The director of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) appears to be headed for the door on January 20 when the Trump administration gains control of the executive branch, according to a report by NextGov. This is not unexpected because many top officials depart when presidential administrations change.
Jen Easterly was appointed to the role by President Biden and she has served as director since July 2021. She was only the second official to hold the post since the creation of the agency in 2018. The first director, Chris Krebs was appointed in 2018 and then fired by President Trump in 2020 after Krebs stated that the agency found no evidence of fraud in the 2020 election.
It’s unclear if President Trump will name a new director of CISA, who that director might be or how the agency will fit into the second Trump administration. CISA has provided a clearinghouse and source of information about critical cybersecurity vulnerabilities to MSSPs and the rest of the cybersecurity industry.
Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. A deep dive into the spike in AI-driven fraud - Identity-centric solution provider Entrust Cybersecurity Institute’s annual report that looks at fraud trends and techniques shows that deepfake attacks strike every five minutes and there’s been a 244% surge in digital document forgeries. AI-assisted attacks are growing, the report shows. The top three most targeted industries in 2024 were all related to financial services – Cryptocurrency, lending and mortgages, and traditional banks.
2. Cloud cybersecurity partnership - Cybersecurity company Exabeam is partnering with Wiz, a provider of cloud security, to offer organizations improved threat detection, investigation, and response (TDIR) capabilities. The companies said the partnership will ensure a more secure and resilient cloud environment. Exabeam said the open architecture of its New-Scale Security Operations Platform supports a best-of-breed ecosystem that includes hundreds of product integrations.
3. Malicious bots get more sophisticated - Barracuda's most recent Threat Spotlight’s deep dive on malicious bots examines how they are becoming more advanced and human-like in their behavior as they seek to improve their chances of success in account takeovers and other automated attacks. Researchers also noted an emerging category of AI bots or “grey bots,” that are blurring the boundary of legitimate activity.
4. Document-based phishing attacks surge - Cofense, a provider of email security awareness training and advanced phishing detection and response solutions has released its quarterly trends report. The report reveals that open redirects using popular sites like TikTok and embedded QR codes in Office documents have contributed to a surge in document-based phishing attacks.
5. Cybercriminals impersonating Bitwarden software updates - Bitdefender researchers say cybercriminals are impersonating Bitwarden software updates as a ruse to deliver malware to UK consumers. The campaign has impacted brands including CapCut, Office 365, Netflix and Photoshop. Another recently identified campaign uncovered by Bitdefender Labs involves a fake Bitwarden extension advertised on Facebook. The campaign tricks users into installing a harmful browser extension under the guise of a security update.
6. Triaging and prioritizing cloud cybersecurity alerts - External exposure management company Ionix is launching Cloud Exposure Validator, a tool to help security teams manage the volume of alerts generated by cloud security platforms including Wiz, Palo Alto Prisma and others. The tool analyzes and re-prioritizes alerts from cloud security tools based on actual exploitation and severity.
7. New cyber boss for UK expansion - Cybersecurity solutions provider Inversion6, which is a division of global managed services provider TRG, has hired Ian Thornton-Trump as chief information security officer (CISO). With his extensive background in IT security and information technology, Ian will spearhead the company’s efforts to expand its successful model from the US into the UK and EU markets.
8. Sophos expands Cysurance partnership - Sophos is partnering with cyber insurance provider Cysurance to provide Sophos’ Canadian MDR partners with access to lower cyber insurance rates and premiums from Cysurance. This extends the program which is already available in the United States and Australia.
