Usage subject to Terms and Conditions

Archives January 2022

SentinelOne MSP Software Partnerships: Barracuda, ConnectWise, N-able (Who’s Next?)

Read the original article at https://www.msspalert.com/cybersecurity-services-and-products/xdr/sentinelone-msp-software-partnerships-barrcuda-connectwise-n-able-whos-next/

Barracuda Networks & Skout are latest MSP-focused software & SOC companies to embrace SentinelOne XDR (eXtended Detection & response).

The post SentinelOne MSP Software Partnerships: Barracuda, ConnectWise, N-able (Who’s Next?) appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-services-and-products/xdr/sentinelone-msp-software-partnerships-barrcuda-connectwise-n-able-whos-next/

A Data-Driven Approach for Your Third-Party Risk Management Processes

Read the original article at https://blog.knowbe4.com/a-data-driven-approach-for-your-third-party-risk-management-processes

As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By taking a data-driven approach to identifying, understanding, and acting on risk, you can efficiently eliminate your organization’s most critical third-party security gaps.

Read the original article at https://blog.knowbe4.com/a-data-driven-approach-for-your-third-party-risk-management-processes

Ransomware: More Families, More Vulnerabilities, More Weaponry Dominate 2021

Read the original article at https://www.msspalert.com/cybersecurity-research/ransomware-more-families-more-vulnerabilities-more-weaponry-dominate-2021/

Over 30 new ransomware groups surfaced in 2021, an Ivanti, Cyware and Cyber Security Works research reveals.

The post Ransomware: More Families, More Vulnerabilities, More Weaponry Dominate 2021 appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-research/ransomware-more-families-more-vulnerabilities-more-weaponry-dominate-2021/

Apple Releases Security Updates for Multiple Products

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/01/27/apple-releases-security-updates-multiple-products

Original release date: January 27, 2022

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/01/27/apple-releases-security-updates-multiple-products

PCI SSC in Brazil: New Regional Engagement Board for 2022

Read the original article at https://blog.pcisecuritystandards.org/pci-ssc-in-brazil-new-regional-engagement-board-for-2022

 

PCI SSC has announced a newly expanded Brazil Regional Engagement Board (REB). Here we talk with PCI SSC Associate Director, LA Region for Brazil, Carlos Caetano, about the value of the board, its role and agenda for 2022.

Read the original article at https://blog.pcisecuritystandards.org/pci-ssc-in-brazil-new-regional-engagement-board-for-2022

Managed Security Services Provider (MSSP) News: 27 January 2022

Read the original article at https://www.msspalert.com/cybersecurity-news/updates-27-january-2022/

Today’s MSSP news involves Appalachia Technologies, Aryaka, Barracuda, CyCognito, DoCongtrol, Marsh McLennon, Portnox, SecurityScoreCard, SentinelOne, VeeMost, Aryaka & more.

The post Managed Security Services Provider (MSSP) News: 27 January 2022 appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/updates-27-january-2022/

FBI Releases PIN on Iranian Cyber Group Emennet Pasargad

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/01/27/fbi-releases-pin-iranian-cyber-group-emennet-pasargad

Original release date: January 27, 2022

The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) that provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures to enable readers to identify and defend against the group’s malicious cyber activities.

CISA encourages users and administrators to review FBI PIN: Context and Recommendations to Protect Against Malicious Activity by Iranian Cyber Group Emennet Pasargad and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/01/27/fbi-releases-pin-iranian-cyber-group-emennet-pasargad

Microsoft Warns of Latest “Consent Phishing” Attack Intent on Reading Your Email

Read the original article at https://blog.knowbe4.com/microsoft-warns-of-latest-consent-phishing-attack-intent-on-reading-your-email

Rather than steal your user’s credentials, this latest attack takes the OAuth route to gain access to the victim’s mailbox. This gives cybercriminals continual access, regardless of whether the user is logged on or not.

Read the original article at https://blog.knowbe4.com/microsoft-warns-of-latest-consent-phishing-attack-intent-on-reading-your-email

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

Read the original article at https://blog.knowbe4.com/dark-web-service-sells-access-to-compromised-accounts-and-browser-sessions

When we hear about compromised credentials, there’s always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.

Read the original article at https://blog.knowbe4.com/dark-web-service-sells-access-to-compromised-accounts-and-browser-sessions

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

Read the original article at https://blog.knowbe4.com/malicious-office-documents-jump-to-37-of-all-malware-downloads-at-the-end-of-2021

With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the spotlight.

Read the original article at https://blog.knowbe4.com/malicious-office-documents-jump-to-37-of-all-malware-downloads-at-the-end-of-2021