MSSP Market News: Blue Mantis, AI Technology Partners, Reveald

Every business day, MSSP Alert delivers a quick roundup of news, analysis and conversations from across the MSSP, MSP and cybersecurity world.

How to reach our inbox:
Send news, tips and rumors to Editor-in-Chief Jim Masters: (email protected)

Today’s MSSP Alert Market News:

1. GenAI Security Partnership: Blue Mantis, a managed services, cybersecurity and cloud solutions provider, has entered into a strategic partnership with AI Technology Partners (AITP), a specialist in transformative AI strategies and Microsoft Copilot implementations. The partnership combines Blue Mantis’ expertise in managed IT and cybersecurity services with AITP’s consulting, data, analytics and AI capabilities. Blue Mantis and AITP have developed a joint go-to-market strategy and service offering for mid-sized enterprise customers, the companies said.

2. Threat Intelligence Collaboration: Continuous threat management provider Reveald has expanded its capabilities with the acquisition of rThreat and the development of the Epiphany Validation Engine (EVE) to improve AI-driven cyber resilience. EVE is an emulation technology that allows security operators to assume the role of attackers to validate cybersecurity readiness and controls while allowing analysts to see the entire attack path and identify material risks, the company said.

3. Cyber ​​Risk Solution Debuts: Bitsight, a cyber risk management specialist, has launched AI-powered technology to provide companies with a continuously updated view of internet-connected assets, third-party relationships and overall risk posture. The new Discovery and Attribution Engine creates a dynamic map of an organization’s internet-connected assets, making it faster and easier to identify exposure across the expanded attack surface, assess risk and prioritize remediation efforts, the company said.

4. CRA Releases Cybersecurity Buyer Intelligence Report: CyberRisk Alliance’s latest Cybersecurity Buyer Intelligence Report, “Incident Response: Incident Response Team Burnout and Resource Constraints Give Attackers the Advantage,” offers groundbreaking solutions to the widespread challenges of slow resolution times and team burnout, exacerbated by resource constraints. “The results of this survey highlight the growing problem of burnout among responders,” said Bill Brenner, senior vice president of audience content strategy at CyberRisk Alliance (CRA). “You need more resources that may not be available as quickly. The question we were trying to answer was: What can organizations do to ensure a robust incident response while finding ways to ease the pressure.”

5. Security Partnership: Accenture and Mandiant, part of Google Cloud, are working together to provide cyber resiliency services that help organizations more efficiently detect, investigate, respond to and recover from cyberattacks. Accenture will leverage Mandiant’s threat intelligence and expertise for its cyber resilience services. In addition, Accenture Federal Services has been awarded a 10-year, $789 million contract to support U.S. Navy global naval forces in conducting unified cybersecurity operations in the SHARKCAGE environment, the Navy’s common systems designed to protect a single , common, continuous security scope.

6. CISA Release Notes: The Cybersecurity & Infrastructure Security Agency (CISA) has published four recommendations on Industrial Control Systems (ICS). These notes provide up-to-date information on current security issues, vulnerabilities and exploits related to ICS:

CISA recommends that users and administrators review the newly published ICS advisories for technical details and remedial actions.

7. Change of leadership: CyXcel, a cybersecurity company with offices in the UK and North America, has appointed Simon Church as chief strategy officer. Church has held leadership positions at cybersecurity and technology companies such as Maxive Cyber ​​Security (acquired by Thales), Optiv, Vodafone, NTT Security, Verisign and NetIQ. His experience includes strategic roles in identity management, network and managed services.

8. Spam Notification: AT&T’s email servers are blocking Microsoft 365 connections due to a “large” wave of spam originating from the Microsoft service. AT&T customers reported this week that they were no longer able to receive emails from Microsoft 365 email addresses. When Microsoft 365 customers attempted to send an email to an address at @att.com, @sbcglobal.net, or @bellsouth.com, AT&T’s servers rejected the connection and did not accept the email for delivery. (Source: Bleeping Computer)

9. Hacker Alert: The Sysdig Threat Research Team observed a new attack that used stolen cloud credentials to target ten cloud-hosted Large Language Model (LLM) services, known as LLMjacking. The credentials were obtained from a popular target, a system running a vulnerable version of Laravel (CVE-2021-3129). In this case, attackers intend to sell LLM access to other cybercriminals while the cloud account holder foots the bill.

10. Threat Report Issued: VIPRE Security Group, a cybersecurity, privacy and data protection company, has released its “Email Threat Trends for the First Quarter of 2024” report based on an analysis of 1.8 billion emails. The findings highlight the evolving landscape of email-based threats and new tactics that malicious actors are using. The manufacturing, government and IT sectors are most affected by malicious actors. In the first quarter of 2024, the manufacturing sector accounted for 43% of email attacks, with government (15%) and IT (11%) well behind. This is a change from the first quarter of 2023, when attackers most commonly targeted the financial (25%), healthcare (22%) and education (15%) sectors, the report said.