Cybersecurity daily news, AI/ML, SOC, MSP, MDR, Threat Intelligence

MSSP Market News: Palo Alto Networks, IBM, AgileBlue, Arkose Labs

Credit: Adobe Stock Images

Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world.

Reaching Our Inbox: 
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]

Today’s MSSP Alert Market News:

1. AI-Powered Security Partnership: Palo Alto Networks and IBM have formed a partnership to deliver AI-powered security outcomes for customers. As part of this expanded partnership, Palo Alto Networks has will acquire IBM's QRadar SaaS assets and the companies will facilitate the migration of QRadar SaaS clients to Cortex XSIAM, a security operations center (SOC) platform with advanced AI-powered threat protection, the companies said.

2. SecOps Product Upgrade: AgileBlue has unveiled a new version of its Cerulean AI SecOps platform, introducing intelligent automation and autonomous response capabilities. This advancement fortifies their autonomous SecOps platform, empowering security teams to improve their ability to detect and respond to cyberattacks, AgileBlue said.

3. GPT Security Release: Arkose Labs, a bot management and account security specialist, has launched protection measures for GPT applications, addressing the need for proactive defenses against new attack vectors, like GPT prompt compromise and LLM platform abuse. "Generative AI intensifies cybercrime not only by enhancing traditional attacks, like scraping, but also by introducing new threats like GPT prompt compromise and LLM platform abuse," said Arkose Labs Chief Product Officer Ashish Jain. "The new protective measures we’re releasing today are battle tested and use AI to protect the AI that companies are deploying.”

4. Industry Recognition: Driven Technologies, an AI and cloud native cybersecurity solutions provider, has achieved the Cisco XDR Specialization through the Cisco Partner Program. As part of its expanded cybersecurity offerings, Driven Technologies launched its Managed Cisco XDR (extended detection and response) service. By using Driven Technologies' AI-powered managed services alongside the capabilities of the Cisco XDR platform, organizations can gain visibility into their security environment and respond to emerging threats, the company said.

5. MSP Partnership: Lookout, a data-centric cloud security company, has formed a strategic partnership with Pax8, a cloud commerce marketplace that enables managed service providers (MSPs) to acquire Lookout Mobile Endpoint Security directly from the Pax8 Marketplace. Backed by threat intelligence from the mobile dataset and research team, Lookout Mobile Endpoint Security combines visibility, research and protection to deliver endpoint detection and response (EDR) solutions for iOS, Android and ChromeOS, the company said.

6. Threat Alert: Since mid-April 2024, Microsoft Threat Intelligence has observed the threat actor Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks. Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware. The observed activity begins with impersonation through voice phishing (vishing), followed by delivery of malicious tools, including remote monitoring and management (RMM) tools like ScreenConnect and NetSupport Manager, malware like Qakbot, Cobalt Strike, and ultimately Black Basta ransomware, Microsoft said.

7. Security Partnership: VAST Data, an AI data platform company, is partnering with Superna, a specialist in data security and cyber storage solutions for on-premises, hybrid and multi-cloud environments. The integration provides VAST customers with immutable data protection, real-time suspicious behavior detection, automated cyber threat response and near-instant recovery from ransomware and other disasters, VAST Data said.

8. MDR Collaboration: NCR Atleos is partnering with DeepSeas to offer managed detection and response (MDR) and other cybersecurity services to its global client base, augmenting the end-to-end enterprise networking services offered by Atleos.

9. Study Finds Cyberattacks Underreported: VikingCloud, a "predict-to-prevent" cybersecurity and compliance company, has released new research revealing that 40% of cyber teams have not reported a cyber incident out of fear of losing their jobs. Signifying a serious underreporting of cyber breaches globally, the trend also leaves businesses at risk of being non-compliant with emerging industry regulations, as well as vulnerable to rising attacks, the company reported.

10. Length of Cyberattacks Increase: In 2023, more than one out of five cyberattacks persisted for ore than a month, the annual Kaspersky Incident Response 2023 report has revealed. The Kaspersky Incident Response 2023 report indicates that long-lasting cyberattacks that persist for more than a month constituted 21.85% of the total, increasing from 2022 by 5.55%. One notable trend observed in these attacks was the exploitation of trusted relationships as a primary vector. Compromises leveraging trusted relationships have occurred previously, but in 2023 their frequency increased, accounting for 6.78% of all attacks, Kaspersky reports.

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.