Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. Data Security Offering: DoControl, an automated software-as-a-service (SaaS) security company, has released its no-code SaaS security platform on the AWS Marketplace. This offering enables joint customers to better protect their business-critical assets by deploying a foundational layer of preventative data access security controls directly through the AWS Marketplace.
2. CrushFTP Vulernability Detected: During a recent penetration test, Trustwave SpiderLabs researchers discovered a weak input validation vulnerability in the CrushFTP application, which caused the deletion of all users. CrushFTP is a secure high-speed file transfer server that runs on almost any operating system. It gives the server administrator the ability to customize, monitor and control every aspect of the server’s operations. (Source: Trustwave)
3. Cyber Company Cutbacks: NCC Group announced that it plans to cut more than 125 jobs as part of an ongoing strategic review. The company, which employs about 1,800 people globally, said the layoff-, accounting for 7% of its total employee count, will largely be focused in the U.K. and North America. (Source: Reuters)
4. Ransomware Attack Reported: A ransomware attack that hit ION Trading UK could take days to fix, leaving scores of brokers unable to process derivatives trades. ION Group, the financial data firm's parent company, said in a statement on its website that the attack began on January 31. "The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing," ION Group said. (Source: Reuters)
5. Cybersecurity Research: Darktrace, in cooperation with IDC, has released a new research report entitled Building the Case for a Virtuous Cycle in Cybersecurity. The research was conducted to identify the key challenges facing cybersecurity professionals, outlining recommended solutions to bolster cyber readiness.
6. Russia-Ukraine War Impact: Nathaniel Fick, U.S. ambassador at large for cyberspace and digital policy, said this week that the Russia-Ukraine war has prompted the federal government to significantly increase its partnership with the private sector, a practice that was less common in prior years. Fick, who was confirmed in August to head the State Department’s new cyber bureau, said that over the past year he has seen a fundamental change in how the government and the private sector collaborate on cybersecurity issues. (Source: The Hill)
B. Annual In-Person MSSP and Cybersecurity Conferences
- The Official Cyber Security Summit Series (Multiple dates and locations)
- Right of Boom 2023 (February 22-24, Grapevine, Texas)
- Women in Cybersecurity (WiCyS) 2023 (March 16-18, Denver, Colorado)
- RSA Conference 2023 (April 24-27, San Francisco)