Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP, and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
1. SIEM Platform Enhancements: LogRhythm has unveiled advanced capabilities for its cloud-native SIEM Platform, LogRhythm Axon. The latest innovations to Axon facilitate dashboard and search import/export to community repositories, bridging the communication gap. LogRhythm has also introduced key features to streamline auditing for compliance standards and enable greater efficiency with security analytics mapped to MITRE ATT&CK use cases, the company said.
2. Ransomware Forensics Partnership: Vendetta Cyber Defense (VCD), a digital forensics and incident response firm, has formed a strategic design partnership with Sleuth Kit Labs. This move aims to enhance VCD's digital forensics capabilities to investigate and resolve ransomware, business email compromise and other forms of cyberattacks, VCD said. Sleuth Kit Labs enables front-line cyber investigators with software, training and services.
3. Industry Recognition: Breach Secure Now, a cybersecurity training provider, has been acknowledged as a training leader. The recognition comes in the wake of an announcement on LinkedIn by Kevin Lancaster, CEO of Navistack, praising Breach Secure Now for its outstanding contributions to cybersecurity education. In a recent LinkedIn post, Lancaster highlighted the exceptional training capabilities of Breach Secure Now, particularly in the context of MSPs and technology professionals.
4. Leadership Move: Blumira, a security and operations platform provider, announced that tech industry veteran Haiyang Li has joined the company as its vice president of engineering. Li held senior leadership roles at prominent technology companies, including Mavrck, Neural Galaxy, Barracuda Networks, Intronis and Salary.com.
5. Data Incident Update: AT&T has determined that data-specific fields were contained in a data set released on the dark web approximately two weeks ago. It is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed, AT&T said.
6. Vulnerability Alert: The Cybersecurity & Infrastructure Security Agency (CISA) and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems, CISA said.
7. Congress Bans Copilot: The U.S. House of Representatives has set a strict ban on congressional staffers' use of Microsoft's Copilot generative AI assistant, Axios reported. "The Microsoft Copilot application has been deemed by the Office of Cybersecurity to be a risk to users due to the threat of leaking House data to non-House approved cloud services," the House's Chief Administrative Officer Catherine Szpindor said, according to Axios. (Source: Reuters)
8. Hacker Alert: Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. HUMAN's Satori Threat Intelligence team said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge. The operation has been codenamed PROXYLIB by the company. The 29 apps in question have since been removed by Google. (Source: The Hacker News)
9. Ransomware Incident Reported: Florida Memorial University (FMU), South Florida’s only historically Black college, has reportedly fallen victim to a cybersecurity breach by the INC Ransom ransomware group. The specifics of the data compromised remain uncertain, and the university has yet to issue a formal statement regarding the breach. (Source: Miami Times)
