06 Sep 2019

Belarusian police shut down notorious hacking forum

Belarusian police recently shut down an underground forum that had been a key marketplace in the Russian-speaking cybercrime scene since 2012. The forum, called XakFor, was used for the distribution of malware, botnets and other cybercrime services. Unlike the vast majority of similar platforms, XakFor operated on the open, indexed

Read More
04 Sep 2019

North Korea Denies Making $2bn from Cyber-Attacks

North Korea has denied a recent United Nations report stating that the country has used “widespread and increasingly sophisticated” cyberattacks to steal around $2 billion from financial institutions and cryptocurrency exchanges. According to the UN, Pyongyang has used these funds to pursue the development of weapons of mass destruction (WMDs).

Read More
03 Sep 2019

America’s Most Critical Infrastructure is also Our Most Neglected Infrastructure

This special report is the first of a two-part series designed to both inform OODA members on the nature of challenges to our nation’s most critical infrastructure and provide recommendations for action that can mitigate these challenges. Our thesis is that America’s most critical infrastructure is our cognitive infrastructure. This is also the most attacked and least defended. In short, our most important critical infrastructure is also our most neglected infrastructure.

Read More
02 Sep 2019

Report: China behind iPhone hacking, targeted Android and Windows too

China was behind the years-long campaign targeting iPhone users that was recently uncovered by Google researchers, two separate reports claim. Last week, Google published a report about the campaign, which targeted users via a number of malicious websites. Merely visiting one of those sites could result in a user having

Read More
02 Sep 2019

Foxit Software Discloses Data Breach Exposing User Passwords

Foxit Software, a software provider best known for its PDF reader, has experienced a data breach exposing the private information of users with a free account. According to the firm, “third parties” gained access to full names, email addresses, passwords, phone numbers, company names and IP addresses. Foxit Software has

Read More
02 Sep 2019

Why Twitter Blames AT&T For The Hack Of Its CEO Jack Dorsey Account, Sending Shocking Racist Tweets

Last Friday, threat actors compromised the Twitter account of the social media platform’s very own CEO Jack Dorsey and used it to send out a string of vulgar and racist tweets, including a bomb threat regarding Twitter’s headquarters. After 18 minutes Twitter managed to recover the account and assured users

Read More
02 Sep 2019

WordPress sites under attack as hacker group tries to create rogue admin accounts

Threat actors are adding backdoor admin accounts to compromised WordPress websites as part of an ongoing campaign targeting over 10 vulnerable plugins for the highly popular content management system, a security researcher with Defiant has discovered. The campaign was first spotted last month. At first, the attackers were injecting WordPress

Read More
30 Aug 2019

Malicious websites were used to secretly hack into iPhones for years, says Google

Threat actors may have hacked into thousands of iPhones via an “indiscriminate” attack involving a number of malicious websites, new research by Google shows. The websites were visited by thousands of users per week and according to Ian Beer of Google, “simply visiting the hacked site was enough for the

Read More
30 Aug 2019

Ransomware hits hundreds of dentist offices in the US

Threat actors have managed to infect the systems of hundreds of US dental practice offices with ransomware by compromising third-party software. The exploited software is DDS Safe, a medical data backup solution offered by The Digital Dental Record and PerCSoft. Last weekend, hackers compromised the DDS Safe infrastructure, which enabled

Read More
30 Aug 2019

Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking

The US Department of Justice (DoJ) is charging Paige Thompson, the person thought to be behind the massive Capital One data breach, with obtaining unauthorized access to the data of over 30 companies and of launching cryptojacking attacks on compromised company networks. Cryptojacking refers to the illegitimate use of a

Read More