Expert Insights Cybersecurity Vendor News Recap: November 21 –28, 2024 

💰Vendor M&As

• • Wiz has announced it will acquire Dazz, a channel-focused ASPM provider, in a deal reported at $450 million USD. The deal will extend Wiz’s cloud remediation capabilities. (CRN)

• • N-Able is set to acquire Adlumin, an XDR and MDR platform for MSPs. Adlumin is already a ‘strategic partner’ with N-Able. (MSSP Alert)

• • Bitsight, the cyber risk management provider, announced it will acquire Cybersixgill, a cyber threat intelligence platform, in a reported $115 million USD deal. (CRN)

📟 Releases & Patches

• • Microsoft has announced it will add support for third-party Passkeys to Windows 11, enabling users to choose their own Passkey provider, such as 1Password and Bitwarden. (Techradar)

• • Microsoft has released patches for vulnerabilities in Azure, Copilot Studio, and its Partner Network Website. Customers do not need to take any action, but CVEs and advisories have been released for transparency. (SecurityWeek)

• • IBM released patches for two high-severity remote code execution vulnerabilities in its Data Virtualization Manager and Security SOAR products. Details on how to download the fixes can be found here. (SecurityWeek)

🎣 Threats, Bugs & Hacks

• • ESET has discovered two zero-day security bugs found in Windows and Firefox which have been exploited by a Russian ATP group named ‘RomCom’. Fixes for both vulnerabilities have already been released. (TechRadar)

• • Trellix researchers identified a cyberattack leveraging an outdated and vulnerable driver from Avast to bypass detection and disable antivirus measures on targeted systems. (TechRadar)

• • Cloudflare announced that a bug this week caused 55% of all customer logs over a 3.5-hour window to be lost. The logs allow customers to analyze traffic to their websites and monitor security incidents. (BleepingComputer)

• • Meta has shut down two million accounts linked to ‘pig butchering’ scam campaigns run out of South-East Asia and the Middle East. Pig butchering scams involve using social engineering tactics to trick people, typically involving cryptocurrency. (Infosecurity Magazine)

🎙️ Expert Insights: Interviews

Don’t miss this week’s round of interviews with cybersecurity experts and thought leaders.

• • Cisco Security: Cisco’s director of product management on the email threats to watch in 2025

• • Veeam: Veeam’s CTO on the evolving cloud threat landscape

• • Barracuda Networks: Barracuda’s Olesia Klevchuk on the rise of AI-driven email scams

• • Proofpoint: Proofpoint’s director of strategy on the top email and identity risks to prioritize in 2025

• • Nord Security: Nordlayer’s head of product on how to address network challenges and simplify cybersecurity for users

💡 We’ll be back next week with another roundup of the biggest cybersecurity vendor stories. Until then!

Expert Insights’ Cybersecurity Resources

• • The Top RMM Solutions For MSPs

• • The Top Mobile Device Management (MDM) Solutions

• • The Top Email Security Solutions For Office 365

• • The Top Email Security Gateways

• • The Top Multi-Factor Authentication (MFA) Solutions For Business

• • The Top Phishing Protection Solutions

• • The Top Cyber Threat Intelligence Solutions