11 Sep 2019

Fraudsters no longer operate in silos, they are attacking across industries and organizations

In the first half of this year, the number of human-initiated fraud attacks increased by 13% compared to the second half of last year, a new report by LexisNexis Risk Solutions shows. It also found that fraud campaigns are becoming broader in scope, leading to a rise of networked, cross-organizational

Read More
11 Sep 2019

Rapid Rise in Monetization of IoT Attacks

A new Trend Micro report details how cybercriminals are increasingly looking to make money by compromising Internet-of-things devices. Underground websites frequented by Russian, Portuguese, English, Arabic, and Spanish-speaking hackers are seeing a surge in discussions on how IoT attacks can be monetized, with much of the talk focusing on Routers

Read More
11 Sep 2019

Arab nations condemn Netanyahu’s Jordan Valley annexation plan

Israeli President Benjamin Netanyahu on Tuesday laid out plans to annex about one third of the occupied West Bank if he receives a strong mandate from Israeli voters at the general election next week. The announcement is likely to fuel tensions in the region that have already been increasing over

Read More
11 Sep 2019

98 percent of top US websites not prepared against attacks

A new report by Tala Security warns that the vast majority of Alexa top 1000 websites are vulnerable to advanced client-side attacks such as those falling under the Magecart umbrella. In a Magecart attack, hackers inject the checkout page of an otherwise legitimate website with malicious code that enables them

Read More
11 Sep 2019

281 suspects arrested in massive crackdown against BEC scammers

An international law enforcement operation code-named Operation reWired has resulted in the arrests of 281 people suspected of carrying out business email compromise (BEC) scams. 167 arrests occurred in Nigeria and 74 in the United States. Authorities also seized close to $3.7 million as part of the collaborative effort involving

Read More
11 Sep 2019

Two Zero-Days Fixed in Microsoft Patch Rollout

Microsoft has released updates to address a total of 80 security flaws in its products as part of this month’s Patch Tuesday. The fixes address two zero day flaws that were being actively exploited in the wild. The zero-days, tracked as CVE-2019-1215 and CVE-2019-1214, were both privilege escalation issues. The

Read More
11 Sep 2019

Iran urges US to ‘put warmongers aside’ after Bolton firing

United States President Donald Trump’s abrupt decision to fire John Bolton as national security adviser seems to have please the Iranian regime. On Wednesday, Iranian President Hassan Rouhani urged Washington to “put warmongers aside,” while a government spokesman expressed hope that the US government would adopt a “less biased” attitude

Read More
11 Sep 2019

Weakness in Intel chips lets researchers steal encrypted SSH keystrokes

Vulnerabilities in the Data-Direct I/O (DDIO) mechanism in Intel server processors can be exploited by attackers in order to grab keystrokes and other sensitive data, new research from the Vrije Universiteit Amsterdam and ETH Zurich shows. In the most dangerous attack scenario, threat actors could abuse DDIO in order to

Read More
10 Sep 2019

Mitigating Risks To America’s Cognitive Infrastructure

This is the second of a series on our nation’s most neglected critical infrastructure, our cognitive infrastructure. The first post dove into the nature of the challenge and why it is so important for our future that the threats to our cognitive infrastructure are understood and addressed. This post flows from that one and suggests ways the nation can mitigate many of these risks.

Read More
03 Sep 2019

America’s Most Critical Infrastructure is also Our Most Neglected Infrastructure

This special report is the first of a two-part series designed to both inform OODA members on the nature of challenges to our nation’s most critical infrastructure and provide recommendations for action that can mitigate these challenges. Our thesis is that America’s most critical infrastructure is our cognitive infrastructure. This is also the most attacked and least defended. In short, our most important critical infrastructure is also our most neglected infrastructure.

Read More