outline the types of threat-modeling needed for industry stakeholders to achieve a comprehensive security posture in their organizations.
7. Threat Research Released: The Securonix Threat Research team has uncovered an elaborate multi-stage attack campaign likely associated with the North Korean Kimsuky group. While the targeting of South Korean victims by the Kimsuky group happened before, from the tradecraft observed it’s apparent that the group has shifted to using a new script-based attack chain that leverages multiple PowerShell and VBScript stagers to quietly infect systems. The later-stage scripts allow the attackers to monitor clipboard, keystroke and other session activity, Securonix reported.
