17 Jan 2022

Log4Shell Activity:  Non-State Actors (Global)

Following is an update of Log4Shell activities organized by nation-states – with non-state actors and cybercriminal organizations which are suspected to be state-affiliated or located in the country.

Read More
03 Jan 2022

Log4Shell Exploit Used in Cox Media Group Ransomware Attack Attributed to Iranian Hackers

In June of last year, Cox Media Group (CMG) IT systems and live streams were the targets of a ransomware attack. The Microsoft Threat Intelligence Center (MSTIC) has attributed the attack to an Iranian threat actor, codenamed DEV-0270, a group linked to multiple intrusions of US companies. The attack is part of larger trends in Iranian hacker activity globally identified by the MSTIC. This attribution is also one of many Log4Shell vulnerability headlines of the last three weeks, as DEV-0270 (also known as Phosphorus) exploited Log4Shell in Log4j for initial access to the CMG systems. 

Read More
22 Dec 2021

What do the Apache Log4j Vulnerability, Security Community Outreach Efforts, Cognitive Infrastructure, Resilience, Anti-Fragility, John Boyd and Dune have in Common? The December 2021 OODA Network Member Meeting

To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.

Read More