Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP, and cybersecurity world.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected]
Today’s MSSP Alert Market News:
1. MSSP Partnership: ESET, a global digital security company, has formed a partnership with Stellar Cyber, an Open XDR specialist, to deliver a threat detection and response solution that enables MSSPs and enterprises to protect on-premises, cloud, hybrid and IT/OT environments while focusing on cost-effectiveness and efficiency, the companies said. Once the ESET threat data is ingested and normalized, the Stellar Cyber platform uses machine learning to identify potential threats against the environment.
2. Hacking Incident Disclosed: MITRE disclosed that it experienced a breach on its Networked Experimentation, Research, and Virtualization Environment (NERVE), a collaborative network used for research, development and prototyping. MITRE said it took prompt action to contain the incident, including taking the NERVE environment offline, and quickly launched an investigation with the support of in-house and leading third-party experts. The investigation is ongoing, including to determine the scope of information that may be involved.
3. IT Security Launch: Abacus Group, an MSP provider to financial services firms with specialized cybersecurity expertise provided by Gotham Security, has unveiled a revamp of its integrated IT and security solutions and services. This strategic change is focused on helping financial services firms navigate the ever-changing cybersecurity threat landscape and align with operational due diligence and regulatory requirements, both current and pending, the company said.
4. Security Ratings Partnership: Bitsight, a cyber risk management specialist, and Moody's, a risk assessment provider, have launched Implied Cyber Threat (ICT), an offering built on Bitsight's cyber risk analytics engine and Moody's Orbis company database. ICT provides cyber risk insights and valuable market context for more than 325 million organizations worldwide, the highest coverage in the market by a factor of more than 25 times, the companies said.
5. AI Cyber Risk Product Release: Trend Micro has released AI cyber risk management capabilities across its entire flagship platform, Trend Vision One. This seamlessly integrates more than 10 industry technology categories into one offering, empowering security, cloud and IT operations teams to manage risk proactively, the company said.
6. Cyber Acquisition Closes: Risk Mitigation Consulting (RMC), a provider of risk management and industrial cybersecurity solutions for critical infrastructure, has acquired Securicon, a cybersecurity services provider based in Alexandria, Virginia. "Securicon brings RMC new capabilities and domain knowledge, including device penetration testing, deeper experience in the energy sector, full spectrum coverage of information technology and operational technology cybersecurity services, and a broader government portfolio," RMC CEO Vince Kuchar said. This is technology M&A deal number 104 that MSSP Alert and sister site ChannelE2E have covered so far in 2024. See more than 2,000 technology M&A deals for 2024, 2023, 2022, 2021, and 2020 listed here.
7. MDR Product Release: Binary Defense, a managed detection and response (MDR) and enterprise defense provider, has unveiled several updates to BDVision, the company’s real-time detection and containment managed endpoint detection and response (mEDR) solution. The updates include new deception technology, AI-based threat detection, EDR bypass detection and small business accessibility, helping both large enterprises and small and mid-size businesses (SMBs).
8. AI Cyber Defense Initiative: Google has launched the AI Cyber Defense Initiative, which offers investments, skills training and tools for businesses. Among the new services to businesses, academic institutions and researchers is $2 million worth of funding for AI research initiatives surrounding resilient large language models (LLMs), code verification and utilizing AI for cyber offense and defense. (Source: MSN.com)
9. HelloKitty Ransomware Rebrands: An operator of the HelloKitty ransomware operation announced they changed the name to HelloGookie, releasing passwords for previously leaked CD Projekt source code, Cisco network information and decryption keys from old attacks. The threat actor who made the announcement goes by the name ‘Gookee/kapuchin0’ and claims to be the original creator of the HelloKitty ransomware. The rebranding coincides with the launch of a new dark web portal for HelloGookie. (Source: Bleeping Computer)
10. Phishing Campaign Detected: Perception Point researchers recently discovered a phishing campaign targeting that exploits an open redirect vulnerability from a domain belonging to coffee company Nespresso. Attackers use compromised accounts and the redirect in order to bypass detection and steal victims’ Microsoft login credentials.