Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS); managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Cybersecurity Incident: Freeport-McMoRan Inc. (FCX) is investigating a cybersecurity incident affecting its information systems. The company is assessing the impact and proactive measures are being taken to address the situation. FCX, an international mining company with headquarters in Phoenix, Arizona, is working closely with third-party experts and law enforcement. To date, there has been limited impact on production.
2. Industry Recognition: Axiad, a passwordless orchestration provider, announced that its Axiad Cloud platform was named a Gold Stevie Award winner in the Identity & Access Security Solution category in The 20th Annual International Business Awards.
3. New Malware Identified: Users in Latin America are the target of a financial malware called JanelaRAT that’s capable of capturing sensitive information from compromised Microsoft Windows systems. “JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions,” Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it “abuses DLL side-loading techniques from legitimate sources (like VMWare and Microsoft) to evade endpoint detection.” (Source: The Hacker News)
4. China Cyberattack Update: New progress has been made on an investigation into a cyberattack incident targeting the Wuhan Earthquake Monitoring Center affiliated with the city’s Emergency Management Bureau. A joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of US intelligence agencies. (Source: The Global Times)
5. Ransom Paid: A Canadian provincial government body tasked with providing dental services has paid a ransomware demand after having data stolen in an 8base ransomware attack. The Alberta Dental Service Corp. reported that it detected the ransomware attack on July 26. The corporation was also able to recover affected systems and data from backups with minimal loss. It’s believed that the data of approximately 1.47 million individuals were compromised, including a small amount personal banking information. (Source: SiliconAngle)
6. Colorado Data Breach: The Colorado Department of Health Care Policy & Financing (HCPF) is alerting more than four million individuals of a data breach that impacted their personal and health information. Colorado HCPF is a state government agency that manages the Health First Colorado (Medicaid) and Child Health Plan Plus programs. The data breach was possible after Clop ransomware exploited the MOVEit Transfer zero day (CVE-2023-34362) in a hacking campaign that impacted hundreds of organizations worldwide. HCPF clarifies that while their systems weren’t directly compromised, the data exposure occurred through IBM, their contractor, which utilized the MOVEit software. (Source: Bleeping Computer)
7. Ransomware Alert: The Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints. Knight ransomware is a recent rebrand of the Cyclop ransomware-as-a-service. (Source: Bleeping Computer)