Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world. Today's market news also covers Expel, modePush, Darkscope, Nozomi Networks, Schweitzer Engineering Laboratories, Nozomi Networks, GuidePoint Security, Coalfire, Orca Security and Sophos.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP Alert Market News:
1. Intezer, CarbonHelix Form SOC Partnership: CarbonHelix, a security services provider, has formed a strategic partnership with Intezer, a specialist in AI-driven SOC automation. This collaboration integrates CarbonHelix's 24x7 security operations center (SOC) team with Intezer's autonomous SOC platform. "The security industry has a talent shortage, and the autonomous SOC platform enables skilled analysts to focus on the real threats," said Itai Tevet, CEO and co-founder of Intezer.
2. Expel, modePush Announce MDR Collaboration: Expel, a managed detection and response (MDR) provider, and modePUSH, a cybersecurity incident response firm, have announced a strategic partnership that combines their cybersecurity capabilities to deliver increased and complementary threat protection capabilities to modePUSH clients. This collaboration provides new modePUSH clients with Expel’s MDR solutions, offering comprehensive support from the onset of their incident response engagement with the firm, the companies said.
3. Darkscope Launches MSSP Partner Program: Darkscope has launched a channel program for MSSPs to distribute its AI-powered portfolio of cyber threat intelligence solutions. Following successful pilot deployments with MSSPs in the U.K. and Germany, Darkscope will initially seek to build partner relationships across EMEA, North America and APAC.
4. Nozomi Networks, Schweitzer Protect Critical Infrastructure: Nozomi Networks, a specialist in operational technology and IoT security, and Schweitzer Engineering Laboratories (SEL), an electric power system protection and control provider, have formalized their partnership by establishing a reseller agreement and certification of expertise for Nozomi Networks' software. Customers worldwide can now easily deploy the continuous monitoring solution to their industrial networks by leveraging the experience and support of SEL Cyber Services, the companies said.
5. Malwarebyes Releases Ransomware Report: Malwarebytes, a specialist in real-time cyber protection, has released its "ThreatDown 2024 State of Ransomware" report. The report reveals an alarming increase in ransomware attacks over the past year, alongside significant shifts in the tactics and strategies employed by cybercriminals that underscore the necessity for organizations to implement around-the-clock monitoring and investigation of suspicious behaviors. Key findings of the report include:
- The U.S. experienced a dramatic 63% increase in ransomware attacks, with the U.K. seeing an even greater rise of 67%.
- The share of attacks carried out by gangs outside the top 15 increased from 25% to 31%, indicating that ransomware is becoming more accessible to a broader range of cybercriminals.
- The U.S. accounts for 48% of all ransomware attacks worldwide but suffers 60% of the world's attacks on education and 71% of attacks on healthcare.
- The manufacturing sector saw a staggering 71% year-on-year increase in ransomware attacks, highlighting the need for robust cybersecurity measures in this rapidly digitizing industry.
6. GuidePoint Security Releases Phishing as a Service: GuidePoint Security, a cybersecurity solutions provider, has launched its new Phishing as a Service (PhaaS) offering. By putting phishing simulation tools into the hands of experienced attack simulation operators, GuidePoint Security’s Phishing as a Service helps organizations maximize the value of their security investment and bolster their cybersecurity posture, the company said.
7. Coalfire, Orca Defend the Cloud: Orca Security, a specialist in agentless cloud security, and Coalfire, a cybersecurity solutions provider, have announced a new partnership to empower more organizations to strengthen the security postures of their cloud estates. Under the agreement, the Orca Cloud Security Platform becomes a tool of choice for conducting cloud risk assessments. The Orca Security Platform provides Coalfire experts with the most comprehensive and accurate insights on misconfigurations, vulnerabilities, malware, overprivileged identities, unsecured sensitive data, API exposure, suspicious activity and AI risks within customer cloud operations, the company said.
8. Malware Alert: RansomHub ransomware operators are now deploying new malware to disable endpoint detection and response (EDR) security software in bring your own vulnerable driver (BYOVD) attacks. Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security solutions, and take control of the system. This technique is very popular among various threat actors, ranging from financially motivated ransomware gangs to state-backed hacking groups. (Source: Bleeping Computer)
