07 Feb 2023

A Conversation with OODA Network Expert Kristin Del Rosso on Cybersecurity and National Vulnerability Database Research

In this OODA Loop Q&A with OODA Network Expert Kristin Del Rosso, we discuss her presentation last year at labscon.io 2022 in Scottsdale, AZ, entitled “Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure.” Del Rosso is a product manager at Sophos focusing on Incident Response, Threat Intelligence, and the SecOps ecosystem. Previously, she was an analyst on Lookout Mobile Security’s Threat Intelligence team, focusing on reversing Android surveillance software, and tracking threat actors and their infrastructure.

Read More
07 Feb 2023

Vulnerability Provided Access to Toyota Supplier Management Network

 Car manufacturer Toyota as been alerted to a severe vulnerability in its web portal for the global supplier management network. According to Toyota, security researcher Eaton Zveare detected the vulnerability and was able to exploit it to gain access to sensitive information. The impacted web portal provides Toyota employees and

Read More
07 Feb 2023

Patch Released for Actively Exploited GoAnywhere MFT Zero-Day

The developers behind the GoAnywhere managed file transfer (MFT) software have released a patch for a critical zero-day vulnerability. The flaw was identified recently and warnings of active exploitation emerged roughly a week ago. The company behind the software has not released any details about the attacks targeting the vulnerability.

Read More
06 Feb 2023

The Chinese IoT Threat: CBS News Features OODA Network Expert Charlie Parton

We recently featured a three-part series based on a report by Charlie Parton and Dr.  Samantha Hoffman.  In the shadow of the Chinese surveillance balloon/national security threat which played out last week, CBS News Weekender picked up the OODA Loop series based on the report – and arranged an interview with Charlie to discuss the details of the white paper: “A new OODA report warns that Chinese-manufactured microchips embedded in smart devices such as fridges and laptops pose a threat to U.K. national security. The author of the report, Charles Parton, joined CBS News to discuss how such microchips could also impact U.S. national security.”

Find the CBS interview and the OODA Loop series, with a link to the complete report, here. 

Read More
03 Feb 2023

US Man Charged in $110m Crypto Trading Scheme

Avraham Eisenberg, a 27-year-old American man, has been charged with fraudulently obtaining $110 million of cryptocurrency from the crypto exchange Mango Markets. Avraham was reportedly living in Puerto Rico at the time of the scheme. He now faces up to 40 years in jail, according to the Department of Justice.

Read More
02 Feb 2023

City of London on High Alert After Ransomware Attack

Ion Cleared Derivatives, a key supplier of trading software to the City of London, has released a statement confirming that it was hit by a suspected ransomware attack. The attack affected some of its services and therefore disrupted activity in the derivatives market. According to the supplier, the incident has

Read More
01 Feb 2023

30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability

Censys, an attack surface management firm, has identified roughly 30,000 internet-exposed QNAP network attacked storage appliances that have been affected by a critical vulnerability. The vulnerability is a critical-severity code injection vulnerability that is described as an SQL injection bug. It allows remote attackers to inject malicious code into vulnerable

Read More
01 Feb 2023

Microsoft’s Verified Publisher Status Abused in Email Theft Campaign

On Tuesday, Microsoft and cybersecurity firm Proofpoint warned that a threat actor had recently abused Microsoft’s verified publisher status to launch a campaign involving malicious OAuth applications. The warning stated that organizations using cloud services should be aware of the campaign, especially those in Ireland and the UK. Microsoft has

Read More
31 Jan 2023

Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware

TrickGate, a malicious live software service, has been deployed by threat actors in recent attacks to bypass endpoint detection. The malware is not new, and has been deployed against detection measures and response protection software for six years. Check Point Research recently released a report detailing TrickGate and its usage

Read More
31 Jan 2023

Killnet Attackers DDoS US and Dutch Hospitals

According to recent reports, Russian hactivists targeted several hospitals across the US and the Netherlands with DDoS attacks. The campaign targeted facilities including the University of Michigan Hospital and Stanford Health Care Center. The recent attacks may be in response to President Biden’s recent decision to send dozens of Abrams

Read More