OODA has a deep heritage in red teaming enterprise and advanced technologies. In cybersecurity, a Red Team is a group of experienced professionals authorized and organized to test a system using realistic methods of a real adversary. The objective of a Red Team is to improve security by emulating the objectives and tactics of real-world attackers and then mitigating the attack surface and vulnerabilities revealed in the testing.
Web3 technologies would greatly benefit from red teaming. Seemingly great innovations get fielded without sufficient security controls, resulting in impactful incidents. How bad are these incidents? As of March 2022 Web3 incidents have resulted in over $61 Billion in losses since 2011. OODA recommends Web3 developers and projects focus Red Team efforts on six key areas:
A new multi-agency alert warns U.S. defense and intelligence contractors that Russia is engaging in cyber attacks to gain access to top secret technology programs. The alert was issued jointly by the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Critical Infrastructure Security Agency (CISA) on February 16, 2022 and covers an observation period of January 2020 through February 2022.
Fraudsters are targeting cryptocurrency account holders with Bots designed to steal two-factor authentication tokens and steal money from the compromised accounts. The bots contact the victims on the premise that an unauthorized transaction is occurring within their account and providing the victim with steps to stop the transfer, which includes
BBC News reports that deadly landslides have wreaked havoc in Brazil’s Petrópolis (once the summer residence of the Brazilian emperor, is a popular tourist destination.) At least 34 people have died in landslides and flash flooding. The city, which is located in the mountains north of Rio de Janeiro, was
BBC business news published a special on what seems to be a trend in China, many workers seeking to devote more time to their personal lives vice making work their life. From the piece: When Jeff (not his real name), left his home city of Hangzhou, for a highly-paid job
The National Interest reports that Taiwan and Somaliland, both de facto independent democratic states claimed by larger countries, are building closer ties: Essa Kayd Mohamoud, the foreign minister of the unrecognized state of Somaliland, accused the Chinese government of attempting to shape its foreign relations during a goodwill trip to
The United States Critical Infrastructure Security Agency added nine new entries to the Known Exploited Vulnerabilities Catalog, including two recently discovered zero-day exploits impacting Google Chrome browser, and Adobe Commerce and Magento. The remainder of the catalog vulnerabilities were older, but with inclusion on the CISA list, federal agencies must
As reported by Fox News “The United States Department of Agriculture confirmed Feb. 9 that a commercial turkey flock in Indiana was hit with avian flu, the first case in the U.S. since 2020. The entire flock of nearly 30,000 birds was euthanized in an effort to stop the spread. Then on
At an all-hands internal meeting at Meta, founder Mark Zuckerberg encouraged employees to be all-in on the metaverse and focus on long-term disruption even if the results won’t be realized for years. ” Zuckerberg said Meta was now “a metaverse company, building the future of social connection” rather than primarily a
VMware has issued an urgent patch for critical vulnerabilities in their ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere products. The vulnerabilities are not observed to be exploited in the wild, but could be exploited to execute arbitrary code and cause a denial-of-service (DoS) condition. Full Story: