The UK government will set a deadline for removing made-in-China surveillance cameras from “sensitive sites.” News of the not-very-imminent deadline came with on Tuesday with the publication of proposed amendments [PDF] to the Procurement Bill – legislation that will reformRead more
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.Read more
Share to FacebookShare to TwitterShare to Linkedin Democratic and Republican leaders of Senate Judiciary and Senate Commerce panels are pressing TikTok’s CEO to explain company testimony about American user data and China that runs counter to discoveries in recent reportingRead more
Like our recent coverage of the People’s Republic of China’s advanced persistent threat (APT) Volt Typhoon, OODA Loop Contributor Emilio Iasiello led the way with his recent coverage of the international cooperation that led to the multi-lateral disruption of aRead more
The European Union is considering a mandatory ban on member-states using companies that might pose a security risk in their 5G networks, including China’s Huawei Technologies Co Ltd, the Financial Times reported on Tuesday. The move comes as a responseRead more
China is taking a significant step forward in regulating generative artificial intelligence (Generative AI) services with the release of draft measures by the Cyberspace Administration of China (CAC). These proposed rules aim to manage and regulate the use of GenerativeRead more
CyberheistNews Vol 13 #23 | June 6th, 2023 [Wake-Up Call] It’s Time to Focus More on Preventing Spear Phishing Fighting spear phishing attacks is the single best thing you can do to prevent breaches.
Video communications business Zoom announced a handful of new privacy measures on Tuesday in the wake of a record fine for social media giant Meta for transferring European citizens’ data to the United States. Zoom is to allow paying customers in the European Economic Area (EEA) to keep their data inside the EEA, only sharing …
Zoom brings in new privacy measures following EU fine for Meta Read More »
The Volt Typhoon cyberattack about a week or so ago on the militarily strategic U.S. territory of Guam serves as a wake-up call for all cybersecurity leaders managing industrial installations and other critical infrastructure on the U.S. mainland. The same Chinese state-backed group behind Volt Typhoon has been known to have been silently monitoring U.S. …
Ransomware attacks now make up an huge chunk of all recorded security incidents, the Log4j vulnerability was used in 3 in 4 digital espionage campaigns and employees continue to pose more of a practical cyber threat to most organizations than the Russian GRU or Chinese Ministry of State Security. Those are some of the conclusions …
Ransomware attacks have room to grow, Verizon data breach report shows Read More »
The Divided Tech Landscape: U.S.-China Decoupling and the Rise of Generative AI The race for dominance in the field of artificial intelligence (AI) intensifies as the U.S.-China decoupling shapes the tech landscape. One particular area gaining momentum is generative AI, which involves transforming text into various forms of content. China, in its quest to reduce …
China’s Billion-Dollar Bet: Baidu’s $145M AI Fund Signals a New Era of AI Self-Reliance Read More »
The Defense Information Systems Agency unveiled a new workforce initiative last week to better position the agency to respond to China and other hostile nation states that “pose increasingly sophisticated IT and cyber threats against the United States.” Known as Workforce 2025, the strategy — issued on June 1 — is designed to help DISA …
How DISA plans to use its workforce to combat China and global adversaries Read More »
Russia has started tentative blocks of the OpenVPN protocol on several mobile internet service providers since last week. The fact became known after several Moscow-based users complained about their ability to connect to OpenVPN-powered services through the MTS, Tele2, Megafon, Colna, Yota, and Beeline providers. While connectivity has been restored in some cases, problems persist …
Russia Begins Testing Blocks on the OpenVPN Protocol Read More »
India and the United States have created a roadmap for defense industry cooperation over the next few years. This move is expected to bolster New Delhi’s defense manufacturing ambitions. The United States is looking to deepen ties with India as they are the world’s largest arms importer and sees these ties with India as a …
India, US agree on roadmap for defence industry cooperation Read More »
Jirah Mickle Jirah Mickle joined Tenable in 2021 as the Content Marketing Manager. Her mission is to inspire humanity and change the world around her, one story, one person, at a time. Jirah uses her writing, research and storytelling skills to help organizations understand why cloud security is so important in today’s digital landscape. Her …
The Health Sector Cybersecurity Coordination Center (HC3) at the U.S. Department of Health & Human Services (HHS) assessed that the critical vulnerability that exists in MOVEit Transfer software could result in unauthorized access and privilege escalation across the healthcare sector. MOVEit Transfer is commonly used by healthcare organizations to securely transfer large files and data …
Microsoft revealed on May 24 that the Chinese threat group Volt Typhoon attempted to gain access to communications systems in the United States, including Navy infrastructure on Guam. Secretary of the Navy Carlos Del Toro later confirmed the Navy “has been impacted” by the cyberattacks, although he provided no further details. Following the release of …
This blogpost aims at understanding and contextualising cyber malicious activities associated with Iran-nexus intrusions sets over the 2022-2023 period. It does not establish an exhaustive list of campaigns or reported intrusion sets, but rather offer a strategic analysis pertaining to the Iranian cyber threat. Information cut-off date is 5 May 2023. CONTEXT The Islamic Republic …
As we begin to ramp up for OODAcon 2023 (October 25th in Reston, VA), we return to Matt’s opening comments from OODAcon 2022. Find the full transcript below, as well as a link to the audio file. Matt’s slides are also integrated into the transcript. Matt’s opening comments feel like they could have been put …
In late September 2021, staff at Taiwanese threat intelligence company TeamT5 noticed something very nasty: a fake news report accusing it of conducting phishing attacks against Japan’s government and local tech companies. The timing of the press release was an indicator of its malice. Whoever posted it did so just before Taiwan’s Moon Festival, one …
Meet TeamT5, the Taiwanese infosec outfit taking on Beijing and defeating its smears Read More »
Eurostat, the EU’s statistical agency, released the latest data on car trade. China now accounts for nearly 50% of Europe’s EV imports. To put this in context, Europeans purchased about 9 million cars in 2022, of which 12%, or 1 million cars, were EVs. Of these, 500,000 originated from China. Read Entire ArticleRead more
As technology advances, more and more organizations are turning to cloud computing as a necessary solution for their data storage and processing needs. Cloud computing is a widely accepted trend in the information technology industry, and it allows users to access computer services through the Internet at any time. This technology is becoming increasingly crucial …
25 Best Cloud Service Providers (Public and Private) in 2023 Read More »
North Korea-linked APT group Kimsuky is posing as journalists to gather intelligence, a joint advisory from NSA and FBI warns. A joint advisory from the FBI, the U.S. Department of State, the National Security Agency (NSA), South Korea’s National Intelligence Service (NIS), National Police Agency (NPA), and the Ministry of Foreign Affairs (MOFA), warns that North-Korea-linked Kimsuky APT …
Kimsuky APT poses as journalists and broadcast writers in its attacks Read More »
The Russian federal security agency, the FSB, has put out a security alert claiming that US intelligence services are behind an attack campaign that exploits vulnerabilities in iOS and compromised thousands of iPhones devices in Russia, including those of foreign diplomats. In a separate report, Russian antivirus vendor Kaspersky Lab said that several dozen of …
Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab Read More »
According to Kaspersky, this is an ongoing investigation, and the perpetrators are yet to be determined. The CEO of cybersecurity giant and antivirus vendor Kaspersky, Eugene Kaspersky, revealed in a blog post that dozens of iPhones used by their senior employees contained spyware capable of recording audio, capturing images from messaging apps, geolocation, and more. …
Kaspersky Reveals iPhones of Employees Infected with Spyware Read More »
Apple has denied allegations that it helped US authorities spy on Russian iPhone users. Russia’s Federal Security Service (FSB) on Thurs. claimed it uncovered a US National Security Agency (NSA) operation which hacked several 1,000 iPhones using sophisticated surveillance software. The US intelligence agency was allegedly able to use specifically designed “software vulnerabilities” to infect Apple’s phones …
Apple now Denies Hacking 1,000s of iPhones in Russian Spy Plot! Read More »
The White House says Section 702 is critical for cybersecurity, yet public evidence is sparse | CyberScoop Skip to main content Advertisement Advertisement Close Government An FBI official told CyberScoop that a “plurality” of Section 702 searches pertain to investigations into nation-state cyberattacks. Senate Intelligence Committee Co-Chair Mark Warner, seen here at the U.S. Capitol …
Director of National Intelligence Avril Haines As-Delivered Remarks for GEOINT 2023 St. Louis, Missouri May 24, 2023 Truly, thanks so much, Jennifer, for that wonderful introduction, and thanks, Ronda, too for your incredible leadership of the U.S. Geospatial Intelligence Foundation over the years. For two decades, the Foundation’s partnership with NGA and the entire spectrum …
For me, cybersecurity can seem small. Beyond my community of friends and colleagues, all I can see is a cyber world that is a mirrored reflection of a reflection of repeated activities. Attack. Defend. Analyze. Adapt. Attack. Defend. Analyze. Adapt. While the attackers are generally conceived as US foreign adversaries(1), the rest of the cycle …
reader comments 112 with Moscow-based security firm Kaspersky has been hit by an advanced cyberattack that used clickless exploits to infect the iPhones of several dozen employees with malware that collects microphone recordings, photos, geolocation, and other data, company officials said. “We are quite confident that Kaspersky was not the main target of this cyberattack,” …
Clickless iOS Exploits Infect Kaspersky iPhones With Never-Before-Seen Malware Read More »
