Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
The Content: Written for MSSPs and MSPs; threat hunters security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Funding Boost: Tenzir, a specialist in security data pipelines, has announced the closing of its seed investment round, totaling EUR 3 million. This investment will bolster Tenzir’s research and development, expedite market expansion and strengthen its customer service capabilities. In August, Tenzir is set to launch its flagship enterprise security data pipeline platform, which includes a free community edition, the company said.
2. Industry Recognition: Stellar Cyber, a specialist in open XDR technology, has been rated a top-ranked Progressive company in the June 2023 Markets & Markets XDR report, Extended Detection and Response Market report with Global Forecast to 2028. Stellar Cyber vaulted to the top Progressive position in the report’s Evaluation Quadrant in the report’s Startups/SMEs section, the company said.
3. Cybersecurity Education: CompTIA is developing a new series of expert-level certifications and learning products in data, cybersecurity and cloud networking. The CompTIA Xpert Series certifications are scheduled for release throughout 2024. The certifications are intended for IT professionals with multiple years of work experience who are interested in validating their expert-level knowledge of business-critical technologies.
4. Industry Recognition: Fortinet announced that it has become a member of the International Telecommunication Union Development Sector (ITU-D). Fortinet will look to advance the ITU-D’s cybersecurity and digital skills development priority areas in part by increasing access to the Fortinet Training Institute’s certification program curriculum.
5. CISA Issues Malware Alert: The Cybersecurity & Infrastructure Security Agency (CISA) has published three malware analysis reports on malware variants associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. It was exploited as a zero day as early as October 2022 to gain access to ESG appliances. The threat actors exploited the vulnerability to gain initial access to victim systems and then implanted backdoors to establish and maintain persistence, CISA reported.
6. Oil Refinery Cyberattack: The website of Israel’s largest oil refinery operator, BAZAN Group, was inaccessible from most parts of the world Sunday as threat actors claimed to have hacked the company’s cyber systems. Iranian hacktivist group Cyber Avengers, also known as CyberAv3ngers, claimed that it had breached BAZAN’s network over the weekend. (Source: Bleeping Computer)
7. Hacker Alert: Hackers are actively exploiting a “BleedingPipe” remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices. BleedingPipe is a vulnerability found in many Minecraft mods caused by the incorrect use of deserialization in the “ObjectInputStream” class in Java to exchange network packets between servers and clients. (Source: Bleeping Computer)
Comments are closed.