Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Five Ways to Secure a Work-From-Anywhere Environment

    96 The Daily Digest for 19 October 2020 p{ margin:10px 0; padding:0; } table{ border-collapse:collapse; } h1,h2,h3,h4,h5,h6{ display:block; margin:0; padding:0; } img,a img{ border:0; height:auto; outline:none; text-decoration:none; } body,#bodyTable,#bodyCell{ height:100%; margin:0; padding:0; width:100%; } .mcnPreviewText{ display:none !important; } #outlook a{ padding:0; } img{ -ms-interpolation-mode:bicubic; } table{ mso-table-lspace:0pt; mso-table-rspace:0pt; } .ReadMsgBody{ width:100%; } .ExternalClass{ width:100%; } p,a,li,td,blockquote{ mso-line-height-rule:exactly; } a[href^=tel],a[href^=sms]{ color:inherit; cursor:default; text-decoration:none; } p,a,li,td,body,table,blockquote{ -ms-text-size-adjust:100%; -webkit-text-size-adjust:100%; } .ExternalClass,.ExternalClass p,.ExternalClass td,.ExternalClass div,.ExternalClass span,.ExternalClass font{ line-height:100%; } a[x-apple-data-detectors]{ color:inherit !important; text-decoration:none !important; font-size:inherit !important; font-family:inherit !important; font-weight:inherit !important; line-height:inherit !important; } .templateContainer{ max-width:600px !important; } a.mcnButton{ display:block; } .mcnImage,.mcnRetinaImage{ vertical-align:bottom; } .mcnTextContent{ word-break:break-word; } .mcnTextContent img{ height:auto !important; } .mcnDividerBlock{ table-layout:fixed !important; } body,#bodyTable{ background-color:#FAFAFA; } #bodyCell{ border-top:0; } h1{ color:#202020; font-family:Helvetica; font-size:26px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } h2{ color:#202020; font-family:Helvetica; font-size:22px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } h3{ color:#202020; font-family:Helvetica; font-size:20px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } h4{ color:#202020; font-family:Helvetica; font-size:18px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } #templatePreheader{ background-color:#FAFAFA; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:9px; } #templatePreheader .mcnTextContent,#templatePreheader .mcnTextContent p{ color:#656565; font-family:Helvetica; font-size:12px; line-height:150%; text-align:left; } #templatePreheader .mcnTextContent a,#templatePreheader .mcnTextContent p a{ color:#656565; font-weight:normal; text-decoration:underline; } #templateHeader{ background-color:#FFFFFF; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:0; } #templateHeader .mcnTextContent,#templateHeader .mcnTextContent p{ color:#202020; font-family:Helvetica; font-size:16px; line-height:150%; text-align:left; } #templateHeader .mcnTextContent a,#templateHeader .mcnTextContent p a{ color:#007C89; font-weight:normal; text-decoration:underline; } #templateBody{ background-color:#FFFFFF; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:9px; } #templateBody .mcnTextContent,#templateBody .mcnTextContent p{ color:#202020; font-family:Helvetica; font-size:16px; line-height:150%; text-align:left; } #templateBody .mcnTextContent a,#templateBody .mcnTextContent p a{ color:#007C89; font-weight:normal; text-decoration:underline; } #templateFooter{ background-color:#FAFAFA; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:9px; } #templateFooter .mcnTextContent,#templateFooter .mcnTextContent p{ color:#656565; font-family:Helvetica; font-size:12px; line-height:150%; text-align:center; } #templateFooter .mcnTextContent a,#templateFooter .mcnTextContent p a{ color:#656565; font-weight:normal; text-decoration:underline; } @media only screen and (min-width:768px){ .templateContainer{ width:600px !important; } } @media only screen and (max-width: 480px){ body,table,td,p,a,li,blockquote{ -webkit-text-size-adjust:none !important; } } @media only screen and (max-width: 480px){ body{ width:100% !important; min-width:100% !important; } } @media only screen and (max-width: 480px){ .mcnRetinaImage{ max-width:100% !important; } } @media only screen and (max-width: 480px){ .mcnImage{ width:100% !important; } } @media only screen and (max-width: 480px){ .mcnCartContainer,.mcnCaptionTopContent,.mcnRecContentContainer,.mcnCaptionBottomContent,.mcnTextContentContainer,.mcnBoxedTextContentContainer,.mcnImageGroupContentContainer,.mcnCaptionLeftTextContentContainer,.mcnCaptionRightTextContentContainer,.mcnCaptionLeftImageContentContainer,.mcnCaptionRightImageContentContainer,.mcnImageCardLeftTextContentContainer,.mcnImageCardRightTextContentContainer,.mcnImageCardLeftImageContentContainer,.mcnImageCardRightImageContentContainer{ max-width:100% !important; width:100% !important; } } @media only screen and (max-width: 480px){ .mcnBoxedTextContentContainer{ min-width:100% !important; } } @media only screen and (max-width: 480px){ .mcnImageGroupContent{ padding:9px !important; } } @media only screen and (max-width: 480px){ .mcnCaptionLeftContentOuter .mcnTextContent,.mcnCaptionRightContentOuter .mcnTextContent{ padding-top:9px !important; } } @media only screen and (max-width: 480px){ .mcnImageCardTopImageContent,.mcnCaptionBottomContent:last-child .mcnCaptionBottomImageContent,.mcnCaptionBlockInner .mcnCaptionTopContent:last-child .mcnTextContent{ padding-top:18px !important; } } @media only screen and (max-width: 480px){ .mcnImageCardBottomImageContent{ padding-bottom:9px !important; } } @media only screen and (max-width: 480px){ .mcnImageGroupBlockInner{ padding-top:0 !important; padding-bottom:0 !important; } } @media only screen and (max-width: 480px){ .mcnImageGroupBlockOuter{ padding-top:9px !important; padding-bottom:9px !important; } } @media only screen and (max-width: 480px){ .mcnTextContent,.mcnBoxedTextContentColumn{ padding-right:18px !important; padding-left:18px !important; } } @media only screen and (max-width: 480px){ .mcnImageCardLeftImageContent,.mcnImageCardRightImageContent{ padding-right:18px !important; padding-bottom:0 !important; padding-left:18px !important; } } @media only screen and (max-width: 480px){ .mcpreview-image-uploader{ display:none !important; width:100% !important; } } @media only screen and (max-width: 480px){ h1{ font-size:22px !important; line-height:125% !important; } } @media only screen and (max-width: 480px){ h2{ font-size:20px !important; line-height:125% !important; } } @media only screen and (max-width: 480px){ h3{ font-size:18px !important; line-height:125% !important; } } @media only screen and (max-width: 480px){ h4{ font-size:16px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ .mcnBoxedTextContentContainer .mcnTextContent,.mcnBoxedTextContentContainer .mcnTextContent p{ font-size:14px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templatePreheader{ display:block !important; } } @media only screen and (max-width: 480px){ #templatePreheader .mcnTextContent,#templatePreheader .mcnTextContent p{ font-size:14px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templateHeader .mcnTextContent,#templateHeader .mcnTextContent p{ font-size:16px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templateBody .mcnTextContent,#templateBody .mcnTextContent p{ font-size:16px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templateFooter .mcnTextContent,#templateFooter .mcnTextContent p{ font-size:14px !important; line-height:150% !important; } }<!--
    View this email in your browser
    Monday October 19, 2020

    THE DAILY DIGEST

    THE HEART OF CYBER SECURITY INTEL

    <!--

    -->
    Google offers new details about the China-Linked Hacking Group
    • A report released Friday by Google Threat Analysis Group offers new information on the China-linked hacking group that targeted Joe Biden’s campaign offices with phishing emails earlier this year.
    • Google TAG notes that APT31, also known as Zirconium, used GitHub to host malware and Dropbox as the command and control infrastructure to avoid detection and hide from security tools.
    • The malware was a Python-based implant. If it were installed, the report said the hackers could upload and download files and execute arbitrary commands.
    • The malicious code also connects to the command and control server hosted on Dropbox.
    alKaheej Today | October 18, 2020
    <!--

    -->
    Five Ways to Secure a Work-From-Anywhere Environment
    1. Enable Multi-Factor Authentication (MFA)
    2. Patch Your Devices
    3. Beware Of Covid-19 Phishing Emails
    4. Secure Your Connection through VPN
    5. Secure Your Meetings
    CXOtoday - Jim Alkove | October 18, 2020
    <!--

    -->
    Report: Iranian Hacking Group Launched Concentrated Attack on Israeli Companies
    • Cyber companies ClearSky Cyber Security and Profero Cyber Security reported Thursday some disturbing findings, detailing Iranian cyberattacks on Israeli companies.
    • The Iranian hacker group, dubbed MuddyWater, used a relatively new tactic in order to penetrate the Israeli companies’ security systems.
    • The hackers used a Shamoon-based malware that has been employed as a cyber weapon by Iranians for years. The most infamous attack was in 2012, when it wiped tens of thousands of computers’ data from the Saudi National Oil Company.
    • Viruses such as Shamoon are characterized as “Wiper” malware, and are designed to erase data that is stored on a computer or computerized infrastructure.
    the algemeiner - Raphael Kahan | October 18, 2020
    Share Share
    Tweet Tweet
    Forward Forward
    <!--

    -->
    LinkedIn
    Twitter
    Email
    Copyright © 2020 HAK-iQ, All rights reserved.
    You are receiving this email because you opted in via our website.

    Our mailing address is:
    HAK-iQ
    1155 Camino del Mar # 109
    Del Mar, CA 92014-2605

    Add us to your address book


    Want to change how you receive these emails?
    You can update your preferences or unsubscribe from this list.
    - Jim Alkove | October 18, 2020
  • (hak-iq.us20.list-manage.com)
  • Google offers new details about the China-Linked Hacking Group

    • A report released Friday by Google Threat Analysis Group offers new information on the China-linked hacking group that targeted Joe Biden’s campaign offices with phishing emails earlier this year.
    • Google TAG notes that APT31, also known as Zirconium, used GitHub to host malware and Dropbox as the command and control infrastructure to avoid detection and hide from security tools.
    • The malware was a Python-based implant. If it were installed, the report said the hackers could upload and download files and execute arbitrary commands.
    • The malicious code also connects to the command and control server hosted on Dropbox.
    | October 18, 2020
  • (hak-iq.us20.list-manage.com)
  • The Ten Worst Corporate Cyberattacks of All-Time

    • There have been dramatic increases in cyber attacks so far this 2020. Public entities, universities, and businesses are being hacked on a near-daily basis.
    • Ransomware accounts for over one-third of all cyber attacks.
    • Bloomberg has a long list of the worst corporate hacking incidents of all time.
    - Jackie Allen | October 15, 2020
  • (hak-iq.us20.list-manage.com)
  • Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm

    • Schools and school districts collect and store a lot of personal information about their students.
    • Thousands of K-12 students had their personal information compromised in data breaches between 2016 and 2020
    • Compromised data included grades, bullying reports, and Social Security numbers—leaving students vulnerable to emotional, physical, and financial harm
    • Breaches were accidental and intentional—with a variety of responsible actors and motives
    • Wealthier, larger, and suburban school districts were more likely to have a reported breach
    | October 15, 2020
  • (hak-iq.us20.list-manage.com)
  • A new role for the cybersecurity industry: the Business Information Security Officer (BISO)

    • Traditionally, those working in the cybersecurity industry have been technically savvy and laser-focused on finding tools and solutions to ensure that data, and the people who access it, are secure from breach or attack.
    • Digital transformation, open supply chains and mobile devices have been changing this paradigm for some time, and we were all beginning to change our approach.
      • 2020 had other ideas.
    • The role undertaken by BISOs help to realise that because the goals, missions and workstreams of each business unit was different, they require different security and tech solutions to protect them.
    • BISOs should not only be well versed in the latest cybersecurity threats and technologies, but also great communicators and fast learners.
    IDG Connect - Myrna Soto | October 15, 2020
  • (hak-iq.us20.list-manage.com)
  • Barnes & Noble confirms cyberattack, suspected customer data breach

    • Over the weekend, Barnes & Noble customers complained across social media of outages.
    • Some customers were unable to access their Nook libraries, their previous purchases had vanished into thin air, others were not able to log in to the firm's online platform, and connectivity issues between sending or loading new books ran rampant.
    • The bookseller partially restored its systems by Tuesday, but it was not until Wednesday that Nook publicly acknowledged customer access and Nook service issues.
    • Barnes & Noble has confirmed to customers that cyberattackers caused the service disruption.
    - Charlie Osborne | October 15, 2020
  • (hak-iq.us20.list-manage.com)
  • Modernizing Your Security Operations Center for the Cloud

    • Several factors are converging to exert pressure on how security operations centers (SOCs) traditionally function.
    • Most SOCs are already overwhelmed with data, multiple disconnected workflows and use cases and struggle to keep up with the shifting threat environment.
    • No matter where you are in your digital transformation journey, modernizing your SOC should start with breaking down silos and simplifying systems for your security team.
    • Much in the same way we’ve seen the evolution of endpoint detection and response, the same is happening around network, cloud, platform as a service and IoT/operational technology (OT).
    - Chris Meenan | October 14, 2020
  • (hak-iq.us20.list-manage.com)
  • Remote, Hybrid Work Need Better Data Security

    • According to a June survey by PwC, 83% of employees want to work from home at least once a week and 55% want to continue working remotely even after the pandemic subsides.
    • As companies look to cut costs, reduce turnover and maximize growth potential, it’s clear that telework will play a central role in both the present and future of work.
    • Three risk categories for remote teams and the next steps companies can take to improve their defensive postures:
      • Insider Threaets
      • Access Control
      • Malicious Messages
    - Isaac Kohen | October 13, 2020
  • (hak-iq.us20.list-manage.com)
  • Where are the 'Great Exits' in the Data Security Market?

    • If data security were a student, its report card would read "Not performing to potential."
    • The volume of data created has exploded, as well as the volume of people handling it.
    • Data is increasingly shared across partners.
    • Often the "data security" category is nearly synonymous with data loss prevention (DLP) products, which command the largest dollar spend.
    • Encryption, tokenization, and related data protection offerings abound, but they are less frequently the main focus of a company compared with DLP.
    - Dave Cole | October 13, 2020
  • (hak-iq.us20.list-manage.com)
  • Cloud Security: A Work In Progress

    • Recent research by consulting firm KPMG and software giant Oracle notes that as business leaders digitally transform their operations and move what’s left of on-premise systems to the cloud, adequate security controls are all too often an afterthought.
    • The basics of cloud security are still not understood by many organizations, and worsening confusion over the shared responsibility security model is a pivotal contributor to the readiness gap.
    • Cloud assets were involved in about 24% of the data breaches examined by the Verizon research team that occurred in 2019. A large majority of cloud-based breaches involved email or web application servers.
    - Bob Violino | October 12, 2020
  • (hak-iq.us20.list-manage.com)