AI in cybersecurity is the hot topic everywhere you look (yes, here at MSSP Alert, too). And, according to
a Google security blog, it's having some major impacts for the tech giant.
Last year, Google's investment in AI-powered threat detection, stronger privacy policies, supercharged developer tools, new industry-wide alliances, and more resulted in the prevention of 2.36 million policy-violating apps from being published on Google Play, the company said in the blog post published late last week.
Google also said it banned more than 158,000 bad developer accounts that attempted to publish harmful apps and prevented more than 1.3 million apps from getting what it termed "excessive, unnecessary access to sensitive user data."
"In 2024, we used Google’s advanced AI to improve our systems’ ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play," Google said in the blog. That's a pretty good outcome.
Now, here's today's MSSP update. Drop me a line at
[email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. Riot Security raises $30M for cybersecurity training: Paris-based cybersecurity startup Riot Security has raised $30 million in Series B funding led by Left Lane Capital, bringing its valuation to $170 million,
SiliconAngle reports. Riot's cybersecurity training platform simulates
phishing attacks, detects data leaks, and educates employees through a chatbot named Albert. Its phishing tool uses over 400 email templates to assess employee awareness, while Albert offers security guidance and recommendations, the company said. The funds will be used to double the startup's workforce, open new international offices, advance cybersecurity training capabilities, and bolster its cybersecurity training tools. Riot reported over $10 million in annual revenue last year.
2. SentinelLabs digs into DPRK-linked FERRET macOS malware: SentinelLabs
revealed new research into variants of FERRET, the DPRK-linked macOS malware. These new variants, labeled “FlexibleFerret,” currently remain undetected by Apple’s XProtect. The FERRET malware is part of the North Korean
Contagious Interview campaign, in which threat actors trick targets into installing malware through the job interview process. Last week, Apple pushed a signature update to its on-device malware tool
XProtect to block several variants of what it called the macOS FERRET family. Despite that, these newly uncovered variants remain undetected by XProtect.
3. VulnCheck unveils CVE research: VulnCheck this week released a new report revealing major 2024 trends in vulnerability exploitation based on its own data. VulnCheck’s 2024 Trends in Vulnerability Exploitation research found that, last year, 768 CVEs were publicly reported as exploited in the wild, up 20% year-over-year. The research also tied spikes in the volume of CVE reporting back to key industry events (like RSAC, for instance), and in 2024, 23.6% of known exploited vulnerabilities (KEVs) were known to be exploited on or before the day their CVEs were publicly disclosed. Interesting stuff!
4. Check Point's new MSSP chief: In a post on LinkedIn last week, Jessica Reece noted that she was now heading up the security vendor's MSSP program as head of MSSP, Americas. Congratulations!
5. FusionAuth launches partner program with AWS, Google: CIAM solutions firm FusionAuth announced the launch of a partner program to address
growing demand for authentication with a hybrid deployment model. The program features AWS and Google, among other partners. The program is essentially a network of hyperscalers, systems integrators (SIs), and technology providers that can help with hosting compatibility, implementation, ongoing maintenance, or cost optimization when businesses need to integrate authentication solutions in their hybrid deployments.