Cybersecurity daily news, Breach, Data Security, XDR, SOAR, Privileged access management, Compliance Management

MSSP Market News: Snowflake Data Breach, Microsoft Recalls Feature

Cyber incident alert

Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world.

Reaching Our Inbox: 
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

Today’s MSSP Alert Market News:

1. Snowflake Data Breach’s Implications, and How to Protect Customers  - In what Wired magazine is now calling one of the largest data breaches ever, customers of AI and data analytics firm Snowflake are being targeted for attacks using stolen credentials according to a new report from Mandiant. Mandiant said Snowflake customers should implement two-factor authentication on their instances, noting that all of the breaches it observed were customers who had not enabled the feature. Because Snowflake’s business is all about working with the data of its customers, this breach could have far and wide ramifications.

2. Microsoft Recalls Part of Recall - Microsoft’s upcoming AI-powered Windows Recall feature, which takes screenshots of users’ active screen every few seconds, will undergo some changes following backlash from security experts. Microsoft announced in a blog post on Friday that Recall would no longer be activated by default, requiring users to opt-in to use the feature. Additionally, users will need to complete the Windows Hello biometric enrollment process to enable Recall, lowering the chance that a hacker could enable it on the machine of a user who had opted out.

3. Cylance Data Breach - Cylance is responding to reports of a data breach. The company says that samples of the data posted to the dark web appear to be old marketing data used by Blackberry Cylance. The company told BleepingComputer that no Blackberry data and systems related to customers, products and operations have been compromised.

4. New XDR/XSOAR Integration - OpenXDR provider Stellar Cyber is creating a new integration with Palo Alto Networks Cortex XSOAR, a security orchestration and response platform, to streamline the cyber investigation workflow process from end to end. This integration is expected to help security teams decrease mean-time-to-detection (MTTD) and mean-time-to-response (MTTR), two critical metrics most security team leaders track.

5. Cyberactivity Tied to China, Russia, on the Rise - XDR provider Trellix’s new CyberThreat Report: June 2024 details increasing cyber activity tied to China- and Russia-linked threat actors, the emergence of U.S. election donation-themed phishing scams, an atypical ransomware ecosystem and the growing use of hard to detect threat actor tools designed to circumvent the endpoint detection and response (EDR) protection technologies used by organizations around the world.

6. Leveraging DBIR Data For Risk Assessments - HALOCK Security Labs has found a way to practically apply Verizon’s raw data for risk assessments and has been recognized for its contribution to the 2024 Verizon Data Breach Investigations Report (DBIR). HALOCK's HIT Index (HALOCK Industry Threat Index) uses Verizon's crowd-sourced dataset known as the VERIS Community Database (VCDB) which contains over 10,000 breach records with more than 2,500 columns detailing the characteristics of each attack. The HIT Index is a detailed analysis of the VCBD data against a set of cybersecurity safeguards. It states that the more commonly a threat appears in incident records, the more likely it would be the cause of an eventual incident. A version of the HIT Index methodology was donated to the Center for Internet Security (CIS) and incorporated into the CIS Risk Assessment Method (CIS RAM 2.1) which is provided free to the cybersecurity community.

7. Privileged Access Management Market Growth Ahead - Market analyst firm Technavio says the Privileged Access Management Solutions market size is poised to grow by 34.08% between 2024 and 2028 – an increase of $10.71 billion. The need for multi-factor authentication (MFA) for privileged accounts is driving market growth, with a trend towards increased adoption of the BYOD (bring your own device) concept. However, system integration and interoperability issues pose a challenge.

8. Compliance-as-a-Service Platform Updated - Compliance Scorecard, a Governance-as-a-Service solutions provider created by MSPs for MSPs, has unveiled the latest version of its Compliance-as-a Service (CaaS) platform. The updated platform now includes advanced risk management tools, improved asset management capabilities, and new compliance reporting methods designed to help MSPs strengthen their cybersecurity service offerings and unlock new revenue opportunities. Compliance Scorecard will be demonstrating the enhanced features as a Silver Sponsor at  Pax8 Beyond this week.

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.