Expert Insights Cybersecurity Industry News Recap: November 28 – December 5, 2024

Welcome to your weekly recap of the cybersecurity industry news, M&As, releases and hacks making headlines this week.

💡 Expert Insights will be sponsoring the CyberMarketingCon in Philadelphia next week. If you’re there, come and say hello!

🤔 Have any feedback or stories to share? Get in touch with [email protected].

🚨Vendor News & Announcements

• AWS hosted re:Invent 2024 this week, during which they announced several new products, including an incident response service and extended threat detection capabilities for Amazon GuardDuty. (SecurityWeek)

• Wiz announced ‘Wiz Defend’ a new platform for AI and cloud threat detection and response, build on their acquisition of Gem Security in April.

• Thales has launched a data risk intelligence solution which unifies Imperva’s Data Security Fabric’s risk and threat identification solution with the Thales CipherTrust Data Security Platform. (SecurityInfoWatch)

• Tuskira, an AI powered threat defense start-up, has closed a $28.5 million funding round co-led by Intel Capital and SYN Ventures. The company aims to unify and optimize standalone cybersecurity tools. (TechCrunch)

• CrowdStrike has reportedly avoided a customer exodus following the Flacon software update error back in July that cased a global IT network outage. CrowdStrike’s earnings call showed that customer retention was at 97%.

• Magna5, an IT and cybersecurity services provider has acquired ThreatAdvice, an MSSP providing breach prevention and other cybersecurity services. (MSSPAlert)

📟 Product Releases & Patches

• Veeam has issued a patch for two vulnerabilities, including an RCE bug that could enable threat actors to execute code on its web-based management console for MSPs. (CSO Online)

• Google has shared December’s Android security fixes, which include patches for 14 high-severity vulnerabilities, including a remote code execution flaw. (SecurityWeek)

• Microsoft this week released patches for vulnerabilities affecting Azure, Copilot Studio and its Partner Network website. Customers do not need to take any action. (SecurityWeek)

🎣 Threats, Bugs & Hacks

• 15 ‘SpyLoan’ Android malware apps have been found on the Google Play store with over 8 million downloads, according to McAfee Threat Researchers. They have now been removed from the Android app store. (BleepingComputer)

• Any.Run, a malware hunting firm, has detailed a new phishing attack involving sending corrupted Microsoft Word documents as attachments to evade antivirus software and spam filters. (X)

• Threat researchers at Fortra have found that Cloudflare developer domains are being abused by cybercriminals to create phishing sites and redirects. (Cybersecuritynews)

🎙️ Expert Insights: Interviews

Don’t miss this week’s round of interviews with cybersecurity experts and thought leaders.

• Duncan Godfrey, Chief Information Security Officer at Rippling: Tackling IAM Challenges & Building A Robust, Scalable Zero Trust Strategy
  
• Rob Emsley, Director, Data Protection Product, Dell Technologies: Simplifying Cloud Backup and Preparing for AI-Driven Threats

💡 We’ll be back next week with another roundup of the biggest cybersecurity vendor stories. Until then!

Expert Insights’ Cybersecurity Resources

• The Top RMM Solutions For MSPs
• The Top Mobile Device Management (MDM) Solutions
• The Top Email Security Solutions For Office 365
• The Top Email Security Gateways
• The Top Multi-Factor Authentication (MFA) Solutions For Business
• The Top Phishing Protection Solutions
• The Top Cyber Threat Intelligence Solutions