Cyber Security News — Past 24 hours | 03.08.2021

Chinese Hackers Target Major Southeast Asian Telecom Companies

Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017.

Stack Overflow Teams

The Boston-based cybersecurity firm linked the campaigns to three different Chinese threat actors, namely Gallium , Naikon APT , and TG-3390 .
The activity surrounding the latter of the three clusters started in 2017, while Gallium-related attacks were first observed in Q4 2020, with the Naikon group jumping on the exploitation bandwagon last in Q4 2020. All three espionage operations are believed to have continued all the way to mid-2021.

Prevent Ransomware Attacks

Regardless of the attack chain, a successful compromise triggered a sequence of steps, enabling the threat actors to perform network reconnaissance, credential theft, lateral movement, and data exfiltration.
The Emissary Panda cluster is the oldest of the three, primarily involving the deployment of a custom .NET-based OWA backdoor, which is used to pilfer credentials of users logging into Microsoft OWA services, granting the attackers the ability to access the environment stealthily.

Source — https://thehackernews.com/2021/08/chinese-hackers-target-major-southeast.html

Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs

As cyber incidents increase in scope and impact, more and more organizations come to realize that outsourcing their defenses is the best practice — significantly increasing the Managed Security Service Provider market opportunities.
Until recently, IT integrators, VARs, and MSPs haven’t participated in the growing and profitable MSSP market as it entailed massive investments in building an in-house skilled security team.

The barriers to becoming an MSSP

The main obstacle to entering the MSSP market is a lack of prior security experience. Responsibility for an organization’s breach protection is not taken lightly, making many IT service providers cautious about offering security services without skilled professionals at hand.

Consolidation and automation — the path to MSSP

Security consolidation and automation appeal to security services newcomers because they shift breach protection workflows such as investigations and remediations from being dependent on manual skill to a product functionality that can be performed regardless of prior security skill and experience.

Cloud-native solution with no hardware to purchase, deploy and integrate

Purpose-built platform to radically simplify security operations, Cynet 360 can be efficiently operated by any IT professional without the need for specialized security proficiency — which means there is no need to hire a new expert team.
Cynet’s platform includes the functionalities of all core security products — AV, NGAV, EDR, Network Traffic Analytics, Deception, and User Behavior Analysis . As such, it enables the MSSP to provide an extensive range of security needs to its existing client base.

Source — https://thehackernews.com/2020/01/managed-cybersecurity-services.html

Stay Focused. Stay Vigilant.

Cyber Threat Incident Management Team — Cyber Security Community @ SLIIT