Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world. Today's market news also covers Pax8, Cynomi, SandboxAQ, CrowdStrike, Zscaler, Tenable, Infosec Institute, Right-Hand Cybersecurity, Varonis, Orca Security, the U.S. FBI and CISA.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP Alert Market News:
1. LevelBlue Delivers Threat Detection for U.S. Government Entities: LevelBlue has brought to market LevelBlue Managed Threat Detection and Response (MTDR) for Government. This 24/7 service is designed to protect highly sensitive data or data that is subject to increased, evolving government regulations and requirements. Intended for U.S. federal, state, and local governments (or companies doing business with such entities), LevelBlue MTDR for Government helps mitigate risk and improve resiliency with threat detection and response built on the company’s FedRAMP-authorized open XDR platform, the company said.
2. Pax8 Introduces Cynomi’s Virtual CISO Solution: Pax8, a cloud commerce marketplace, has announced the availability of Cynomi's AI-powered Virtual CISO (vCISO) platform designed to address the cybersecurity needs of small and medium-sized businesses (SMBs) in EMEA and North America. This strategic partnership provides MSPs access to cybersecurity tools, enhancing their ability to protect clients in an increasingly complex digital landscape, the company said.
3. SandboxAQ Appoints Chief Operating Officer: SandboxAQ today has named Andrew McLaughlin as its first chief operating officer. McLaughlin will be responsible for scaling SandboxAQ's AI and quantum business units. SandboxAQ focuses on Large Quantitative Models (LQMs), which drive SandboxAQ's platforms in sectors such as biopharma, chemicals, medical devices and aerospace. Prior to SandboxAQ, McLaughlin served as the founding vice president and chief policy officer of the Internet Corporation for Assigned Names and Numbers (ICANN), the first head of Global Public Policy at Google, and Deputy Chief Technology Officer of the United States.
4. CrowdStrike Financial Services, Announces Partnership with Zscaler: CrowdStrike has launched CrowdStrike Financial Services, a wholly-owned subsidiary of CrowdStrike, providing tailored financing solutions for the AI-native CrowdStrike Falcon cybersecurity platform. Through this new offering, customers benefit from accelerated platform consolidation with streamlined access to the technology they need to stop breaches. In addition, Zscaler has debuted a new set of AI and zero trust integrations with the CrowdStrike Falcon cybersecurity platform. The latest integrations with Zscaler Zero Trust Exchange Platform, Zscaler Data Fabric for Security and CrowdStrike Falcon Next-Gen SIEM modernize security operations to provide advanced threat detection, response and risk management, the companies said.
5. Tenable Enclave Security Debuts: Tenable, an exposure management company, has brought to market Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by the Tenable Security Center, Tenable Enclave Security protects IT assets and modern workloads with risk assessment and contextual insight so organizations can identify exposures before they cause damage, the company said.
6. Varonis Expands Salesforce Security Offering: Varonis Systems announced at Dreamforce 2024 new capabilities that help customers automatically identify and eliminate data security risks. Varonis has introduced four remediation features, adding to its library of automations that help ensure always-on data security across your data estate. Varonis helps customers understand their Salesforce data security posture in real time and helps ensure only the right people can access sensitive data. Varonis identifies misconfigurations, excessive permissions and suspicious activity that put data at risk, the company said.
7. Infosec Institute, Right-Hand Cybersecurity Strike Partnership: Infosec Institute, a cybersecurity education provider, has announced a strategic partnership with Right-Hand Cybersecurity, a cybersecurity company specializing in human cyber risk manage. Through this partnership, organizations will gain increased visibility into their risk profile and better reduce their human risk. By providing in-the-moment training nudges, which are triggered when a security alert is generated, teams are able to mitigate risky behavior, reduce SOC alerts and prioritize workloads, Infosec Institute said.
8. Orca Releases State of AI Security Report: Orca Security, a provider of agentless cloud security, has released its inaugural 2024 State of AI Security Report, providing insights into current AI utilization trends, how it impacts organizations’ security postures and recommendations to mitigate risk. The report shows that 56% of respondents have adopted their own AI models to build custom applications and integrations specific to their environment(s). Azure OpenAI is currently the front runner among cloud provider AI services (39%); Sckit-learn is the most used AI package (43%) and GPT-35 is the most popular AI model (79%).
9. US FBI Disrupts Chinese Hacking Group: U.S. law enforcement has disrupted a second major Chinese hacking group nicknamed "Flax Typhoon," FBI Director Christopher Wray said on Wednesday, wresting thousands of compromised devices from its grasp. Wray said Flax Typhoon was being run by a Chinese company called the Integrity Technology Group that posed as an IT firm but also "collected intelligence and performed reconnaissance for Chinese government security agencies." (Source: Reuters)
10. CISA Adds Five Known Exploited Vulnerabilities: The Cybersecurity & Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation:
- CVE-2024-27348 Apache HugeGraph-Server Improper Access Control Vulnerability
- CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
- CVE-2019-1069 Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
- CVE-2022-21445 Oracle JDeveloper Remote Code Execution Vulnerability
- CVE-2020-14644 Oracle WebLogic Server Remote Code Execution Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise, CISA said.