MSSP Market Update: Fenix24 Acquires vArmour for Cyber Resilience

Keeper Security has released its latest Insight Report, "Navigating a Hybrid Authentication Landscape," which explores organizations' evolving strategies to secure sensitive data and identities.

The report has some interesting findings, including the increasing adoption of Passkeys. In fact, according to the report, 80% of organizations are using or planning to adopt passkeys, as they offer a significant reduction in risks like phishing and credential stuffing compared to traditional passwords.

Despite that growing traction, 40% of businesses continue to rely on hybrid authentication systems that blend both passwords and passkeys. These hybrid setups are often necessary due to the prevalence of legacy systems and specialized applications that have yet to support passkeys.

But managing both passwords and passkeys presents a significant challenge for 57% of IT leaders, according to the report, such as concerns over user confusion, integration difficulties and training demands in managing hybrid systems.

Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!

Today's MSSP Update

1. Fenix24 Acquires vArmour: Cyber disaster recovery firm Fenix24 has announced the acquisition of vArmour, an Application Relationship Management software provider. This acquisition will enhance Fenix24's newest resilience and incident response battalion, Argos99. Fenix24 is part of Conversant Group, which has three incident response battalions: Athena7  for IT security assessments, strategy and planning, Grypho5  for ongoing, security-based management and Argos99 for expert insights into data, assets and infrastructure.

2. Commvault integration with CrowdStrike: Commvault today introduced a new integration with the CrowdStrike Falcon cybersecurity platform. The collaboration will bring CrowdStrike’s security data threat intelligence within the Commvault Cloud for threat detection and fast data recovery for joint customers.

3. Quest Software names new CEO: Data protection and security software firm Quest announced Tim Page as its new CEO today. With over three decades of experience in the technology and software industries, Page will help drive the company's growth by accelerating product innovation, supporting the development of AI capabilities, and revitalizing go-to-market strategy. Congratulations!

4. Andariel group RID attacks: North Korean state-sponsored threat group Andariel is tricking Windows systems into seeing admin permissions in low-privileged accounts as part of a Relative Identifier takeover attack that involved the use of a custom malicious file and an open source tool, according to BleepingComputer. Andariel is associated with the Lazarus Group, and uses a vulnerability and the privilege escalation tools PsExec and JuicyPotato to gain SYSTEM access on targeted devices.

5. Meta Llama issues risk RCE attacks: Artificial intelligence systems could be targeted with remote code execution intrusions through the exploitation of the now-addressed high-severity Meta Llama large language model framework vulnerability, tracked as CVE-2024-50050, The Hacker News reports. The critical flaw impacts the Llama Stack component, particularly in the implementation of the reference Python Inference API, which automates Python object deserialization through the risky pickle format, according to an analysis from Oligo Security.