https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Cybersecurity Roundup

IBM: Cybercriminals Could Disrupt COVID-19 Vaccine Supply Chain

  • Written by Edward Gately
  • December 4, 2020
The COVID-19 vaccine campaign has the components of a state-sponsored attack.
Risk IQ's Cory Kennedy

Risk IQ’s Cory Kennedy

…seem pointless, but many people reuse passwords for multiple systems,” he said. “This is well known by the attacker community and enables credential stuffing attacks.  The FBI warned about this attack type recently.”

Damage ranges from multiple account breaches to financial loss, Kennedy said.

“Organizations should be training faculty, students and staff about identifying and avoiding phishing attacks,” he said., “However, they should also have systems in place that can identify brand abuse that many threat actors employ to execute these phishing attacks.”

The frequency of brand attacks can overwhelm security teams, and providers have different approaches to solving this problem, Kennedy said.

“RiskIQ’s global network of virtual users use a combination of threat feeds and configured searches for brand keywords to encounter threats, including phishing, domain infringement, rogue mobile apps, social media impersonation and brand-lure malware, the same way that victims do,” he said. “Virtual users closely mimic human behavior in the way they navigate websites and use a broad range of geographic locations, OS and browser-types, and other characteristics to catch targeted attacks by threat actors trying to evade detection.”

RiskIQ says it will continue to research Shadow Academy and share findings.

Hacker-for-Hire Group DeathStalker Hits the Americas and Europe

Kaspersky researchers have spotted new malware activity in the wild from DeathStalker. The advanced persistent threat (APT) offers hacking-for-hire services targeting companies in the financial and legal sectors.

DeathStalker uses a new malware implant and delivery tactics involving a backdoor Kaspersky has dubbed PowerPepper.

The backdoor remotely takes control of victim devices. It leverages DNS over HTTPS as a communication channel to hide communications with the control server behind legitimate-looking traffic. PowerPepper also uses several evasion techniques.

DeathStalker doesn’t care about politics. And it isn’t seeking financial gain from the companies they target. Rather, they act as mercenaries, offering their hacking services for a price.

Kasperky's Pierre Delcher

Kasperky’s Pierre Delcher

Pierre Delcher is a security expert at Kaspersky.

“DeathStalker is likely looking for business intelligence, i.e. content and data that are of interest in the framework of the missions and contracts it has been tasked for,” he said. “DeathStalker may be extracting large chunks of data first, and looking for the specifics offline then, so the associated specific interests are not revealed during investigations.”

The cybercriminals most likely access and copy sensitive, confidential and protected information, Delcher said.

“Such information could allow competitors to win contracts or lawsuits that they should not have, discover personal secrets, or carry activities on behalf of targeted organizations’ identity/brand,” he said. “The same malware intrusion chains and tactics could just as well be leveraged by other actors to disrupt activities or deploy ransomware.”

PowerPepper is typically spread via spear-phishing emails. Malicious files are delivered in the email body or within a malicious link. The group has exploited international events, carbon emission regulations, and even the pandemic to trick their victims into opening the malicious documents.

“SMBs are definitely a target for DeathStalker’s activities,” Delcher said. “We could identify law and finance consultancy firms to be frequent targets, and most of them were not big corporations.”

SMBs may not control their IT assets or dedicate enough resources to protect against cyberattacks, he said.

DeathStalker’s tools heavily rely on scripting languages such as Powershell and JavaScript. So Kaspersky recommends interpreters for these languages be disabled on user machines whenever possible. Also, it’s important to monitor associated Windows events.

“Beyond this, our main recommendation would be to make sure an up-to-date security product is set up on all smartphones, computers and servers, and that all employees are trained to detect, ignore and report spear-phishing or unsolicited emails and social network messages,” Delcher said.

NetEnrich Unleashes Intelligent SOC

NetEnrich‘s new Intelligent SOC (ISOC) service allows midmarket enterprises and MSPs to up-level security operations, add skilled experts and improve efficiencies.

ISOC removes the barriers and complexities associated with security operations by making it easier, effective and more cost-effective. Organizations can scale their operations by adding outcomes-focused services that combine AIOps with security analyst expertise.

Justin Crotty is senior vice president at NetEnrich.

“Intelligent SOC enables MSSPs, MSPs and VARs to expand their managed security services business by customizing programs to meet their customers’ (enterprises) needs,” he said. “Organizations can add specific entitlements…

  • Page 1
  • Page 2
  • Page 3
Tags: MSPs Cloud and Edge Endpoint MSSP Insider Training and Policies

Related


  • SMB cybersecurity
    SMBs’ Cybersecurity Risk Awareness Is Rising
    The majority of SMBs would switch MSPs for the right cybersecurity support.
  • Cybersecurity Roundup
    Democrats to Take Charge of Federal Cybersecurity in Election Aftermath
    Democrats will have their hands full when dealing with federal cybersecurity.
  • DC Capitol Riot
    US Capitol Rioters Pose Cybersecurity Threat Due to Device Access, Theft
    It's not yet known what all the rioters got their hands on or saw.
  • 2021 - The Year of Extortion
    Expect 2021 to Be Fraught with Cybersecurity Threats
    Ransomware, insider threats, VPNs, weak APIs. Here's what MSPs/MSSPs need to know for 2021.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Organizations’ COVID-19 Rush to Remote Work About to ‘Backfire’
  • FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers
  • Acronis Cyber Threats Report: 2021 Will Be 'Year of Extortion'
  • 8 Ways Fraud Email Can Compromise Your Back Office

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

SMBs’ Cybersecurity Risk Awareness Is Rising

January 13, 2021

Your Cloud Data Is Protected, But Is It Portable?

January 12, 2021

How to Improve First Call Resolution with Microsoft Office 365 Service Tickets

January 6, 2021

Webinars

View all

Blueprint for a Scalable MSSP Practice in 2021

January 21, 2021

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Carbonite® Disaster Recovery-as-a-Service

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Cloud #distributor @Pax8 launches in UK with leadership team in place. dlvr.it/RqfJWx https://t.co/RsKDCowM5V

January 15, 2021
ChannelFutures

bit.ly/3oO2vFY twitter.com/Craig_Galbrait…

January 15, 2021
ChannelFutures

The Ultimate MSP Guide to Sales Efficiency @zomentum dlvr.it/Rqc63q https://t.co/rHIVLkR01K

January 15, 2021
ChannelFutures

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools dlvr.it/Rqc62k https://t.co/MQDcIYc7G9

January 15, 2021
ChannelFutures

.@SamsungMobile debuts new #GalaxyS21 line with improved hardware-based security, wireless PC and Mac DeX.… twitter.com/i/web/status/1…

January 14, 2021
ChannelFutures

.@Malwarebytes OneView enhanced to streamline #MSPs' security business. dlvr.it/Rqbkj3 https://t.co/yEfJix3IfY

January 14, 2021
ChannelFutures

.@HPE, @SYNNEX among partners looking forward to new @intel CEO's arrival. dlvr.it/RqbZwZ https://t.co/qYaUSL3veH

January 14, 2021
ChannelFutures

.@KaseyaCorp has announced Unified Remote Monitoring and Management, the cornerstone of Kaseya VSA.… twitter.com/i/web/status/1…

January 14, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X