Start your day with intelligence. Get The OODA Daily Pulse.

Home > OODA Analysis and Briefs

Analysis

  • Unrestricted Warfare

    The following selections are taken from “Unrestricted Warfare,” a book published in China in February 1999 which proposes tactics for developing countries, in particular China, to compensate for their military inferiority vis-à-vis the United States during a high-tech war. The selections include the table of contents, preface, afterword, and biographical information about the authors printed…

Briefs

  • Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium

    Microsoft has announced that it disrupted a Russian-state backed threat group that is believed to have run espionage campaigns against several different NATO countries. According to the tech giant, the prolific hacking group that is identified by the name “Seaborgium” focuses most of its attacks on entities located in the US and UK. In addition,…

  • Last French troops leave Mali, ending nine-year deployment

    France has announced that its final troops have left Mali, completing a withdrawal after a nine-year operation in the country. The operation was at the center of the Sahel region’s security crisis. On Monday, the French army said it had completed the logistical challenges of the pullout and it was completed in an orderly and…

  • Russia blames sabotage for new Crimea blasts

    A week after a Ukrainian attack on a Russian military base in Crimea, a series of explosions hit an arms store on another depot. Russian officials first said a fire caused the blasts in the Dzhankoi area, but then blamed sabotage.  A separate fire broke out at a power substation and a railway  was damaged.…

  • Chinese research ship Yuan Wang 5 docks at Sri Lanka’s Hambantota port

    Despite security concerns by India about the vessel’s presence, a Chinese research ship docked at a southern Sri Lankan port. The port workers at Hambantota gave the Tuan Wang 5 an enthusiastic welcome. The ship’s arrival has created tensions between New Delhi and Beijing.  New Delhi and Beijing have both  spent billions of dollars on…

  • How Blockchain is Disrupting Secure Messaging

    Blockchain is evolving into a new foundation for the internet. What began as a closed web is transitioning into an open source system driven by decentralized systems. Every sector is now adopting this technology to better serve its customers. Social communication, in particular, is seeing a lot of promise from blockchain solutions. Popular messaging apps…

  • Trust, transparency and reliability are keys to Web3 success

    Web3 is on the horizon and will likely have a large effect on the cybersecurity field. But what exactly is it — and what are the implications of this latest iteration of the internet for organizations? It’s perhaps easiest to describe Web3 by contrasting it with its predecessors, Web 1.0 and Web 2.0. Web 1.0 refers to…

  • Network and token freeze after Acala exploit raises questions

    The Acala Network’s aUSD stablecoin depegged by over 99% over the weekend and forced the Acala team to pause a hacker’s wallet, raising concerns about its claim of being decentralized. On Sunday, a hacker took advantage of a bug on the iBTC/aUSD liquidity pool which resulted in 1.2 billion aUSD being minted without collateral. This…

  • What the Inflation Reduction Act Means for Cryptocurrency Regulation

    For the crypto industry, many are looking for 2022 to be the year of comprehensive regulatory and legislative clarity regarding crypto assets for the United States. Indeed, President Biden’s Executive Order earlier this year actually mandated and directed federal agencies to provide this kind of clear, ordered, and meaningful guidance. We’ve seen in the past that…

  • BlueBenx fires employees, halts funds withdrawal citing $32M hack

    BlueBenx, a Brazilian crypto lending platform, reportedly blocked all of its 22,000 users from withdrawing their funds following an alleged hack that drained $32 million (or 160 million Brazilian real). While no details about the hack were made available, the company allegedly laid off most of its employees. BlueBenx joins the growing list of crypto companies…

  • Taliban celebrates ‘victory day’, as Afghans face economic crisis

    The Taliban has marked the first year anniversary  of its return to power in Afghanistan. Taliban members celebrated the “day of victory” in the capital, Kabul. The group captured Kabul in a lightning offensive against government forces as US-led troops were leaving the country after two decades of intervention.  Exactly one year ago, on August…

  • Ukraine hits Russian Wagner mercenary HQ in east

    A headquarters of the Russian Wagner paramilitary group of mercenaries has been hit by Ukrainian artillery in eastern Ukraine. Serhiy Hayday, Ukrainian governor of the Luhansk region, announced the attack in Popasna, however the details remain unclear, along with the number of casualties.  Wagner was deployed to Crimea and the Donbas region in 2014 in…

  • Raila Odinga and William Ruto await verdict in Kenya election

    The much-awaited presidential election in Kenya will have the results revealed shortly according to the electoral body. The electoral body are preparing for the declaration in the national tallying center in Nairobi.  In the latest count, Deputy President William Ruto has a narrow lead over ex-Prime Minister Raila Odinga. The final results are expected to…

  • Critical Infrastructure at Risk as Thousands of VNC Instances Exposed

    Security researchers have warned that several global organizations are vulnerable to remote compromise due to exposed Virtual Network Computing (VNC) instances. Security researchers at Cyble reported that more than 8,000 VNC instances are vulnerable to attack. The majority of the instances are managed by critical infrastructure organizations located across the world. This includes crucial facilities…

  • Suspected developer of crypto mixer Tornado Cash arrested

    The Dutch government agency responsible for investigating financial crimes said it has arrested an individual suspected of being a developer of the U.S.-sanctioned crypto mixing service Tornado Cash in a move that has rattled some crypto and privacy advocates. The Fiscal Information and Investigation Service said Friday that the arrested 29-year-old man is suspected to be…

  • Let Ugly Ducklings Grow: Why Crypto Needs a Safe Harbor

    Asked for his views on cryptocurrencies, Securities and Exchange Commission Chairman Gary Gensler likes to quote the poet James Whitcomb Riley, who wrote, “When I see a bird that walks like a duck and swims like a duck and quacks like a duck, I call that bird a duck.” The point of Gensler’s “duck test”…

  • Following Solana Wallet Hacks, Polkadot Ambassador And Hiro CTO Call For Action To Keep DeFi Safe

    Last week, millions of dollars were hacked from Solana’s ecosystem. While its blockchain wasn’t hacked directly, hackers were able to drain funds from Solana wallets. It’s still unclear exactly how the hackers were able to access the funds, but it appears that they were able to do so by uncovering users’ private keys. Private keys…

  • North Korean Cryptocurrency Hacking Poised to Get Even Worse

    Widening mainstream acceptance of cryptocurrency will intensify state-sponsored cybertheft by North Korea, potentially adding to the hereditary despotic monarchy’s billions of funds stolen through hacking, participants in a Washington think tank panel said. North Korean-controlled cybercrime groups have stolen more than $2 billion. Pyongyang has recently turned to cryptocurrency theft, including a more than $600 million…

  • Open source software is needed to prevent future crypto hacks, Polygon CISO says

    The pace of crypto hacks hasn’t slowed in the dog days of summer, with tens of millions of dollars stolen in August alone. As the crypto community carries on in the wake of the expensive exploits, many web3 users are biting their tongue waiting for the next big one to strike. On August 1, Nomad,…

  • Starlink Successfully Hacked Using $25 Modchip

    Earlier this week at the Black Hat security conference, Belgian researcher Lennert Wouters revealed how he can mount a successful fault injection attack on a terminal for SpaceX’s satellite-based internet system. The successful hack was conducted using a homemade circuit board that Wouters claims cost roughly $25 to develop. The satellite dish used to access…

  • Recovery From NHS Ransomware Attack May Take a Month

    Last week, a key NHS IT partner suffered from a ransomware attack that could take up to a month to recover from. The company, Advanced, operates several key systems for the health service. This includes clinical patient management and financial software. One of Advanced’s key healthcare clients is NHS 111, which is a phone and…

  • UK recession looms as households feel pain of soaring energy bills

    The economy in the UK may be starting to shrink and a new forecast is suggesting that the average annual energy bills could be as high as the equivalent of $6,000 next year. The country’s GDP dropped by 0.1% in the second quarter of this year and analysts believe the recession forecast by the Bank…

  • Germany suspends military mission in Mali amid diplomatic tension

    The local military-led government of Mali refused to give a United Nations peacekeeping mission fly-over rights on Friday. After this move, Germany has suspended most of its operations in the country until further notice. The operations included those of the reconnaissance forces and CH-53 transport flights.  Germany was prepared to participate in an international peacekeeping…

  • Drought hits Germany’s Rhine River: ‘We have 30cm of water left’

    Europe has been living through a long and hot summer, causing some of the major rivers on the continent to drop to significantly low levels. One river that has dropped significantly, posing problems for the people and businesses that rely on it, is the Rhine river in Germany. Several ferry services have been forced to…

  • Ukrainian nuclear plant facing ‘grave hour,’ UN watchdog says

    The situation at the Russian-occupied nuclear power plant in southeastern Ukraine has reached a “grave hour” according to the head of the United Nations’ nuclear watchdog. On Thursday, he called for an immediate inspection of the facility by experts. The Director General of the International Atomic Energy Agency (IAEA) warned that parts of the nuclear…

  • Crypto Exchange dYdX Blocked Accounts That Received Even Small Amounts From Tornado Cash

    Cryptocurrency exchange dYdX said it blocked user accounts with even a token link to Tornado Cash, the crypto-mixing service sanctioned Monday by the U.S. Treasury Department. The Treasury Department’s action led to a significant increase in accounts flagged by dYdX’s compliance provider, which is used to highlight accounts potentially associated with ransomware, malware, child sex…

  • Trend Micro calls out vulnerabilities in metaverse security development

    In a new report published by American-Japanese cybersecurity company Trend Micro, the firm said that the Metaverse possesses increasing vulnerabilities that could materialize within the next three to five years. As told by Trend Micro, the top threats to the sector, mainly from a regulatory standpoint, include NFT security concerns, the development of a “darkverse” similar…

  • Crypto and the US Government Are Headed for a Decisive Showdown

    If you have paid casual attention to crypto news over the past few years, you probably have a sense that the crypto market is unregulated—a tech-driven Wild West in which the rules of traditional finance do not apply. If you were Ishan Wahi, however, you would probably not have that sense. Wahi worked at Coinbase, a…

  • UN trade body calls for halting cryptocurrency rise in developing countries

    Although private digital currencies have rewarded some individuals and institutions, they are unstable financial asset that can bring social risks and costs, the agency warned. UNCTAD said their benefits to some are overshadowed by the threats they pose to financial stability, domestic resource mobilization, and the security of monetary systems. Cryptocurrencies are an alternative form of…

  • U.S. Attack On Crypto Mixers Threatens Collateral Damage To Privacy

    Aggressive U.S. moves to inhibit cryptocurrency mixing services employed by North Korean state-sponsored hackers are raising howls of opposition at home. The crypto community contends Washington is overreaching, preventing legitimate users from protecting their privacy and stifling software developers. On Monday, the U.S. Treasury forbade Americans to have any dealings with crypto mixer Tornado.cash, an…

  • Cisco Confirms Network Breach Via Hacked Employee Google Account

    Cisco Systems has confirmed that it suffered from a network breach after attackers were able to gain access to an employee’s VPN client via a compromised Google account. The network giant released a statement on Wednesday addressing the security incident. The attack occurred in May and was perpetrated by the Yanluowang ransomware group, according to…

  • DeathStalker’s VileRAT Continues to Target Foreign and Crypto Exchanges

    Threat actor DeathStalker is actively targeting cryptocurrency exchanges located around the world with the VileRAT malware, according to Kaspersky researchers. The researchers published an advisory just days ago in which the campaign is detailed. The campaign reportedly began in September 2020 but revamped its efforts in June 2022, leveraging the VileRAT toolchain. Since the campaign…

  • Suspected $3m Romance Scammer Extradited to Japan

    Interpol has reportedly launched a new awareness campaign in which they warn the public of the dangers of romance scams after arresting 15 individuals suspected of being involved in a major romance scam conspiracy. Interpol will launch a two-week global campaign in which is plans to highlight the role of money mules in modern crime.…

  • Crimea air base badly damaged, satellite images show

    There is major damage and many destroyed Russian warplanes at an airbase in Crimea after there were explosions there this week. The Saky base is in the west of Russian-ruled Crimea and experienced a series of explosions on Tuesday. Satellite images have revealed that the runways appear intact but eight aircraft may been damaged or…

  • Curfew declared in Sierra Leone’s capital Freetown amid violent anti-government protests

    In Freetown, Sierra Leone, hundreds of protesters took to the streets on Wednesday. The protesters were demonstrating against inflation and the rising cost of living in the country. The protests did grow violent at times and some protesters and security forces were badly injured.  Vice President Mohamed Juldeh Jalloh declared a nationwide curfew that began…

  • Defi Attacker Siphons $570,000 From Curve Finance, Crypto Exchange Fixedfloat Freezes 112 Ethereum

    Reports indicate that the decentralized finance (defi) protocol Curve was hacked for $570,000 in ethereum after people noticed that Curve’s front end was exploited. The attackers then tried to launder the funds via the crypto exchange Fixedfloat, and the trading platform’s team managed to freeze $200K worth of the stolen funds. Another defi hack was…

  • What To Expect From Ethereum Security and Privacy After the Merge

    As the Ethereum Merge draws near, a key factor that will determine its success is the relative security of the blockchain under a proof-of-stake (PoS) regime. Experts say that Ethereum’s PoS chain will maintain the network’s security but at much lower cost. In a proof-of-work (PoW) system, counterfeiting cryptocurrencies requires a singular miner to control more…

  • Slow Political Response Giving DeFi Hackers a Free Hand

    Decentralized finance (DeFi) hacks cost crypto investors more than $2 billion in the first six months of the year alone. That’s more than in all of 2021 — so why aren’t regulators and politicians focusing on them more? Those numbers could get a lot worse, according to crypto security firm CertiK. It predicts that losses could…

  • Protecting cryptocurrency assets in wake of the Solana Wallet hack

    Investors using “hot” or internet-connected crypto wallets on the well-known blockchain Solana came under attack from an unidentified bad actor shortly after cross-chain bridge Nomad became the target of a $200 million cryptocurrency heist. The incident has brought up numerous concerns regarding the security provided by both the Solana network and “hot” wallets, which are…

  • Criminals Laundered $540M Through RenBridge: Report

    Blockchain analytics firm Elliptic has claimed that over $540 million in illicit funds have been laundered through the decentralized cross-chain service RenBridge over the past two years. Elliptic’s vice president of policy and regulatory affairs, David Carlisle, has said that he expects regulators to start cracking down on cross-chain bridges in the next six months…

  • Sri Lanka’s ousted president seeking entry to Thailand after weeks in Singapore

    Gotabaya Rajapaksa, former Sri Lankan president, has requested to enter Thailand for a temporary stay. This marks the second Southeast Asian country Rajapaksa has attempted to enter after he fled his nation last month due to mass protests. The Thai foreign ministry reported the request on Wednesday. Rajapaksa entered Singapore on July 14 due to…

  • Kenyans Vote in Tight Race Amid Shifting Alliances and Struggling Economy

    In Kenya, voters headed to the polls on Tuesday to elect a new president and officials in a balanced presidential race between longtime allies that later turned into rivals. One of the candidates is associated with Kenya’s founding families and the other claims to represent the struggling working class. The day was marked by reminders…

  • China says Taiwan military drills are over after Pelosi visit

    China has announced that a week of military drills that occurred around Taiwan are finished following Nancy Pelosi’s visit to the self-governing island. China’s military announced that the sea and air operations were successful. These groups have vowed to keep patrolling the Taiwan Strait, threatening Taiwan’s sense of autonomy. Nancy Pelosi’s trip incentivized Beijing to…

  • Record rainfall kills at least 9 in Seoul as water floods buildings, submerges cars

    This week, the South Korean capital of Seoul experienced record downpour that flooded homes, roads, and subway stations. So far, the natural disaster has killed at least nine people. Weather forecasters have warned that the flooding is not over yet, and more rain is expected to fall later this week despite easing up on Wednesday.…

  • Report Provides Updates on July’s Maui Ransomware Incident

    Cybersecurity researchers at Kaspersky have published a new advisory that reveals technical details and additional findings regarding a ransomware incident that was address by the Cybersecurity and Infrastructure Security Agency in July. The attack leveraged the Maui ransomware and was first identified by the CISA in May 2021. However, the Kaspersky report suggests that the…

  • Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

    Microsoft has patched a zero-day vulnerability that is reportedly over two weeks old. The vulnerability has been dubbed Dogwalk and is actively being exploited in the wild. Alongside Dogwalk, the August Patch Tuesday released by Microsoft this week addresses 121 CVEs total, including 17 critical bugs. Dogwalk is tied to a Microsoft Windows Support Diagnostic…

  • Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs

    The U.S. Treasury has reportedly issued sanctions on Tornado Cash, a virtual currency mixer, for laundering more than $7 billion in cryptocurrency derived from criminal activity. According to US officials, at least $455 million of that figure was move for the Lazarus Group, which is known to be sponsored by North Korea. The funds may…

  • What will cryptocurrency market look like in 2027? Here are 5 predictions

    The year is 2027. It’s a time of great innovation and technological advancement, but also a time of chaos. What will the crypto market look like in 2027? (For those unfamiliar, that’s a line from the 2011 video game, Deus Ex.) Long-term predictions are notoriously difficult to make, but they are good thought experiments. One year…

  • Why education is key to halting hacks like the $190M Nomad exploit

    Following the loss of almost $200 million in a security exploit on crypto protocol Nomad, security experts insisted that more education and security protocols are necessary for protecting web3 communities from hackers. “The crypto ecosystem is currently in a nascent stage of adoption,” Nick Percoco, chief security officer at Kraken, said to TechCrunch. “Despite the…

  • How Secure Is the Ethereum Sitting in Your MetaMask Wallet?

    It’s been an unrelenting week for MetaMask developers. Reacting to the news that $4.5 million worth of funds had been drained from thousands of software wallets on Solana, the team behind MetaMask far and away the most popular software wallet for Ethereum and Ethereum-compatible networks combed through the wallet’s codebase to make sure users would…

  • North Korea’s increasing use of crypto heists to fund nukes worries US

    North Korea is increasingly using its crypto heists to fund its nuclear weapons program, worried U.S. officials say. “I’m very concerned about North Korea’s cyber capabilities,” Anne Neuberger, the Biden administration’s deputy national security adviser for cyber and emerging technology, said recently during an event hosted by the Center for a New American Security (CNAS). “They…

  • Email marketing firm hacked to steal crypto-focused mailing lists

    Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers. Klaviyo says the breach occurred on August 3rd after hackers stole an employee’s login credentials in a phishing attack. These login credentials were then used to access the employee’s account and internal Klaviyo…

  • TODAY! OODA in Vegas: BSides Las Vegas Starts Today (Virtual Access Streams Available)

    Cybersecurity Community Events in August – Las Vegas, NV: OODA team members will attend the following August event in Las Vegas.  If you plan to attend, please reach out with opportunities to connect with the OODA Loop community.

  • Israel Reopens Gaza Crossing as Cease-Fire Holds

    On Monday, Israel reopened the Kerem Shalom crossing, allowing trucks carrying fuel and vital goods to enter into Palestinian areas after a cease-fire was agreed upon. The cease-fire ended three days of intense fighting during which Palestinians endured casualties. Kerem Shalom is the only commercial crossing located in Gaza, and its reopening is expected to…

  • Russia Says it Won’t Allow U.S. Inspection for Now of Its Nuclear Weapons

    On Monday, Moscow stated that it will not support the resumption of inspections at its nuclear arsenal. The resumption of inspections was discussed due to the New START treaty over travel restrictions imposed by the US. The accord requires that Russia halt the production of long-range nuclear arms and is the last major agreement that…

  • German diplomat arrested in Brazil for alleged murder of husband

    German Consul Uwe Herbert Hahn is currently being held in custody under orders from a Brazilian Judge due to claims that Hahn murdered his husband in Rio de Janeiro. The orders deny defense claims of diplomatic immunity. Rio police took Hahn into custody on Saturday after Walter Henri Maximilien Biot, Hahn’s husband, was found dead…

  • Phishers Swim Around 2FA in Coinbase Account Heists

    Threat actors are evading two-factor authentication and deploying other clever strategies in a recently observed phishing campaign targeting Coinbase users. Security researchers have found that attackers are spoofing the cryptocurrency exchange Coinbase to trick users into logging in. After the login, the attackers record the password and username and eventually use the information to drain…

  • Meta Takes Action Against Cyber Espionage Operations Targeting Facebook in South Asia

    Meta has reportedly taken action against two cyber espionage operations located in South Asia and known as APT36 and Bitter APT. The company confirmed the actions in its latest quarterly threat report, published last Thursday. In the report, the risks identified by Meta across the world are discussed. Meta detailed multiple policy violations, including those…

  • Smishing Attack Led to Major Twilio Breach

    Researchers have identified a smishing attack that resulted in a data breach at communications API developer Twilio. As a consequence, an unknown number of customer accounts were accessed by hackers. Current and former Twilio employees were reportedly targeted by SMS-based phishing messages that appeared to come from the firm’s own IT department. Due to the…

  • Revolut unveils cryptocurrency service in Singapore amidst possible new restrictions

    Revolut has launched its new cryptocurrency service in Singapore despite warnings of potential new restrictions facing the industry. The government is currently considering adding more regulations to retail crypto trading within the country, concerned about the volatility of certain coins. The UK-based fintech company Revolut stated that it plans to offer its services responsibly, helping…

  • $200,000 worth of crypto stolen by hacking into tech CEO’s iCloud account

    In a high-profile hack on Saturday, Steven Galanis, the co-founder and CEO of the Cameo app, said that he was the victim of a crypto hack. Galanis tweeted that he had lost several NFTs, including one Bored Ape, and over $70,000 worth of cryptocurrency. While he said that the hack had taken place through his…