Report: Iranian Hacking Group Launched Concentrated Attack on Israeli Companies

• Cyber companies ClearSky Cyber Security and Profero Cyber Security reported Thursday some disturbing findings, detailing Iranian cyberattacks on Israeli companies.
• The Iranian hacker group, dubbed MuddyWater, used a relatively new tactic in order to penetrate the Israeli companies’ security systems.
• The hackers used a Shamoon-based malware that has been employed as a cyber weapon by Iranians for years. The most infamous attack was in 2012, when it wiped tens of thousands of computers’ data from the Saudi National Oil Company.
• Viruses such as Shamoon are characterized as “Wiper” malware, and are designed to erase data that is stored on a computer or computerized infrastructure.

- Raphael Kahan | October 18, 2020

Five Ways to Secure a Work-From-Anywhere Environment

96 p{ margin:10px 0; padding:0; } table{ border-collapse:collapse; } h1,h2,h3,h4,h5,h6{ display:block; margin:0; padding:0; } img,a img{ border:0; height:auto; outline:none; text-decoration:none; } body,#bodyTable,#bodyCell{ height:100%; margin:0; padding:0; width:100%; } .mcnPreviewText{ display:none !important; } #outlook a{ padding:0; } img{ -ms-interpolation-mode:bicubic; } table{ mso-table-lspace:0pt; mso-table-rspace:0pt; } .ReadMsgBody{ width:100%; } .ExternalClass{ width:100%; } p,a,li,td,blockquote{ mso-line-height-rule:exactly; } a[href^=tel],a[href^=sms]{ color:inherit; cursor:default; text-decoration:none; } p,a,li,td,body,table,blockquote{ -ms-text-size-adjust:100%; -webkit-text-size-adjust:100%; } .ExternalClass,.ExternalClass p,.ExternalClass td,.ExternalClass div,.ExternalClass span,.ExternalClass font{ line-height:100%; } a[x-apple-data-detectors]{ color:inherit !important; text-decoration:none !important; font-size:inherit !important; font-family:inherit !important; font-weight:inherit !important; line-height:inherit !important; } .templateContainer{ max-width:600px !important; } a.mcnButton{ display:block; } .mcnImage,.mcnRetinaImage{ vertical-align:bottom; } .mcnTextContent{ word-break:break-word; } .mcnTextContent img{ height:auto !important; } .mcnDividerBlock{ table-layout:fixed !important; } body,#bodyTable{ background-color:#FAFAFA; } #bodyCell{ border-top:0; } h1{ color:#202020; font-family:Helvetica; font-size:26px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } h2{ color:#202020; font-family:Helvetica; font-size:22px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } h3{ color:#202020; font-family:Helvetica; font-size:20px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } h4{ color:#202020; font-family:Helvetica; font-size:18px; font-style:normal; font-weight:bold; line-height:125%; letter-spacing:normal; text-align:left; } #templatePreheader{ background-color:#FAFAFA; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:9px; } #templatePreheader .mcnTextContent,#templatePreheader .mcnTextContent p{ color:#656565; font-family:Helvetica; font-size:12px; line-height:150%; text-align:left; } #templatePreheader .mcnTextContent a,#templatePreheader .mcnTextContent p a{ color:#656565; font-weight:normal; text-decoration:underline; } #templateHeader{ background-color:#FFFFFF; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:0; } #templateHeader .mcnTextContent,#templateHeader .mcnTextContent p{ color:#202020; font-family:Helvetica; font-size:16px; line-height:150%; text-align:left; } #templateHeader .mcnTextContent a,#templateHeader .mcnTextContent p a{ color:#007C89; font-weight:normal; text-decoration:underline; } #templateBody{ background-color:#FFFFFF; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:9px; } #templateBody .mcnTextContent,#templateBody .mcnTextContent p{ color:#202020; font-family:Helvetica; font-size:16px; line-height:150%; text-align:left; } #templateBody .mcnTextContent a,#templateBody .mcnTextContent p a{ color:#007C89; font-weight:normal; text-decoration:underline; } #templateFooter{ background-color:#FAFAFA; background-image:none; background-repeat:no-repeat; background-position:center; background-size:cover; border-top:0; border-bottom:0; padding-top:9px; padding-bottom:9px; } #templateFooter .mcnTextContent,#templateFooter .mcnTextContent p{ color:#656565; font-family:Helvetica; font-size:12px; line-height:150%; text-align:center; } #templateFooter .mcnTextContent a,#templateFooter .mcnTextContent p a{ color:#656565; font-weight:normal; text-decoration:underline; } @media only screen and (min-width:768px){ .templateContainer{ width:600px !important; } } @media only screen and (max-width: 480px){ body,table,td,p,a,li,blockquote{ -webkit-text-size-adjust:none !important; } } @media only screen and (max-width: 480px){ body{ width:100% !important; min-width:100% !important; } } @media only screen and (max-width: 480px){ .mcnRetinaImage{ max-width:100% !important; } } @media only screen and (max-width: 480px){ .mcnImage{ width:100% !important; } } @media only screen and (max-width: 480px){ .mcnCartContainer,.mcnCaptionTopContent,.mcnRecContentContainer,.mcnCaptionBottomContent,.mcnTextContentContainer,.mcnBoxedTextContentContainer,.mcnImageGroupContentContainer,.mcnCaptionLeftTextContentContainer,.mcnCaptionRightTextContentContainer,.mcnCaptionLeftImageContentContainer,.mcnCaptionRightImageContentContainer,.mcnImageCardLeftTextContentContainer,.mcnImageCardRightTextContentContainer,.mcnImageCardLeftImageContentContainer,.mcnImageCardRightImageContentContainer{ max-width:100% !important; width:100% !important; } } @media only screen and (max-width: 480px){ .mcnBoxedTextContentContainer{ min-width:100% !important; } } @media only screen and (max-width: 480px){ .mcnImageGroupContent{ padding:9px !important; } } @media only screen and (max-width: 480px){ .mcnCaptionLeftContentOuter .mcnTextContent,.mcnCaptionRightContentOuter .mcnTextContent{ padding-top:9px !important; } } @media only screen and (max-width: 480px){ .mcnImageCardTopImageContent,.mcnCaptionBottomContent:last-child .mcnCaptionBottomImageContent,.mcnCaptionBlockInner .mcnCaptionTopContent:last-child .mcnTextContent{ padding-top:18px !important; } } @media only screen and (max-width: 480px){ .mcnImageCardBottomImageContent{ padding-bottom:9px !important; } } @media only screen and (max-width: 480px){ .mcnImageGroupBlockInner{ padding-top:0 !important; padding-bottom:0 !important; } } @media only screen and (max-width: 480px){ .mcnImageGroupBlockOuter{ padding-top:9px !important; padding-bottom:9px !important; } } @media only screen and (max-width: 480px){ .mcnTextContent,.mcnBoxedTextContentColumn{ padding-right:18px !important; padding-left:18px !important; } } @media only screen and (max-width: 480px){ .mcnImageCardLeftImageContent,.mcnImageCardRightImageContent{ padding-right:18px !important; padding-bottom:0 !important; padding-left:18px !important; } } @media only screen and (max-width: 480px){ .mcpreview-image-uploader{ display:none !important; width:100% !important; } } @media only screen and (max-width: 480px){ h1{ font-size:22px !important; line-height:125% !important; } } @media only screen and (max-width: 480px){ h2{ font-size:20px !important; line-height:125% !important; } } @media only screen and (max-width: 480px){ h3{ font-size:18px !important; line-height:125% !important; } } @media only screen and (max-width: 480px){ h4{ font-size:16px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ .mcnBoxedTextContentContainer .mcnTextContent,.mcnBoxedTextContentContainer .mcnTextContent p{ font-size:14px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templatePreheader{ display:block !important; } } @media only screen and (max-width: 480px){ #templatePreheader .mcnTextContent,#templatePreheader .mcnTextContent p{ font-size:14px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templateHeader .mcnTextContent,#templateHeader .mcnTextContent p{ font-size:16px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templateBody .mcnTextContent,#templateBody .mcnTextContent p{ font-size:16px !important; line-height:150% !important; } } @media only screen and (max-width: 480px){ #templateFooter .mcnTextContent,#templateFooter .mcnTextContent p{ font-size:14px !important; line-height:150% !important; } }<!--

View this email in your browser Monday October 19, 2020 THE DAILY DIGEST THE HEART OF CYBER SECURITY INTEL <!-- --> Google offers new details about the China-Linked Hacking Group A report released Friday by Google Threat Analysis Group offers new information on the China-linked hacking group that targeted Joe Biden’s campaign offices with phishing emails earlier this year. Google TAG notes that APT31, also known as Zirconium, used GitHub to host malware and Dropbox as the command and control infrastructure to avoid detection and hide from security tools. The malware was a Python-based implant. If it were installed, the report said the hackers could upload and download files and execute arbitrary commands. The malicious code also connects to the command and control server hosted on Dropbox. alKaheej Today | October 18, 2020 <!-- --> Five Ways to Secure a Work-From-Anywhere Environment Enable Multi-Factor Authentication (MFA) Patch Your Devices Beware Of Covid-19 Phishing Emails Secure Your Connection through VPN Secure Your Meetings CXOtoday - Jim Alkove | October 18, 2020 <!-- --> Report: Iranian Hacking Group Launched Concentrated Attack on Israeli Companies Cyber companies ClearSky Cyber Security and Profero Cyber Security reported Thursday some disturbing findings, detailing Iranian cyberattacks on Israeli companies. The Iranian hacker group, dubbed MuddyWater, used a relatively new tactic in order to penetrate the Israeli companies’ security systems. The hackers used a Shamoon-based malware that has been employed as a cyber weapon by Iranians for years. The most infamous attack was in 2012, when it wiped tens of thousands of computers’ data from the Saudi National Oil Company. Viruses such as Shamoon are characterized as “Wiper” malware, and are designed to erase data that is stored on a computer or computerized infrastructure. the algemeiner - Raphael Kahan | October 18, 2020 Share Tweet Forward <!-- --> Copyright © 2020 HAK-iQ, All rights reserved. You are receiving this email because you opted in via our website. Our mailing address is: HAK-iQ 1155 Camino del Mar # 109 Del Mar, CA 92014-2605 Add us to your address book Want to change how you receive these emails? You can update your preferences or unsubscribe from this list.

- Jim Alkove | October 18, 2020

Google offers new details about the China-Linked Hacking Group

• A report released Friday by Google Threat Analysis Group offers new information on the China-linked hacking group that targeted Joe Biden’s campaign offices with phishing emails earlier this year.
• Google TAG notes that APT31, also known as Zirconium, used GitHub to host malware and Dropbox as the command and control infrastructure to avoid detection and hide from security tools.
• The malware was a Python-based implant. If it were installed, the report said the hackers could upload and download files and execute arbitrary commands.
• The malicious code also connects to the command and control server hosted on Dropbox.

| October 18, 2020

The Ten Worst Corporate Cyberattacks of All-Time

• There have been dramatic increases in cyber attacks so far this 2020. Public entities, universities, and businesses are being hacked on a near-daily basis.
• Ransomware accounts for over one-third of all cyber attacks.
• Bloomberg has a long list of the worst corporate hacking incidents of all time.

- Jackie Allen | October 15, 2020

Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm

• Schools and school districts collect and store a lot of personal information about their students.
• Thousands of K-12 students had their personal information compromised in data breaches between 2016 and 2020
• Compromised data included grades, bullying reports, and Social Security numbers—leaving students vulnerable to emotional, physical, and financial harm
• Breaches were accidental and intentional—with a variety of responsible actors and motives
• Wealthier, larger, and suburban school districts were more likely to have a reported breach

| October 15, 2020

A new role for the cybersecurity industry: the Business Information Security Officer (BISO)

• Traditionally, those working in the cybersecurity industry have been technically savvy and laser-focused on finding tools and solutions to ensure that data, and the people who access it, are secure from breach or attack.
• Digital transformation, open supply chains and mobile devices have been changing this paradigm for some time, and we were all beginning to change our approach.
  • 2020 had other ideas.
• The role undertaken by BISOs help to realise that because the goals, missions and workstreams of each business unit was different, they require different security and tech solutions to protect them.
• BISOs should not only be well versed in the latest cybersecurity threats and technologies, but also great communicators and fast learners.

IDG Connect - Myrna Soto | October 15, 2020

Barnes & Noble confirms cyberattack, suspected customer data breach

• Over the weekend, Barnes & Noble customers complained across social media of outages.
• Some customers were unable to access their Nook libraries, their previous purchases had vanished into thin air, others were not able to log in to the firm's online platform, and connectivity issues between sending or loading new books ran rampant.
• The bookseller partially restored its systems by Tuesday, but it was not until Wednesday that Nook publicly acknowledged customer access and Nook service issues.
• Barnes & Noble has confirmed to customers that cyberattackers caused the service disruption.

- Charlie Osborne | October 15, 2020

Modernizing Your Security Operations Center for the Cloud

• Several factors are converging to exert pressure on how security operations centers (SOCs) traditionally function.
• Most SOCs are already overwhelmed with data, multiple disconnected workflows and use cases and struggle to keep up with the shifting threat environment.
• No matter where you are in your digital transformation journey, modernizing your SOC should start with breaking down silos and simplifying systems for your security team.
• Much in the same way we’ve seen the evolution of endpoint detection and response, the same is happening around network, cloud, platform as a service and IoT/operational technology (OT).

- Chris Meenan | October 14, 2020

Remote, Hybrid Work Need Better Data Security

• According to a June survey by PwC, 83% of employees want to work from home at least once a week and 55% want to continue working remotely even after the pandemic subsides.
• As companies look to cut costs, reduce turnover and maximize growth potential, it’s clear that telework will play a central role in both the present and future of work.
• Three risk categories for remote teams and the next steps companies can take to improve their defensive postures:
  • Insider Threaets
  • Access Control
  • Malicious Messages

- Isaac Kohen | October 13, 2020

Where are the 'Great Exits' in the Data Security Market?

• If data security were a student, its report card would read "Not performing to potential."
• The volume of data created has exploded, as well as the volume of people handling it.
• Data is increasingly shared across partners.
• Often the "data security" category is nearly synonymous with data loss prevention (DLP) products, which command the largest dollar spend.
• Encryption, tokenization, and related data protection offerings abound, but they are less frequently the main focus of a company compared with DLP.

- Dave Cole | October 13, 2020