Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
Microsoft has confirmed that it plans to change its software to automatically block all XLL add-in files that have been downloaded from the internet. The reasoning behind the update is to prevent phishing attacks and malware downloads that rely on these types of lures. Microsoft stated that the plans will
Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks
The Swiss government has recently made efforts to deem it mandatory for critical infrastructure providers to report cyberattacks to the National Cyber Security Centre. The efforts have resulted in proposed amendments to the Information Security Act. The Swiss Parliament has been tasked with amending the act, which aims to provide
Deadbolt Ransomware Extorts Vendors and Customers
The deadbolt ransomware has launched an ongoing campaign targeting NAS devices from the Taiwanese vendor QNAP such as those deployed in schools, individual home users, and other organizations by leveraging zero-day vulnerabilities as an initial attack vector. The prolific ransomware group is targeting the NAS devices and monetize its efforts

OODA Network Member John Sullivan on the 2X Increase in Cyber-Attacks on the Port of Los Angeles
In February, we provided further analysis of the impact of Covid-19 and resilient supply chains – with a focus on the Ports of Los Angeles/Long Beach and their role in the strategic impact of global intermodal supply chain gridlock on IT supply chains. As a follow-up to this analysis, this recent item from the OODA Loop DAily Pulse on Monday, July 25h caught our eye: “Cyber-Attacks on Port of LA Double.” Historically, from a national security perspective, this port infrastructure in south Los Angeles has always been a geopolitical target. In fact, the Los Angeles Harbor was #2 on the Japanese attack list after Pearl Harbor.
How is this historical threat vector extending into cyber in 2022?
Finland Government Sites Forced Offline by DDoS Attacks
Websites belonging to Finland’s defense and foreign affairs ministries were taken offline following DDoS attacks against the entities. The ministries confirmed the cyberattacks via Twitter earlier today, however, it appears that the websites are back online. Finland’s Ministry of Defense wrote that the website would be shut down until the
Could Russian Hackers Cripple U.S. Health Care Systems?
Sick people seeking lifesaving care in the United States could fall victim to a hidden part of Russia’s war on Ukraine — vicious cyberattacks aimed at sowing disruption, confusion and chaos as ground forces advance. Cybersecurity experts warn that attacks launched against Ukrainian institutions have the potential to spill over into
‘We are not ready’: a cyber expert on US vulnerability to a Russian attack
The war between Russia and Ukraine has been widely anticipated to play out online, in addition to on the ground. Moscow’s cyberwar capabilities have long been cause for concern. Russia has a record of coordinating cyber-attacks on the US, Ukraine, and other adversaries. And the country has established itself in
China says U.S. addresses used its computers to launch cyberattacks on Russia, Ukraine
China has experienced continuous cyberattacks since February in which internet addresses in the United States have been used to seize control of Chinese computers to target Belarus, Russia and Ukraine, state news agency Xinhua said on Friday. It cited the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC),
Now Iran’s state-backed hackers are turning to ransomware
Microsoft has found that six different Iranian hacker groups are behind new waves of ransomware attacks that have been identified every six to eight weeks since the fall of 2020. The Iranian hackers are allegedly deploying ransomware to disrupt targets or to collect funds. Microsoft stated that the hacking groups
Cloudflare report highlights devastating DDoS attacks on VoIP services and several ‘record-setting HTTP attacks’
This week, Cloudflare released its Q3 DDoS Attack Trends report. The company found that Q3 witnessed a record-setting number of devastating attacks on VoIP services. Researchers stated that the quarter also included several HTTP DDoS attacks, terabit-strong network-layer attacks, and one of the largest botnets ever deployed. The VoIP attack