Allan Friedman is a senior strategist at CISA (the Cyber Security and Infrastructure Security Agency) where he coordinates all of their cross-sector activities on the topic of SBOM: The Software Bill …
The Latest Developments from DARPA’s AIxCC and NATO’s DIANA
As we discussed at OODAcon 2023, historically unprecedented technological disruption is now well underway on an exponentially accelerated timeline. The challenge now is activating positive outcomes …
Continue Reading about The Latest Developments from DARPA’s AIxCC and NATO’s DIANA
Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency
The US cybersecurity agency CISA issued an alert cautioning organizations about the exploitation of the Adobe ColdFusion vulnerability, CVE-2023-26360, initially patched in March 2023. Recent …
Continue Reading about Adobe ColdFusion Vulnerability Exploited in Attacks on US Government Agency
GAO: Federal Agencies Yet to Fully Implement Incident Response Capabilities
The Government Accountability Office (GAO) reported that among 23 federal agencies, only three have fully implemented event logging requirements for incident investigation and remediation. As of …
Continue Reading about GAO: Federal Agencies Yet to Fully Implement Incident Response Capabilities
Cyberattack on Pennsylvania Water Authority Disrupts OT Gear
The Aliquippa Municipal Water Authority, located in Pittsburgh, experienced a cyber attack this weekend. One of its booster stations was hacked by an Iranian-backed cyber group. The threat group is …
Continue Reading about Cyberattack on Pennsylvania Water Authority Disrupts OT Gear
Shields Ready: Critical Infrastructure Security and Resilience
CISA's recently launched Shields Ready campaign complements the Shields Up! campaign which we have featured many times here at OODA Loop - specifically on long holiday weekends, when cyber attacks are …
Continue Reading about Shields Ready: Critical Infrastructure Security and Resilience
A Model for Cybersecurity Threat Sharing: Embracing the USA PATRIOT Act & FinCEN
As cyber threats continue to evolve, the quest for an effective threat-sharing mechanism grows increasingly urgent. The industry lacks consensus, however, on a robust foundation for this endeavor. …
US Government Issues Guidance on SBOM Consumption
The US cybersecurity agency CISA, the NSA, and the Office of the Director of National Intelligence (ODNI) have issued new guidance for software vendors and suppliers to enhance the security of the …
Continue Reading about US Government Issues Guidance on SBOM Consumption
Cognitive Infrastructure Worldwide is Under Attack in “the Worst Cognitive Warfare Conditions since WWII”
What should the U.S. learn from some of the challenges faced by the cognitive infrastructure of other countries? Following are global updates (since our initial analysis over the course of 2022) of …
The Global Polycrisis: The Middle East, China, The Indo-Pacific, Russia, Ukraine, and NATO
Polycrisis: A cluster of interdependent global risks create a compounding effect, such that their overall impact exceeds the sum of their individual parts. (1) In this era of global polycrisis, …