24 Jun 2020

Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

On Monday, researchers reported that hackers are exploiting Google’s Analytics service to steal credit card information from compromised e-commerce sites. Kaspersky, Sansec, and PerimeterX all published reports claiming that attackers are injecting data-stealing code onto the infected sites along with a Google Analytics tracking code for their own account. This

Read More
23 Jun 2020

Apple Suddenly Confirms Hidden iPhone Problem Impacting All Users

In February, Apple received notification of an issue in the clipboard function. Any data copied to the clipboard on an iOS device was vulnerable to visibility by any active app. The vulnerability is hidden, meaning that there is no way for a user to know when an app may be

Read More
23 Jun 2020

US .Gov Domains to Preload HSTS for Maximum Security

The DotGov program announced on Sunday that all government domains will automatically preload from TLDs to HSTS beginning September 1, 2020. The HSTS standard is more secure, as it always enforces an HTTP connection to a website. HSTS also serves to prevent users from clicking a domain with a certification

Read More
23 Jun 2020

Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms

Adobe is beginning to warn Flash Player users about the application’s end of life date (EOL), which is December 31, 2020. Adobe stated that it will begin to prompt users to uninstall the software over the next several months as the EOL approaches. After this date, Adobe will not sure

Read More
22 Jun 2020

Google Yanks 106 ‘Malicious’ Chrome Extensions

On Thursday, Google removed over 100 Chrome browser extensions that it found to be malicious, after reports that they were being used to siphon sensitive user data. Google also published the research behind the apps, in which Awake Security alleges millions of Chrome users have been targeted by threat actors.

Read More
19 Jun 2020

OODA Video: The Technologies of AI Security and Ethics

This video provides succinct context on technology companies fielding solutions to help address key concerns in the area of AI security and AI ethics. We produced this presentation for OODA members based on our own continuous market research that includes tracking VC investment and engaging with the community via AI related events but also our own AI centric due diligence engagements and cybersecurity assessments. 

Read More
18 Jun 2020

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership

According to security researchers, InvisiMole is back and has begun targeting Eastern European organizations in the military sector with a sophisticated and updated toolset and APT partnership. InvisiMole was redetected due to a new campaign and strategic collaboration with well known APT group Gamaredon. The group was first discovered by

Read More
18 Jun 2020

IT giant Cognizant confirms data breach after ransomware attack

IT services giant Cognizant has confirmed that unencrypted data was accessed and stolen during an April Maze Ransomware attack that made headlines. Cognizant is one of the largest global IT services companies, with close to 300,000 employees and over $15 billion in revenue. Cognizant performs functions such as remotely managing

Read More
18 Jun 2020

Unpatched vulnerability identified in 79 Netgear router models

79 Netgear router models have a severe security flaw that allows threat actors to take over devices remotely. The vulnerability impacts 758 different firmware versions used in 79 Netgear routers to data. The flaw is present on some firmware versions deployed on devices that date as early as 2007. The

Read More
17 Jun 2020

CIA Report Slammed Agency’s Security as “Woefully Lax”

Democrat Senator Ron Wyden expressed his concern over the CIA’s lack of proper security practices after reading a 2017 report describing the agency’s cybersecurity as “woefully lax.” The internal report was written by the WikiLeaks Task Force after the Vault 7 disclosures occurred, which was the largest data loss at

Read More