Channel Brief: WWT to Acquire Softchoice for $1.25 Billion

Happy New Year, folks.

2025 has kicked off, and Ars Technica has a prescient warning as many of us are sorting through the hundreds (thousands?) of emails that have piled up over the holidays.

Corporate executives are being hit with an influx of hyper-personalized phishing scams generated by artificial intelligence bots. British insurer Beazley and e-commerce group eBay both warned of the rise of fraudulent emails containing personal details probably obtained through AI analysis of online profiles.

“This is getting worse, and it’s getting very personal, and this is why we suspect AI is behind a lot of it,” said Beazley’s chief information security officer Kirsty Kelly in the Ars Technica article. “We’re starting to see very targeted attacks that have scraped an immense amount of information about a person.”

So, take an extra minute or two as you're digging out and make sure you're not being phished! That would be a heck of a way to start off the new year ...

As always, drop me a line at [email protected] if you have news to share or want to say hi!

Grab your coffee. Here's what you need to know today.

Today’s Tech, Channel and MSP News

1. Worldwide Technology to acquire Softchoice: IT solutions provider Worldwide Technology (WWT) will acquire Canadian IT services provider Softchoice for approximately $1.25 billion, the companies announced Tuesday. The all-cash transaction values Softchoice at an enterprise value of approximately CAN $1.8 billion. TechCrunch says the deal was unanimously approved by Softchoice’s board, but has yet to be voted on by the company’s shareholders. It’s also subject to court approval and customary closing conditions; the firms expect it to be finalized in late Q1 or early Q2 2025. In a statement, WWT’s co-founder and CEO Jim Kavanaugh said that Softchoice’s software, cloud, cybersecurity, and AI capabilities will complement WWT’s existing product portfolio.

2. Apache Airflow vulnerabilities: A trio of low-severity vulnerabilities could impact Microsoft Azure Data Factory and the integration of Apache Airflow. The vulnerabilities include a Kubernetes RBAC misconfiguration within the Airflow cluster, a secret management misconfiguration in Azure's Geneva service, and improper Geneva authentication — which could be leveraged to facilitate malware distribution, data theft, and other malicious activities, according to The Hacker News.

3. SailPoint and Imprivata strategic partnership: SailPoint has acquired Imprivata’s Identity Governance and Administration (IGA) business as part of a new go-to-market partnership, the companies announced. As part of the partnership, SailPoint and Imprivata will promote each other as exclusive identity security and access management partners in healthcare and developing “high-fidelity technical integrations between Imprivata Enterprise Access Management (EAM) and SailPoint Identity Security Cloud.” MSP Today reported that SailPoint will reportedly work closely with acquired Imprivata’s IGA customers; those that wish to remain on Imprivata’s platform will receive limited support via SailPoint through December 12, 2027, and those interested in working with SailPoint on customer-specific migration plans.

4. HPE urges data center refresh: The Register reports on research from the Uptime Institute showing that four in 10 (40%) of the servers currently residing in worldwide data centers are at least six years old. And while many organizations may think it's better to keep aging infrastructure running longer in the name of sustainability and cost, they're wrong. This 40% slice consumes 66% of the energy used by all data centers and only provides 7% of the world's total compute. Neil MacDonald, HPE Executive Vice President and General Manager of the Compute Division, speaking at the EMEA Discover conference in Barcelona late last year, pointed out these figures and urged a big refresh opportunity, especially as hardware vendors face increased pressure from cloud providers.

5. Google Chrome extension compromise: BleepingComputer reports that at least 35 Google Chrome extensions leveraged by nearly 2.6 million users have been compromised with data-exfiltrating code as part of a phishing campaign that was initially reported to have impacted an extension developed by cybersecurity firm Cyberhaven. While Google Groups and LinkedIn reports noted the campaign started in early December, command-and-control subdomains discovered by BleepingComputer suggest it could have been tested as early as March 2024.

In-Person MSP and Channel Partner Events