Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
1. XDR Solution Debuts: USX Cyber has launched GUARDIENT, an extended detection and response (XDR) platform designed for businesses and MSPs. USX Cyber's GUARDIENT XDR platform provides a unified single pane of glass approach to cybersecurity, integrating numerous security tools into one manageable interface, eliminating the need for multiple cyber tools. This solution allows for advanced threat detection, automated response capabilities and streamlined compliance management, the company said.
2. EDR Enhancements Delivered: Huntress announced that its managed endpoint detection and response (EDR) product now includes active remediation and macOS coverage. With the addition of active remediation, security administrators can pre-authorize Huntress to take action on their behalf with zero manual review and approval. This added convenience promises to speed up the remediation process and lighten the workloads of IT and security teams, the company said.
3. Cybersecurity Trends Report Released: Arctic Wolf has published findings from its annual State of Cybersecurity: 2024 Trends Report. The report shows that 70% of organizations were the targets of attempted business email compromise (BEC) attacks in the last year, with 29% of these targets becoming victims of one or more successful occurrences. Also, 45% of respondents claim their organization suffered a ransomware attack in the last 12 months, with 86% of those attacks including successful data exfiltration.
4. Funding Round: Averlon, a cloud security company, has emerged from stealth mode with an $8 million seed funding round aimed at transforming how organizations stay ahead of emerging cyber threats. This latest investment, which brings the company’s total funding to $10.5 million, is led by Voyager Capital with participation from Salesforce Ventures and Outpost Ventures, along with several prominent CISOs and industry leaders, the company said.
5. State of Cybersecurity Report Issued: Ivanti has released the results of its 2024 State of Cybersecurity Report. Although the goals and challenges of IT and security professionals intersect, 72% report security data and IT data are siloed in their organization, which contributes to corporate misalignment and elevated security risk, Ivanti reports. Also, 63% report that siloed data slows down security response times, 54% report that siloed data weakens their organization's security posture and 41% struggle to collaboratively manage cybersecurity.
6. U.S. Cyber Summit Held: This week, White House National Cyber Director Harry Coker, Jr. joined Frank Cilluffo, director of the McCrary Institute for Cyber & Critical Infrastructure Security, to discuss progress made and work to come implementing the President Biden's National Cybersecurity Strategy. The recently-released second implementation plan covers 100 high-impact actions, coordinated across federal agencies, with clear timelines and responsible agencies to ensure the plan's objectives.
7. Data Theft Reported: U.S. drug distributor Cencora has notified affected individuals that their personal and highly sensitive medical information was stolen during a cyberattack and data breach earlier this year. In February, the company disclosed a cybersecurity incident in which data, some of which may have contained personal information, was stolen from its information systems. (Source: Reuters)
8. Google Release Security Update: Google has released a new emergency security update to address the eighth zero-day vulnerability in Chrome browser confirmed to be actively exploited in the wild. The security issue was discovered internally by Google's Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity "type confusion" in V8, Chrome's JavaScript engine responsible for executing JS code, according to the alert. (Source: Bleeping Computer)
9. Malware Alert: Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. The listed website are:
- avast-securedownload[.]com, which is used to deliver the SpyNote trojan in the form of an Android package file ("Avast.apk") that, once installed, requests for intrusive permissions to read SMS messages and call logs, install and delete apps, take screenshot, track location, and even mine cryptocurrency
- bitdefender-app[.]com, which is used to deliver a ZIP archive file ("setup-win-x86-x64.exe.zip") that deploys the Lumma information stealer malware
- malwarebytes[.]pro, which is used to deliver a RAR archive file ("MBSetup.rar") that deploys the StealC information stealer malware
(Source: The Hacker News)
