Cybersecurity daily news

MSSP Market Update: Riot Security Raises $30M for Cybersecurity Training

Computer screen showing red ransomware warning message in home o

AI in cybersecurity is the hot topic everywhere you look (yes, here at MSSP Alert, too). And, according to a Google security blog, it's having some major impacts for the tech giant.

Last year, Google's investment in AI-powered threat detection, stronger privacy policies, supercharged developer tools, new industry-wide alliances, and more resulted in the prevention of 2.36 million policy-violating apps from being published on Google Play, the company said in the blog post published late last week.

Google also said it banned more than 158,000 bad developer accounts that attempted to publish harmful apps and prevented more than 1.3 million apps from getting what it termed "excessive, unnecessary access to sensitive user data."

"In 2024, we used Google’s advanced AI to improve our systems’ ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play," Google said in the blog. That's a pretty good outcome.

Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!

Today's MSSP Update

1. Riot Security raises $30M for cybersecurity training: Paris-based cybersecurity startup Riot Security has raised $30 million in Series B funding led by Left Lane Capital, bringing its valuation to $170 million, SiliconAngle reports. Riot's cybersecurity training platform simulates phishing attacks, detects data leaks, and educates employees through a chatbot named Albert. Its phishing tool uses over 400 email templates to assess employee awareness, while Albert offers security guidance and recommendations, the company said. The funds will be used to double the startup's workforce, open new international offices, advance cybersecurity training capabilities, and bolster its cybersecurity training tools. Riot reported over $10 million in annual revenue last year.

2. SentinelLabs digs into DPRK-linked FERRET macOS malware: SentinelLabs revealed new research into variants of FERRET, the DPRK-linked macOS malware. These new variants, labeled “FlexibleFerret,” currently remain undetected by Apple’s XProtect. The FERRET malware is part of the North Korean Contagious Interview campaign, in which threat actors trick targets into installing malware through the job interview process. Last week, Apple pushed a signature update to its on-device malware tool XProtect to block several variants of what it called the macOS FERRET family. Despite that, these newly uncovered variants remain undetected by XProtect.

3. VulnCheck unveils CVE research: VulnCheck this week released a new report revealing major 2024 trends in vulnerability exploitation based on its own data. VulnCheck’s 2024 Trends in Vulnerability Exploitation research found that, last year, 768 CVEs were publicly reported as exploited in the wild, up 20% year-over-year. The research also tied spikes in the volume of CVE reporting back to key industry events (like RSAC, for instance), and in 2024, 23.6% of known exploited vulnerabilities (KEVs) were known to be exploited on or before the day their CVEs were publicly disclosed. Interesting stuff!

4. Check Point's new MSSP chief: In a post on LinkedIn last week, Jessica Reece noted that she was now heading up the security vendor's MSSP program as head of MSSP, Americas. Congratulations!

5. FusionAuth launches partner program with AWS, Google: CIAM solutions firm FusionAuth announced the launch of a partner program to address growing demand for authentication with a hybrid deployment model. The program features AWS and Google, among other partners. The program is essentially a network of hyperscalers, systems integrators (SIs), and technology providers that can help with hosting compatibility, implementation, ongoing maintenance, or cost optimization when businesses need to integrate authentication solutions in their hybrid deployments.

Sharon Florentine

Sharon manages day-to-day content on ChannelE2E and serves as senior managing editor for CyberRisk Alliance’s Channel Brands. She also covers enterprise-class technology companies, strategic alliances and channel partner strategies. Sharon is a veteran tech journalist and editor with more than 25 years experience in the industry, and has previously held key editorial, content and leadership positions at Techstrong Group, CIO.com, Ziff Davis Enterprise and CRN.

You can skip this ad in 5 seconds