Mergers and Acquisitions, Cloud Security, SSO/MFA

Security Update: WordPress Malware Attack, High Wire Networks M&A

(Adobe Stock Images)
  • High Wire Networks Sells Non-MSSP Businesses, Preps for Acquisitions
  • WordPress Fights Off Malware Attack, 5 Plugins Infected
  • CISA: How MSPs Can Help SMBs Adopt SSO
  • Splunk .conf24: Key Highlights from First Event Post-Cisco Deal

Each week ChannelE2E visits our affiate site MSSP Alert to bring you a wrap of the top stories impacting MSPs who are deeply focused on cybersecurity.

This week we’ve got news for you about Top 250 MSSP High Wire Networks selling off its non-MSSP businesses as it prepares for acquisitions as a pure play managed security service provider. We’ve also got information about a recent malware attack on Wordpress sites, so if you manage these on behalf of your clients, you’ll want to dive into that coverage. In addition, there’s a new report from CISA about how MSPs play a crucial role in helping SMBs adopt single sign on to help with cybersecurity. Plus we’ve got a round up of coverage from the Splunk .conf24 event.

Check out all the coverage below.

High Wire Networks Sells Non-MSSP Businesses, Preps for Acquisitions

High Wire Networks, a Top 250 MSSP, is putting all its resources into managed security services, selling off all other businesses and becoming a pure play MSSP. Executives signaled that the company may also pursue strategic acquisitions.

The company announced this week that it has sold its technology enablement services business for $11.2 million to ServicePoint in an all cash deal. Proceeds will be used to reduce debt by $5 million and put more cash in the balance sheet.

In addition High Wire’s board of directors approved the holding for sale of the company’s VoIP and data network services subsidiary, Secure Voice Corp. High Wire also said that there’s a tentative sales agreement in place for Secure Voice and the company expects to complete the sale before the end of Q3.

In a LinkedIn post High Wire chairman and CEO Mark Porter said that the combination of High Wire's Technical Services business with ServicePoint IT is an effort "to create one of the biggest and best professional services organizations in the United States. This combined entity will provide our clients with a broader set of services, greater reach, and continue the journey we started so long ago. Many of our great folks will be leading the way forward and continue in their service to our clients." Porter also said that he will serve as an advisor to the ServicePoint venture.

Read the complete article here.

WordPress Fights Off Malware Attack, 5 Plugins Infected

Considering that many MSSPs and MSPs manage WordPress sites for their customers, news of a malware injection into five WordPress plugins raises concern about the vulnerability of this common website content creation software.

The software supply chain attack backdoors malicious code that makes it possible to create rogue administrator accounts, with the aim of performing arbitrary actions, The Hacker News reports. The break-in established malicious admin accounts with the "Options" and "PluginAuth" usernames, enabling the exfiltration of account details to the IP address 94.156.79[.]8.

Attackers also conducted malicious JavaScript code injections to infect targeted websites with search engine optimization spam, Defiant’s Wordfence security researcher Chloe Chamberland blogged. All of the affected plugins have already been removed from the WordPress plugin directory. Only Social Warfare has issued a new version addressing the issue. Immediate deletion of the plugins has also been recommended to website admins.

Now, on top of malware, a new credit card skimmer “Caesar Cipher Skimmer” is infecting multiple content management platforms, including WordPress, Magento and OpenCart, Ben Martin of Securi reports.

Read the complete article here.

CISA: How MSPs Can Help SMBs Adopt SSO

MSPs are the keystone of providing SMBs with help to improve their security posture through the implementation of single sign-on. That's one of the conclusions of a new report from the Cybersecurity & Infrastructure Security Agency (CISA) that addresses the challenges SMBs face with this technology.

Among the recommendations made by CISA is this -- vendors should provide a more flexible schedule of seat thresholds for SMBs. Specifically, CISA recommends vendors allow pooling SSO licenses at the MSP level or SMB-group level rather than the individual subscriber organization level.

MSPs are not only a big part of the recommended solution to the issue. CISA also consulted with experienced MSPs to prepare this study. In addition, CISA worked with other stakeholders including SSO vendors, non-profit organizations dedicated to improving cybersecurity, and SMBs that have experience with adopting SSO and migrating across SSO platforms.

CISA's report is titled Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities. CISA’s accompanying blog post, Why SMBs Don’t Deploy Single Sign-On (SSO), urges software manufacturers to consider how their business practices may inadvertently reduce the security posture of their customers.

Read the complete article here.

Splunk .conf24: Key Highlights from First Event Post-Cisco Deal

Splunk wrapped up its .conf24 user conference in Las Vegas earlier this month, the first event since the company was acquired by Cisco last year.

Users and channel partners at the event witnessed the first manifestations of what the merged company and channel programs will look like in the months and years ahead as these two giants come together. Some may say these two companies together create a powerful partnership of equals that translates into stronger solutions, tools and business relationships across its network of MSSPs, MSPs and cybersecurity vendors.

The conference was host to approximately 5,500 attendees, including more than 40 sponsors and 1,000 partners.

MSSP Alert was there. Here's a wrap up of all the coverage from Splunk's annual event.

Read the complete article here.

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.