Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world. Today's market news also covers Shift5, Booz Allen Hamilton, Nord Security, Appgate, Turbo VPN, SentinelOne, Google, Microsoft, and a ransomware investigation.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP Alert Market News:
1. Checkmarx, Wiz Strengthen Partnership: Cloud security providers Checkmarx and Wiz have extended partnership to enhance the Wiz platform. This marks the first-ever integration providing static application security testing results to a cloud-native application protection platform (CNAPP) vendor, according to the companies. “We truly believe that code to cloud is a reality and not just a vision,” said Ori Bendet, vice president of Product Management at Checkmarx. “By utilizing a bi-directional integration, we close the gaps on both sides, providing the missing context for application security and development teams as well as the missing actionability for cloud and operations teams. This will revolutionize how teams approach both application and cloud security.”
2. Shift5, Booz Allen Team Up: Shift5, an observability platform provider for onboard operational technology, and Booz Allen Hamilton have formed a strategic partnership to integrate Shift5's onboard data access and observability capabilities into Booz Allen's suite of AI/ML-powered cybersecurity and predictive maintenance solutions. The integration enables clients with complete cybersecurity awareness and maintenance intelligence, from onboard fleet assets to the digital battlespace surrounding them, the companies said.
3. Dark Web Monitoring Offered: NordStellar, a threat exposure management platform developed by Nord Security, is launching a new functionality called Dark Web Monitoring. Available in Beta version, this feature allows companies to track various keywords across dark web forums, deep web search engines, illicit markets, hacking communities, Telegram channels and other sources. "Businesses will be able to look up keywords associated with the company and proactively identify risks, take action and prevent security incidents or reputational damage," said Vakaris Noreika, head of product at NordStellar.
4. Funding Round: Appgate, a secure access specialist, has completed its recapitalization process and transition to a private company. Appgate has secured additional equity financing from Magnetar, an alternative investment firm with $15 billion in assets. The company also recently released Appgate SDP 6.3, its Universal Zero Trust Network Access (ZTNA) solution, which enables network transformation by hardening an organization’s perimeter and securing its most valuable assets while reducing costs, the company said.
5. VPN Provider Expands Reach: Turbo VPN, a provider of secure VPN connections, has announced a significant expansion of its server network. The number of available server locations has increased from more than 50 to 111. This translates into a significantly increased ability for the company to deliver the powerful online protection. With the expanded VPN server network and the introduction of the "What's my IP address?" feature, Turbo VPN will help users experience the internet as safely as possible, the company said.
6. Industry Recognition: SentinelOne, an AI-powered security specialist, is among the highest-rated vendors in the Gartner Peer Insights Voice of the Customer for Endpoint Protection Platforms report. As of July 1, more than 1,600 end users provided reviews of Sentinel’s Singularity Platform in the EPP market on Gartner Peer Insights, and 95% said they would recommend the solution to prevent and protect against security threats, the company said.
7. Law Firm Investigates Ransomware Incident: Law firm Schubert Jonckheer & Kolbe LLP is investigating a data breach impacting the private information of at least 751,895 customers of Frontier Communications Parent, Inc., a Texas-based internet provider. On or after June 6, 2024, Frontier announced that a cybercrime group had gained access to its systems and downloaded its customers' private information. Two days earlier, the RansomHub extortion group apparently claimed credit for the attack and threatened to leak five gigabytes of stolen customer data on the Dark Web. The law firm is investigating a data breach impacting the private information of millions of customers who used financial services provided by Evolve Bank & Trust, an Arkansas-based fintech startup. On June 26, 2024, Evolve announced that its systems were breached in May 2024 in a ransomware attack by cybercriminal group LockBit.
8. Google Launches Bounty Program: Google has launched kvmCTF, a new vulnerability reward program (VRP) to improve the security of the Kernel-based Virtual Machine (KVM) hypervisor that comes with $250,000 bounties for full VM escape exploits. KVM, an open-source hypervisor, is a crucial component in consumer and enterprise settings, powering Android and Google Cloud platforms, Google said. An active and key KVM contributor, Google developed kvmCTF as a collaborative platform to help identify and fix vulnerabilities, bolstering this vital security layer. (Source: Bleeping Computer)
9. Hacker Alert: Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called "MerkSpy" as part of a campaign primarily targeting users in Canada, India, Poland and the U.S. "MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard Labs researcher Cara Lin said in a report published last week. The starting point of the attack chain is a Microsoft Word document that ostensibly contains a job description for a software engineer role. (Source: The Hacker News)
