Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP, and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
Call Out to All MSSPs and MSPs Providing Election Security During 2024: Election security is paramount to free and fair elections, and MSSP Alert endeavors to cover this important subject. So, if you are an MSSP, MSP or cybersecurity provider involved with election security at a client level or offer a specific service — or know of a company providing such services — we would like to hear from you. We hope to interview your experts about the importance of election security and delve into your tools, services and people who are helping protect elections from cyberattacks and the electorate from misinformation, be it at a local, county, state or federal level, no matter the country. We understand that there may be certain sensitive information involved, so know that we will respect those matters. Please contact MSSP Alert Managing Editor Jim Masters. Thank you for helping us cover this important subject for our readership!
1. Security Partnership: Trellix, an extended detection and response (XDR) specialist, has unveiled a new data loss prevention (DLP) feature with Google Chrome Enterprise, enabling secure browsing protection against insider threats by identifying and preventing data leaks. Trellix DLP for Chrome Enterprise will be available within the Chrome Enterprise Recommended program as an integrated API, the company said.
2. Cloud Security Collaboration: Mission Cloud, a US-based Amazon Web Services (AWS) Premier Tier Services Partner with a focus on cloud and AI, has announced a strategic partnership with CrowdStrike to stop cloud breaches and secure global customers building their businesses on AWS. The partnership also provides customers with access to CrowdStrike Falcon Complete Cloud Detection and Response (CDR) services, delivering 24/7 protection against cloud attacks, the company said.
3. Phishing Group Takedown: Group-IB, a cybersecurity company aimed at investigating, preventing and fight digital crime, reports that it participated in a coordinated global takedown operation against prominent Canadian phishing-as-a-service (PhaaS) provider LabHost, which has led to the arrest of 37 suspects across the United Kingdom and around the world. Group-IB also conducted an extensive analysis of LabHost's criminal history and infrastructure, including insights into LabHost's administrative platform and the services it provides to its purported user base who illegally obtained around 480,000 card numbers, 64,000 pin numbers, and over 1 million passwords from victims.
4. Zero Trust Platform Release: Illumio, a zero trust segmentation company, has debuted several new AI and automation features to its ZTS Platform, including auto-labeling, making it easier and faster for organizations to secure hybrid environments and simplify their journey to zero trust. The new AI-powered labeling engine provides customers with instant visibility of assets in data center and cloud environments and speeds up the adoption of ZTS, the company said.
5. Funding Round: VulnCheck, an exploit intelligence specialist, has closed its $7.95 million seed funding round, with a total of $4.75 million in new funding. The latest investment includes participation from Sorenson Capital. The news comes shortly after VulnCheck was named a finalist for the RSA Conference 2024 Innovation Sandbox contest, the company said.
6. Cybersecurity Center Opens: Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security has been awarded a $10 million Department of Energy grant in partnership with Oak Ridge National Laboratory (ORNL) to create a pilot regional cybersecurity research and operations center to protect the electric power grid against cyberattacks. The Southeast Region Cybersecurity Collaboration Center (SERC3) will bring together experts from the private sector, academia and government to share information and generate solutions to protect the nation's power grid and other key sectors. It will include a mock utility command center to train participants in real-time cyber defense.
7. Cyber Defense Report Released: CyberEdge Group, a research and marketing firm serving the cybersecurity vendors, has released its 2024 Cyberthreat Defense Report (CDR). For the first time in five years, the percentage of organizations victimized by ransomware declined (from 73% to 64%) and the percentage of victims that paid ransoms fell below 50%. However, only 57% of victims that paid ransoms successfully recovered their data, down from 73%, the study said.
8. Hacker Alert: Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting "for just the right moment to deal a devastating blow," FBI Director Christopher Wray said on Thursday. The Volt Typhoon Chinese hacking campaign has gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University. (Source: Reuters)
9. Funding Round: NightVision, an application security innovator, has secured a $5.4 million seed fund investment from entrepreneurs and executives across cybersecurity, industrial, consumer and financial services sectors. NightVision offers a security testing approach designed to empower developers with comprehensive vulnerability testing throughout the entire software development lifecycle, the company said.
10. IoT Security Release: GuidePoint Security has brought to market its IoT Security Assessment. Organizations that leverage GuidePoint’s targeted IoT Security Assessment can ultimately identify and fix vulnerabilities, fortify their defenses, inspire confidence in their customers and prevent unwanted access to their IoT ecosystem, the company said.