- High Wire Networks sells non-MSSP business, prepares for acquisition
- WordPress fends off malware attack, five plugins infected
- CISA: How MSPs can help small businesses adopt SSO
- Splunk .conf24: Key highlights from first event since Cisco acquisition
Every week, ChannelE2E visits our companion site, MSSP Alert, to round up the top stories impacting cybersecurity-focused MSPs.
This week we bring you news that High Wire Networks, a top 250 MSSP, is selling its non-MSSP business as it prepares to acquire as a pure-play managed security services provider. We also received information about a recent malware attack on WordPress sites, which we recommend you read further if you manage these sites on behalf of your clients. Additionally, CISA has released a new report on the critical role MSPs play in helping small and medium-sized businesses adopt single sign-on to improve their cybersecurity. Plus, we’ve compiled a report from the Splunk .conf24 event.
Check out all our coverage below:
High Wire Networks sells non-MSSP business, prepares for acquisition
High Wire Networks, a Top 250 MSSP, plans to put all of its resources into managed security services and sell all other businesses to become a pure MSSP, and executives have indicated the company may also pursue strategic acquisitions.
The company announced this week that it has sold its technical support services business to ServicePoint for $11.2 million in an all-cash transaction, with proceeds to be used to reduce debt by $5 million and put more cash on the balance sheet.
Additionally, High Wire’s board of directors approved the sale of its VoIP and data network services subsidiary, Secure Voice Corp. High Wire also said a tentative sale agreement has been signed for Secure Voice and that it expects to close the sale by the end of the third quarter.
High Wire Chairman and CEO Mark Porter said in a LinkedIn post that combining High Wire’s technical services business with ServicePoint IT is “an effort to create the largest and best professional services organization in the United States. This combined organization will offer a broader range of services and greater reach to our clients, continuing the work we began so long ago, with many of our best people leading the way and continuing to serve our clients.” Porter also said he will serve as an advisor to the ServicePoint venture.
WordPress fends off malware attack, five plugins infected
Given that many MSSPs and MSPs manage WordPress sites for their clients, the news that five WordPress plugins have been injected with malware raises concerns about vulnerabilities in this popular website content creation software.
Hacker News reports that the software supply chain attack plants malicious code in a backdoor that allows for the creation of unauthorized administrator accounts with the purpose of carrying out any action. The intrusion created malicious administrator accounts with the usernames “Options” and “PluginAuth” and exfiltrated the account details to the IP address 94.156.79.[.]8.
The attackers also performed malicious JavaScript code injections to infect targeted websites with search engine optimization spam, Chloe Chamberland, a Wordfence security researcher at Defiant, said in a blog post. All affected plugins have already been removed from the WordPress Plugin Directory. Only Social Warfare has released a new version that addresses the issue, and website administrators are advised to remove the plugins immediately.
In addition to the malware, a new credit card skimmer called “Caesar Cipher Skimmer” has now infected several content management platforms, including WordPress, Magento and OpenCart, according to Securi’s Ben Martin.
CISA: How MSPs can help small businesses adopt SSO
MSPs are key to helping small businesses improve their security posture through single sign-on implementations, which is one of the conclusions of a new Cybersecurity and Infrastructure Security Agency (CISA) report that highlights the challenges small businesses face with the technology.
Among CISA’s recommendations is that vendors should offer more flexible seat threshold schedules for small and medium-sized businesses. Specifically, CISA encourages vendors to allow pooling of SSO licenses at the MSP or SMB group level, rather than at the individual subscriber organization level.
MSPs aren’t just a big part of the recommended solutions to this problem: CISA also consulted with experienced MSPs to prepare this study. Additionally, CISA worked with other stakeholders, including SSO vendors, nonprofits committed to improving cybersecurity, and small businesses with experience in SSO adoption and migration between SSO platforms.
CISA’s report is titled “Barriers to Single Sign-On (SSO) Adoption in Small and Medium Businesses: Identifying Challenges and Opportunities,” and its accompanying blog post, “Why Small Businesses Aren’t Adopting Single Sign-On (SSO),” urges software manufacturers to consider how their own business practices may unintentionally weaken the security posture of their customers.
Splunk .conf24: Key highlights from first event since Cisco acquisition
Splunk Ended .conf24 User Conference The event, held in Las Vegas earlier this month, was the company’s first Cisco last year.
Customers and channel partners in attendance at the event got their first glimpse of what the combined company and channel programs will look like in the months and years to come as the two giants come together. Some say the collaboration between the two companies will create a stronger, equal partnership that will lead to stronger solutions, tools and business relationships across the MSSP, MSP and cybersecurity vendor network.
The conference attracted approximately 5,500 participants, including more than 40 sponsors and over 1,000 partners.
MSSP Alert was there too. Here’s a roundup of everything we covered at Splunk’s annual event.