To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great …
CISA Releases Incident and Vulnerability Response Playbooks
The Cybersecurity and Infrastructure Security Agency (CISA) has released two cybersecurity playbooks that focus specifically on incident and vulnerability response. The guides were released in …
Continue Reading about CISA Releases Incident and Vulnerability Response Playbooks
Cybersecurity and Cyber Incidents: Innovation and Design Lessons from Aviation Safety Models and a Call for a “Cyber NTSB”
In a recent 4-month long workshop, over 70 experts explored the concept of creating a “Cyber NTSB”. This workshop topic is consistent with themes like innovation and design processes for innovation, …
NSA, CISA partner for guide on safe VPNs amid widespread exploitation by nation-states
The NSA and CISA have released a detailed guide pertaining to how organizations and individuals should select virtual private networks as they remain actively under attack and face exploitation from …
USG Warns Of ‘Critical’ Vulnerability That Poses ‘Serious Risk’ To Defense Contractors, Others
Earlier this week, the US FBI and Cybersecurity and Infrastructure Security Agency released a joint advisory warning the public of alleged active exploitation of a critical vulnerability found in a …
Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix
A critical security vulnerability that lies in the Zoho ManageEngine ADSelfService Plus platform is being actively exploited in the wild as a zero-day, according to the Cybersecurity and …
Continue Reading about Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix
FBI, CISA warn of potential cyberattacks over Labor Day weekend
The FBI and Cybersecurity and Infrastructure Security Agency have released a joint advisory warning of potential cyberattacks over Labor Day weekend. The agencies noted that cyberattackers have …
Continue Reading about FBI, CISA warn of potential cyberattacks over Labor Day weekend
REvil Group Demands $70 Million for ‘Universal Decryptor’
REvil, the group behind the damaging supply chain ransomware attack on a US software company Kaseya, has reportedly demanded $70 million in return for a universal decryption key. Researchers claim …
Continue Reading about REvil Group Demands $70 Million for ‘Universal Decryptor’
Widespread Brute-Force Attacks Tied to Russia’s APT28
US and UK authorities have declared that a known advanced threat actor, APT28, also referred to as Fancy Bear or Strontium, has been tied to a range of brute-force password spraying attacks against …
Continue Reading about Widespread Brute-Force Attacks Tied to Russia’s APT28
Apple Issues Patches for Webkit Security Flaws
Apple has released security updates for vulnerabilities under active attack and affecting multiple products, including iOS, WatchOS, and iPadOS. The patches fix WebKit flaws that can be exploited by …
Continue Reading about Apple Issues Patches for Webkit Security Flaws