05 Jan 2022

Services Australia brushes off vulnerability concerns in COVID-19 digital certificates

Services Australia has received criticism due to its lack of concern over security risks in Covid-19 digital certificates. The company was grilled by senators in Australia’s federal Budget Estimates last year over various initiatives such as the Covid-19 digital certificate rollout and the bungled robo-debt scheme. According to senators, there

Read More
13 Dec 2021

A Call to Action from CISA’s Jen Easterly and Def Con’s Jeff Moss at Inaugural CISA Advisory Committee Mtg.

In the first meeting of the Cybersecurity and Infrastructure Security Agency’s (CISA) new Cybersecurity Advisory Committee, CISA Director Jen Easterly made clear to the committee members their working model would be action-based, not the usual passive mode assumed by an advisory body, telling the group:  “I welcome this group creating action. This is really just not about being a talking club. This is about leveraging your expertise, your perspective, to make the nation safer.” Advisory Committee Member, Def Con Founder Jeff Moss, also offered his perspective on how best to engage the hacker community.

Read More
29 Nov 2021

Google Cybersecurity Action Team Releases First Cloud Threat Intel Report

Google’s Cybersecurity Action Team was launched in early October of this year, as part of the company’s $10 billion pledge to strengthen cybersecurity, all of which grew out of the launch in August, by CISA Director Jen Easterly, of the CISA JCDC (Joint Cyber Defense Collaborative). Google is a partner company with CISA in the JCDC. The Cybersecurity Action Team’s efforts begin with Google Cloud. They recently released their first publicly available intelligence offering – Threat Horizons, Cloud Threat Intelligence, November 2021, Issue 1.

Read More
29 Nov 2021

Transportation Cybersecurity Expert Highlights Vital Role of Planning and Exercising Incident Response

Suzanne Spaulding, a Senior Advisor for the Center for Strategic and International Studies (CSIS), and former Under Secretary for the National Protection and Programs Directorate (NPPD), Department of Homeland Security(DHS), recently testified before a joint session of the House Homeland Security Cybersecurity, Infrastructure Protection, & Innovation Subcommittee and the Transportation & Maritime Security Subcommittee. The NPPD is the precursor to what is now CISA.  Spaulding is also a member of the Cyberspace Solarium Commission (CSC) and was involved with the Commission on Cybersecurity during the Obama Administration.

Read More
15 Nov 2021

Cybersecurity and Cyber Incidents: Innovation and Design Lessons from Aviation Safety Models and a Call for a “Cyber NTSB”

In a recent 4-month long workshop, over 70 experts explored the concept of creating a “Cyber NTSB”. This workshop topic is consistent with themes like innovation and design processes for innovation, which cut across much of our recent OODA Loop research and analysis.  It all starts with a design metaphor. This recent workshop used the National Transportation Safety Board as a design analogy/metaphor for a National Cyber Safety Board/National Cyber Security Board (NCSB). Specifically, innovation in “lesson-learning systems” for cybersecurity and cyber incidents – taking design process inspiration from the aviation safety models of the NTSB – was the goal of this “Cyber NTSB” workshop.

Read More
28 Oct 2021

India’s Supreme Court Orders Pegasus Probe

India’s Supreme Court has opened an investigation into the Pegasus spyware and whether Prime Minister Narendra Modi’s administration used the software to illegally snoop on opposition leaders, journalists, activists, tycoons, and judges. Modi has been accused of treason by the main opposition Congress party after several of the cell phone

Read More
26 Oct 2021

Global IT Supply Chain Security – The U.S. Needs to Step Up Its Game

Microsoft officials have warned that Russia’s intelligence apparatus has been engaged in another campaign to gain unauthorized access into thousands of U.S. government, corporate, and think tank networks. The ongoing cyber-espionage campaign appears to be focused on acquiring data that is stored in the cloud.

The activity further underscores Russia’s intent to target and compromise any entity that it feels vital to supporting its intelligence interests. The target list may be expansive, as a recent Microsoft report claimed more than half of nation-state attacks detected by the company have come from Russia.

Read More
19 Oct 2021

Can Moscow Break Biden’s Full-Court Press Against Russian Cyber Criminal Malfeasance?

Attacks against supply chain, energy, water, fuel, and food, many of which are believed to have been orchestrated by Russian nationals, have underscored the need for the international community to try to find practical ways to reduce the volume of this activity.

The Biden Administration decided to convene a 30-country meeting to discuss this growing cybercrime problem. Conspicuously, Russia was left off the list of participants in the meeting, an interesting omission considering Russian cyber criminals’ perpetuation of ransomware campaigns that have netted millions of dollars in extortion fees.

Read More
21 Sep 2021

Smart Voting App, Removed by U.S. Tech Giants, Threatens Putin’s United Russia Party in Recent Duma Election

This most recent Russian election provides clear evidence that the Russian Government is meddling as much in their own elections, to achieve the Kremlin-designed outcome, as they have in recent American elections  – with one RFE/RL headline proclaiming:  “Hacking Servers. Online Blocking. Police Raids. Information Attacks. What Won’t The Kremlin Do To Stop ‘Smart Voting’?”

Read More
08 Sep 2021

TeamTNT hacking group strikes thousands of victims worldwide

TeamTNT hacking group has increased its abilities by adding a set of tools that allow it to target multiple operating systems. AT&T researchers released a report detailing the new campaign, called Chimaera, which is believed to have begun earlier this summer. The operation is based on command-and-control server logs and

Read More