04 Oct 2021

Hackers as Global Private Contractors is a Pandora’s Box You Do Not Want to Open

The U.S. Department of Justice (DoJ) recently fined three former National Security Agency (NSA) hackers who worked as service contractors for a United Arab Emirates (UAE) cybersecurity company named DarkMatter. These three individuals were not the only former ex-U.S. Intelligence officers working for the company. DarkMatter employed more than a dozen former NSA hackers who would use the skills and techniques learned from the NSA to help the UAE target and compromise the phones and computers of its enemies. These “enemies” included human rights activists, journalists, and political rivals. At the core of this issue is the fact that these ex-intelligence operatives used cutting-edge cyber-espionage tools learned from their time in the U.S. Intelligence Community on behalf of a foreign intelligence service.

Read More
30 Sep 2021

NSA, CISA partner for guide on safe VPNs amid widespread exploitation by nation-states

The NSA and CISA have released a detailed guide pertaining to how organizations and individuals should select virtual private networks as they remain actively under attack and face exploitation from nation states and cybercriminals alike. The guide also features details on ways to deploy a VPN securely. The NSA stated

Read More
24 Sep 2021

Inman’s Rules: The Enduring Principles of Operational Intelligence

Admiral Bobby Ray Inman retired from the US Navy in 1982. But his influence endures. His principles, which he codified into a list still exchanged among intelligence community leaders today, is now known as Inman’s Rules. In this OODAcast interview of Admiral Inman we review these rules, seeking insights into how they can be applied to business and government intelligence and operations today.

Consider his 31 rules and how they will apply to your organization.

Read More
15 Sep 2021

DOJ fines NSA hackers who assisted UAE in attacks on dissidents

The Justice Department has announced a deal with three former US Intelligence operatives that allows them to pay a fine rather than face jail time for breaking multiple laws when conducting offensive hacking for the government of the United Arab Emirates. The deal is controversial, as it allows the three

Read More
14 Sep 2021

Quantum Computing Use Cases and Post-Quantum Cryptography

Quantum computing is fascinating, complex, highly technical, sometimes daunting to conceptualize technological breakthrough and driver of the future marketplace. So yes, the promise of quantum computing will happen and is happening. The question is how quantum will have an impact during a growth phase in which the capital expenditure capabilities and strategic concerns are driven more by governmental, governmental agency’s and non-state actors’ ability to deploy adversarial methods only possible with next-generation quantum computational power.

Read More
04 Aug 2021

Hackers target Kubernetes to steal data and processing power. Now the NSA has tips to protect yourself

The NSA recently released guidance regarding Kubernetes to aid organizations in deploying the open-source platform without exposing it to hackers seeking to steal data and processing power. The application is utilized by organizations for managing containerized applications. The guidance was a joint publication that was also authored by the DHS’s

Read More
02 Aug 2021

NSA Warns Public Networks are Hacker Hotbeds

The NSA has warned that attackers are targeting teleworkers taking advantage of free public networks to steal corporate data that may be sensitive. The US National Security Agency offered advice to security teams that are seeking the best wireless practices to protect corporate networks and personal devices. According to the

Read More
06 Jul 2021

Widespread Brute-Force Attacks Tied to Russia’s APT28

US and UK authorities have declared that a known advanced threat actor, APT28, also referred to as Fancy Bear or Strontium, has been tied to a range of brute-force password spraying attacks against hundreds of government and private sector targets worldwide, including European governments and military. The joint alert was

Read More
19 Apr 2021

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

The National Security Agency (NSA) has released an alert warning that five vulnerabilities are being actively targeted by nation-state actors. The bugs affect VPN solutions, collaboration-suite software, and virtualization technologies in widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor, and VMware. According to the NSA, the goal of the

Read More
23 Feb 2021

Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool

According to recent Check Point Security Research, Chinese threat actor group APT31 allegedly cloned and re-used a National Security Agency hacking tool years before Microsoft patched the severe vulnerability that it targeted. The tool was a Windows-based program that was referred to as “Jian” until the Microsoft vulnerability was patched

Read More