The importance of cloud security continues to grow, and this week OpenText is rolling out a major update to its platform to help providers simplify the process of providing it. The improvements include a number of new features to reduce friction, plus it integrates with top MSP platforms from ConnectWise, Kaseya, and Autotask.
Today we also have good news for anyone exploring offering vCISO services. Cynomi offers a new learning platform to help MSPs and MSSPs keep up with what they need to start offering such services.
We also have information about several new threat reports addressing election security and phishing. Plus, there's a new partnership between 1Password and TD Synnex.
I'm on the Canalys North America forum this week, so if you're there too, please say hello and introduce yourself! As always, please submit news, tips or other information to share with me at (email protected).
MSSP updated today
1. Secure Cloud – OpenText is rolling out a major update to its Secure Cloud platform, designed to drive growth for managed security providers (MSPs) with new features including automated provisioning, enhanced product bundling, integrated task management, and improved reporting and analytics. The company said the platform update streamlines MSP operations, helping it focus on customer growth and retention. It also integrates with platforms from ConnectWise, Kaseya, and Autotask. New offerings include OpenText MDR, Cork Cyber ​​Assurance, Pen Testing, and Azure Virtual Desktop.
2. Learn to Be a vCISO – vCISO platform provider Cynomi has launched vCISO Academy, a free, comprehensive professional learning center designed to support providers in creating or expanding their vCISO services. The academy will provide MSPs and MSSPs with the knowledge, tools and training needed to meet the growing demand for strategic cybersecurity services, the company said.
3. Device Protection – Ivanti has released App Control Neurons, which protects devices from unauthorized apps. Ivanti also released new analytics in the Neurons platform and new features for Ivanti Neurons for patch management to enhance security and ensure compliance, the company said.
4. New Phishing Scheme – Netskope Threat Labs has observed a 10-fold increase in phishing schemes that redirect victims to unencrypted phishing pages via Webflow. Netscape revealed the new information today and said that attackers successfully targeted more than 120 organizations around the world. The company said that unlike other apps like Cloudflare R2 or Microsoft Sway that provide random alphanumeric subdomains, Webflow allows custom subdomains, effectively tricking victims.
5. Password Partnership – 1Password has partnered with TD Synnex to expand 1Password's identity security solutions to businesses across North America. 1Password's Extended Access Management (XAM) solution is able to secure every application from every device that tries to access their systems.
6. Political Campaign Security – A new report from Red Sift finds that many campaign websites and digital infrastructures lack robust cybersecurity measures. Although email security is important, Red Sift's analysis shows that 75% of U.S. Senate and presidential political campaign sites lack DMARC protection, making them vulnerable to phishing and spoofing attempts, which can lead to breaches and leaks.
7. AI Assistance for Phishing Defense – Cofense is rolling out AI-based spam mitigation capabilities to its phishing detection and response (PDR) platform. These improvements reduce the workload so SOC analysts can focus on real threats that can quickly damage an organization's revenue or reputation.
8. Attackers Leverage Virtual Hard Drives Separately, new research by Cofense Intelligence includes details on how threat actors are using virtual hard drives to bypass secure email gateways and commercial antivirus software to share malicious payloads. The company said that while email subjects may vary from campaign to campaign, they all appear to offer Remcos Remote Access Trojan (RAT) and/or XWorm RAT.
