American Express has been fined by the UK’s Information Commissioner’s Office (ICO) for sending out over four million spam emails, becoming the latest big-name brand to receive a fine from the data protection regulator. The company has been fined £90,000 for the emails, which were marketing messages. The ICO alleges
Although most of the attacks that make headlines pertain to large companies and organizations, a new report found that cyberattacks are costing small businesses in the US an average of $25,000 annually. The report was published by an international insurance company called Hiscox and it surveyed 6,000 cybersecurity professionals in
The Lemon Duck cryptocurrency mining botnet has adapted its tactics, now targeting Microsoft Exchange servers via ProxyLogon in a new campaign against North American targets. The botnet is leveraging the ProxyLogon exploits to conduct effective attacks while incorporating new techniques such as anti-detection capabilities and the addition of the Cobalt
On Friday, representatives from Google, Facebook, and Twitter appeared before an Australian security committee to warn them against banning all mentions of content deemed inappropriate on Australian social media. The tech giants appeared as a united front, hoping to sink the idea that they are collaborating to thwart nefarious activity,
On 15 April the Biden Administration formally attributed the Solar Winds attacks to Russia’s Foreign Intelligence Service, the SVR. Soon thereafter they issued several directives implementing sanctions against Russia and some Russian related business leaders. The fall out from these actions is still underway and we will continue to track and assess how these matters could impact business and government strategies and decision-making. This post provides context important in assessing why any cyber retaliation needs to be both quick and meaningful.
Something is different in the geopolitical situation today. The reasons are probably a combination of factors that include the pandemic, the rise of the global grid of cyberspace, plus the payoff of years of planning and strategic moves by our adversaries. But whatever the reasons, the world today is more complicated and more dangerous than the world of just a year ago, and in many cases the risks being faced by open societies have never been seen before. The changes are so significant, OODA recommends all business leaders take stock of the geopolitical situation and assess how the nature of these changes should impact your business strategy.
“The world is a more dangerous and complicated place than it was just a year ago. Your corporate strategy and defensive posture needs to reflect that”
A major ransomware attack has hit the Spanish employment agency, resulting in hundreds of offices across the country shutting down at a critical time due to high unemployment rates brought on by the Covid-19 pandemic. The security incident affected the availability of the agency’s ITC systems while security professionals work
This post provides executive level context and some recommendations regarding a large attack exploiting Microsoft Exchange, a system many enterprises use for mail, contact management, calendar/scheduling and some basic identity management functions. This attack is so large and damaging it is almost pushing the recent Solar Winds attacks off the headlines. Keep in mind that till this point, the Solar Winds attack was being called the biggest hack in history. So this is a signal that the damage from this one will also be huge.
It is not just the technical team that will have to respond. Executives everywhere should consider their action plans. This post will help you kickstart that.
As a logger and holstein farmer, my grandfather was heavily dependent on the weather for his livelihood. Each year, he purchased a copy of the Old Farmer’s Almanac and it was kept in an easily accessible reading spot for reference. Taken on a day by day basis, the Farmer’s Almanac was not the greatest of guides, but if you took it on a month-by-month basis it claims about an 80% accuracy, which was more than enough to guide generalized decisions about logging and farming environments in Vermont’s Northeast Kingdom.
The OODA Almanac proposes to identify those topics and patterns we see having significance in 2021 to guide your short and long-term decision making. Over the course of 2021, we will continue to inject additional observations on these topics into our analysis or as stand-alone tidbits of observed intelligence (OODINT).
On December 21, 2020, a new communications code was introduced in the European Union with hopes of harmonising the legal framework for electronic communications. However, the Australian government and governments from Canada, New Zealand, the UK and the US have unveiled undesired, unintended consequences of the new code. The code