Usage subject to Terms and Conditions

Archives October 2021

MSSPs, MDR Security Partnerships Further Accelerate

Read the original article at https://www.msspalert.com/cybersecurity-services-and-products/mdr/mssps-mdr-security-partnerships-further-accelerate/

MDR partnerships involving Alert Logic-Sungard AS, IGXGlobal UK-Proficio, eSentire-Telarus, and BlueVoyant-SentinelOne reinforce security services trends.

The post MSSPs, MDR Security Partnerships Further Accelerate appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-services-and-products/mdr/mssps-mdr-security-partnerships-further-accelerate/

ITOCHU Invests $31.5M In MSSP, MDR Security Provider SilverSky

Read the original article at https://www.msspalert.com/investments/itochu-31-5m-silversky/

SilverSky, an MDR (managed detection & response) security provider, plans MSSP expansion from United States to all of Asia Pacific (APAC).

The post ITOCHU Invests $31.5M In MSSP, MDR Security Provider SilverSky appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/investments/itochu-31-5m-silversky/

Tomorrow’s MSSP and MSP Security Talent: Trained By U.S. Community Colleges?

Read the original article at https://www.msspalert.com/cybersecurity-talent/tomorrows-mssp-and-msp-security-talent-trained-by-u-s-community-colleges/

Microsoft aligns with U.S. community colleges to train 250,000 cybersecurity professionals by 2025. Will MSSPs gain new talent pipeline?

The post Tomorrow’s MSSP and MSP Security Talent: Trained By U.S. Community Colleges? appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-talent/tomorrows-mssp-and-msp-security-talent-trained-by-u-s-community-colleges/

3 Parameters for Building a Zero-Trust Cybersecurity Strategy

Read the original article at https://www.msspalert.com/cybersecurity-guests/3-parameters-for-building-a-zero-trust-cybersecurity-strategy/

How can MSSPs, MSPs & businesses embark on a zero-trust strategy? Follow these three recommendations from Sophos VP Scott Barlow.

The post 3 Parameters for Building a Zero-Trust Cybersecurity Strategy appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-guests/3-parameters-for-building-a-zero-trust-cybersecurity-strategy/

Multi-Stage Vishing Attacks are Coming to an Inbox Near You

Read the original article at https://blog.knowbe4.com/multi-stage-vishing-attacks-are-coming-to-an-inbox-near-you

New attacks initially coming in via email are directing victims to make phone calls to attacker-controlled call centers in order to provide banking and credit card details.

Read the original article at https://blog.knowbe4.com/multi-stage-vishing-attacks-are-coming-to-an-inbox-near-you

Eight Romance Phishing Scammers with Ties to Nigerian Organized Crime Arrested After Stealing Nearly $7 Million

Read the original article at https://blog.knowbe4.com/eight-romance-phishing-scammers-with-ties-to-nigerian-organized-crime-arrested-after-stealing-nearly-7-million

This latest arrest by the South African Police Service (SAPS) demonstrates how romance scams that have been around for decades remain alive and well… and profitable.

Read the original article at https://blog.knowbe4.com/eight-romance-phishing-scammers-with-ties-to-nigerian-organized-crime-arrested-after-stealing-nearly-7-million

Over Half of all Impersonation Attacks Target Non-Executive Employees

Read the original article at https://blog.knowbe4.com/over-half-of-all-impersonation-attacks-target-non-executive-employees

A new report shows how cybercriminals focus on users that are less vigilant and more prone to falling for social engineering and impersonation tactics designed to gain access to finances.

Read the original article at https://blog.knowbe4.com/over-half-of-all-impersonation-attacks-target-non-executive-employees

Google Releases Security Updates for Chrome

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/29/google-releases-security-updates-chrome

Original release date: October 29, 2021

Google has released Chrome version 95.0.4638.69 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/29/google-releases-security-updates-chrome

KnowBe4's Q3 2021 Top-Clicked Phishing Email Report Includes New Global Data [INFOGRAPHIC]

Read the original article at https://blog.knowbe4.com/q3-2021-top-clicked-phishing-report-infographic-with-global-data

KnowBe4’s latest quarterly report on top-clicked phishing email subjects is here. We are now looking at the top categories globally, general subjects (in the United States and Europe, Middle East and Africa), and ‘in the wild’ attacks .

Read the original article at https://blog.knowbe4.com/q3-2021-top-clicked-phishing-report-infographic-with-global-data

GoCD Authentication Vulnerability

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/29/gocd-authentication-vulnerability

Original release date: October 29, 2021

GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information.

CISA encourages users and administrators to update to GoCD 21.3.0 or apply the necessary workarounds.

For more information, see Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/29/gocd-authentication-vulnerability