Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Industry Recognition: Techfino has been named as one of the world’s premier managed service providers (MSPs) in the 2023 Channel Futures MSP 501 rankings for the second consecutive year. The Channel Futures MSP 501 survey examines organizational performance based on annual sales, recurring revenue, profit margins, revenue mix, growth, innovation and supported technologies.
2. Cybersecurity Partnership: ESET and D&H Distributing have announced a new partnership, expanding ESET's service to the value-added and reseller community segments. D&H Canada has been selected to provide Canadian channel partners with access to ESET's business solutions to meet growing demand across various industry sectors.
3. Product Launch: BIO-key International, a provider of workforce and customer identity and access management (IAM) solutions featuring identity-bound biometrics, announced a significant update to the admin panel of its PortalGuard IDaaS (identity-as-a-service), a unified IAM platform that provides solutions to a range of use cases and business initiatives. This update provides enhanced support for MSPs and MSSPs to enhance their authentication and operational efficiency, enabling the best service possible for their customers.
4. Malware Alert: Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It primarily targets Windows systems and aims to gather sensitive information from infected machines." The cybersecurity company, which spotted the campaign in May 2023, said the attacks take advantage of CVE-2021-40444 and CVE-2022-30190 (aka Follina) to achieve code execution. (Source: The Hacker News)
5. Hacker Alert: Cyberattacks using infected USB infection drives as an initial access vector have experience a three-fold increase in the first half of 2023. That's according to new findings from Mandiant, which detailed two such campaigns, SOGU and SNOWYDRIVE, targeting both public and private sector entities across the world. SOGU is the "most prevalent USB-based cyber espionage attack using USB flash drives and one of the most aggressive cyber espionage campaigns targeting both public and private sector organizations globally across industry verticals," the Google-owned threat intelligence firm said.
6. Cybersecurity Partnership: Guardsquare, a mobile application security provider, has announced a strategic partnership with Redbelt Security, a consultancy firm specializing in information and cybersecurity. The partnership enables Redbelt to expand its solution offerings as a reseller with Guardsquare's multi-platform mobile app security products.
Annual In-Person MSSP and Cybersecurity Conferences
- The Official Cyber Security Summit Series (Multiple dates and locations)
- 2023 International Cybersecurity Championship and Conference (IC3) (July 31-August 4, 2023, San Diego, California)
- Black Hat (August 5-10, Las Vegas, Nevada)
- Infosec World (September 25-27, Lake Buena Vista, Florida)