25 Jan 2023

Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

Microsoft has confirmed that it plans to change its software to automatically block all XLL add-in files that have been downloaded from the internet. The reasoning behind the update is to prevent phishing attacks and malware downloads that rely on these types of lures. Microsoft stated that the plans will

Read More
08 Dec 2022

Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks

The Swiss government has recently made efforts to deem it mandatory for critical infrastructure providers to report cyberattacks to the National Cyber Security Centre. The efforts have resulted in proposed amendments to the Information Security Act. The Swiss Parliament has been tasked with amending the act, which aims to provide

Read More
20 Oct 2022

Deadbolt Ransomware Extorts Vendors and Customers

The deadbolt ransomware has launched an ongoing campaign targeting NAS devices from the Taiwanese vendor QNAP such as those deployed in schools, individual home users, and other organizations by leveraging zero-day vulnerabilities as an initial attack vector. The prolific ransomware group is targeting the NAS devices and monetize its efforts

Read More
29 Jul 2022

OODA Network Member John Sullivan on the 2X Increase in Cyber-Attacks on the Port of Los Angeles

In February, we provided further analysis of the impact of Covid-19 and resilient supply chains – with a focus on the Ports of Los Angeles/Long Beach and their role in the strategic impact of global intermodal supply chain gridlock on IT supply chains. As a follow-up to this analysis, this recent item from the OODA Loop DAily Pulse on Monday, July 25h caught our eye: “Cyber-Attacks on Port of LA Double.”  Historically, from a national security perspective, this port infrastructure in south Los Angeles has always been a geopolitical target.  In fact, the Los Angeles Harbor was #2 on the Japanese attack list after Pearl Harbor.

How is this historical threat vector extending into cyber in 2022?

Read More
11 Apr 2022

Finland Government Sites Forced Offline by DDoS Attacks

Websites belonging to Finland’s defense and foreign affairs ministries were taken offline following DDoS attacks against the entities. The ministries confirmed the cyberattacks via Twitter earlier today, however, it appears that the websites are back online. Finland’s Ministry of Defense wrote that the website would be shut down until the

Read More
11 Mar 2022

Could Russian Hackers Cripple U.S. Health Care Systems?

Sick people seeking lifesaving care in the United States could fall victim to a hidden part of Russia’s war on Ukraine — vicious cyberattacks aimed at sowing disruption, confusion and chaos as ground forces advance. Cybersecurity experts warn that attacks launched against Ukrainian institutions have the potential to spill over into

Read More
11 Mar 2022

‘We are not ready’: a cyber expert on US vulnerability to a Russian attack

The war between Russia and Ukraine has been widely anticipated to play out online, in addition to on the ground. Moscow’s cyberwar capabilities have long been cause for concern. Russia has a record of coordinating cyber-attacks on the US, Ukraine, and other adversaries. And the country has established itself in

Read More
11 Mar 2022

China says U.S. addresses used its computers to launch cyberattacks on Russia, Ukraine

China has experienced continuous cyberattacks since February in which internet addresses in the United States have been used to seize control of Chinese computers to target Belarus, Russia and Ukraine, state news agency Xinhua said on Friday.  It cited the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC),

Read More
17 Nov 2021

Now Iran’s state-backed hackers are turning to ransomware

Microsoft has found that six different Iranian hacker groups are behind new waves of ransomware attacks that have been identified every six to eight weeks since the fall of 2020. The Iranian hackers are allegedly deploying ransomware to disrupt targets or to collect funds. Microsoft stated that the hacking groups

Read More
08 Nov 2021

Cloudflare report highlights devastating DDoS attacks on VoIP services and several ‘record-setting HTTP attacks’

This week, Cloudflare released its Q3 DDoS Attack Trends report. The company found that Q3 witnessed a record-setting number of devastating attacks on VoIP services. Researchers stated that the quarter also included several HTTP DDoS attacks, terabit-strong network-layer attacks, and one of the largest botnets ever deployed. The VoIP attack

Read More