Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world. Today's market news also covers Pluralsight, Legit Security, ISC2, ReasonLabs, Darktrace, Jamf, PlaxidityX, Abnormal Security and Reliaquest.
Reaching Our Inbox:
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP Alert Market News:
1. Trustifi Enhances Data Security for MSPs: Trustifi, an email cybersecurity solutions provider, has created a new set of automated rule-setting options for its software suite. These one-click tools allow MSPs and IT administrators to automatically implement the most commonly used set of data loss prevention rules for several industries, including healthcare, financial services and education markets plus a more general setting that’s applicable to a range of global businesses, the company said. Trustifi’s pre-configured rules can be customized and modified as needed to meet the individual needs of any client, as this new update allows for a one-click setting in addition.
2. Pluralsight Research Finds Concern About Threats From AI: Pluralsight, a technology workforce development company, has released results from a survey that polled more than 200 technologists about cybersecurity and AI. The findings show that 56% of security professionals are concerned about AI-powered threats. Additionally, the survey explores the top cybersecurity skills in today's tech landscape and emerging cybersecurity roles. The AI Skills Report found that only 40% of organizations have formal structured training and instruction for AI, and 74% of IT professionals worry that AI tools will replace their roles.
3. Legit Security Release AppSec Report: Legit Security, an application security posture management (ASPM) provider, and TechTarget's Enterprise Strategy Group (ESG), an IT analyst, research and strategy firm, have published a new report, "Modernizing Application Security to Scale for Cloud-native Development." The report found that application teams face a number of challenges, such as keeping up with the speed and volume of releases and prioritizing remediation. These challenges highlight the importance of a modernized approach and alignment with development and DevOps teams for improved collaboration, Legit Security reports.
4. ISC2 Announces Conference Agenda: ISC2, a nonprofit member organization for cybersecurity professionals, has announced the full agenda for its 2024 ISC2 Security Congress, taking place October 14-16 in Las Vegas. The three-day event features four keynote speakers, including more than 100 speakers and educational sessions featuring the latest cybersecurity industry developments, key practices and disciplines where cyber professionals report the strongest need for upskilling, ISC2 said.
5. Malware Attacks Chrome, Edge: A widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands," the ReasonLabs research team said in an analysis. (Source: The Hacker News)
6. Darktrace Releases Threat Report: Darktrace, a cybersecurity AI specialist, has today released its "First 6: Half-Year Threat Report 2024," identifying key threats and attack methods facing businesses across the first half of 2024. These insights shed light on the persistent nature of cyber threats and new techniques adopted by attackers attempting to sidestep traditional defenses.
The most common threats Darktrace observed from January to June 2024 were:
- Information-stealing malware (29% of early triaged investigations)
- Trojans (15% of investigated threats)
- Remote Access Trojans (RATs) (12% of investigated threats)
- Botnets (6% of investigated threats)
- Loaders (6% of investigated threats)
7. Jamf Becomes Microsoft Partner: Jamf, a specialist in managing and securing Apple at work, is entering the Microsoft ISV Partner Program, and has signed a five-year agreement to expand its existing collaboration with Microsoft Cloud and AI-powered solutions for their joint customers. Jamf offerings will be hosted on Microsoft Azure and available for purchase on the Azure Marketplace starting in late 2024, the company said.
8. Argus Cyber Security is Now PlaxidityX: Argus Cyber Security Ltd., a mobility cybersecurity provider, has transformed into PlaxidityX. The name change signifies the company's end-to-end solution and broader market presence, positioning PlaxidityX for accelerated growth and expansion of market share, the company said. "PlaxidityX" is a fusion of "placidity," representing tranquility, calmness and peace of mind, with the dynamic edge of "X" to symbolize innovation and cutting-edge technology.
9. Abnormal Security Reports on Phishing Attack Increase: Abnormal Security has released research revealing that file-sharing phishing attacks skyrocketed by 350% year-over-year, with financial organizations and built environment firms targeted the most.
The findings include:
- More than 60% of file-sharing phishing attacks originate from legitimate sending domains
- Business email compromise attacks grew by more than 50% between H2 2023 and H1 2024
- 41% of Abnormal customers experienced a VEC attack each week between January–June 2024
10. Reliaquest's 5 Malware Variants You Should Know: A report from Reliaquest examines five malware variants that have recently impacted the threat landscape or may do so in the near future: “LummaC2,” Rust-based stealers, “SocGholish,” “AsyncRAT,” and “Oyster.” These malware variants pose significant risks to organizations across all industries and regions, Reliaquest said.