24 Nov 2021

November 2021 OODA Network Member Meeting: Cyber Regulatory Bodies, Metaverse Metrics and New Data Boundaries discussed

To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.

Read More
18 Nov 2021

CISA Releases Incident and Vulnerability Response Playbooks

The Cybersecurity and Infrastructure Security Agency (CISA) has released two cybersecurity playbooks that focus specifically on incident and vulnerability response. The guides were released in response to an executive order signed in May by President Joe Biden. The executive order was focused on improving the nation’s cybersecurity readiness. The order

Read More
15 Nov 2021

Cybersecurity and Cyber Incidents: Innovation and Design Lessons from Aviation Safety Models and a Call for a “Cyber NTSB”

In a recent 4-month long workshop, over 70 experts explored the concept of creating a “Cyber NTSB”. This workshop topic is consistent with themes like innovation and design processes for innovation, which cut across much of our recent OODA Loop research and analysis.  It all starts with a design metaphor. This recent workshop used the National Transportation Safety Board as a design analogy/metaphor for a National Cyber Safety Board/National Cyber Security Board (NCSB). Specifically, innovation in “lesson-learning systems” for cybersecurity and cyber incidents – taking design process inspiration from the aviation safety models of the NTSB – was the goal of this “Cyber NTSB” workshop.

Read More
30 Sep 2021

NSA, CISA partner for guide on safe VPNs amid widespread exploitation by nation-states

The NSA and CISA have released a detailed guide pertaining to how organizations and individuals should select virtual private networks as they remain actively under attack and face exploitation from nation states and cybercriminals alike. The guide also features details on ways to deploy a VPN securely. The NSA stated

Read More
17 Sep 2021

USG Warns Of ‘Critical’ Vulnerability That Poses ‘Serious Risk’ To Defense Contractors, Others

Earlier this week, the US FBI and Cybersecurity and Infrastructure Security Agency released a joint advisory warning the public of alleged active exploitation of a critical vulnerability found in a popular password management solution called Zoho. Zoho’s ManageEngine AdSelfService Plus, a tool that aids users in creating strong passwords and

Read More
09 Sep 2021

Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix

A critical security vulnerability that lies in the Zoho ManageEngine ADSelfService Plus platform is being actively exploited in the wild as a zero-day, according to the Cybersecurity and Infrastructure Security Agency (CISA). The bug could allow remote attackers to bypass authentication and have access to users’ Active Directory and cloud

Read More
01 Sep 2021

FBI, CISA warn of potential cyberattacks over Labor Day weekend

The FBI and Cybersecurity and Infrastructure Security Agency have released a joint advisory warning of potential cyberattacks over Labor Day weekend. The agencies noted that cyberattackers have launched dozens of devastating attacks over long weekends in past years. They urged organizations to take extra steps to secure their systems and

Read More
06 Jul 2021

REvil Group Demands $70 Million for ‘Universal Decryptor’

REvil, the group behind the damaging supply chain ransomware attack on a US software company Kaseya, has reportedly demanded $70 million in return for a universal decryption key. Researchers claim that there could be as many as 1,500 companies impacted globally. It is unclear which ransomware affiliate was used to

Read More
06 Jul 2021

Widespread Brute-Force Attacks Tied to Russia’s APT28

US and UK authorities have declared that a known advanced threat actor, APT28, also referred to as Fancy Bear or Strontium, has been tied to a range of brute-force password spraying attacks against hundreds of government and private sector targets worldwide, including European governments and military. The joint alert was

Read More
05 May 2021

Apple Issues Patches for Webkit Security Flaws

Apple has released security updates for vulnerabilities under active attack and affecting multiple products, including iOS, WatchOS, and iPadOS. The patches fix WebKit flaws that can be exploited by threat actors by utilizing maliciously crafted web content that ultimately leads to arbitrary code execution, according to Apple. The statement released

Read More