by Joe Panettieri • Sep 6, 2022
Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR), threat hunters and MSP security providers — and those who need to partner with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to:
Thank you in advance for news tips.
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. Funding – Extended Security Posture Management: Cymulate has raised $70 million in Series D funding led by One Peak. Cymulate has raised $141M to date.
4. SOC as a Service: CloudZen Partners has launched a SOC sourcing service that can connect businesses to digital forensic and threat intelligence suppliers.
5. Microsoft Defender False Alerts: A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows, BleepingComputer reported.
6. BlackCat Cyberattacks Target Italy: BlackCat was behind a recent attack on Italy’s state-owned energy services firm GSE, stole a massive amount of data and threatened to publish if their demands were not met, according to Palo Alto Networks and a Reuters report.
7. RagnarLocker Ransomware Attacks: The RagnarLocker ransomware gang attacked TAP Air Portugal, the country’s state-owned air carrier, Spiceworks reported. Meanwhile, Cybereason released a global Threat Analysis Report investigating the Ragnar Locker ransomware gang and its attacks on networks of global critical infrastructure operators.
8. BianLian Ransomware Gang: Redacted has encountered a relatively new ransomware threat actor that called themselves BianLian. The security firm observed the actor deploying custom malware that was written in the Go programming language, which posed some initial, but not insurmountable, reverse-engineering challenges, Redacted indicated.
9. Espionage Group Targets Asia Organizations: Worok, a previously unknown espionage group, has been attacking Asia-based companies and governments since 2020, ESET reported. Worok’s toolset includes a C++ loader CLRLoad, a PowerShell backdoor PowHeartBeat, and a C# loader PNGLoad that uses steganography to extract hidden malicious payloads from PNG files, ESET said.
10. Italy Cyberattacks: Italian oil company Eni’s computer networks were hacked in late August, but the consequences appear to be minor so far, the company said on August 31, Reuters reported.
11. How to Build a SOC: Kaspersky has launched Security Operations and Threat Hunting — a new course in Kaspersky’s Expert Training portfolio. The course helps businesses build and/or enhance a SOC, and to improve security team skills in threat hunting, incident detection and investigation.
12. Data Discovery and Protection: CyberRes, a Micro Focus line of business, announced a new version of Voltage File Analysis Suite (FAS). The cloud platform combines data discovery and data protection capabilities.
13. Executive Leadership: Appgate has named Arlette Hart as VP of threat advisory services. The services include advanced penetration testing, adversary simulation and specialized consulting services.
14. Cyber Consulting Services and Compliance: Xage Security, a startup, has launched a new consulting and services arm designed to help customers meet security requirements ahead of compliance deadlines, SiliconAngle reported.
16. API Security Testing: Traceable AI has released an API Security Testing (xAST) solution. The software allows any API in pre-production to be tested for vulnerabilities, accuracy, reliability, and overall security, the company said.
B. MSSP, MDR and Cybersecurity Virtual Events and Conference Calendar
- LogRhythm RhythmWorld 2022 (September 13-15, Denver, Colorado)
- Fal.Con 2022: CrowdStrike Cybersecurity Conference (September 19-21, Las Vegas)
- Join Us: MSSP Alert Live (September 19-21, Washington, D.C.)
- SentinelOne LABScon Security Research Conference 2022 (September 21-24, Phoenix, Arizona)
- InfoSec World 2022 (September 26-28, Orlando, Florida)
- Bonus: MSSP Alert’s complete event calendar