Each business day MSSP Alert delivers a quick lineup of news, analysis and chatter from across the MSSP, MSP and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
1. MDR for MSPs: SonicWall is adding endpoint vendors to its managed detection and response (MDR) solution, creating a co-managed security service for new and existing MSPs who offer SonicWall Capture Client or Windows Defender. Customers should expect to see a growing number of managed security offerings that include all things managed, from firewalls to cloud security, as the SonicWall platform expands, the company said.
2. Marine Corps Security: AttackIQ, a breach and attack simulation (BAS) solutions vendor and founding research partner of MITRE Ingenuity Center for Threat-Informed Defense (CTID), has been granted a cATO (continuous authorization to operate) by the U.S. Marine Corps Recruiting Command (MCRC). Senior officials granted this approval to launch the company's BAS platform within the MCRC based on an in-depth, risk-based security assessment, the company said. AttackIQ is the first BAS platform to receive this cATO designation.
3. NIST Forms AI Group: CrowdStrike and Fortanix are founding members of the U.S. Department of Commerce’s National Institute of Standards and Technology’s (NIST) Artificial Intelligence (AI) Safety Institute Consortium (AISIC), demonstrating their commitment to the advancement and promotion of responsible AI. The AISIC will act as a collaborative platform where both public sector and private stakeholders will help shepherd standards and techniques around the broader implementation and development of trustworthy AI.
4. CISA Issues Volt Typhoon Advisory: The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA), Federal Bureau of Investigation (FBI) and key U.S. and international government agencies have published a joint Cybersecurity Advisory on malicious activity by a People’s Republic of China (PRC) state-sponsored cyber actor, known as Volt Typhoon, to compromise critical infrastructure and associated actions that should be urgently undertaken by all organizations. CISA and its U.S. Government partners have confirmed that this group of cyber actors has compromised entities across multiple critical infrastructure sectors in cyberspace, including communications, energy, transportation, and water and wastewater in the U.S. and its territories, the advisory said.
5. Cyber Trends Report Released: BlueVoyant has released the findings of its second external cyber defense trends report, which highlights the new risks organizations face from outside the traditional IT perimeters. "The biggest cybersecurity risk from the increasing use of AI tools is an escalated volume of attacks," said Ron Feler, BlueVoyant's global head of threat intelligence. "While the essentials of the attacks don't change, the increased number and diversity of attacks make defenders' jobs more challenging."
6. Manufacturing Threat Surge: Nozomi Networks Labs has released its OT & IoT Security Report, which found that network anomalies and attacks were the most prevalent threat to operational technology and Internet of Things environments. Vulnerabilities within critical manufacturing also surged 230% — a cause for concern as threat actors have far more opportunities to access networks and cause these anomalies, Nozomi said.
7. Election Year Threat Report: Tidal Cyber has released Election Cyber Interference Threats & Defenses: A Data-Driven Study, providing a comprehensive look at cyber threats to global elections in 2024 and insights on prioritizing defenses against top adversaries and election interference tactics, techniques and behaviors. The study leans on actual data and evidence to pinpoint the most notable potential hotspots for interference and offers a prioritized list of relevant guidance. The four priority adversary countries (Russia, China, Iran and North Korea) are using cyber interference for disinformation and espionage and to potentially disrupt actual electoral processes, such as voting or manipulating results, Tidal said.
8. Application Security Partnership: Invicti Security and Mend.io have announced a partnership to bring the full spectrum of application security testing and supply chain security tools to customers. This partnership pairs Invicti's DAST, IAST, and API Security domains with Mend's SAST, SCA, and Container Security solutions to give customers full code coverage and continuous security.