Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
That’s what we can call subsequent terrorist attacks. Don’t I mean intelligence failure? No, because by all accounts intel is doing everything it can to keep us safe without imposing the “papers please” environment fear-mongers would have you believe we are marching towards. By its own admission there is nothing wrong or illegal about the…
The mailbag fills up early today: When are you neocons going to give up? 500 shells is not a WMD program! They are so old they probably wouldn’t even work! Even your own president doesn’t care! Dude, easy on the exclamation points . . . If your reading comprehension skills were up to snuff you’d…
. . . on NK launch / no launch / shoot-down options at GroupIntel Forums: http://groupintel.net/eve/forums/a/tpc/f/9901014161/m/7341046191
Monograph really. Judge Posner’s Remaking Domestic Intelligence. An excellent treatment of the subject. If it isn’t on Charlie Allen’s bookshelf it should be.
In a striking departure from the hush-hush culture of intelligence community IT, the CIO’s office for the Director of National Intelligence is running an open online forum about certification and accreditation issues, as well as other technology matters. It might not seem like it, but this is very, very important. It is probably the most…
A perfectly good and entirely feasable idea via Bruce Schneier: There are a variety of encryption technologies that allow you to analyze data without knowing details of the data: I am reminded of the after-action meeting held after a major cyber threat event about, oh, eight years ago. In one room sat the working-level experts…
Did you see Bruce’s post this morning? So much for your profiling argument. Which is what exactly? Were we to continue the parlor game of listing terrorist attacks and linking them to race or religion I’m fairly confident that there would be more tick marks in the swarthy-ethnic-man column than in the pissed-off-whitey column. In…
As part of an effort to break down barriers between intelligence agencies, [Intelligence Community] employees will be required to serve tours of duty outside their home offices to qualify for promotion into the government’s senior ranks. A directive mandating “joint duty” assignments was recently issued by John D. Negroponte, the director of national intelligence. It…
I predict that US and coalition forces will be out of Iraq much sooner than anyone expects. I base this prediction in part on the intelligence and military aftermath following Abu Musab al-Zarqawi’s death; though not necessarily for the same reasons that other commentators have offered up. Frankly, I think al-Qaida in Iraq is too…
Courtsey of Time (oddly enough): U.S. intelligence got its first inkling of the plot from the contents of a laptop computer belonging to a Bahraini jihadist captured in Saudi Arabia early in 2003. It contained plans for a gas-dispersal system dubbed “the mubtakkar” (Arabic for inventive). Fearing that al-Qaeda’s engineers had achieved the holy grail…
(H/T Bruce Schneier) Yet another disturbing story about DHS, the punch line being: Homeland Security, the $40-billion-a-year agency set up to combat terrorism after 9/11, has been given universal jurisdiction and can hold anyone on Earth for crimes unrelated to national security — even me for a court date I missed while I was in…
The U.S. FBI may have lost 400 pieces of equipment, National Journal’s Technology Daily reported Monday.The Federal Bureau of Investigation still has not told the Government Accountability Office what has happened to hundreds of pieces of equipment that were supposed to be part of a failed department-wide case-management system. “The FBI also has not provided…
Homeland Security Secretary Michael Chertoff no longer has a problem with spam. Not wanting to be deluged with lots of garbage, Chertoff no longer uses e-mail. His conversion to Luddism started after Hurricane Katrina last year, when a deluge of overnight messages about levee breaches flooded his e-mail account, according to a report in U.S.…
“John Doe,” late of the CIA, sounds off with his ideas on how to shake things up (via Washington Times): Why not reform the intelligence community to make core functions the centerpiece of a truly effective intelligence service? A small but efficient DNI office can manage the community and serve as the link to policy-makers.…
Iraq’s national security adviser said Thursday a “huge treasure” of documents and computer records was seized after the raid on terror leader Abu Musab al-Zarqawi’s hideout, giving the Iraqi government the upper hand in its fight against al-Qaida in Iraq. […] When asked how he could be sure the information was authentic, al-Rubaie said “there…
Hundreds of people, mostly retired members of security forces have gathered near government buildings in the capital of Lebanon to protest against deteriorating economic conditions. Lebanese officers have fired tear gas at the protestors. The crowds gathered on Wednesday in central Beirut carrying Lebanon’s tricolor or flags with the logos of security forces. The protest…
ChipMixer, a cryptocurrency mixer, has been the subject of a recent join investigation led by German and US authorities alongside support from Europol, Belgium, Poland, and Switzerland. The anti-money laundering operation took down ChipMixer infrastructure and seized servers. Additionally, the authorities took 7TB of data, and roughly $47.3 million in Bitcoin. Most of the seized…
China’s anti-fraud watchdog has accused Zhao Weiguo, chip tycoon, of corruption. This accusation is the latest sign of trouble faced by the country’s semiconductor industry. Mr Zhao is the former chairman of computer chipmaker Tsinghua Unigroup. Tsinghua Unigroup was a branch of the prestigious Tsinghua University attended by President Xi Jinping. the state-backed company made…
Winter Vivern, an advanced persistent threat group that has been tied to Russian interest has been observed conducting espionage campaigns targeting government organizations. Additionally, the group targeted a private telecommunication organization during the campaign. Security researchers at SentinelOne shared details about the campaign in an advisory published on Thursday. The APT activity was identified by…
Security researchers at ESET have reportedly identified dozens of websites constructed to deliver trojanized versions of the popular messaging platforms WhatsApp and Telegram. According to ESET, the campaign is targeting Android and Windows users with clipper malware embedded in the malicious applications. The clipper malware is designed to steal or modify the contents of the…
Nepal’s Prime Minister Pushpa Kamal Dahal has won a vote of confidence in parliament after earning the support of the centrist Nepali Congress party and other smaller groups that are expected to join his new cabinet. His old coalition allies pulled out of the government last month after he voted for an opposition candidate to…
The French government will face two votes of no confidence on Monday due to its controversial pension reform. Prime Minister Elisabeth Borne pushed the controversial pension reform bill through without a vote last week by using constitutional article 49:3. Thousands have begun to protest in the streets of France after this action. No-confidence motions have…
Killnet, a pro-Russian hacktivist group, is reportedly ramping up its distributed denial of service (DDoS) attacks against healthcare organizations. The group has been observed launching campaigns against countries supporting Ukraine as part of its pro-Russia agenda. Microsoft’s Azure Network Security released a report detailing the latest attack patterns based on data from recent campaigns. The…
The US FBI has arrested a New York man suspected to have extensive involvement in running BreachForums, a popular English-language cybercrime forum. The forum routinely sells hacked databases, credentials, and personal information belonging to data breach victims. The forum’s administrator, known as Pompompurin, has been of interest to the FBI for several years. BreachForums is…
An advanced persistent threat group with links to Russia known as APT29 has been observed leveraging legitimate information systems used by European countries to conduct cyber espionage abuse. The group is believed to be sponsored by the Russian Foreign Intelligence Service and has also been referred to as Cozy Bear, the Dukes, Nobelium, and Yttrium.…
Rubrik, a cloud data management and data security firm, has confirmed that it was targeted by threat actors in a recent attack that exploited the GoAnywhere zero-day vulnerability. The ransomware group responsible for the attack allegedly named the company on its leak website. The GoAnywhere vulnerability was disclosed on February 1 and a patch was…
China’s President Xi Jinping is traveling to Moscow to meet with Russian President Vladimir Putin next week. The two presidents plan to discuss partnership and strategic cooperation in the talks. Beijing is an ally to Russia and has recently been offering proposals to end the war in Ukraine. Western countries have warned Beijing against providing…
The Hawaii Department of Health (DOH) has begun notifying patients of a data breach that resulted in the compromise of 3,400 death records. The DOH states that it became aware of the attack in January after an external medial certifier account on its system was compromised. The login credentials stolen were reportedly published for sale…
The United States military has released footage of a Russian jet crashing into one of its drones over the black sea. The damage to the drone was bad enough that it had to be brought into the water near Crimea on Tuesday. Russia denied its fighter jet clipped the propeller of the drone, but the…
The Cisco Talos cybersecurity team has identified a previously unknown threat actor conducting espionage campaigns against Commonwealth of Independent States entities such as Azerbaijan, Tajikistan, and Kyrgyzstan. The threat actor has been dubbed YoroTrooper by security researchers and has also been observed compromising accounts from at least two international organizations, including a critical European Union…
The Housing Authority of the City of Los Angeles has released a statement outlining the impacts of a ransomware breach that was disclosed in January of this year. The housing authority claims to hold the largest stock of affordable housing in the city. The ransomware attack caused disruptions to the organization’s systems. Additionally, the LockBit…
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new ransomware warning system to help protect critical infrastructure organizations in the United States. This initiative, named “Shields Up,” aims to provide these organizations with vital information and tools necessary to defend against the growing threat of ransomware attacks. Through the use of automated threat…
Technology firms are grappling with an increased number of cyberattacks as threat actors become more sophisticated and exploit vulnerabilities in digital infrastructure. This surge in cyberattacks has led to growing concerns among companies, prompting them to invest heavily in cybersecurity measures to protect their networks and sensitive data. The rising threat landscape includes ransomware attacks,…
A recent surge in phishing attacks that successfully bypass multi-factor authentication (MFA) has been traced back to a new type of software for sale on the black market. This software allows cybercriminals to bypass one of the most widely used security measures, putting both individual users and businesses at risk. The software exploits a vulnerability…
A Taiwanese state-owned military developer has revealed five new types of military drones on Tuesday as the island nation looks to improve its asymmetric warfare capabilities against China’s military threats. The eight types of locally developed unmanned aerial vehicles were revealed at the National Chung-shan Institute of Science and Technology on Tuesday, five of the…
Ukraine and Russia have both reported inflicting heavy losses in the battle for Bakhmut. Moscow has been attempting to take control of the eastern Ukrainian city for months. Ukrainian President Volodymyr Zelensky has said Russian forces have lost over 1,100 soldiers in the past few days with many more seriously injured. Russia has stated it…
The United Nations refugee agency has warned of the worsening humanitarian situation in the eastern Democratic Republic of the Congo. Fighting between the DRC government forces and armed groups have forced hundreds of thousands of people to flee the country. The violence has prompted nearly 300,000 people to flee across the Rutshuru and Masisi territories…
The US Transportation Security Administration has announced that it will require airport and aircraft operators to improve their cybersecurity resilience in order to protect against threats to the aviation sector and other critical infrastructure. The cybersecurity requirements were issued via an emergency amendment and seek to mitigate persistent threats. Now, airport and aircraft operators are…
In the border city of Matamoros, Mexico, a splitter group of the Gulf Cartel, called the Scorpions Group has apologized for kidnapping four US citizens last week. In the kidnappy, two of the US citizens were killed. The cartel has since turned over five men it claims are responsible. A letter was left with the…
Israeli protests have blocked roads and attempted to stop the prime minister from flying out of the country. There have been nationwide demonstrations against judicial reforms at the same time that these protests began. Vehicles blocked traffic in roads that access Ben Gurion airport, where Benjamin Netanyahu is due to fly to Rome. The weeks-old…
The Taliban governor of Afghanistan’s Balkh province has been killed by an explosion in his office. The governor is the most senior official to be killed since the Taliban returned to power in 2021. Violence has decreased sharply, but pro-Taliban figures and others have been killed in a string of attacks, many claimed by Islamic…
Mali’s military rulers claim they did not force France to remove its soldiers from their country. France withdrew their troops last year after a nine-year military operation in the country to fight armed groups. After the French forces left the country, Mali’s rulers brought in Russia’s Wagner group to support government soldiers. Last month, the…
Protestors gathered and clashed with police in Tbilisi, the capital of Georgia, after parliament supported a controversial draft law. Critics claim this law limits the freedom of the press and suppresses civil society. Riot police used pepper spray and water cannons to disperse the crowds outside the parliament building. The government said 50 police officers…
Japan was forced to blow up its new rocket after a failed launch on Tuesday. This launch failure set the country back in its efforts to join in the market led by Elon Musk’s SpaceX. Japan’s space agency had to send a self-destruct command to the H3 rocket after its second stage engine failed minutes…
On Tuesday China’s new foreign minister wanted that conflict and confrontation with the United States is inevitable if Washington doesn’t change course. The rebuke of US foreign policy was wide ranging and stern. Qin Gang was previously the Chinese ambassador to the US, building up a reputation for being careful and accomplished as a diplomat.…
The Hospital Clinic de Barcelona located in Spain reportedly suffered from a ransomware attack over the weekend that crippled the center’s computer systems, took services offline, and forced the cancellation of 150 non urgent operations and 3,000 patient check ups, among other consequences. The attack was resulted in computers at the facility’s lab, emergency room,…
Cybersecurity firm Proofpoint has released information regarding a highly sophisticated Russian disinformation campaign involving fake comments or acts on videos the threat actors claim to be high-profile Russian individuals. The researchers stated that they have been tracking the malicious email campaign, purported by the Russia-aligned group TA499, to understand the context of the disinformation. The…
A Brazilian conglomerate has suffered from a data breach in which several terabytes of corporate and employee information was stolen by a hacking group known as the Dark Angels. The company, Andrade Gutierrez, has allegedly not acknowledged the cyber incident since it occurred. Andrade Gutierrez is one of the largest engineering firms in its region…
According to recent research from Kaspersky, roughly two of every five operational technology computers utilized in industrial settings have been impacted by malware in 2022. Kaspersky released a report this week highlighting the increase in OT computers affected by malware between the first and second half of the year. Kaspersky stated that it observed a…
On Monday, German police confirmed that they had successfully disrupted an international cybercrime gang known to blackmail large companies and institutions over the past several years. The German authorities stated that the cybercriminals profited millions of euros from the scheme, victims of which include Duesseldorf University Hospital. The German police worked alongside other law enforcement…
Last week, the City of Oakland released a statement confirming that it suffered from a ransomware attack that breached municipal government networks last month that continues to have lasting effects and disruptions. The hackers have begun releasing the data that they stole. The City released a statement apologizing for the incident and confirming that it…
Taiwan is on alert this year for a sudden entry by China’s military. Tensions are continuing to rise and areas close to Chinese territory may be at risk for sudden entry. China has increased its military activities around Taiwan, including almost daily air force incursions into the island’s air defense identification zone. Taiwan has not…
NIne security officers were killed during a suicide attack on Monday in southwest Pakistan in the Balochistan province when the officers were returning to the provincial capital Quetta. At least 13 others were wounded in the attack which occurred after the security officers were policing a festival. A police truck was crushed and overturned in…
Salt Security has discovered several flaws that lie in the implementation of the Open Authorization login feature used by the popular online travel agency platform Booking.com. According to Salt Security, the vulnerabilities could affect users logging into the site through their Facebook accounts. Additionally, the flaws could allow for both large scale account takeover and…
The US Cybersecurity and Infrastructure Security Agency (CISA) published a new advisory earlier this week warning organizations of the Royal Ransomware group. The Royal Ransomware group is believed to use its own custom-made file encryption program in its attacks, the CISA says. The FBI also collaborated on the advisory, which is designed to advise organizations…
A partial evacuation has been ordered for Kupiansk in Ukraine after Russia is seeking to retake the city. Families with children and people with limited mobility were told to leave due to shelling by Russian forces. Russia had taken control of the city in the north-east early on in the invasion, but Ukraine had recaptured…
WH Smith, a British stationary brand and book chain, revealed that it was impacted by a cyberattack that resulted in the theft of company data. The company revealed that the data accessed by attackers included former and current employee data such as names, addresses, dates of birth, and national insurance numbers. WH Smith stated that…
Trezor, a cryptocurrency hardware firm, has acknowledged an ongoing phishing campaign that is targeting its customers. The phishing messages are designed to trick customers into granting the attackers access to their wallets and are delivered via phone call, text, and email. To invoke urgency, the phishing emails state that the target’s account has been impacted…
Informing your decisions with actionable intelligence
Informing your decisions with actionable intelligence