Welcome to the MSP Radio newsletter, catching you up on some stories you might have missed! Each week we'll pull a few stories from the podcasts, give you highlights and insights, and make it easy for you to catch up on the latest news and commentary.
An email chain from a woman named Christine was forwarded from Corcoran’s bookkeeper with the appearance of coming from her assistant Emily. The scammers changed just one letter in Emily’s email address to appear to be coming from Corcoran’s assistant.
The bookkeeper did ask follow up questions, asking what the money was for, and got a solid cover story back. The bookkeeper executes the wire payment, and then emails to the real Emily at her real address, and the scam is uncovered… too late.
Why do we care?
I’m offering this story up because it’s high profile. This is an opportunity to take security education to customers, and a reminder to reinforce that security training.
You may know the sophistication of these attacks, but examples like this are useful to communicate that to your customers. This is a high profile celebrity businesswoman, but the research and subsequent scam can happen to anyone.
It’s not a unique scam. What is different is the recognizable nature of the victim, which does make the story relatable, and likely to have broken through the noise.
CompTIA Backs off Right to Repair
CompTIA Backs off Right to Repair: Learn about how we got here.
Cloud security from Google... and a call to vendors
From Wednesday, Feb 26th's episode: Google Cloud announced a series of new security capabilities designed to cater to enterprise customers. This includes a new way to detect threats using technology from Chronicle, the cybersecurity company from Alphabet’s moonshot X unit which was folded into Google Cloud last year.
Customers can now detect threats using YARA-L, which allows rules to be built to detect attacks. YARA is a open source language for writing rules to detect malware, and the YARA-L is focused on logs.
The announcement includes new options for protecting against activities like scraping, credential misuse, and automated account creation,
as well as capabilities via Web Risk API for idenfying known bad sites, warning users before they click bad links, and preventing users from posting links to known malicious pages.
Why do we care?
Previously, I covered data about cloud adoption for technology services companies, and observed a lack of innovation in management in this space for those focused on small and midsized organization.
Today, I’m going to observe the same disparity on security technologies. Enterprises are getting capabilities to address security concerns that are far ahead of what a small organization can leverage. One of the values that companies that deliver technology to providers has been is the ability to take these complicated pieces of tech and make them available to a larger population, particularly SMBs. The rise of the Remote Monitoring and Management space is a great example.
I’m waiting for these kinds of offerings to get delivered to the masses. I think there is opportunity here for vendors that move here, but I’m also disappointed in the lack of investment I’m seeing from the larger vendors who have the spoils to build this capability out. I think they’d rather just buy things and add revenue than build anything.
From the Register: “Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date. That means websites using long-life SSL/TLS certs issued after the cut-off point will throw up privacy errors in Apple's browser. “
This implementation in Safari impacts both iOS and macOS devices.
Why do we care?
Apple has unilaterally made this decision, and with such a significant portion of web traffic being iOS alone, this now matters. Check those certificate expirations, because this will cause problems to certificates as of Sept 1, 2020. Service providers, you have been warned.
March 9-12, 2020 at the Venetian & Sands Expo in Las Vegas, I'll be presenting this unique keynote address, as well as participating on another panel and moderating a third. Use promo code SOBEL to save on your registration. Would love to have you there.