close
close

MSSP Market News: Nuspire, Akamai, Noname Security, Rapid7

Every business day, MSSP Alert delivers a quick roundup of news, analysis and conversations from across the MSSP, MSP and cybersecurity world.

How to reach our inbox:
Send news, tips and rumors to Editor-in-Chief Jim Masters: (email protected)

Today’s MSSP Alert Market News:

1. Best MSSP named: Nuspire was named “Best MSSP” at the Cybersecurity Excellence Awards. The award recognized Nuspire for its innovative approach to cybersecurity management and particularly highlighted the role of the myNuspire platform in transforming security program management. The company offers a wide range of services including Managed Security Services (MSS), Managed Detection and Response (MDR) and Managed Endpoint Detection and Response (EDR).

2. Completion of the cyber deal: Cloud and cloud services provider Akamai is buying Noname Security for $450 million – a “deep discount,” according to TechCrunch. According to TechCrunch, Noname was valued at about $1 billion in its last private fundraising in December 2021. But ongoing consolidation in the cybersecurity space, coupled with a difficult economy and a stingy private equity and venture capital environment, is forcing many of these cybersecurity startups to reevaluate their value. Noname Security will intervene in Akamai’s API security unit. This is technology M&A deal #123 reported by MSSP Alert and sister site ChannelE2E so far in 2024. More than 2,000 technology M&A deals for 2024, 2023, 2022, 2021 and 2020 can be found listed here.

3. Ransomware prevention version: Rapid7, a specialist in advanced risk and threat detection, has launched a patented ransomware prevention technology that provides end-to-end ransomware coverage to anticipate advanced attacks and accelerate detection and response time. Ransomware protection is built into the Rapid7 Insight Agent and easily integrates into customers’ existing security ecosystems to complement existing third-party endpoint protection platforms, EDR solutions or Rapid7’s antivirus capabilities, the company said.

4. Acquisition builds penetration power: According to Yahoo News, TELUS Corporation (TU) has acquired Vumetric Cybersecurity, a cybersecurity provider of advanced penetration testing to detect vulnerabilities in organizations across Canada and North America. TELUS will integrate Vumetric’s digital platform to expand its consultative cyber defense services. Yahoo adds that Vumetric’s platform is compatible with major cloud platforms and offers a modern and user-centric approach to cybersecurity testing. This is technology M&A deal #124 reported by MSSP Alert and sister site ChannelE2E so far in 2024. More than 2,000 technology M&A deals for 2024, 2023, 2022, 2021 and 2020 can be found listed here.

5. Cyber ​​crisis communication offer: Highwire PR, a communications and marketing partner for global technology and healthcare companies, has launched a new service offering to help companies communicate about cybersecurity issues. This new crisis communications offering provides organizations with comprehensive support to prepare, monitor and address cybersecurity issues, the company said.

6. 68 companies commit to CISA’s Secure By Design promise: The Cybersecurity and Infrastructure Security Agency (CISA) announced that 68 of the world’s leading software vendors have voluntarily committed to developing products with greater built-in security as part of CISA’s Secure by Design promise. Participating software vendors commit to working over the next year to demonstrate measurable progress toward seven specific goals. Taken together, these commitments will help protect Americans by securing the technology on which our critical infrastructure relies, CISA said.

7. Threat report released: Intel 471, a global provider of cyber threat intelligence solutions, has released its 2024 Cyber ​​Threat Report, providing insights into emerging trends, different motivations and evolving techniques used by threat actors in the global cybercriminal underground. According to the results, the pro-Russian group NoName057(16) was responsible for almost 60% of all hacktivist incidents in 2023. There were also 4,429 ransomware attacks reported last year, almost twice as many as in 2022. Additionally, LockBit continued to be the most widely used ransomware variant, affecting 981 victims, Intel 471 reports.

8. City of Wichita reports cyber attack: The LockBit ransomware gang has claimed responsibility for a devastating cyberattack on the city of Wichita, Kansas, which forced city authorities to shut down IT systems for online payment of bills, including court fines, water bills and public transportation. On May 5, city authorities announced they were facing a devastating cyberattack after ransomware encrypted parts of their network. To contain the damage and stop the attack from spreading, the city’s IT specialists shut down computers for online services. (Source: Bleeping Computer)

9. Impact of Cyber ​​Attacks on Healthcare Group: A cyberattack has disrupted “clinical operations” at major nonprofit healthcare organization Ascension, forcing it to take measures to minimize the impact on patient care. “A disruption to clinical operations has occurred and we continue to assess the impact and duration of the disruption,” said the statement from Ascension, a health system that includes 140 hospitals and 40 senior living facilities in 19 states. (Source: CNN)

10. Ivanti Botnet Exploitation Detected: Two recently disclosed vulnerabilities in Ivanti Connect Secure (ICS) devices are being exploited to deploy the Mirai botnet. Juniper Threat Labs reported that vulnerabilities CVE-2023-46805 and CVE-2024-21887 were used to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass flaw, CVE-2024-21887 is a command injection vulnerability that allows an attacker to chain the two in an exploit chain, to execute arbitrary code and take over vulnerable instances. (Source: The Hacker News)