End-of-life for a software package can bring with it a host of headaches, not the least of which involves security. And if it's an open-source package, well, that's a bigger problem.
The New Stack outlines twelve open-source software packages that will be going EOL in 2025 -- and losing security support -- to give you a head start on finding alternatives and planning your migrations so you don’t put your and your customer’s data at risk.
Obviously, the list isn't exhaustive, but it's a good reminder and a great start.
Now, here's today's MSSP update. Drop me a line at
[email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. Seraphic Security Series A: Browser security startup Seraphic Security has
landed $29 million in Series A funding led by GreatPoint Ventures (GPV), with participation from the CrowdStrike Falcon Fund and existing investors Planven, Cota Capital and Storm Ventures. The funding will help Seraphic accelerate its product roadmap and increase market expansion in North America and EMEA.
2. KnowBe4 launches threat intel and analysis: KnowBe4 this week launched the
KnowBe4 Threat Labs Research and Analysis Initiative to help mitigate human-targeted cybersecurity attacks. Using expert analysis and crowdsourced intelligence
, KnowBe4 Threat Labs will discover and investigate the latest phishing techniques and develop strategies to stop them. The threat lab's first publication,
Using Genuine Business Domains and Legitimate Services to Harvest Credentials, analyzes a sophisticated phishing campaign targeting multiple organizations to harvest Microsoft credentials.
3. DirectDefense names new head of vCISO services: DirectDefense this week announced that
David Doyle has joined the company as head of vCISO services. Doyle brings over 30 years of cybersecurity and privacy experience from companies like Apple, TikTok, Hawaiian Airlines, and Kaiser Permanente. In his new role, David will lead the growth of DirectDefense’s vCISO services. Congratulations!
4. Oasis Security launches ITDR solution: Oasis Security
announced Oasis Scout this week, a threat detection and response (ITDR) solution specifically designed for non-human identities (NHIs). Oasis Scout is powered by Oasis’ proprietary AuthPrint technology and includes built-in attacker recognition. AuthPrint technology identifies patterns of malicious activity, matching them to known threat actors so security teams can detect and neutralize threats faster, with fewer false positives. Oasis also launched its NHI Threat Center, a public threat intel database that profiles attackers that go after NHIs.
5. ThreatQuotient and Ask Sage partner on government cybersecurity: Threat intelligence platform
ThreatQuotient is partnering with AI assistant Ask Sage to enhance government threat-hunting capabilities. This partnership will enable government customers to scale their defenses and leverage AI through access to multiple LLMs. Analysts and SOC teams can now train AI models on curated threat intelligence data to quickly run reports on specific threats.