Belarusian police recently shut down an underground forum that had been a key marketplace in the Russian-speaking cybercrime scene since 2012. The forum, called XakFor, was used for the distribution of malware, botnets and other cybercrime services. Unlike the vast majority of similar platforms, XakFor operated on the open, indexed

North Korea has denied a recent United Nations report stating that the country has used “widespread and increasingly sophisticated” cyberattacks to steal around $2 billion from financial institutions and cryptocurrency exchanges. According to the UN, Pyongyang has used these funds to pursue the development of weapons of mass destruction (WMDs).

This special report is the first of a two-part series designed to both inform OODA members on the nature of challenges to our nation’s most critical infrastructure and provide recommendations for action that can mitigate these challenges. Our thesis is that America’s most critical infrastructure is our cognitive infrastructure. This is also the most attacked and least defended. In short, our most important critical infrastructure is also our most neglected infrastructure.

China was behind the years-long campaign targeting iPhone users that was recently uncovered by Google researchers, two separate reports claim. Last week, Google published a report about the campaign, which targeted users via a number of malicious websites. Merely visiting one of those sites could result in a user having

Foxit Software, a software provider best known for its PDF reader, has experienced a data breach exposing the private information of users with a free account. According to the firm, “third parties” gained access to full names, email addresses, passwords, phone numbers, company names and IP addresses. Foxit Software has

Last Friday, threat actors compromised the Twitter account of the social media platform’s very own CEO Jack Dorsey and used it to send out a string of vulgar and racist tweets, including a bomb threat regarding Twitter’s headquarters. After 18 minutes Twitter managed to recover the account and assured users

Threat actors are adding backdoor admin accounts to compromised WordPress websites as part of an ongoing campaign targeting over 10 vulnerable plugins for the highly popular content management system, a security researcher with Defiant has discovered. The campaign was first spotted last month. At first, the attackers were injecting WordPress

Threat actors may have hacked into thousands of iPhones via an “indiscriminate” attack involving a number of malicious websites, new research by Google shows. The websites were visited by thousands of users per week and according to Ian Beer of Google, “simply visiting the hacked site was enough for the

Threat actors have managed to infect the systems of hundreds of US dental practice offices with ransomware by compromising third-party software. The exploited software is DDS Safe, a medical data backup solution offered by The Digital Dental Record and PerCSoft. Last weekend, hackers compromised the DDS Safe infrastructure, which enabled

The US Department of Justice (DoJ) is charging Paige Thompson, the person thought to be behind the massive Capital One data breach, with obtaining unauthorized access to the data of over 30 companies and of launching cryptojacking attacks on compromised company networks. Cryptojacking refers to the illegitimate use of a