First, to all the veterans, thank you for your service, today and every day! There are so many veterans who proudly continue to serve in the cybersecurity channel as well. We also appreciate your service in protecting the world's businesses and infrastructure from cyberthreats. Thank you.
Channel Program, the creator of Navistack and a host of other solutions that help MSPs and MSSPs with vendor management and other key tasks, has released data around the top cybersecurity solutions in the global IT Channel. CEO Kevin Lancaster posted the list on LinkedIn last week, and here’s a quick look at who landed on top.
There rest of the list is available in Lancaster’s post. Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. Phishing tactic - Perception Point has detailed a new discovery -- a unique two-step phishing tactic using Microsoft Visio files (.vsdx) and SharePoint – in a blog post. These attacks represent a new and growing approach in phishing campaigns where attackers embed malicious URLs in Visio files, bypassing detection to steal credentials.
2. Cybersecurity control failures costly - New research from Panaseer has revealed that cybersecurity control failures cost businesses $30 billion per year. Only half of security leaders fully trust the numbers they are reporting to regulators and the board, with many turning to personal indemnity insurance to cover their backs. The research found that 61% of organizations have suffered a security breach in the past year because their policies, governance and controls failed or were not working effectively.
3. Most and least prepared countries for cyber threats - A new study from PSONO found that Sweden is the most prepared company for data threats this year, followed by Singapore. Germany had the highest number of searches for “How to create a strong password.” On the other end, Mexico was found to be the least prepared for security threats, followed by Vietnam and Kuwait.
4. Palo Alto Networks known exploited vulnerability - CISA has warned of a new known exploited vulnerability from Palo Alto Networks. CVE-2024-5910 Palo Alto Expedition Missing Authentication Vulnerability can lead to an Expedition admin account takeover for attackers with network access to the Expedition tool. Expedition is used by technicians for migration, tuning and enrichments. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
5. SAP security - SecurityBridge, the Cybersecurity Command Center for SAP, has announced an alliance with KPMG in India, one of India’s leading professional services firms today. KPMG in India will integrate the SecurityBridge Command Center for SAPinto its services offering, allowing customers to gain key insights and safeguard themselves in the complex landscape of SAP security.