Ingram Micro’s CEO, Paul Bay, confirmed that some data was exfiltrated from the company’s systems during a ransomware attack in July. This incident disrupted several internal systems and forced the company to take its ordering systems offline for nearly a week. In a recent earnings call, Bay noted that while the company reported a 10.9 percent increase in sales, reaching $12.79 billion, the attack’s effects will result in a more cautious outlook for the third fiscal quarter. The cybercriminal group SafePay claimed responsibility for the breach. The company’s quick response included notifying law enforcement and engaging third-party cybersecurity experts to assist in the investigation and recovery process.
Jen Easterly has joined the Strategic Advisory Board of Huntress, a cybersecurity company known for its managed detection and response services. This appointment aligns with Huntress’s efforts to strengthen its strategic initiatives and reinforce its dedication to delivering effective security solutions for small and medium-sized businesses. Easterly brings extensive experience from her previous role as the Director of the Cybersecurity and Infrastructure Security Agency, where she focused on enhancing national cybersecurity resilience.
CrowdStrike has introduced two new services focused on strengthening the security of artificial intelligence systems and integrating AI into security operations. The services, called AI Systems Security Assessment and AI for SecOps Readiness, aim to help organizations manage the challenges of securing AI technologies while using AI to enhance operational efficiency. The AI Systems Security Assessment offers organizations insights into AI usage and vulnerabilities, including shadow AI and misconfigurations. Meanwhile, the AI for SecOps Readiness service prepares security teams to effectively utilize AI in their detection and response processes, ensuring organizations keep up with adversaries who are increasingly using AI for attacks.
Galactic Advisors has obtained a patent for a revolutionary user-activated penetration testing tool. This innovative system enables managed service providers to perform forensic-level vulnerability assessments without requiring administrative credentials, greatly reducing security risks. The patented system simplifies the assessment process by allowing security analysis with just one click, while avoiding the collection and storage of sensitive login information. This method not only delivers actionable vulnerability data but also minimizes potential threats related to credential management, as demonstrated by two recent vulnerabilities listed in the MITRE CVE database.
WatchGuard Technologies has announced the launch of its next-generation Firebox Tabletop Series, designed to provide managed service providers with advanced firewall security, artificial intelligence-powered threat detection, and eco-conscious hardware. The new appliances, especially optimized for small and medium enterprises, feature improved virtual private network and unified threat management performance, addressing common challenges faced by businesses, particularly in remote and hybrid work environments. The Firebox T185 model stands out with a 250% increase in branch office virtual private network performance compared to its predecessor, while the entry-level T115-W model offers Wi-Fi 7 technology. General availability for the Firebox T185 begins this August, with the other models set to roll out later in the fall.
Dropbox is discontinuing its password manager, Dropbox Passwords, which will be fully shut down on October 28, 2025. Users are advised to transfer their passwords to alternative applications such as 1Password before that deadline. Starting August 28, the service will transition to a view-only mode, disabling the ability to add new information and deactivating the autofill functionality. The mobile app will cease to function on September 11, and all stored passwords will be permanently deleted from Dropbox’s servers on the final shutdown date. Dropbox launched this service in 2020 after acquiring the password manager Valt in 2019, but the company is now refocusing its efforts on enhancing core features of its main product.
Why do we care?
Let’s talk about the stories you might skip—because they actually matter more than the flashy ones.
Ingram Micro confirmed data was stolen in their ransomware hit. That’s your distributor. If they go offline again, your hardware orders might stop too. Don’t assume the supply chain is fine. And let’s not skip this—Ingram waited weeks before confirming that data was actually stolen in the attack. Systems went down in July. The channel noticed. But the “oh, by the way, data got out” line? That came during the earnings call in August. That’s not transparent—that’s damage control. And if your MSP depends on a vendor that hides impact until the next quarterly call, it’s time to ask: who really owns the risk?
Huntress just brought in Jen Easterly—ex-CISA chief—to its advisory board. That’s a credibility play. It means they want to be seen not just as a security vendor, but as the authority for SMB defense. I noticed.
CrowdStrike’s pushing hard on AI—two new services for AI risk and AI-powered SecOps. They’re ahead of the curve, but they’re also drawing a map for the rest of us.
Galactic’s new patent lets you run a pen test without admin creds. One click. For real. That’s productized security done right—less risk, more value.
And Dropbox? They’re killing off their password manager in October. If you gave that to clients during the pandemic, start the migration now—or deal with the fire later.
The vendors you depend on are shifting fast. Your credibility, your services, your client trust? All riding on how fast you adapt.