MSSP Market News: KnowBe4, Sherweb, MITRE

Each business day MSSP Alert delivers a quick lineup of news, analysis, and chatter from across the MSSP, MSP and cybersecurity world.

Reaching Our Inbox: 
Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

Today’s MSSP Alert Market News:

1. Phishing Defense Partnership: KnowBe4, a security awareness training and simulated phishing platform provider, has unveiled its new Microsoft Ribbon Phish Alert Button (PAB), developed in collaboration with Microsoft for Outlook, to elevate email security standards and make it easy to report suspected phishing. KnowBe4’s PAB is integrated into the Outlook Home ribbon, which empowers users to report suspicious emails with just one click, directly from their inbox. The PAB Button turns Microsoft’s existing spam reporting tool in Outlook into an advanced email threat management feature, the company said.

2. MSP Service Portal Debuts: Sherweb, a cloud marketplace company that serves MSPs, has launched a new Self-Service Portal designed to help MSPs free up time and resources. The Self-Service Portal offers customization options that allow MSPs to deliver a client experience that is consistent with the rest of their offerings, including branding the portal to look like their own platform, Sherweb said.

3. MITRE Release ATT&CK Evaluations for MSSPs: MITRE Engenuity ATT&CK Evaluations (ATT&CK Evals) has released its second round of independent ATT&CK Evaluations for MSSPs. This round of ATT&CK Evals focused on adversary behavior informed by menuPass (G0045), a Chinese-based threat group, and an ALPHV/BlackCat ransomware affiliate. ATT&CK Evals mirrored the techniques and malware of menuPass, as well as an ALPHV/BlackCat affiliate’s deployment of BlackCat ransomware to Windows and Linux ESXi servers, highlighting data encryption/destruction and system recovery obstruction behaviors. CrowdStrike announced that it set a new speed benchmark for cybersecurity threat detection, identifying and alerting on a sophisticated eCrime adversary attack in just four minutes.

4. MSSP Partnership Formed: Logpoint, a Europe-based cybersecurity company, has formed a new partnership with the value-added software distributor Prianto to empower MSSPs in the Central European region to detect, investigate and respond efficiently to cyber threats on a larger scale. The partnership follows the announcement of Logpoint’s new MSSP program, designed to help MSSPs capture opportunities with the tools, resources, and support they need, the company said.

5. GenAI Funding Program Launched: Amazon Web Services has announced a $230 million commitment for startups around the world to accelerate the creation of generative AI applications. This will provide startups with AWS credits, mentorship and education to further their use of AI and machine learning (ML) technologies. The funding will support the second cohort of the AWS Generative AI Accelerator, a program that provides hands-on expertise and up to $1 million in credits to each of the top 80 early-stage startups that are using generative AI to solve complex challenges. Applications for the AWS Generative AI Accelerator will be accepted until July 19. Startups can apply here.

6. Funding Round: Huntress, a specialist in cybersecurity for small businesses to small enterprises, has closed a $150 million Series D funding round led by Kleiner Perkins, Meritech Capital and existing investor Sapphire Ventures. This latest infusion of capital will support endpoint, identity, cloud and SaaS security research alongside strategic acquisitions, the company said.

7. Funding Round: Entro Security, a non-human identity security specialist, has closed an $18 million Series A round, led by Dell Technologies Capital with the participation of seed investors Hyperwise Ventures and StageOne Ventures, and also angel investors Rakesh Loonkar and Mickey Boodaei. Entro said it will use the financing to scale global operations and meet the strong demand for its platform across key industries. Entro has raised $24 million since exiting stealth in May 2023.

8. Malware Alert: A new malware distribution campaign uses fake Google Chrome, Word and OneDrive errors to trick users into running malicious PowerShell “fixes” that install malware. The new campaign was observed being used by multiple threat actors, including those behind ClearFake, a new attack cluster called ClickFix, and the TA571 threat actor, known for operating as a spam distributor that sends large volumes of email, leading to malware and ransomware infections. (Source: Bleeping Computer)

9. Hacker Activity Spotted: A group of suspected Chinese cyberespionage actors named “Velvet Ant” are deploying custom malware on F5 BIG-IP appliances to gain a persistent connection to the internal network and steal data. According to a Sygnia report, Velvet Ant established multiple footholds using various entry points across the network, including a legacy F5 BIG-IP appliance that served as an internal command and control server. (Source: Bleeping Computer)

10. MSSP Scores Funding: MSSP Legato Security, a managed detection and response (MDR) provider, has received a capital investment to support its strategic growth. The round was led by Level Structured Capital and SageLink Capital. Legato Security will amplify and accelerate its growth and go-to-market strategies, partner marketing, sales organization and continued investments into its Ensemble security operations platform, the company said. The amount of funding was not disclosed.