Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP Alert Market News:
1. Cyber Risk Assessment Release: Drawbridge, a provider of cybersecurity solutions to the alternative investment industry, has released its next generation cyber risk assessment service. Provided as a suite of modules, the solution combines a unique set of analytics with Drawbridge’s client service. Clients can now benchmark and score their cyber programs to prioritize risk remediation by comparing themselves to more than 1,000 other managers in real-time, the company said.
2. MSP Partner Program Expands: Forescout Technologies, a global cybersecurity company, has redesigned its channel program, Forescout Envision, for the modern cybersecurity marketplace. Forescout is activating a new service provider segment that will welcome service delivery, support, training and consulting partners. Forescout managed services partners can also attain new solution-specific specializations in network security, operational technology, cyber risk exposure, and threat detection and response, the company said.
3. Security Platform Debuts: SecurityBridge, a global provider of SAP security solutions, has brought to market its SecurityBridge Platform for SAP BTP. This platform offers security coverage for the SAP Business Technology Platform (BTP). The SecurityBridge Platform for SAP BTP provides threat detection and compliance capabilities, ensuring organizations maintain the highest security standards as they transition to and operate within cloud environments, the company said.
4. Partner Portal Expands: ColorTokens, a specialist in halting the spread of ransomware and malware, has launched its new Partner Portal under its revamped Partner Program, Win Together. Designed to foster collaboration and mutual success, the portal offers valued partners a comprehensive suite of tools and resources, elevating ColorTokens’ reach by providing partners with a one-stop-shop, the company said.
5. Leadership Move: Abstract Security, a cybersecurity company offering a platform equipped with an AI-powered assistant to centralize the management of security analytics, has appointed Stefan Zier as chief technology officer. Zier brings more than two decades of experience architecting, implementing and running large-scale distributed applications, both on-premises and in the cloud. He comes to Abstract Security most recently from Stripe and as a founding team member and chief architect of Sumo Logic.
6. FBI Offers LockBit Decryption Keys: The FBI has disclosed that it's in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. "We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov," FBI Cyber Division Assistant Director Bryan Vorndran said in a keynote address at the 2024 Boston Conference on Cyber Security (BCCS). (Source: The Hacker News)
7. Hacker Alert: Threat actors are increasingly abusing legitimate and commercially available packer software, such as BoxedApp, to evade detection and distribute malware, including remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and government industries," Check Point security researcher Jiri Vinopal said in an analysis. The volume of samples packed with BoxedApp and submitted to the Google-owned VirusTotal malware scanning platform witnessed a spike around May 2023, with the artifact submissions mainly originating from Turkey, the U.S., Germany, France and Russia. (Source: The Hacker News)
8. SC Awards Seeks Entrants: The SC Awards are renowned for identifying and celebrating the best in cybersecurity, from groundbreaking technologies to exceptional organizational achievements and individual leadership. Competition for 2024 SC Awards is spread across 34 specialty categories, many updated to reflect trends in AI, cloud security and continuous threat exposure management. Cybersecurity companies and individuals are encouraged to nominate innovators, leaders and the groundbreaking work of security teams and assert their position at the pinnacle of cybersecurity excellence.
9. Hugging Face Reports Exploit: Hugging Face, known for simplifying the process of downloading and training ML models, has detected unauthorized access to its Spaces platform, specifically related to Spaces secrets, a company blog said. As a consequence, the company's research team believe that a subset of Spaces’ secrets could have been accessed without authorization. As a first step of remediation, Hugging Faces has revoked a number of HF tokens present in those secrets. Users whose tokens have been revoked already received an email notice. Hugging Face recommends refreshing any key or token and consider switching your HF tokens to fine-grained access tokens which are the new default.
10. Security Platform Advancement: Claroty, a cyber-physical systems protection company, has brought to market The Claroty Platform. With the flexibility to be deployed in the cloud with Claroty xDome or on-premises with Claroty Continuous Threat Detection (CTD), the platform's dynamic approach to CPS protection empowers organizations to reduce cyber risks associated with increased connectivity, with the fastest time to value and lower total cost of ownership, the company said.
