Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Home > OODA Analysis and Briefs
According to a new report published by US security companies Cyderes and Stairwell, ransomware affiliates are experimenting with new data destruction capabilities aimed to evade detection and increase the chances of a payout. In addition, the techniques and tactics could minimize the opportunities for the development of a Decrypter. The attackers are leveraging a tool…
Hacktivist group Anonymous claims to have leaked the personal data of roughly 300,000 individuals mobilized by the Russian government to fight against Ukraine. The group posted a message to Twitter last week alleging that it was able to hack into the website of the Russian Ministry of Defense and leak the data. These individuals are…
Cyber mercenary group Void Balaur has continued to expand its offerings, including hack-for-hire campaigns. The group has allegedly suffered from disruptions to its online advertising personas but is powering through the setbacks. SentinelLabs recently published an advisory that was unveiled at LABScon last Thursday. The report was written by senior threat researcher Tom Hegel. Void…
Over the last two years, non-fungible tokens, commonly known as NFTs, have entered the mainstream as global brands, entertainment companies, sports leagues and others have created (or “minted”) NFTs of a variety of digital works, in many cases attached to “real world” benefits. If your company is presented with an opportunity to take advantage of NFTs,…
Ethereum coin mixer Tornado Cash is now back on software hosting website GitHub. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) last month blacklisted Tornado Cash, which allows users to anonymously send and receive Ethereum. American citizens are now banned from interacting with the app, which pools together transactions to obscure their…
The Defense Advanced Research Projects Agency (DARPA) has contracted digital asset data and analytics provider Inca Digital to research national security risks posed by cryptocurrency. DARPA, the research and development agency of the U.S. Department of Defense, plans to analyze activity related to financial applications of distributed ledgers. The agency has awarded Inca Digital a…
Blockchain hacking is not impossible, but it’s really not easy. Have you ever heard that the Bitcoin blockchain was hacked and seriously lost its function, even temporarily? If that had happened, Bitcoin would have already been destroyed. Hacking a good blockchain is almost possible, but only in fiction. However, it is not easy to argue…
The Brazilian Federal Police and the Brazilian tax authority have launched the final stage of “Operation Colossus,” a movement that has executed hundreds of court orders against cryptocurrency exchanges, arbitrage agents, and fake companies in four states of the country. 158 government officers, including 130 federal policemen, were involved in this operation, effecting search and…
Singapore Telecommunications Optus announced yesterday that it was investigating unauthorized access of customer data. The Australian unit of the telecoms firm allegedly suffered from a cyberattack that was halted before customer payment details and account passwords were stolen. However, roughly 9.7 million subscribers could have had other personally identifiable information exposed, such as home addresses,…
A new mini-budget has been unveiled in the British parliament that intends to cut taxes and energy bills while driving economic growth. This is the most significant tax cut since 1972. The new finance minister Kwasi Kwarteng proposed the new budget and it will see cuts to national insurance, stamp duty and the top tax…
71 migrants’ bodies have been found after a boat carrying them sank off Syria’s coast. 20 survivors are being treated in a hospital in the city of Tartus in Syria. Lebanese, Syrian and Palestinian nationals were believed to be on board when the boat snak on Thursday. A rescue attempt is ongoing and it is…
Another 11 suspected cases of Ebola have been reported by Uganda’s Ministry of health as of Tuesday. The ministry has also identified one probable Ebola-related death, a one-year-old. Samples for the one-year-old and 10 other suspected cases are being tested at the Uganda Virus Research Institute. As of Tuesday night, six probable cases, 11 suspected…
As the Ethereum merge fades into the background, and even the potential disruption caused by the ETHPoW has seemed to fizzle out, several questions have come back to forefront; how should crypto be regulated? Which regulatory agency should have the authority to decide this, and how will said regulation come about? In testimony delivered only hours…
Just what are the “cool kids” up to these days? Creating, marketing, and selling NFTs (and if you call them “non-fungible tokens” and not NFTs, you are most definitely not cool). It has only been about 18 months since Twitter founder Jack Dorsey’s first tweet sold as an NFT for $2.9 million. And the total…
Three things make cryptocurrencies unique: decentralisation, scalability and security. Firstly, cryptos can function without a central governing body. They can also scale enough to challenge fiat currencies. And finally, they employ one of the highest forms of security available to humankind: cryptographic encryption. In this article, we will learn about a concept at the heart…
Most crypto investors probably never heard of Wintermute Trading before the Sept. 20 $160 million hack, but that does not reduce their significance within the cryptocurrency ecosystem. The London-based algorithmic trading and crypto lending firm also provides liquidity to some of the largest exchanges and blockchain projects. As a crypto-native trading firm, meaning digital assets have…
Cryptocurrencies are dangerous “Ponzi schemes” that put billions of dollars at risk every year, JPMorgan CEO Jamie Dimon declared in a scathing review of the volatile digital assets. In congressional testimony on Wednesday, Dimon referred to himself as “a major skeptic” on cryptocurrencies like Bitcoin. “They are decentralized Ponzi schemes, and the notion that’s good for anybody…
Twitter has fixed an issue that allowed accounts to stay logged in on multiple devices even after resetting their passwords. This means that if an unauthorized party was able to gain access to a user’s Twitter account, they would remain logged in even after the user reset their password and logged out. The user who…
According to a new report released by the FBI and Cybersecurity and Infrastructure Security Agency (CISA), Iranian hackers were able to remain undetected inside an Albanian government network for 14 months. At the end of this time period, the hackers deployed destructive malware. The hack resulted in Albania severing diplomatic ties with Iran, marking the…
In the worst unrest in Tehran in years, there have been battles between Iranian police and anti-government protesters. The protests, on their seventh day, are continuing in many other cities as well as Tehran. The protests were sparked by the death of a woman detained by morality police. Activists say eight protesters were shot and…
Lines have appeared along Russia’s border as men attempt to flee the country after a military call-up for the war in Ukraine. Russian President Vladimir Putin announced a partial military mobilization on Wednesday. This mobilization could see 300,000 people summoned to serve in the war. Russia says the claims for fighting-aged men fleeing are exaggerated.…
Payment authorization fraud is targeting online banking customers, according to experts. In fact, security experts say that most online banking fraud occurring today is a result of customers being duped into paying scammers who are posting as a trusted entity. The scammer convinces the target that they a legitimate entity and eventually tricks the victim…
The Australian Securities and Investments Commission has bolstered it cryptocurrency team as it looks to regulate more digital assets by classifying them as financial products, a move that would make selling them to Australians more difficult. Asic has yet to decide whether to classify Ethereum, the second most popular cryptocurrency after bitcoin, as a financial product…
As crypto ownership becomes more and more common, holders will need to think about how they protect and hold their assets. The safest option is storing cryptocurrency in a personal wallet. Crypto wallets are programs that allow users to store, send and receive cryptocurrency. Each wallet has a private key that allows the wallet to be…
The Twitter account of the Indian crypto exchange CoinDCX was hacked on September 20. The intruders posted fake Ripple (XRP) promotions embedded with phishing links in an attempt to scam users. “Today, we are pumping XRP. To support our community, we are announcing a 100,000,000 XRP GIVEAWAY. Please note you can receive a bonus once.…
On September 19, Arbitrum, one of the most popular Layer 2 solutions for Ethereum, paid 400 ETH (about $560,000) to a white hat hacker who found a potential vulnerability in its code. The white hat hacker, known on Twitter as Riptide, finds vulnerabilities within smart contracts written in Solidity. Riptide said the “multi-million dollar vulnerability” could…
The American state of Colorado now accepts cryptocurrency for tax payments, Gov. Jared Polis announced on Monday. The option is already available on the state Department of Revenue website. Colorado tax payments are accepted through the PayPal Cryptocurrency Hub with service fees of $1.00 plus 1.83% of the payment amount. Payments are accepted only from personal…
On Tuesday, the World Health Organization confirmed that Uganda has declared an outbreak of Ebola after a case of the Sudan strain was confirmed in the country. The Sudan strain is relatively rare and was identified in a 24-year-old man in the Mubende district. Health authorities in Uganda identified the sample after investigating six suspicious…
Spell-check features in both Google Chrome and Microsoft Edge are reportedly responsible for leaking sensitive user information such as username, emails, and passwords to Google and Microsoft. Specifically, the data is harvested when consumers fill in forms on popular websites and cloud-based enterprise apps. The issue was identified by security firm Otto JavaScript Security. According…
US-based video game publisher 2k has warned players not to click on links received by its help desk in the past few weeks. According to the company, its helpdesk has been breached and the links delivered to its users are fake. The firm released a brief statement on Twitter addressing the risk and stating that…
According to a new report from the Identity Theft Resource Center, roughly 40% of US consumers have had their information stolen or compromised within the past year. The research consisted of polling 1371 consumers to determine the rate of repeat identity crimes and data breaches impacting consumers. The study found that the number of repeat…
A new vulnerability has been disclosed in the Oracle Cloud Infrastructure. According to security researchers at Wiz, the flaw could allow unauthorized access to cloud storage volumes of all users. Therefore, the vulnerability violates cloud isolation. The security flaw has been dubbed AttachMe by researchers and was detailed in an advisory posted by Wiz earlier…
Fumio Kishida, Japanese Prime Minister, has called for reforms after he expressed disappointment in the United Nations Security Council’s failure to respond to Russia’s invasion of Ukraine. The reforms he called for would allow the UN to better defend global peace and order. The reform proposed addresses the system that gives five states, including Russia,…
At least 17 children were wounded and six children were killed in Myanmar when army helicopters shot at a school on Friday. The military said it opened fire because rebels were using the school building to attack its forces. The military admitted to opening fire on the school on Tuesday, however, rejected accusations that it…
Earlier this week, Palestinian Authority security forces reportedly clashed with armed groups protesting unrest in the city of Nablus. The individuals were reportedly throwing stones as the unrest has intensified in the West Bank amid a series of Israeli raids and arrests of militants. The conflict left at least one Palestinian dead, and could be…
Five people have died at the hands of Iranian security forces due to protests that erupted over the death of female prisoner Mahsa Amini. Amini was being held in police custody for roughly a week before her death, which Iranian authorities have classified as a heart attack. Human rights monitor Hengaw Organization for Human Rights…
Fintech giant Revolut has reportedly suffered from a serious data breach that may impact 50,000 customers. According to the company, the attack was highly targeted and the attacker was only able to access 0.16% of customers’ data. In addition, the attacker was not able to conduct the attack for an extended period of time. Revolut…
American Airlines has released a statement confirming that it suffered from a data breach that affected employee inboxes in July. The data breach occurred over the last several days and begun with a phishing attack that led to the unauthorized access. American Airlines stated that the threat actor was able to view a limited number…
Take-Two Interactive Software subsidiary Rockstar Games has confirmed that an unauthorized third party has downloaded files and videos belonging to the company’s flagship game, Grand Theft Auto 6. The hacker allegedly posted a trove of video clips to an online forum this weekend. The data, which contained more than 90 video files, has since been…
Starbucks has confirmed that customers in Singapore have been impacted by a data leak that exposed personal data such as names, birthdates, and mobile numbers. Starbucks stated that credit card details and passwords were not affected, however, it urged its customers in Singapore to change their passwords. The coffee chain released an email notification to…
Uganda has declared an outbreak of Ebola after a case of the Sadan straine was confirmed in the country according to the World Health Organization on Tuesday. The case was confirmed after testing a sample from a 24-year-old man in the Mubende district of the country. The Ugandan health authorities investigated six suspicious deaths in…
The TMS300 CS water tank management system produced by Irish building materials company Kingspan is vulnerable to attack, according to security researchers. The management system is used in critical infrastructure locations across the world and enables the user to view tank level information via a screen, web server, application, online portal, or email. In addition,…
Thirteen people have been killed and others wounded in a series of explosions that hit the separatist-run city of Donetsk in eastern Ukraine. The mayor of the city, Alexei Kulemzin has blamed Ukrainian shellfire for the deaths. Donetsk has been controlled by Russia’s sponsored authorities since 2014 Independent confirmation of the attack is difficult in…
Retired army general José Rodríquez Pérez was arrested by Mexico in relation to the disappearance of 43 students in the city of Iquala eight years ago. The news was announced by the Deputy secretary of security on Thursday, however he did not specify any of the allegations against Rodríguez. A total of four arrest warrants…
Cybersecurity agencies that are located in the US, UK, Australia, and Canada have warned that Iranian state-sponsored hackers are exploiting Log4j vulnerabilities in ransomware campaigns. The alert was published earlier this week and claims that the Islamic Revolutionary Guard Corps (IRGC) was responsible for multiple attacks that leveraged the VMware Horizon Log4j vulnerabilities on unprotected…
Uber has reportedly been breached again after a threat actor claimed to have accessed its email and cloud systems as well as its internal Slack account and HackerOne tickets. The attack was announced last week and could have major effects on the ride-share company. The hacker allegedly sent screenshots to news outlets and security companies…
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added six previously identified flaws to its Known Exploited Vulnerabilities Catalog. The addition was made last week, and the vulnerabilities are a frequent attack vector for threat actors, the agency stated. The CISA also noted that the flaws, although old, post a significant risk to the…
Security firm Cybereason have suggested that threat actors could exploit Notepad++ plugins to get around security mechanisms and achieve persistence on the victim’s machine. Security researcher by the name RastaMouse was able to provide a demonstration showing how a malicious plugin could be used as a persistence mechanism. Cybereason released an advisory pertaining to the…
The number of websites promoting cryptocurrency giveaway scams to lure gullible victims has increased by more than 300% in the first half of this year, targeting mostly English and Spanish speakers using celebrity deepfakes. Security researchers at cybersecurity company Group-IB have identified more than 2,000 domains registered in 2022 specifically for this purpose. A report published today…
If all’s gone according to plan, the Ethereum (CRYPTO: ETH) Merge should officially be complete this morning. If you’re unfamiliar, the Ethereum Merge refers to the crypto’s transition from a proof of work (PoW) protocol to a proof of stake (PoS) protocol. We won’t take a deep dive into the details of the transition here.…
The Biden administration is moving one step closer to developing a central bank digital currency, known as the digital dollar, saying it would help reinforce the U.S. role as a leader in the world financial system. The White House said on Friday that after President Joe Biden issued an executive order in March calling on…
The White House has today released a “First-Ever Comprehensive Framework for Responsible Development of Digital Assets” outlining the conclusions and recommendations of various federal agencies after six months of studying the crypto industry. The directive to research crypto was given in President Biden’s executive order, signed in March this year. Like the executive order, today’s “Comprehensive…
A recent investigation conducted by Digital Citizens Alliance and brand protection firm White Bullet has found that sites containing pirated movies, and potentially malware, poses a risk for enterprises and work from home employees. The investigation found that most pirate sites actually generate a substantial portion of their revenues by infecting devices with malware. The…
According to cybersecurity researchers at Kaspersky, threat actors have launched a campaign against YouTube users leveraging the RedLine information stealer. The cybersecurity company published an advisory warning about the campaign earlier this week. RedLine was discovered in March 2020 and is one of the most common Trojans utilized by hackers to steal passwords and credentials.…
Yesterday, Uber posted on Twitter confirming that it was dealing with a cybersecurity incident. Security researchers have stated that it seems like Uber may have been breached again after a threat actor reportedly accessed the company’s email and cloud systems. In addition, the hackers may have breached Uber’s code repositories, internal Slack account, and HackerOne…
Germany has taken control of the German side of operations of a Russian oil firm, Rosneft, to secure energy supplies. Energy supplies have been largely disrupted since Russia’s invasion of Ukraine. Rosneft’s German subsidiaries account for approximately 12 percent of the oil refining capacity in the country and were placed under the trusteeship of the…
Chinese leader Xi Jinping and Russian President Vladimir Putin will sit down with other Asian leaders at a summit in Central Asia on Friday. At this summit, the two leaders are expected to present a united front against the United States and its allies. The two countries have a “no-limits” relationship, however, there are differences…
Flash floods hit the Italian region of Marche overnight and have killed at least 10 people. The torrential rain fell late on Thursday night and caused rivers and streams to overflow. The rivers inundated coastal towns around the regional capital of Ancona. Approximately 16 inches of rain were recorded over the course of a few…
Days after Izyum was re-taken from Russia by Ukraine, Ukraine has announced that it has found hundreds of graves outside of the city. The graves were marked with wooden crosses, most were marked with numbers, and were found in a forest outside the city by Ukrainian forces. Authorities are planning on exhuming some of the…
With smart contracts’ rapid growth, IT leaders should understand the role those contracts could play within an enterprise technology ecosystem. Smart contracts on blockchain have the potential to streamline certain business processes and some business and IT leaders are looking at the potential use cases, such as in the area of advertising and healthcare. But smart…
Informing your decisions with actionable intelligence
Copyright © 2025 — All Rights Reserved.
Notifications
Informing your decisions with actionable intelligence