27 Jan 2022

Take Your QNAP NAS Offline! DeadBolt Ransomware Locks Devices via Alleged Zero-Day Flaw

A new ransomware strain is allegedly targeting the QNAP customer base, effectively locking users out of the Network Attached Storage (NAS) devices and prohibiting them from accessing stored data. The attacks are stemming from a zero-day flaw in the products, according to security researchers. QNAP NAS have been a target

Read More
25 Jan 2022

The January 2022 OODA Network Member Meeting: Putin, Russia, Gray Zone Conflict Capabilities and The Future of Europe

To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.

Read More
18 Jan 2022

The Global Cyber Criminal Threat: Interpol, Europol and European Nations Step Up to the Plate in 2022

Two recent developments in the fight against global ransomware criminal organizations should filter into your organization’s risk awareness relative to the events in Europe and the overall cyber threat worldwide.

Read More
18 Jan 2022

Are Initial Access Brokers the Next Crime Target for Governments?

Initial Access Brokers (IAB) are poised to become a force in 2022, due to a unique skill set that positions them as a valuable commodity for the deployment of hostile cybercrime activity. IABs serve as middlemen, specializing in the exploitation of victims and gaining initial entry. Once achieved and sustained, these actors sell these unique accesses to interested customers on dark web forums and markets. In this capacity, they execute the first phase of a cyber-attack chain, performing the necessary research prior to conducting an operation. Emilio Iaisiello explores the implications of the growth of IABs.

Read More
18 Jan 2022

Ukraine: Wiper malware masquerading as ransomware hits government organizations

Microsoft researchers have revealed evidence of a malware operation targeting multiple organizations in Ukraine in the wake of last week’s cyber attack on Ukrainian government websites. The new attack is deploying Master Boot Records (MBR) wiper malware disguised as ransomware. According to Microsoft, the malware first appeared on the victimized

Read More
18 Jan 2022

Russia arrests REvil ransomware gang members at request of US officials

14 members of the REvil ransomware group have been arrested by the Russian government. A joint effort between the Federal Security Service of the Russian Federation and the Ministry of Internal Affairs of Russia led to the arrest of the members of the cybercrime group. Several assets were seized in

Read More
13 Jan 2022

Ransomware Attack Takes Thousands Of U.S. School Websites Offline

Thousands of schools in the US were impacted by a ransomware attack that targeted Finalsite, a company that provides schools with hosted tools to manage their online presence and communications. Since the cyberattackers targeted Finalsite instead of individual school systems, thousands of school websites hosted by Finalsite went down at

Read More
13 Jan 2022

Ransomware locks down prison, knocks systems offline

The Metropolitan Detention Center in Bernalillo County, New Mexico, was forced into lockdown on January 5 due to a cyberattack that targeted the county’s systems and deployed malware. Local government systems were impacted by the cyberattack, including those that are used to manage the prison. Inmates were required to remain

Read More
10 Jan 2022

Cyber criminals are mailing out USB drives that install ransomware

According to the FBI, a cybercrime group has been attempting to compromise devices via thumb drives. The malicious group has been mailing out USB thumb drives, hoping that recipients will fall for the trick and plug them into their devices, effectively installing ransomware on their networks. The drives reportedly contain

Read More
28 Dec 2021

Shutterfly reports ransomware incident

Shutterfly, a digital photography company, has reported a ransomware attack that occurred on Sunday. Shutterfly confirmed that portions of the Lifetouch and BorrowLenses business were affected. The company also experienced interruptions with Groovebook manufacturing offices, and corporate systems due to the attack. Shutterfly stated that it had contacted law enforcement

Read More