It’s U.S. Presidential Election Day and CISA director Jen Easterly has spent the last week assuring the public of the security and integrity of the nation’s voting infrastructure, saying that voting machines are not connected to the internet and 97% of votes are backed by paper ballots.
The danger that she and others say is real is around misinformation and disinformation. Threat actors may share images and social media posts that undermines the public’s confidence in the elections system. It’s a time for citizens to be discerning about who they trust for information.
Meanwhile it doesn’t hurt to warn customers about the potential for phishing scams and other social engineering efforts designed to exploit high emotions around political hot buttons.
Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. Cybersecurity services acquisition - MDR provider Lumifi says it will acquire Critical Insight, marking its third acquisition in 13 months. This strategic move expands Lumifi's service offerings and strengthens its presence in the healthcare and critical infrastructure cybersecurity sector. The company said Critical Insight's incident response capabilities complement Lumifi's real-time threat monitoring, and its professional services expand the ability to provide tailored cybersecurity strategies.
2. Threat continues - LevelBlue Labs (formerly known as AT&T Alien Labs)’s new research shows that proxy server botnet Ngioweb continues to remain active on the Internet with barely any relevant changes in its original code. Discovered seven years ago, threat actors are still using Nbioweb extensively to scan for vulnerable devices that can be turned into new proxies. More information is available here.
3. Microsoft Exchange targeted - Rapid7’s has released a new report investigating a Microsoft Exchange service account with domain administrator privilege. The company’s incident response team discovered an attacker who accessed a server and compromised the entire domain. Details of the compromise are available here.
4. New boss- Multi-channel phishing protection company Bolster has named Rod Schultz as its new CEO. With more than 25 years of business strategy, product innovation, and secure technology development expertise, Schultz will continue Bolster's growth and drive the company’s go-to-market and platform developmentas it tackles the increasing threat of AI-driven phishing and impersonation attacks, the company said.
5. SOC 2 success - IT and cybersecurity company AlphaRidge has successfully completed the Service Organization Control (SOC) 2 Type II audit validating AlphaRidge's ongoing commitment to maintaining the highest standards of data security, privacy, and operational excellence.
