Today the U.S. Supreme Court upheld the TikTok ban expected to go into effect Sunday—unless it’s sold or there is some last-minute reprieve. But don’t worry if you’ve been preoccupied downloading your favorite TikTok videos ahead of the ban, because we’ve got you covered with the lastest channel news. Find out what new services and products were launched this week. Also, check out who acquired who, which channel veterans are moving to different companies, and what the cybercriminals are sneaking onto websites. Happy reading!
Products & Services
Gradient MSP Launches Managed Billing Reconciliation Service
Gradient MSP, provider of a billing reconciliation solution for MSPs, launched a Managed Billing Reconciliation (MBR) service. The fully managed service combines Gradient’s software tools with expert billing specialists to completely offload monthly vendor usage reconciliation for MSPs.
“Billing is too sensitive to leave to full automation,” said Colin Knox, CEO of Gradient MSP, in a press statement. “That’s why we’re taking a fully managed approach with MBR. By combining our integrated software solution with a team of dedicated billing specialists, we can give MSPs the confidence and accuracy they need while freeing them from hours of tedious work each month.”
Gradient MSP’s Managed Billing Reconciliation service is now available.
CrowdStrike Introduces Insider Risk Services
CrowdStrike announced CrowdStrike Insider Risk Services. These offerings are designed to help organizations detect and prevent insider threats from negligent employees, malicious insiders, and sophisticated adversaries. The services combine the CrowdStrike Falcon cybersecurity platform with advanced threat intelligence, threat hunting, tailored assessments, program reviews, and expert-led incident response.
Wildix Unveils Next-Generation UC&C Platform at Virtual Summit
At this week’s annual UC&C Summit, Wildix introduced WMS 7, its next-generation UC&C platform. WMS 7 integrates real-time transcription, intelligent summarization tools, and an enhanced chat engine powered by AI.
Other announcements included advancements to x-bees, its Salesforce-integrated communication platform. Wildix also expanded its channel-only strategy with the Sales Elevate Lab, offering advanced training and tools for partners. A $1 million incentive pool empowers partners to close high-impact deals, while the newly established Sales Engineering Team provides expert technical guidance to navigate complex opportunities.
In addition, updates to x-hoppers, a retail solution, include AI-driven theft detection, line management and safety alerts.
“Every announcement, product, or project we unveiled has one goal: empowering our partners and their customers to succeed,” said Steve Osler, CEO of Wildix, at the virtual event. “With WMS 7’s advanced transcription and summarization capabilities, x-bees’ intelligent sales solutions, and x-hoppers’ transformative retail tools, we are equipping partners to grow their businesses by delivering solutions that meet modern workplace challenges. By focusing exclusively on the channel, we ensure our partners have the resources and tools they need to drive impactful results for their customers.”
M&A – Vendors
AvePoint Acquiring Ydentic
AvePoint, a provider of data security, governance and resilience solutions, is acquiring Ydentic. The SaaS company specializes in centralized multitenant management for Microsoft MSPs. This strategic acquisition of Ydentic will drive the continued evolution of Elements, AvePoint’s MSP Platform.
“We are thrilled to welcome Jorn Wittendorp and the Ydentic team to AvePoint,” said Dr. Tianyi Jiang (TJ), CEO and co-founder of AvePoint. “This acquisition aligns perfectly with our strategic priority to scale and expand our channel ecosystem. Together, we will enhance automation, service management, and reporting and data insights capabilities for MSPs, creating further competitive differentiation and economic opportunity for our channel partners.”
AvePoint anticipates the acquisition to close at the end of January.
Cytracom Acquires Telivy for Its Portfolio
Cytracom, a provider of infrastructure software for MSPs, acquired Telivy, maker of a cyber risk discovery platform. The strategic investment accelerates Cytracom’s expansion into security and risk management (SRM), complementing its SASE and UCaaS solutions, according to the company.
By incorporating Telivy’s technology, Cytracom will add advanced capabilities in attack surface management (ASM) and data security posture management (DSPM) to its platform.
“This acquisition represents the next phase in our mission to empower MSPs with comprehensive critical infrastructure solutions,” said Zane Conkle, CEO of Cytracom, in a press statement. “As we continue to evolve our platform, we’re focused on delivering innovations that help our partners effectively communicate cybersecurity value to their clients and ultimately grow their businesses. The addition of security and risk management capabilities addresses a critical need in the market, and we’re excited about the advancements this will bring to our partners.”
Investments
Cork Gets Another Backer with New VC Fund
Cork Protection, a provider of cybersecurity solutions and financial risk management, announced a strategic growth investment from Top Down Ventures through its newly launched Founders Fund I. Top Down Ventures is joining investors DVx Ventures, Vestigo Ventures, and Austin McChord’s Outsiders Fund in backing Cork.
“At Cork, we’ve built a platform designed to redefine the way MSPs and SMBs approach cybersecurity—by providing protection from the inside out,” said Dan Candee, CEO of Cork Protection. “The support from Top Down Ventures is not only a validation of our mission but also a catalyst to accelerate our growth and expand the reach of our AI-powered insights and cyber warranty offerings.”
The investment also brings together two leaders in the MSP and SaaS spaces: Chris Day, founder and chairman at Top Down Ventures, founder/CEO of ScalePad, and founder of IT Glue (which Kaseya purchased); and McChord, founder of Outsiders Fund and Datto.
Day’s role as CEO of ScalePad creates opportunities for Cork to align its cybersecurity solutions with ScalePad’s suite of offerings, according to the company. “This collaboration has the potential to deliver enhanced security, streamlined operations, and proactive risk mitigation for MSPs and their clients,” said Day.
PE Firm Revelstoke Makes First MSP Investment
Private equity firm Revelstoke made its first investment in the MSP/MSSP industry with Omega Systems. The MSP is headquartered in Reading, Pennsylvania, with locations thoughout the Northeast. The investment comes on the heels of Omega’s successful four-year partnership with Pfingsten Partners, a Chicago-based private equity firm. During that period, Omega completed four successful acquisitions.
People
Exclusive Networks appointed channel veteran Jason Beal as president of the Americas, replacing Brian Vincik, who is stepping away. Previously, Beal was Barracuda’s vice president of worldwide partner ecosystems. Before that, he was AvePoint’s senior vice president of global channel and partner ecosystems … Coro, a cybersecurity platform provider, is expanding into the EMEA region. It opened a London office, and appointed Piers Morgan to senior vice president and general manager of EMEA … Cybersecurity platform provider Cynet is adding two channel leaders to its executive team. Cynet appointed Karen Ward to senior vice president of sales. Ward previously led channel growth and scale initiatives as VP, North America MSP Sales, at Barracuda. Jeannine Edwards, who has channel experience from roles at Arcserve and ConnectWise, joins Cynet as senior director of marketing.
Distribution & Marketplaces
Qlik’s data integration, data quality, analytics, and artificial intelligence (AI) solutions will now be available through TD SYNNEX. “Expanding our reach through TD SYNNEX allows us to deliver Qlik’s industry-leading data and analytics solutions to a vast ecosystem of partners,” said David Zember, senior vice president of worldwide channels and alliances at Qlik, in a press statement
Integrations & Partnerships
Tech Mobile Software has integrated its eTMS field service management solution with the ConnectWise PSA. This real-time interface provides a unified view of both eTMS and ConnectWise PSA tasks, all within a single screen. Key features of the integration include real-time synchronization of tickets and calls and the ability for managers to monitor open tickets and calls across the company.
SentinelOne’s Purple AI security analyst can now be used with data from the Zscaler Zero Trust Exchange platform, Palo Alto Networks Firewall, Okta, Proofpoint TAP, Fortinet FortGate, and Microsoft Office 365. The expansion of SentinelOne’s Purple AI to third-party data sources is available immediately for all Purple AI customers. Multilingual support is now open for early access to existing SentinelOne customers with Purple AI.
CyberArk announced a new integration between CyberArk privileged access manager (PAM) and Microsoft Defender for Identity.
By the Numbers
Attackers Are Sneaking Malware into Images on Websites
Malware-by-numbers kits and GenAI are making life easier than ever for cybercriminals, according the latest Threat Insights Report from HP Wolf Security. Armed with these tools, attackers are experimenting with techniques to bypass detection and trick victims into infecting their endpoints. For instance, they’re embedding malicious code inside images.
A Look Inside the Report
The report examines data from Q3 2024. HP threat researchers identified three notable campaigns. Here’s what the report said:
- Malware-by-numbers kits: HP threat researchers observed large campaigns spreading VIP Keylogger and 0bj3ctivityStealer malware that leverage the same techniques and loaders, suggesting the use of malware kits to deliver different payloads. In both campaigns, attackers hid the same malicious code in images on file hosting websites like archive.org, as well as using the same loader to install the final payload. Such techniques help attackers circumvent detection, as image files appear benign when downloaded from well-known websites, bypassing network security like web proxies that rely on reputation.
- GenAI helping to create malicious HTML documents: Researchers also identified an XWorm remote access trojan (RAT) campaign initiated by HTML smuggling, which contained malicious code that downloads and runs the malware. Notably, similar to an AsyncRAT campaign analyzed in the previous quarter, the loader bore hallmarks that indicate that it may have been written with the help of GenAI, for example, including a line-by-line description and the design of the HTML page.
- Gaming cheaters never prosper: Attackers are compromising video game cheat tools and modification repositories hosted on GitHub, adding executable files containing Lumma Stealer malware. This infostealer scrapes victims’ passwords, crypto wallets, and browser information. Users frequently deactivate security toolsto download and use cheats, putting them at greater risk of infection without isolation technology in place.
Other key findings include:
- At least 11% of email threats identified by HP Sure Click bypassed one or more email gateway scanners.
- Executables were the most popular malware delivery type (40%), followed by archive files (34%).
