Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
Here’s the daily business update for Thursday, August 15, 2019.
A. Today’s MSSP Alerts
1. Microsoft Windows Vulnerabilities, Patches: Find the latest Microsoft Windows patches and a related August 14 alert here.
2. Vertical Market Cyber Services: Chalice Financial Network, an IT service provider for financial advisors and wealth management advisors across the United States, has launched a Cyber Security Protection Package for its members.
3. (No) Voice Privacy: Microsoft has been collecting voice data of its users with the help of employees and contractors, according to an updated privacy policy from the software giant. The company collects voice data to provide voice-enabled services for Skype and Cortana and sometimes uses vendors to assist in improving these services, Reuters reports. The disclosure raises fresh concerns that Microsoft, Facebook, Amazon and others can potentially spy on user conversations.
4. Research - Cybercrime Syndicates: Cybercrime campaigns and high-profile advanced persistent threat groups are shifting how they target victims and focusing more on intricate relationships with “secure syndicate” partnerships to disguise activity, according to Accenture's 2019 Cyber Threatscape Report.
5. Huawei Spying Allegations: Huawei technicians have helped African governments spy on political opponents, a Wall Street Journal report alleges. Huawei denied the allegations.
6. Ransomeware - Hospital Hacked, Infected: Hackers infected Washington-based Grays Harbor Community Hospital and Harbor Medical Group with ransomware and demanded a payment of $1 million to unlock patient files, according to a report from the Daily World and follow-up from Health IT Security.
7. Capital One Hacker Allegedly Hit 30 Companies: U.S. federal prosecutors are investigating whether the alleged Capital One hacker, Paige Thompson, also stole data from more than 30 other companies and organizations, according to a new court filing, PC Magazine reports.
8. Biometric Data Leak: The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defense contractors and banks, The Guardian reports.
9. Credit Monitoring Glitch: Credit Karma suffered an application glitch that exposed users to other people's account information, Tech Crunch reports...
B. MSSP Partner Programs and Strategic Alliances
1. Cisco Security Technology Alliance: Cisco Systems has added 15 industry partners with 20 new product integrations to the Cisco Security Technology Alliance (CSTA)–Cisco’s security development, integration and certification framework, the company says.
2. Automated Security Monitoring and Response: Deloitte's cyber practice and Splunk are providing automated security monitoring and response capabilities to help drive greater consistency and higher fidelity into security workflows and outputs for organizations worldwide.
3. Security Awareness Training - Insurance Vertical: CNA, one of the largest commercial property and casualty insurance companies in the United States, has embraced Cofense as part of CNA CyberPrep -- one piece of CNA’s suite of cyber liability insurance products. The CNA services are designed to help companies take a holistic approach to cyber threats, the company says.
4. Distribution - Managed Detection and Response (MDR): Synnex has agreed to distribute CriticalStart, a Top 100 MSSP with MDR services, to its U.S. channel partners.
5. All Partner Programs: Search the comprehensive ChannelE2E Partner Program Database here. Also, submit your company information here and your partner program can be listed in the database.
C. Next Five Technology Conferences
- EnergySec Security and Compliance Summit 2019 (August 19-21, Anaheim, California)
- GSX 2019: Global Security Exchange Conference (September 8-12, Chicago, Illinois)
- MSSP Accelerator – Sales and Marketing Summit (September 10-11, Cedar Rapids, Iowa)
- CISA Cybersecurity Summit 2019 (September 18-20, National Harbor, Maryland)
- Exabeam Spotlight19 (September 30-October 2, San Francisco)
- Bonus: The complete MSSP Alert calendar
Email me your news, rumors and tips for potential coverage here on MSSP Alert.