Usage subject to Terms and Conditions

Archives October 2021

Resource Guide: Defending Against Ransomware

Read the original article at https://blog.pcisecuritystandards.org/resource-guide-defending-against-ransomware-2021

Ransomware attacks have been front and center in the news recently due to high-profile breaches that have impacted businesses across the globe. These headline grabbing attacks have been part of a larger global increase in ransomware crime. With a dramatic increase in security challenges due to the disruptions caused in part by the COVID-19 pandemic, there has been a significant increase in ransomware attacks.

Read the original article at https://blog.pcisecuritystandards.org/resource-guide-defending-against-ransomware-2021

GPS Daemon (GPSD) Rollover Bug

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug

Original release date: October 21, 2021

Critical Infrastructure (CI) owners and operators and other users who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices should be aware of a GPS Daemon (GPSD) bug in GPSD versions 3.20 (released December 31, 2019) through 3.22 (released January 8, 2021). 
 
On October 24, 2021, Network Time Protocol (NTP) servers using bugged GPSD versions 3.20-3.22 may rollback the date 1,024 weeks—to March 2002—which may cause systems and services to become unavailable or unresponsive.  
 
CISA urges affected CI owners and operators to ensure systems—that use GPSD to obtain timing information from GPS devices—are using GPSD version 3.23 (released August 8, 2021) or newer.
 
For more information, see Keeping Track of Time: Network Time Protocol and a GPSD Bug.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug

Cisco Releases Security Updates for IOS XE SD-WAN Software

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/cisco-releases-security-updates-ios-xe-sd-wan-software

Original release date: October 21, 2021

Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Software. An authenticated local attacker could exploit this vulnerability to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review Cisco Advisory cisco-sa-sd-wan-rhpbE34A and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/cisco-releases-security-updates-ios-xe-sd-wan-software

Phishing Campaign Targets Organizations in India and Afghanistan

Read the original article at https://blog.knowbe4.com/phishing-campaign-targets-organizations-in-india-and-afghanistan

A threat actor based in Pakistan is targeting entities in India and Afghanistan with malware-laden websites, according to researchers at Cisco Talos.

Read the original article at https://blog.knowbe4.com/phishing-campaign-targets-organizations-in-india-and-afghanistan

Managed Security Services Provider (MSSP) News: 21 October 2021

Read the original article at https://www.msspalert.com/cybersecurity-news/updates-21-october-2021/

Today’s MSSP news involves BlueVoyant, Check Point Software, Checkmarx, CyberReef, Cybrary, ForeScout, Graylog, Microsoft 365, Radware, SentinelOne, Tanium, ThreatMark & more.

The post Managed Security Services Provider (MSSP) News: 21 October 2021 appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/updates-21-october-2021/

KnowBe4 Acquires CrowdStrike Security Awareness Training Partner SecurityAdvisor

Read the original article at https://www.msspalert.com/investments/knowbe4-acquires-crowdstrike-partner-securityadvisor/

KnowBe4 acquires SecurityAdvisor, a CrowdStrike partner that develops patented security awareness training & automation technology.

The post KnowBe4 Acquires CrowdStrike Security Awareness Training Partner SecurityAdvisor appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/investments/knowbe4-acquires-crowdstrike-partner-securityadvisor/

Will Google Cybersecurity Team Engage MSSP Partners?

Read the original article at https://www.msspalert.com/cybersecurity-news/google-cybersecurity-team-mssp-partnerships/

New Google cybersecurity team emerges to protect governments, critical infrastructure facilities, enterprises & small businesses. Will MSSPs plug in?

The post Will Google Cybersecurity Team Engage MSSP Partners? appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/google-cybersecurity-team-mssp-partnerships/

Breach and Attack Simulation Funding: Picus Security Raises $24M, Seeks MSSP Partners

Read the original article at https://www.msspalert.com/investments/breach-and-attack-simulation-funding-picus-security-raises-24-million/

Picus Security, a breach & attack simulation technology company, builds MSSP partner program; pursues North America, EMEA & APAC expansion.

The post Breach and Attack Simulation Funding: Picus Security Raises $24M, Seeks MSSP Partners appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/investments/breach-and-attack-simulation-funding-picus-security-raises-24-million/

Splunk Cloud, Partner Program Engage MSSPs and Cybersecurity Consultancies

Read the original article at https://www.msspalert.com/cybersecurity-companies/partner-programs/splunk-cloud-partner-program-engage-mssps-and-cybersecurity-consultancies/

Splunk cloud partner program & SOAR moves engage MSSPs & cybersecurity consultancies such as Accenture, BlueVoyant, deepwatch, Mandiant & TekStream.

The post Splunk Cloud, Partner Program Engage MSSPs and Cybersecurity Consultancies appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-companies/partner-programs/splunk-cloud-partner-program-engage-mssps-and-cybersecurity-consultancies/

Deloitte Acquires Cloud MSP, Fortinet, BlackBerry Security Partner Sliced Tech

Read the original article at https://www.msspalert.com/investments/deloitte-acquires-fortinet-blackberry-security-msp-partner-sliced-tech/

Deloitte acquires Sliced Tech, a cloud, security, government & financial services MSP that partners with Fortinet & BlackBerry.

The post Deloitte Acquires Cloud MSP, Fortinet, BlackBerry Security Partner Sliced Tech appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/investments/deloitte-acquires-fortinet-blackberry-security-msp-partner-sliced-tech/