The Gate 15 Podcast Channel

Weekly Security Sprint EP 114. Protests and a disrupted hostile event Jun 10, 2025

In this week's Security Sprint, Dave went solo to talk about:

The LA Protests
A disrupted hostile event and recognizing concerning behaviors.

Weekly Security Sprint EP 113. Hostile events and geopolitics, insider threats, and ransomware Jun 03, 2025

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

· The Gate 15 Interview EP 58 – Cathy Lanier: Leading NFL Security with Attitude, Effort, Crabs and Beer

· Gate 15: Test, Don’t Guess: Exercising Your Response Plan

· WaterISAC’s H2OEx: Click Below to Register for a Location Near You!

o Daytona, FL- July 28

o Los Angeles, CA- Sept 11

o Arlington, TX- Nov 6

· 26th Annual TribalNet Conference & Tradeshow

Main Topics:

Boulder:

· DOJ: Justice Department Files Federal Charges Against Alleged Perpetrator of Anti-Semitic Terror Attack in Colorado. The Justice Department has filed federal charges against illegal alien Mohammed Sabry Soliman, the alleged perpetrator of yesterday’s anti-Semitic terrorist attack in Colorado… Soliman is being charged with a federal hate crime in addition to facing state charges for attempted murder in Colorado. Read the federal complaint HERE

· Updates: Colorado Attack That Injured 12 Was Planned for a Year, Officials Say. The F.B.I. said in a court filing that thesuspect, an Egyptian citizen who had sought asylum in the U.S., brought more than a dozen incendiary devices to a march in support of hostages in Gaza.

· Colorado suspect, now charged with federal hate crime, planned antisemitic attack for a year, FBI says

· 12 burned in Boulder attack; suspect charged with federal hate crime:

· Boulder terror attack suspect planned mass shooting but was stopped from buying gun due to immigration status, as he faces 624 years in prison

· What We Know About the Boulder, Colorado Attack

· After Several Attacks, Heightened Anxiety Among American Jews

Pride Month: Trans community most targeted in anti-LGBTQ+ incidents, GLAAD data shows. Transgender and gender-nonconforming people were the target of over half of allanti-LGBTQ+ incidents tracked by GLAAD over the last year in a new report… GLAAD counted more than 930 anti-LGBTQ+ incidents from May 2024 through April 2025, 52% of which targeted transgender and gender nonconforming people, across 49 states and Washington, D.C.

Insider Threat:

o U.S. Government Employee Arrested for Attempting to Provide ClassifiedInformation to Foreign Government.

· Intelligence agency employee accused of attempting to leak classified documents out of frustration with Trump.

Ransomware!

· Gate 15: Test, Don’t Guess: Exercising Your Response Plan

· Q1 '25 Travelers' Cyber Threat Report: Record Attack Activity

· Delinea - 2025 State of Ransomware Report - Adapting with agility to a fast-changing threat landscape

· FBI PIN - Silent Ransom Group Targeting Law Firms

· Firm in Baltimore Archdiocese bankruptcy case says stolen data wasdeleted after cyber breach

· Akira Ransomware: When Paying Isn’t Enough to Stay Anonymous

· The State of State-Sponsored Hacktivist Attacks

Quick Hits

· Ukraine launches massive drone strike on air bases deep inside Russia

· Crypto Hacks in May 2025 Hit $244M, But $157M Frozen in Swift Recovery Efforts

· FBI FLASH: Infrastructure Used to Manage Domains Related to Cryptocurrency Investment Fraud Scams between October 2023 and April 2025

· US DIA 2025 Threat Assessment warns of growing complexity in global threats, national security

· DIA Releases 2025 Worldwide Threat Assessment: Cyber, Cartels, and Global Military Buildup Dominate Outlook

· Get ready for several years of killer heat,top weather forecasters warn

· America's summers keep getting warmer

· North Korea Infiltrates U.S. Remote Jobs—With the Help of Everyday Americans

· Tornado season 2025: active through April, andMay is keeping pace

· Treasury Takes Action Against Major Cyber Scam Facilitator

Nerd Out EP 58. A triple threat of topics and recapping Andor May 28, 2025

In the latest episode of Nerd Out, Dave and Alec ran through some of the incidents over the past week to talk about what happened, what impact it has on organizations, and what strategies organizations can take. The events included discussions on:

Severe weather to include NOAA's latest hurricane forecast.
Sabatoge in France.
Geopolitical events hitting the homeland.
The second season of Andor.

Extreme Weather Preparedness

NOAA predicts above-normal 2025 Atlantic hurricane season - https://www.noaa.gov/news-release/noaa-predicts-above-normal-2025-atlantic-hurricane-season
Weather-related Power Outages Rising - https://www.climatecentral.org/climate-matters/weather-related-power-outages-rising
Anti-government group threatens crucial weather radars, NOAA warns - https://www.washingtonpost.com/nation/2025/05/07/anti-government-weather-radar-conspiracy/
How to Prepare for a Hurricane - https://www.fema.gov/blog/how-prepare-hurricane

France Sabotage Attacks

France blames sabotage for second Riviera blackout, boosts security - https://www.france24.com/en/europe/20250526-france-sabotage-power-blackout-cannes-nice-riviera

Heightened Political Violence and Nihilistic Violent Extremism

Why White Supremacists Are Trying to Attack Energy Grids - https://www.nytimes.com/2024/08/08/us/white-supremacist-power-grid-attacks.html

Jewish Museum killings show how hard it is to stop radicalized lone wolf attacks - https://www.nbcnews.com/news/amp/rcna208656
The Escalating Attacks on Tesla Facilities - https://www.csis.org/analysis/escalating-attacks-tesla-facilities
How Burning Teslas and Killing Billionaires Became a Meme Aesthetic for Political Violence - https://networkcontagion.us/wp-content/uploads/NCRI-Assassination-Culture-Brief.pdf
‘Welcome Spring, Burn a Tesla’: The Insurrectionary Anarchist Campaign Against Tesla - https://gnet-research.org/2025/05/21/welcome-spring-burn-a-tesla-the-insurrectionary-anarchist-campaign-against-tesla/
Nihilistic Violent Extremism: A Valuable Stride Forward in American Counterterrorism - https://www.justsecurity.org/113463/nihilistic-violent-extremism-american-counterterrorism/

The Gate 15 Interview EP 58. Cathy Lanier: Leading NFL Security with Attitude, Effort, Crabs and Beer. May 26, 2025

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Cathy Lanier, Senior Vice President and Chief of Security at the National Football League. Prior to serving in her current role as Senior Vice President and Chief of Security at the National Football League, Lanier held the position of Chief of Police with the Washington, D.C. Metropolitan Police Department (MPD) from 2007 to 2016. From 1990, Cathy rose through the ranks of the MPD to earn various commendable honors including becoming the first female police chief of the nation’s capital, the first commanding officer of Homeland Security and Counter-Terrorism for D.C. Police, one of a small number of female chiefs in the nation at the time, and the longest serving chief on the D.C. force. Now, as the Chief of Security for the National Football League, Lanier safeguards the security of all 32 NFL teams and their venues, liaises and collaborates with federal, state and local law enforcement, and ensures security for League events like the Super Bowl. Learn more about Cathy on LinkedIn.

“We can do everything right and bad things can still happen” – Cathy Lanier, Senior Vice President and Chief of Security at the National Football League.

In the discussion Cathy and Andy cover:

Cathy’s Background.
The 2013 Washington Navy Yard Shooting and Hostile Events
The importance of exercises, challenging our assumptions, and after-action reports.
Her two biggest lessons learned
The ever-growing mission of securing the NFL
Cybersecurity, socio-political divisiveness and radicalization
Getting leadership buy-in
Private-public partnership
The Human Factor: Getting immersed and getting intelligence
Having empathy and understanding the other side
Dealing with adversity
We play 3 Questions!
Lots more!

Selected links:

NFL Videos:

Cathy Lanier explains her role as the NFL's Chief Security Officer. Cathy Lanier, the NFL’s Chief Security Officer, describes her transition from protecting the President of the United Sates as the first female police chief in Washington D.C. to providing the same security for the largest sporting event.
NFL 360 | THE CHIEF. NFL senior vice president of security Cathy Lanier faces extraordinary crises and challenges on a daily basis, in one of the most high-profile pressure cooker positions in the sports world.

MPD Navy Yard After Action Report
Guard Killed In Holocaust Museum Shooting

Weekly Security Sprint EP 112. Clinic bombing, Coinbase incident, and weather May 20, 2025

In this week's Security Sprint, Dave and Andy talked about the following topics:

Warm Opening:

• Gate 15 - Blueprints Before Breaches: Planning for Ransomware Resilience. This blog is part of Gate 15’s Summer of Security: Ransomware Resilience Series, highlighting the essential considerations for organizational leaders and cybersecurity professionals. Planning for a ransomware attack is a vital component of any organization’s cybersecurity strategy. Having a ransomware plan is important because it helps organizations prepare for, respond to, and recover from ransomware attacks effectively.

• H2OSecCon

Palm Springs Bombing

o FBI links California fertility clinic bombing to anti-natalist ideology

o Online manifesto threatened clinic attack; FBI probes Palm Springs bomb suspect’s motive

o 25-year-old suspect in fertility clinic bombing left behind ‘anti-pro-life’ writings, officials say

o What we know about the Palm Springs bomber

o Palm Springs IVF clinic bomber ID’d as Guy Edward Bartkus, a ‘pro-mortalist’ who opposed people being born ‘without their consent’

o Palm Springs Bombing Suspect Burned Down Family Home Aged 9, Father Says

• Hate Amplified: Online Posts About U.S. Judges Take Increasingly Violent Turn

• Michigan Man Arrested and Charged with Attempting to Attack Military Base on Behalf of ISIS

• The Delirious, Violent, Impossible True Story of the Zizians

• The world’s largest incel forum reacts to Netflix’s Adolescence with hate and conspiracies

• First Responders Toolbox: Large Public Gatherings Attractive Targets for Violent Extremists

Coinbase & Insider Threat

• Protecting Our Customers - Standing Up to Extortionists

• Coinbase Global, Inc. & 8-K filed on 2025-05-15

• Coinbase flips $20M extortion demand into bounty for info on attackers; The largest cryptocurrency exchange in the U.S. said cybercriminals bribed insiders to steal data on customers, some of whom were duped into handing over crypto assets.

• Coinbase says customers’ personal information stolen in data breach

• Insider Bribes Behind Coinbase Hack Exposing Customer Data

• Coinbase responds to USD 400 million insider threat attack | Cyber Intelligence Briefing: 16 May 2025

Weather. 28 dead, half a million without power as deadly storms, tornadoes sweep across central, eastern US. At least 28 people have died and dozens more were injured after a devastating wave of severe weather swept across the central United States late Friday into Saturday, leaving a trail of catastrophic destruction. Large tornadoes have been reported in Missouri, Kentucky, Illinois and Indiana with hard-hit southeastern Kentucky reporting a majority of the fatalities. According to Kentucky Governor Andy Beshear, there were 18 confirmed deaths in the state connected to the severe weather. The fatalities include 17 people in Laurel County and one in Pulaski County.

Quick Hits:

• FBI PSA: Senior US Officials Impersonated in Malicious Messaging Campaign

• FBI PSA: Impersonation Scheme Targeting Middle Eastern Students in the United States

• Update to How CISA Shares Cyber-Related Alerts and Notifications

• Securing Critical Infrastructure: GitGuardian Partners with ONE-ISAC to Protect Oil & Natural Energy Operations

• AMWA throws support behind CISA reauthorization

• Major Crypto Firms Spending Millions on Personal Security

• Crypto elite increasingly worried about their personal safety

• France Launches Crypto Security Measures After Targeted Kidnapping Surge

• The US hasn’t seen a human bird flu case in 3 months

Weekly Security Sprint EP 111. Ransomware, Extremist reporting, plus the future of FEMA support, and geopolitical impacts May 13, 2025

On this week's Security Sprint, Dave and Andy covered the following topics:

Warm Open:

• ICYMI: REGISTER NOW! WaterISAC’s 2025 H2OSecCon! (20 May) From cybersecurity to climate resilience, operational continuity to public trust, we must collaborate across sectors to build smarter, stronger, and more adaptive systems. That’s why we’re inviting leaders like you to join the WaterISAC’s 2025 H2OSecCon. Connect with peers and leaders committed to enhancing the resilience of our nation's critical systems.

Main Topics:

Ransomware & Data Breaches:

• Monday was Anti-Ransomware Day 2025! What a great time to invest in ransomware resilience! Contact Gate 15 today to get to work building your Cyber Incident Response Plan and ransomware procedures, to start planning your next ransomware workshop or tabletop exercise, to plan for post-incident analysis or to take advantage of our new very price-friendly ransomware exercise for executives – designed especially for small and medium businesses!

• Explore the latest cyber risks and claims trends from Coalition. LockBit ransomware gang hacked, victim negotiations exposed

• Reminder! Criminals lie and NEVER DELETE YOUR DATA! School boards hit with ransom demands linked to PowerSchool cyberattack

• M&S 'had no plan' for cyber attacks, insider claims, with 'staff left sleeping in the office amid paranoia and chaos'

• The Very Real Costs of Ransomware: IT warning after hackers close 160-year-old firm.

Extremism:

• Ohio Man Charged with Threatening State Public Officials

• Texas Man Convicted of Making Threats to Kill Nashville District Attorney Glenn Funk

• FBI has opened 250 investigations tied to violent online network '764' that preys on teens, top official says

• Teenage Terrorists Are a Growing Threat to Europe’s Security

USG Transitions

• Trump’s 2026 budget proposes $163 billion cut to non-defense spending, slashes CISA and FEMA funding

• White House Proposes $500 Million Cut to CISA

• Hegseth orders Pentagon to cut number of senior generals by 20%

• Lawmakers question Noem over cuts to CISA, FEMA, TSA

• Lawmakers grill Noem over CISA funding cuts, demand Trump cyber plan

• NSA to cut up to 2,000 civilian roles as part of intel community downsizing

• NIST loses key cyber experts in standards and research

India strikes Pakistan over tourist killings, Pakistan says it will retaliate

• Kashmir crisis live: Pakistan PM authorises armed forces to undertake ‘corresponding action’ after India strikes kill 26

• Pakistan vows to respond after India launches strikes in wake of Kashmir massacre

• Pakistan claims to have downed Indian warplanes, vows response to strikes

• China urges restraint as India-Pakistan tensions escalate with military strikes

• A Timeline of Tensions Between India and Pakistan Over Kashmir

• India, Pakistan accuse each other of attacks as hostilities rise

• AlQaeda Statement On Indian Strikes In Pakistan

Quick Hits:

• Crypto millionaires targeted in brutal kidnappings across France and Europe; Attackers' modus operandi: cutting off victims' fingers to pressure payments.

• The father of a cryptocurrency entrepreneur was kidnapped in Paris and found held captive with his finger severed. (article in French)

• Assessing the U.S. Climate in April 2025Assessing the U.S. Climate in April 2025

• FBI PSA - Cyber Criminal Proxy Services Exploiting End of Life Routers

• FBI FLASH: Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities (PDF)

• Risky Bulletin: France says Russian influence operations are getting better, achieving results

• Unsophisticated Cyber Actor(s) Targeting Operational Technology

• Primary Mitigations to Reduce Cyber Threats to Operational Technology

• US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations

• Primary Mitigations to Reduce Cyber Threats to Operational Technology

• UK NCSC: UK pioneering global move away from passwords

• Classic Rock - Hunting A Botnet That Preys On The Old

Weekly Security Sprint EP 110. Disrupted attacks, hurricane preparedness, and cyber reviews May 07, 2025

In the latest Security Sprint, Dave and Andy covered the following topics:

Warm Open:

• (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin - Q2 2025

• REGISTER NOW! WaterISAC’s 2025 H2OSecCon! Happening virtually Tuesday May 20th from 11am-5pm ET. Learn more and register here!

• Crypto ISAC Expands Leadership Team to Support Next Phase of Industry Collaboration and Operational Scale & Crypto Hacks and Scams Hit $364M in April, Says CertiK

• Continuity Planning: Conducting Tabletop Exercises; Facilities teams need to participate in Tabletop exercises to prepare for emergency events and situations.

Main Topics:

Physical Security

• Brazil police thwart bomb attack on Lady Gaga concert

o Two Arrested in Plot to Bomb Lady Gaga’s Rio Concert

• Florida Man Arrested in Foiled Mass Shooting Plot – Church Listed Among Targets

o Arrest in Florida reveals love link, conspiracy between man and Wisconsin school shooter

o Loxahatchee man linked to WI school shooter accused of 7 mass shooting threats

• Eight arrests in connection with two separate terrorism investigations

o UK Met: Five arrested as part of Counter Terrorism Policing operation

o UK Met: Three people arrested as part of Counter Terrorism Policing operation

o ‘Iranian terror attack’ foiled with hours to spare; Authorities feared attack on ‘specific premises’ was imminent as seven arrested

• Teen Arrested In German Synagogue Attack Plot

Severe Weather

• NOAA: Hurricane Prep: social media (English). The Hurricane Preparedness Week Social Media Plan.

• Monster quake could sink swath of California.

o Tsunami Warning Issued After Huge Earthquake Off Argentina

o Earthquake of magnitude 5.83 strikes La Rioja Province, Argentina, GFZ says

Cybersecurity

• Q1 Ransomware Report: The organizational structure of ransomware threat actor groups is evolving before our eyes.

• Surefire Cyber: Ransomware Threat Evolution Q1 2025

• Retail Ransomware Attacks Claimed by DragonForce:

o Incidents impacting retailers – recommendations from the NCSC

o Co-op cyber attack affects customer data, firm admits, after hackers contact BBC

o Co-op confirms data theft after DragonForce ransomware claims attack

o DragonForce Ransomware Gang | From Hacktivists to High Street Extortionists

o DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door

o Marks & Spencer breach linked to Scattered Spider ransomware attack

o NCSC statement: Incident impacting retailers

o Luxury store Harrods is latest retail victim of cyber attackers

o Harrods is latest British retailer to be hit by cyber attack

o UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks

o Harrods the next UK retailer targeted in a cyberattack

Quick Hits:

• Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis

• FBI PSA: Threat Actors Use "Swatting" to Target Victims Nationwide, April 29, 2025

• TLP CLEAR FBI FLASH Phishing Domains Associated with LabHost PhaaS Platform Users (PDF)

• With Love, From North Korea… 🇰🇵

o North Korea Stole Your Job

o Malicious North Korean actors attempt to infiltrate technology companies

o North Korean operatives invent identities to infiltrate industries

o How we identified a North Korean hacker who tried to get a job at Kraken

o Recruitment Red Flags: Spotting DPRK IT Remote Workers

• Noem calls for reauthorization of cyberthreat information sharing law during RSA keynote

• Some DHS employees told to send selfies to prove they are in-office as department suddenly ends remote work

• CISA restructuring plan release date unknown and likely to be slowed by Plankey nomination

• Spain, Portugal switch back on, seek answers after biggest ever blackout

o The Agonizing Task of Turning Europe’s Power Back On

o NERC: Statement on European Outages

o What Caused the European Power Outage?

Weekly Security Sprint EP 109. Cybersecurity reports, Casino blended threat, and vehicle ramming Apr 30, 2025

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Open:

• CISA gets a deputy director as it braces for major layoffs

• FB-ISAO’s Collaboration With Those Who are Lone Defenders

• Crypto/Blockchain:

o A Record-Breaking Year for Cybercrime: Key Findings from the FBI’s 2024 IC3 Report

o Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie

o XRP supply chain attack: Official NPM package infected with crypto stealing backdoor

o Risky Biz News - R0AR crypto-heist

o Crypto ISAC: Ensuring The Security, Efficiency, and Resiliency Of Crypto

o The Gate 15 Interview EP 57 – Adriana Villasenor on info sharing, resilience, and racing

Main Topics:

Big 3! Risky Bulletin: FBI IC3, Verizon DBIR, Google M-Trends reports are out—here's the conclusions!

• Verizon 2025 Data Breach Investigations Report

• M-Trends 2025: Data, Insights, and Recommendations From the Frontlines

• FBI Releases Annual Internet Crime Report

Casino hackers say they've got maps to slot machine vault and server room. A ransomware gang claims that it’s holding hostage the blueprints to a $700 million casino. If true, they may know more about the vaults, server rooms, and security cameras than the people building it. Hackers target Catawba Two Kings Casino, threaten to release blueprints

Vancouver Vehicle Ramming; 11 killed - Suspect charged with murder over Vancouver Filipino festival car ramming, police say victims were aged five to 65

• A man is charged with murder after SUV rams a crowd in Vancouver's 'darkest day'

• Vancouver ramming attack: Police determine attack was 'deliberate' but not 'terrorism' - 'Shocking'

• A look at some recent deadly attacks involving vehicle rammings

• 4 Killed When a Car Crashes Through an Illinois After-School Center; The victims’ ages ranged from 7 to 18, the police said. Several others were injured.

Quick Hits:

• May Day Protests:

o Workers in 600+ US Cities to Protest 'Billionaire Takeover' on May Day

o 50501 events

• ‘No longer welcome to be alive’: Man threatened Trump, Elon Musk and Tesla owners in ‘Declaration Of War’ emails that claimed ‘newsworthy killings’ were coming, DOJ says

• Spanish distributor says restoring power after huge outage could take 6-10 hours. Portugal also hit

• New U.S. Secret Service Research Highlights Connection Between Domestic Violence and Mass Attacks

• FBI PSA - FBI Seeking Tips about PRC-Targeting of US Telecommunications & The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices

• Countries shore up their digital defenses as global tensions raise the threat of cyberwarfare

• Scams & Fraud:

o FBI PSA - Cyber Criminals Impersonating Employee Self-Service Websites to Steal Victim Information and Funds

o Foreign intel job scams target current, former DoD employees

o Think that text message is from USPS? It could be a scam

o FBI Surges Resources to Nigeria to Combat Financially Motivated Sextortion

• Russian Propaganda Campaign Targets France with Al-Fabricated Scandals, Drawing 55 Million Views on Social Media

• Alleged former members of neo-Nazi group claim its leader is Russian spy

• NSA Publishes Recommendations for Smart Controller Security Controls and Technical Requirements for OT Environments

• Scientists Find Measles Likely to Become Endemic in the US Over Next 20 Years

Nerd Out EP 57. Drone deep-dive, plus talk on Daredevil and Andor Apr 28, 2025

On the latest episode of Nerd Out, Dave and Alec reference the following articles related to drones. They talked about drone usages, the way threat actors exploit them from a cyber and physical security perspective as well as mitigation strategies.

Drone Threat

Droning On: The Response to Use of Drones by Domestic Violent Extremists
Protecting Critical Infrastructure From Weaponized Drones
Drones are Transforming the Battlefield in Ukraine But in an Evolutionary Fashion
Drone attack warning: Illinois terrorism experts issue risk assessment for potential drone attacks
Are Domestic Drone Shoot-Downs Lawful?

Quick Hits

How India’s Threat to Block Rivers Could Devastate Pakistan
The Contentious U.S.-China Trade Relationship
What to know about the tensions between Iran and the US before their third round of talks

Weekly Security Sprint EP 108. Scams, 3rd party diligence, cyber reports, hurricanes and more. Apr 22, 2025

In the latest Security Sprint Dave and Andy covered the following topics:

Warm Open:

• Health-ISAC: European Hobby Exercise 2024 After Action Report

• Peters and Rounds Introduce Bipartisan Bill to Extend Information Sharing Provisions That Help Address Cybersecurity Threats

o Bill extends cyber threat info-sharing between public, private sector

o Exclusive: Peters, Rounds tee up bill to renew expiring cyber threat information sharing law

o CRS: The Cybersecurity Information Sharing Act of 2015: Expiring Provisions, 08 Apr 2025

Main Topics:

Scams:

• FBI PSA: FBI Warns of Scammers Impersonating the IC3

• Foreign intel job scams target current, former DoD employees

• Take9

JCAT First Responders Toolbox. Third-Party Security Critical to Safeguarding Public Gatherings From Terrorist Threats

UK: Law firm fined £60,000 following cyber attack. “enabled cyber hackers to gain access to DPP’s network, via an infrequently used administrator account which lacked multi-factor authentication (MFA)”

BakerHostetler: Ready and Resilient in the Data-Driven Age. Half Measures ≠ Effective Prep. Your organization finally prepared an IRP and a BCP. That's great! But have you actually implemented and then tested these plans? (At Gate 15, we’re a bit partial to this finding. Need to exercise and test those plans? Contact our team today to schedule your next workshop, tabletop, drill or other exercise!)

The Weather Channel - 2025 Hurricane Season Outlook: Not Quite 2024, But Above-Average US Landfall Threat. The 2025 Atlantic hurricane season may not be as active as last year, but the threat of U.S. landfalls remains higher than average, according to a just-released outlook issued by The Weather Company and Atmospheric G2.

• Colorado State University's tropical forecast team.

• Tornado-producing storm deals deadly weather to Oklahoma and Texas

• FEMA Isn’t Ready for Disaster Season, Workers Say

Quick Hits:

• Abusing Data in the Middle: Surveillance Risks in China’s State-Owned Mobile Ecosystem & 35 countries use Chinese networks for transporting mobile user traffic, posing cyber risks

• Florida State shooting: 2 dead, sheriff’s deputy’s son in custody & How a security gap at FSU heightened students’ fears even with the speedy police response

• Bot Traffic Surpasses Humans Online—Driven by AI and Criminal Innovation

• CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise

• Canadian Centre for Cyber Security Resources:

o Security guidance for dark web leaks (ITSAP.00.115)

o Search engine optimization poisoning (ITSAP.00.013)

Weekly Security Sprint EP 107. Hacktivism, Nation-states, and political violence Apr 16, 2025

In this week's Security Sprint Andy and Hunter talk about the following topics:

Warm Open:

• How Healthcare Facilities Can Be Truly Disaster-Resilient. Healthcare Facilities Today spoke with Jon Crosson, director of health sector resilience at Health-ISAC, on what makes a solid resiliency program for healthcare facilities, the importance of real-time information sharing and how healthcare facility managers can use partnerships to improve response and recovery efforts.

• Healthcare cybersecurity needs a total overhaul, by Errol Weiss, Chief Security Officer, Health-ISAC

• Addressing Risks from Chris Krebs and Government Censorship

o Fact Sheet: President Donald J. Trump Addresses Risks from Chris Krebs and Government Censorship

o Trump Revenge Tour Targets Cyber Leaders, Elections

o Gate 15: Cybersecurity & Infrastructure Security: Time to Make This Happen, December 15, 2017

 Following the House of Representatives, the US Senate needs to approve the re-designation of DHS’s National Protection and Programs Directorate (NPPD) to become the Cybersecurity and Infrastructure Security Agency (CISA);

 The President should nominate, and the Senate should confirm, Christopher Krebs as Under Secretary for NPPD and then as the first Director of National Cybersecurity and Infrastructure Security.

Main Topics:

Hacktivism & Nation-State Influence

• CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide

• IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities

• Top 10 Advanced Persistent Threat (APT) Groups That Dominated 2024

• The rising tide: A 2024 retrospective of hacktivism

Political Violence, Executive Protection

• ‘Save the white race’: Teen who gunned down his parents was plotting a ‘political revolution’ that included ‘getting rid of’ President Trump, police say

• Pennsylvania Man Charged with Making Threats to Assault and Murder President Donald J. Trump, Other U.S. Officials, and Immigration and Customs Enforcement Agents & ‘Going to assassinate him myself’: Man ‘buying 1 gun a month since the election’ threatened to kill Trump in multiple YouTube comments under name ‘Mr Satan,’ FBI says

• Suspect in custody after overnight arson at Pennsylvania Gov. Josh Shapiro's residence

o Was Cody Balmer 'Upset' With Gov Josh Shapiro Over Property Seizure?

o Harrisburg man to be charged with attempted murder of Gov. Josh Shapiro for setting fire to official residence

o Suspect in arson at Pennsylvania Gov. Josh Shapiro's residence planned to beat him, documents say

o Suspected arsonist Cody Balmer accused of firebombing Gov. Shapiro’s home shared disturbing photos online

o Cody Balmer's Social Media Reveals Anti-Joe Biden Posts

• Protect Democracy: How does Gen Z really feel about democracy? 11% believe that it political violence is sometimes necessary to achieve progress.

• Arrest made at UnitedHealthcare headquarters after reports of an intruder

Quick Hits:

• Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

• 8 April 2025 NCSC, FBI, DCSA bulletin – Online Targeting of Current & Former U.S. Government Employees.

• FAA Drone Detection Testing. The FAA will conduct drone-detection testing in Cape May, New Jersey, between April 14-25.

• Top homeland security lawmaker calls for cautious cuts to CISA

• CISA cuts: ‘Open season’ for US?

• Senator puts hold on Trump’s nominee for CISA director, citing telco security ‘cover up’

• OCC Notifies Congress of Incident Involving Email System

o Treasury bureau notifies Congress that email hack was a ‘major’ cybersecurity incident

o Hackers lurked in Treasury OCC’s systems since June 2023 breach

• US Cyber Command: Posture Statement of Lieutenant General William J. Hartman

Weekly Security Sprint EP 106. Impacts of tariffs on insider risk, and the use of proxies for hostile events. Apr 08, 2025

In the latest episode of the Security Sprint, Dave and special co-host Alec Davison talked about the following topics:

Insider Risk Concerns

What impact will the current political and economic environment have on stressors and grievances.
At the end of last month, a former water utility employee pleaded guilty in federal court for tampering with the drinking water supply at his former workplace.
https://www.justice.gov/usao-ma/pr/former-stoughton-water-department-employee-pleads-guilty-tampering-drinking-water

Nation State’s Using Non-state actors for violence and to further geopolitical interests

Hybrid warfare is a new normal – we’re experiencing a breakdown of the traditional perception of the binary notion of war and peace.
US neo-Nazi group with Russia-based leader calls for targeted Ukraine attacks – https://www.theguardian.com/us-news/2025/apr/05/the-base-neo-nazi-russia-ukraine

Iran recruited Swedish minors for attacks on Israeli targets https://www.cnn.com/interactive/2025/world/iran-israel-swedish-teenagers-shadow-war-intl-invs

Quick Hits

Two men suspected of plotting an attack arrested in Paris in support of the Islamic State – https://www.lemonde.fr/en/france/article/2025/04/07/two-men-suspected-of-plotting-an-attack-arrested-in-paris_6739914_7.html
Man who hates big pharmacies allegedly guns down Walgreens worker: Police

https://abcnews.go.com/US/man-hates-big-pharmacies-allegedly-guns-walgreens-worker/story?id=120408357

Death toll rises from weekend storms in US – severe weather in US - https://www.bbc.com/news/articles/crrzd0lge28o
Ivanti Connect Secure appliances are susceptible to attacks exploiting a recently disclosed vulnerability, which Chinese threat actors are actively exploiting - https://www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk/

Weekly Security Sprint EP 105. Hurricane forecast, Vehicle ramming study, and more Apr 01, 2025

In the latest Security Sprint, Dave and Andy covered the following topics:

Warm Start:

· Sen. Markey, Rep. Schakowsky Introduce Legislation To Protect Clean Water And Wastewater Utilities

· AMWA endorses legislation to encourage WaterISAC participation

· FS-ISAC Releases Guidance On The Future State Of Generative AI In Financial Services

· Senate Intelligence Committee: 03/25/2025 - 10:00am, Open Hearing: Worldwide Threats (complete hearing available here)

· 2025 Annual Threat Assessment of the U.S. Intelligence Community

· ODNI: 2025 Annual Threat Assessment Of The U.S. Intelligence Community & Download the report.

Main Topics:

Severe Weather

· AccuWeather - Dynamic hurricane season predicted for Atlantic in 2025

· Noem says she plans to ‘eliminate FEMA’

· Ranking Members Thompson & Kennedy:Trump Administration Continuing to Call for Elimination of FEMA and PlayPolitics with its Workforce Will Cost Lives

· US GAO - Disaster Assistance: Improving the FederalApproach

· Sessions Announces Hearing on FEMAReform Opportunities, Recovery Efforts in North Carolina. March 26, 2025, 10:00 a.m. ET

· Powerful earthquake rocks Myanmar andThailand, killing at least 3 in Bangkok high-rise collapse

· Deaths from devastating earthquake inMyanmar climb past 1,700

Vehicle Ramming & Terrorism

· Into the Crowd: The Evolution ofVehicular Attacks and Prevention Efforts

· UK NPSA: Considerations for Temporary Vehicle Security Barriers; Last Updated 20 March 2025

· CSIS: Global Terrorism Threat Assessment 2025

North Korean Worker Threats

· How To Proactively Mitigate The DPRK ITWorker Employment Scam

· The North Korea worker problem is biggerthan you think

Quick Hits:

· Oracle customers confirm data stolen in alleged cloud breach is valid

· Oracle Health breach compromises patient data at US hospitals

· Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service

· Oracle has reportedly suffered 2 separate breaches exposing thousands of customers‘ PII

· Scammers Entice U.S. Taxpayers With FundRecovery Services on Facebook, TikTok

· No MFA? Expect Hefty Fines, UK’s ICO Warns

· Exclusive: Secretive Chinese networktries to lure fired federal workers, research shows

· A sweeping cyber law’s long road torenewal— The 2015 Cybersecurity Information Sharing Act is set to expire this September.

· IngressNightmare: 9.8 CriticalUnauthenticated Remote Code Execution Vulnerabilities in

Nerd Out EP 56. Deep dive into radicalization and other news Mar 30, 2025

In the latest episode of Nerd Out, Dave and Alec talked about the following topics.

Quick thoughts on Signal-gate.
Deep dive into radicalization including the latest trends, concerning behaviors and what individuals and organizations can do.
Other all-hazard quick hits.

Some of the references from the show include:

Youth Radicalization

Young people and violent extremism: a call for collective action - https://www.counterterrorism.police.uk/wp-content/uploads/2024/12/Unclassified-Five-Eyes-CT-minors-paper.pdf
Young guns: Understanding a new generation of extremist radicalization in the United States - https://www.isdglobal.org/wp-content/uploads/2023/08/Young-guns_Understandings-a-new-generation-of-extremist-radicalization-in-the-United-States.pdf
Teenage Terrorists and the Digital Ecosystem of the Islamic State - https://ctc.westpoint.edu/teenage-terrorists-and-the-digital-ecosystem-of-the-islamic-state/
Antioch, Tenn., Shooter Inspired by Broad Extremist Beliefs and Previous Mass Killers - https://www.adl.org/resources/article/antioch-tenn-shooter-inspired-broad-extremist-beliefs-and-previous-mass-killers
Enhancing Bystander Reporting to Prevent Terrorism - https://www.dni.gov/index.php/nctc-how-we-work/joint-ct-assessment-team/first-responder-toolbox/terrorism-prevention/enhancing-bystander-reporting-to-prevent-terrorism#:~:text=The%20First%20Responder's%20Toolbox%20is,and%20responding%20to%20terrorist%20attacks.

Quick hits

U.S. Military Targets Houthis in Yemen - https://apnews.com/article/yemen-houthi-us-airstrikes-israel-hamas-takeaways-0d080ffc7c01b423cb81ec27713cdbc7
Israel Resume Combat Operations in Gaza - https://www.axios.com/2025/03/18/israel-gaza-war-resumes-airstrikes-hamas
CENTCOM Forces Kill ISIS Chief of Global Operations Who Also Served as ISIS #2 - https://www.centcom.mil/MEDIA/PRESS-RELEASES/Press-Release-View/Article/4121311/cent[…]ll-isis-chief-of-global-operations-who-also-served-as-isis-2/
Russia behind arson attack on Ikea store in Lithuanian capital, says prosecutor - https://www.theguardian.com/world/2025/mar/17/russia-behind-arson-attack-on-ikea-store-in-lithuania-capital-says-prosecutor
DieNet Activity Escalates Against US Organizations - (hacktivists - geopolitical threat actors targeting wide variety of infrastructure) - https://www.radware.com/security/threat-advisories-and-attack-reports/dienet-activity-escalates-against-us-organizations/
Thailand - Myanmar earthquake - https://apnews.com/article/thailand-earthquake-bangkok-4fce87aced74b1fc0cf260fb5454d353

Weekly Security Sprint EP 104. It happened to them and can happen to you. Mar 25, 2025

Warm Start:

• That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident’s toll

• Perspective: 25 Years of Evolving Information Sharing Into Actionable Intelligence, new from IT-ISAC Director Scott Algeier.

• The Gate 15 Interview EP 56. Information Sharing, Cybersecurity Politics, Threats, and More & New Podcast – Information Sharing, Cybersecurity Politics, Threats, and More! The Gate 15 Interview will be released on all the usual channels later today. Catch this month’s special crossover episode now via the Cybersecurity Advisors Network post and on YouTube!

• Crypto ISAC at WSJ Tech Live: Exploring the Future of Blockchain & Cybersecurity

Main Topics:

• If it can happen to them, it can happen to you, part one. Managing Communications: The Trump Administration Accidentally Texted Me Its War Plans. Considerations for businesses.

• If it can happen to them, it can happen to you, part two. Phishing: A Sneaky Phish Just Grabbed my Mailchimp Mailing List.

• Some thoughts on punishment, consistency, standards, and compassion.

• White House - Achieving Efficiency Through State and Local Preparedness

o Fact Sheet: President Donald J. Trump Achieves Efficiency Through State and Local Preparedness

o Trump prioritizes infrastructure resilience against cyber attacks, rolls out National Resilience Strategy

Quick Hits:

• New Dates Added: Live Virtual Presentations on Targeted Violence Prevention. Live Virtual Presentations on Targeted Violence Prevention. The U.S. Secret Service National Threat Assessment Center (NTAC) is pleased to offer new opportunities to attend live virtual presentations on preventing targeted violence. In these presentations, our expert researchers will share findings and implications from decades of research on targeted violence and offer strategies for preventing acts of violence impacting the places where we work, learn, worship, and otherwise live our daily lives. This list of available virtual training events is regularly updated, and presentation topics change from month to month. To learn more about this series of live virtual presentations, or to register for one or more of these events, please follow the link below. Register here.

• FBI PSA - Individuals Target Tesla Vehicles and Dealerships Nationwide with Arson, Gunfire, and Vandalism

• Man drives car into protesters outside a Tesla dealership, nobody hurt, sheriff says

• Attorney General Bondi Statement on Violent Attacks Against Tesla Property

• Violent attacks on Tesla dealerships spike as Musk takes prominent role in Trump White House

• Multiple cars set on fire at Tesla service center in Las Vegas in 'targeted attack'

• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin

• FBI, healthcare agencies warn of credible threat against hospitals, after multi-city social media terror plot alert

• Exclusive: FBI scales back staffing and tracking of domestic terrorism probes

• This AP map shows sabotage across Europe that has been blamed on Russia and its proxies

• Spring Outlook: Dry in the West, milder than average in the South and East; Drought to develop or persist for Rocky Mountains, Southwest and southern Plains

• Halcyon - Last Year in Ransomware: Overview, Developments and Vulnerabilities

• Chairmen Green, Garbarino, Brecheen Conduct Oversight Of The Federal Government’s Response To China-Backed “Typhoon” Intrusions Under Previous Administration

• The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants

• Risky Bulletin: The looming epochalypse

The Gate 15 Interview EP 56. John Salomon on Information Sharing, Partnership, and Enjoying the Silence Mar 24, 2025

In this episode of The Gate 15 Interview, Andy Jabbourspeaks with John Salomon. John is an information security executive and cybersecurity expert with 25 years of in-depth, cross-cultural, international experience across multiple critical industry sectors. Learn more about John on LinkedIn.

In this episode John and Andy discuss:

· John’s Background.

· Information Sharing.

· ISACs, international partnership, and political transitions.

· Critical threats and challenges.

· John plays 3 Questions!

· Lots more!

Selected links:

· Watch the episode on YouTube! Information Sharing, Cybersecurity Politics, Threats, and More

· CyAN: New Podcast – Information Sharing, Cybersecurity Politics, Threats, and More. This post links to the YouTube and includes a timeline and links you may enjoy.

· John Salomon

· Cybersecurity Advisors Network - Secure in Mind on YouTube

· CyAN’s Position on Encryption Backdoor Legislation

· https://cybersecurityadvisors.network

Weekly Security Sprint EP 103. Severe Weather, Scams, Insider Risks Mar 18, 2025

In the latest episode of the Security Sprint, Dave and Andy covered the following topics:

Opening:

White House instructs agencies to avoid firing cybersecurity staff, email says
CISA Probationary Reinstatements
DOGE Staffer Broke Treasury Rules Transmitting Personal Data
China, Russia, Iran, and North Korea Intelligence Sharing

Main Topics:

Severe Weather:

40 dead as storms head east; fire risk remains in parts of U.S.
‘I’ve seen nothing like this since I was a kid’: At least 39 people have died across 7 states after powerful storm system
Severe weather disaster: 40 dead after destructive tornadoes, wildfires and dust storms, sweep across US;
Europe’s Winter Storms Will Get Worse as Emissions Rise, Study Says
Ready.gov

Scams & Fraud:

New FTC Data Show a Big Jump in Reported Losses to Fraud to $12.5 Billion in 2024
Top scams of 2024
FBI Warns of Fraudulent Federal Warrants in Wyoming
Take9

Quick Hits:

Insider Threats:

Texas man faces prison for activating ‘kill switch’ on former employer’s network
Lawsuit Alleges $12 Billion "Unicorn" Deel Cultivated Spy, Orchestrated Long-Running Trade-Secret Theft & Corporate Espionage Against Competitor
Flexport accuses former employees of stealing its source code to create a rival startup
Rethinking Insider Risk in an AI-Driven Workplace

CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware
CISA: Medusa ransomware hit over 300 critical infrastructure orgs
Iraqi PM says Islamic State leader for Iraq and Syria killed
Lawmakers seek DHS records in probe of US response to Chinese cyber campaigns
Europe's telecoms sector under increased threat from cyber spies, warns Denmark
Risky Bulletin: GitHub supply chain attack prints everyone's secrets in build logsGitHub Actions Supply Chain Compromise: tj-actions/changed-files Action
CAIR’s Civil Rights Report Shows Islamophobia Complaints at All-Time High, Viewpoint Discrimination Key Factor
Trump administration weighs travel ban on dozens of countries, memo says
Canadian Centre for Cyber Security - Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577).
Ransomware gang creates tool to automate VPN brute-force attacks

Weekly Security Sprint EP 102. Ransomware, Terrorism report, recognizing behaviors Mar 11, 2025

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Opening:

TribalHub & Tribal ISAC!
TribalHub Annual Cybersecurity Summit Wrapup
Cybersecurity summit discusses challenges tribes face from hacks
Health ISAC!
TLP White 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
How Hackers Using AI Tools Threaten the Health Sector

Blockchain & Crypto:

Risky Biz News - Bybit hack post-mortem
1inch Hack Exposes $5M Flaw – Is It Time for Best Wallet Token?
Feds Link $150M Cyberheist to 2022 LastPass Hacks
A $1.5 Billion Hack: How the Biggest Crypto Heist in History Went Down
Due to the termination of funding by the Department of Homeland Security, the Center for Internet Security no longer supports the EI-ISAC

Main Items:

Ransomware & Data Breaches:

#NotRansomware: FBI Warns of Data Extortion Scam Targeting Corporate ExecutivesMail Scam Targeting Corporate Executives Claims Ties to Ransomware
Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear
BianLian Denies Involvement in Ransom Letters: “Not Our Doing,” Group Tells SuspectFile.com
SuspectFile.com – What is your official position regarding the physical letters sent to corporate executives in the United States claiming to be from your group?
BianLian – We never do that. That is scam.\Sault Ste. Marie Tribe Says It Refused to Pay Cyberattackers’ Ransom
Q4 Travelers' Cyber Threat Report: Ransomware Goes Full Scale
Sault Tribe Chairman says tribe will not pay hacker’s ransom request (video)
Highway Robbery 2.0: How Attackers Are Exploiting Toll Systems in Phishing Scams

Terrorism:

Press Release - Global Terrorism Index 2025: Terrorism Spreads as Lone Wolf Attacks Dominate the West & Terrorism Trends Fueled by Sahel Conflicts, Western Lone Actor Attacks
See Something, Say Something. 'Erratic' man at Kentucky church told police about plans to bomb major city, cops say
Houston teen indicted for conspiring to commit murder under new terrorism law
Plan to attack Australia synagogue faked by organized crime: police
A boy with a loaded shotgun boarded a plane in Australia but was tackled by a former boxer
A driver rams a car into crowd in Germany’s Mannheim, leaving 2 dead and 11 injured

Quick Hits:

'Five Eyes alliance' crumbling after UK, Australia, New Zealand and Canada give US cold shoulder
FBI PSA: Beijing Leveraging Freelance Hackers and Information Security Companies to Compromise Computer Networks Worldwide
Cisco Talos exposes Lotus Blossom cyber espionage campaigns targeting governments, telecom, media
Chinese Nationals with Ties to the PRC Government and “APT27” Charged in a Computer Hacking Campaign for Profit, Targeting Numerous U.S. Companies, Institutions, and Municipalities
Select Committee on the Chinese Communist Party Holds Hearing — " End the Typhoons: How to Deter Beijing’s Cyber Actions and Enhance America’s Lackluster Cyber Defenses”
Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security & Former intelligence officials denounce job cuts to federal cyber roles.
Treasury Suspends Rule Requiring Disclosure Of LLCs' True Owners & Dept. of Treasury Press Release: Treasury Department Announces Suspension of Enforcement of Corporate Transparency Act Against U.S. Citizens and Domestic Reporting Companies
Polish space agency investigates cyberattack on its systems
Cybersecurity Job Satisfaction Plummets, Women Hit Hardest
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Vulnerabilities

Weekly Security Sprint EP 101. Security Updates and Resilience Considerations Mar 04, 2025

Andy goes solo this week, providing some initial updates relating to the ISAC community and last week’s Security Sprint focus on government transition and related concerns, then diving into a quick rundown of enduring threats and issuessecurity leaders may want to think about as part of their broader security and resilience efforts.

· Crypto ISAC! FBI PSA - North Korea Responsible for $1.5 Billion Bybit Hack

· Insider Threats: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say

· US – Russia Cyber Operations:

· CISA on X: “CISA’s mission is to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia. There has been no change in our posture. Any reporting to the contrary is fake and undermines our national security.”

· Exclusive: Hegseth orders Cyber Command tostand down on Russia planning

· Trump administration retreats in fight against Russian cyber threats

· Risky Bulletin: Trump administration stops treating Russian hackers as a threat

· Ranking Member Thompson: Trump Weakens National Security and Puts Our Critical Infrastructure at Risk as He Capitulates to Russia

Main Topics

The Physical and Cyber Supply chain!

Manmade Threats

Terrorism

o Minneapolis Man Arrested for Attempting toProvide Material Support to ISIS

o One dead after car drives into crowd in German city of Mannheim

o Tajik National Arrested in Brooklyn for Conspiring to Provide Material Support to ISIS

Protests, Anger, Targeted Threats

o Tesla Takedown and other political protests

o Police Investigate Shooting at InsuranceCEO's Oregon Home: Reports

o State Accident Insurance Fund CEO targeted interrifying attack by hooded gunman at his Oregon home

o Chairmen Gimenez, Green Introduce Bill To Address Vehicular Terrorism As Threat Grows

Weather, Climate & Environment

o Hurricane Season is coming, and the USG may be less prepared and less able to respond

o Wildfires scorch the Carolinas, SC Governor McMaster declares state of emergency

o Wildfires Break Out in the Carolinas, Prompting Evacuations

o Carolina Fire Maps Show Where Blazes Burning in North, South Carolina

Health preparedness

o Texas measles outbreak rises to 146 cases

o Texas Official Warns Against ‘MeaslesParties’ Amid Growing Outbreak

o RFK Jr. urges people to get vaccinated amiddeadly Texas outbreak

o NewsGuard: Vaccines Falsely Blamed for Measles Outbreak

Cyber Threats:

o BEC & ransomware

o Blended Threats: Modat - Doors Wide Open: hundreds of thousands of employees exposed & related: Over 49,000 misconfigured building access systems exposed online.

o Critical dependencies

o Info Ops: Russian propaganda may be flooding AI models

Quick Hits

Take9!!! A Disney Worker Downloaded an AI Tool. It Ledto a Hack That Ruined His Life

Weekly Security Sprint EP 100! Hitting the century mark with DOGE, CISA and insider threat Feb 25, 2025

In the 100th episode of the Security Sprint, Dave and Andy covered the following topics:

Warm Open:

· H2OSecCon 2025 Call for Presentations Now Open

Main Topic:

DOGE, the Private Sector. Insider Threats & Info Sharing

· DOGE Now Has Access to the Top US Cybersecurity Agency

· DOGE employee Edward Coristine lands at CISAwith DHS email

· ISAC chief on CISA security rollbacks: ‘The sky isn’t falling, yet.’

· The Gate 15 Interview EP 55. Allan Liska, Ransomware Sommelier. Threats, mental health, comic books and Diet Dr. Pepper

· Trump 2.0 Brings Cuts to Cyber, Consumer Protections

· DOGE will use AI to assess the responsesof federal workers who were told to justify their jobs via email

· PERSPECTIVE: Current U.S. GovernmentAdministration and the Risk of Increased Insider Threat

· Opinion: DOGE’s US worker purge has created aspike in insider risk

Quick Hits:

· Bybit Hack: Crypto exchange Bybit says it was hacked andlost around $1.4B

o Risky Bulletin: North Korean hackers steal $1.5 billion from Bybit

o Big Day for Crypto Goes South in a Hurry After a Giant Hack

o Ethereum Developer Counters Idea Of Blockchain Rollback Amid Bybit Hack

o Bybit’s Phantom Hacker Becomes Ethereum’s Shadow Whale by Fragmenting Fortune Across 54 Wallets

o Bybit Hack Funds Funneled Through Meme Coins, Onchain Sleuth Reports

o Crisis Management in $1.4 Billion Hack Sets New Industry Standard, Bybit Officials Say

o What the Bybit Hack Means for Crypto Security and the Future of Multisig Protection

· Stablecoin Bank Infini Earn Latest Hack Victim, Sees $49.5M USDC Flow Out to Attackers

· Apple is removing iCloud end-to-encryption features from the UK after government compelled it to add backdoors

· CISA and Partners Release Advisory on Ghost (Cring) Ransomware

· Risky Bulletin: BlackBasta implodes, internal chats leak online

· Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems

· Terror Thwarted: Man Threatening Violent Attacks On New York Shuls Arrested In Lincoln Tunnel On Friday Evening

· Early data show homicides dropped 16% in 2024

The Gate 15 Interview EP 55. Allan Liska, Ransomware Sommelier. Threats, mental health, comic books and Diet Dr. Pepper Feb 24, 2025

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Allan Liska. Allan Liska, threat intelligence analyst at Recorded Future, has more than 20 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organisations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program”, “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.“, and “Ransomware: Understand. Prevent. Recover.” Learn more about Allan on LinkedIn.

In the discussion Allan and Andy discuss:

Allan’s Background.
Evolving Threats, mission creep and STDs (wait, what?)
The ever-evolving threat of Ransomware and the value of collaboration
Resilience: mental health, taking care of your people
Roy Rogers, comic books and that’s before we play Three Questions!
The enduring and expensive threat of scams (#Take9!)
Lots more!

“Your data isn’t going to be deleted.”

Selected links:

Weekly Security Sprint EP 99. China, hostile events, and more. Feb 18, 2025

In this week's Security Sprint, Dave and Andy covered the following topics.

Warm Opening:

Quantum Computing Resources:

Main Topics:

China:

Hate, Extremism & Terrorism:

Quick Hits

Cyber Reports:

Weekly Security Sprint EP 98. A few of our favorite things: EAP, Ransomware, Phishing and more! Feb 11, 2025

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Opening:

• In reversal, CISA workforce now permitted to take deferred resignation offer

• FS-ISAC Releases Timely Data Governance And Generative AI Guidance & read More Opportunity, Less Risk: 8 Steps to Manage Financial Services Data with GenAI.

Cyber Pipeline:

o Chairman Rreen reintroduces “Cyber PIVOTT Act,” Senator Rounds to lead companion legislation

o Lawmakers unite to push forward Cyber Force

o Gate 15’s been arguing for this since 2018… It’s Time for an FBI Cybercrime College Scholarship Program, October 14, 2018

• Blended Threats! Gate 15’s been talking about this since 2017… Unpacking the vicious cycle of climate change and digital security. Blended Threats you say…? Cyberattack on NHS causes hospitals to miss cancer care targets

Main Topics:

CISA Releases Active Assailant Emergency Action Plan Template and Instructional Guide

o Active Assailant Emergency Action Plan Template

o Instructional Guide to the CISA EAP Template

Ransomware & Data Breaches: Ransomware attackers turn to workers for data breach access

o Cyfirma: Tracking Ransomware: January 2025

o 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Payments

o Coveware: Will Law Enforcement success against ransomware continue in 2025?

o Halcyon Threat Insights 013: February 2025 Ransomware Report

Scams!Take9! Hackers Hijack JFK File Release: Malware & Phishing Surge

o Take9: Gate 15 is proud to partner with Take9! 9 SECONDS FOR A SAFER WORLD. Cyber threats are everywhere. And getting sneakier. What can you do to protect yourself, your community and our nation? Take a 9 second pause and think before you click, download, share. A short pause goes a long way.

o Threat actor claims to have breached Trump Hotels

Quick Hits:

• Trump's Gaza comments hand jihadist terrorists a 'rallying cry,' experts say

• CSI: Security Considerations for Edge Devices: Executive Guidance

• Canadian Centre for Cyber Security - Virtual private networks (ITSAP.80.101)

• UK NCSC: Network security fundamentals; How to design, use, and maintain secure networks

• National Security Presidential Memorandum/NSPM-2; Imposing Maximum Pressure on the Government of the Islamic Republic of Iran, Denying Iran All Paths to a Nuclear Weapon, and Countering Iran’s Malign Influence

Government Data Security Concerns:

o A US Treasury Threat Intelligence Analysis Designates DOGE Staff as ‘Insider Threat’

o Federal judge blocks Elon Musk’s DOGE from accessing sensitive US Treasury Department material

o Government Security Professionals Grapple with Following Procedure Amid DOGE Demands

o Teen on Musk’s DOGE Team Graduated from ‘The Com’

o As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say

o Coalition of US states to file lawsuit after Musk’s DOGE gains access to Americans’ personal data

Breaking Encryption:

o U.K. orders Apple to let it spy on users’ encrypted accounts; Secret order requires blanket access to protected cloud backups around the world, which if implemented would undermine Apple’s privacy pledge to its users.

o UK’s secret Apple iCloud backdoor order is a global emergency, say critics

DeepSeek:

o Lawmakers Push to Ban DeepSeek App From U.S. Government Devices

o Researchers say China’s DeepSeek chatbot is linked to state telecom, raising data privacy concerns

• Internet-connected cameras made in China may be used to spy on US infrastructure: DHS

• Exclusive - Chinese Spy Balloon Was Packed With American Tech; The balloon carried technology from at least five US firms.

• Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts & Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software

Weekly Security Sprint EP 97. DeepSeek AI, Ransomware report, and more Feb 05, 2025

In this week's Security Sprint, Dave and Andy covered the following topics.

Warm Start:

(TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin - Q1 2025. WaterISAC and EPA just published the latest quarterly edition of the National Security Information Sharing Bulletin. The Information Sharing Bulletin (ISB) is intended for water and wastewater utility owners and operators to provide information on priority security and resilience topics, including cybersecurity, physical security, and natural disasters.

Main Topics:

Ransomware & Data Breaches:

DeepSeek:

Satellite images reveal China building war command center in Beijing.

Meta's WhatsApp says Israeli spyware company Paragon targeted scores of users.

Common Challenges in Cybercrime: 2024 Review by Eurojust and Europol.

Cybercrime websites selling hacking tools to transnational organized crime groups seized.

Europol: Law enforcement takes down two largest cybercrime forums in the world; The platforms combined had over 10 million users worldwide.

Man Arrested On Capitol Hill Said He Wanted To Kill Trump Cabinet Officials, House Speaker: Police.

Drones over NJ: Why didn’t the FAA admit they authorized the flights? Here’s what we know

FBI Springfield Advises Caution in Online Relationships.

MGM Agrees to Pay $45 Million to Settle Data-Breach Lawsuit.

Quick Hits:

The ‘murder gang’ of computer whizzkids linked to the killings of a Border Patrol agent and a landlord 3,000 miles apart.
The Nashville Attack Displayed Several Hallmarks of Modern Terrorism
FBI PSA - Mail Theft-Related Check Fraud is on the Rise. The FBI and USPIS are warning that check fraud is on the rise, with a significant volume enabled through mail theft.
X Phishing | Campaign Targeting High Profile Accounts Returns, Promoting Crypto Scams.
Risky Biz News - Twitter account hacks: Multiple high-profile accounts have been hacked over the past week to promote various memecoins.
Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks.

The Gate 15 Interview EP 54. Brandon Dixon on Artificial Intelligence, getting your hands dirty & long, long runs Feb 05, 2025

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Brandon Dixon. Brandon has worn many hats, from security engineer to entrepreneur. Today, he serves at a Partner AI Strategist for Microsoft, Strategic Advisory and Partner with NinjaJobs, and is a tremendous athlete.Brandon has dedicated his career to information security, focusing on analysis, solution development, and process refinement. As the Security AI Strategist for Microsoft Research, he is advancing fully autonomous security outcomes. Previously, Brandon led the product release of Copilot for Security. He also served as VP of Strategy and Product at RiskIQ, a San Francisco startup acquired by Microsoft, where he helped integrate the business and launched Defender Threat Intelligence and Defender External Attack Surface Management. Brandon has developed several public solutions, including PassiveTotal (acquired by RiskIQ), NinjaJobs (acquired by Starfish Partners), PDF X-RAY, and Blockade.io. His research and development in various security topics have earned him accolades from major security vendors and industry peers. Learn more about Brandon on LinkedIn.

In the discussion Brandon and Andy discuss:

Brandon’s Background.
Three “Big Things” in AI Brandon’s paying attention to in 2025.
Entrepreneurship: “Make sure the idea is something you personally care about.”
The value of falling short.
Resilience.
Roasting Coffee (see link below!)
Balance.
Fitness: from BMX to ultras.
We play Three Questions! Whippets, Big Sky, and long runs.
More!

Selected links:

Weekly Security Sprint EP 96: Extremist trends, nation-states, and more Jan 28, 2025

In this week's Security Sprint, Dave and Andy covered the following topics:

Main Topics:

FBI PSA: North Korean IT Workers Conducting Data Extortion. The Federal Bureau of Investigation (FBI) is providing an update to previously shared guidance regarding Democratic People's Republic of Korea (North Korea) Information Technology (IT) workers to raise public awareness of their increasingly malicious activity, which has recently included data extortion.

China’s Cyber Threat: Under Trump, US Cyberdefense Loses Its Head; Chinese hacks, rampant ransomware, and Donald Trump’s budget cuts all threaten US security. In an exit interview with WIRED, former CISA head Jen Easterly argues for her agency’s survival.

“Everybody should assume that our adversaries, in particular China, are attempting to go after our critical infrastructure. The private sector, they are on the front lines of this fight, because they own and operate the vast majority of our critical infrastructure. It's why companies need to put collaboration over self-preservation.”

“Time For Us To Get A Step Ahead Of The Typhoons”: Chairman Green Opens Hearing On Global Cyber Threats

“Preparation Of The Battlefield”: Cybersecurity Experts Testify On Global Threats To The Homeland

WaterISAC: House Committee Hearing – Unconstrained Actors: Assessing Global Cyber Threats to the Homeland. Witnesses also cited recent incidents at water utilities.

Quick Hits:

Insider Threats:

Orlando Man Pleads Guilty To Conducting Series Of Cyber Intrusions Against Former Employer

British Museum forced to partly close after alleged IT attack by former employee

CISA and FBI Release Updated Guidance on Product Security Bad Practices

Virus season roars back with "quad-demic" of illness

Scammers Are Creating Fake News Videos to Blackmail Victims

TikTok Threat Arrest: "[Trump] needs to be assassinated"

USCP Arrests Man with Gun. Article: Capitol Police: Officer suspended for allowing man with concealed gun into building

CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

Ransomware gang uses SSH tunnels for stealthy VMware ESXi access

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware

Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025

Ongoing Campaign Targeting Amazon Web Services S3 Buckets

Weekly Security Sprint EP 95. Review of the headlines: EOs, Scams, cyber device warnings, ransomware and more! Jan 21, 2025

In this week's Security Sprint, Dave and Andy covered the following topics:

Main Topics:

Executive Orders:

A New Jam-Packed Biden Executive Order Tackles Cybersecurity, AI, and More
Biden issues order to strengthen federal cyber defenses in the wake of hacks by the Chinese government.
Trump EOs:
President Trump repeals Biden’s AI executive order. During his first day in office, President Donald Trump revoked a 2023 executive order signed by former President Joe Biden that sought to reduce the potential risks AI poses to consumers, workers, and national security.
Application Of Protecting Americans From Foreign Adversary Controlled Applications Act To Tiktok
Justice Department Statements on Supreme Court’s Decision in TikTok, et al. v. Garland
Declaring A National Emergency At The Southern Border Of The United States
Designating Cartels And Other Organizations As Foreign Terrorist Organizations And Specially Designated Global Terrorists.
Protecting The United States From Foreign Terrorists And Other National Security And Public Safety Threats
Guaranteeing The States Protection Against Invasion
Holding Former Government Officials Accountable For Election Interference And Improper Disclosure Of Sensitive Governmental Information
Organization of the National Security Council and Subcommittees

Scams:

FBI PSA - Beware of Charitable Fraud Related to Mass Casualty and Disaster Events
Investor Alert: Be Vigilant for Possible Investment Scams Related to the California Wildfires
\Wild Claims About L.A. Wildfires Get Millions of Views; NewsGuard has identified and debunked 18 false claims related to the wildfires
‘A flood of disinformation’: rumors and lies abound amid ongoing LA wildfires
Disasters have long led to misinformation as people grasp for control, but the consequences can be life and death

Quick Hits:

Nerd Out EP 55. Terrorism, Propaganda, All-hazards and a Skeleton Crew update Jan 20, 2025

On the latest episode of Nerd Out, Alec Davison and Dave discussed recent terrorist activity and outlook for the future before looking at some of the propoganda that has been published to influence followers. They also looked at world events and the recent cease fire to assess what that may mean going forward before looking at all-hazards preparedness. Finally they wrapped up with some discussion about Skeleton Crew, and some future shows. Plus Alec makes a plea for Severance.

Some references:

Terrorism Threat Landscape

https://www.axios.com/local/new-orleans/2025/01/06/timeline-new-orleans-terror-attack https://www.fbi.gov/contact-us/field-offices/neworleans/news/fbi-releases-investigative-update-in-bourbon-street-attack https://www.asisonline.org/security-management-magazine/latest-news/today-in-security/2024/december/EU-Terror-Incidents-Rose/ https://www.axios.com/local/new-orleans/2025/01/16/lone-actor-terrorism-machine-learning-ai https://www.memri.org/reports/islamic-state-isis-al-qaeda-iran-axis-supporters-rejoice-over-los-angeles-wildfires-promote https://www.counterextremism.com/press/extremist-content-online-isis-propaganda-allegedly-helped-inspire-new-orleans-attacker

Terrorgram Designation

https://www.state.gov/office-of-the-spokesperson/releases/2025/01/terrorist-designations-of-the-terrorgram-collective-and-three-leaders https://www.lawfaremedia.org/article/why-the-terrorgram-collective-designation-matters

Israel-Hamas Hostage Deal & Ceasefire

https://www.nbcnews.com/news/world/israel-hamas-ceasefire-gaza-rcna187913 https://www.memri.org/reports/senior-hamas-official-khalil-al-hayya-upon-signing-ceasefire-agreement-october-7-will

LA Wildfires

https://www.bu.edu/articles/2025/how-and-why-the-la-wildfires-grew-so-fast/ https://www.cnn.com/2025/01/10/us/california-la-fires-emergency-prep-invs/index.html https://theconversation.com/a-national-nonpartisan-study-of-the-los-angeles-fires-could-improve-planning-for-future-disasters-247198

Weekly Security Sprint EP 94. LA fires, LV and NO updates, ransomware and more! Jan 14, 2025

In the latest Security Sprint, Dave and Andy covered the following topics:

Warm Open:

• Errol Weiss on LinkedIn: Cyber Threats Know No Borders

• Perspective: Cybersecurity Priorities for the New Administration, by Scott Algeier, Executive Director, IT-ISAC.

Main Topics:

Los Angeles Fires:

FEMA: Ready.gov

Attorney General James Reminds New Yorkers to be Cautious in Charitable Giving for Los Angeles Wildfire Relief

HHS Secretary Xavier Becerra Declares Public Health Emergency for California to Aid Health Care Response to Wildfires

Vegas and New Orleans Follow Ups

Las Vegas Cybertruck suspect used ChatGPT to plan blast, police say

Las Vegas police release ChatGPT logs from the suspect in the Cybertruck explosion

ChatGPT advised infamous neo-Nazi on how to attack U.S. electrical grid

FBI IC3 Alert Number: I-011325-PSA: Threat of Copycat Attacks after ISIS-Inspired Vehicle Attack in New Orleans

FBI warns of potential ‘copycat or retaliatory’ New Orleans attacks

How New Orleans failed to protect Bourbon Street from attack, block by block

Ransomware:

Comparitech - Ransomware roundup: 2024 end-of-year report

Ransomware attacks on education declined in 2024, report shows

Emsisoft: The State of Ransomware in the U.S.: Report and Statistics 2024

Health:

CDC - First H5 Bird Flu Death Reported in United States. CDC has carefully studied the available information about the person who died in Louisiana and continues to assess that the risk to the general public remains low.

CDC’s Priorities for Response Readiness

Director Wray

60 Minutes: FBI Director Wray on threats America faces, decision to step down as Trump returns to the White House

Outgoing FBI director calls China and its cyber program the 'defining threat of our generation'

FBI director explains why he’s resigning, defends feds’ raid of Trump’s Mar-a-Lago

Inauguration Workplace Considerations

Quick Hits:

• 2024 was the world’s warmest year on record

• White House Launches “U.S. Cyber Trust Mark”, Providing American Consumers an Easy Label to See if Connected Devices are Cybersecure

• CISA Releases the Cybersecurity Performance Goals Adoption Report

• FACT SHEET: Ensuring U.S. Security and Economic Strength in the Age of Artificial Intelligence

• Prime Minister sets out blueprint to turbocharge AI

• UK throws its hat into the AI fire

Weekly Security Sprint EP 93. New Orleans, Las Vegas, HEAC and resolutions Jan 08, 2025

In the latest episode of the Security Sprint, Dave and Andy covered the following topics:

Special Agent in Charge Joshua Jackson, ATF, Delivers Investigative Updates on the New Orleans Bourbon Street Attack

FBI: 2 IEDs failed to detonate in New Orleans New Year's Day ramming attack

FBI says New Orleans attacker surveyed area using Meta smart glasses

Cybertruck driver left behind rant praising Trump and Musk, slamming Democrats

‘TIME TO WAKE UP’: Las Vegas police share notes from Cybertruck explosion suspect

Matthew Livelsberger Alleged Manifesto: Read Full Email Sent to Retired Soldier

Vegas Cybertruck Bomber Who Called for ‘Purge’ of Dems Deemed Not a ‘Risk’ to Public After He Sought VA Mental Health Help

Additional Resources:

Nerd Out 54. Year end review with friends! Dec 16, 2024

In the latest episode of Nerd Out, Dave brings back Andy Jabbour and Jennifer Lyn Walker to remember the early days of the pod, and talk about some 2024 predictions to see if they hit the mark, were a near miss or were out of left-field. Then they talked about some things organizations should remember heading into 2025 before getting into some holiday cheer. They talked about their favorite holiday drinks, traditions, and movies or television shows before extending their best security wishes for 2025.

Andy Jabbour is the Managing Director, Gate 15 and host of the Gate 15 Interview podcast and co-host of the Security Security Sprint podcast.

Jennifer Lyn Walker is a cybersecurity professional with 24+ years of experience supporting critical infrastructure and SLTT (state, local, tribal, and territorial) governments. Jennifer has provided subject matter expertise regarding cyber threats related to homeland security for multiple critical infrastructure and vital lifeline sectors utilizing her experience in malware analysis, threat assessments, threat intelligence, HIPAA compliance, cybersecurity awareness, insider threat protection, and industrial control systems cybersecurity and safety.

Link for UnDisruptable27: https://securityandtechnology.org/undisruptable27/

The Gate 15 Interview EP 53. CISA’s JCDC, plus! Love for Boston, love for potatoes, love for cats, and love for cyber. Dec 11, 2024

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Jeri Rogish and Mitchell Freddura, both with the Cybersecurity and Infrastructure Security Agency (CISA) and CISA’s Joint Cyber Defense Collaborative (JCDC). Jeri serves as Deputy Chief of JCDC’s Product Development Section and Mitch serves in the Partnerships Office.

Jeri on LinkedIn.
Mitch on LinkedIn.
For further information about participating, email cisa.jcdc@cisa.dhs.gov.

Discussed in the podcast:

Jeri & Mitch’s Backgrounds.
JCDC background.
How the JCDC is “uniting the global cyber community.”
Best practices to support a “coordinated defensive cyber posture.”
“Implementing comprehensive, whole-of-nation cyber defense plans” to address risks, coordinate action, and build national resilience.
Building a joint understanding of challenges and opportunities for our nation’s cyber defense.
Networks of networks & private-public partnership
The NCIRP Public Comment period coming soon!
We play Three Questions and talk moments from high school, favorite foods, big hearts and sports teams no one wants to hear about…

Selected links:

Additional resources:

Weekly Security Sprint EP 92. CEO attack, disrupted attacks, and cybersecurity warnings Dec 10, 2024

In the latest episode of the Security Sprint, Dave and Andy covered the following topics:

Warm Start: H2OEx - An Exercise for the Water Sector

Main Topics:

UHC Assassination:

· Health insurers step up security, scrub websites of leadership information

· Luigi Mangione, suspect in fatal shooting of UnitedHealthcare CEO Brian Thompson, used ghost gun that may have been 3D-printed

· Suspect in killing of health care CEO faces 5 charges including forgery and firearm without a license

· Health care CEO shooting suspect was Ivy League graduate who appears to have written about Unabomber online

· Suspect in fatal shooting of UnitedHealthcare CEO Brian Thompson ID’d as Luigi Mangione, an ex-Ivy League student

· Luigi Mangione’s sprawling family found success after patriarch’s rise

· Health insurers step up security, scrub websites of leadership information

· UnitedHealth CEO says insurer will continue to prevent ‘unnecessary care’ in leaked video as sick trolls warn, ‘Dude’s next’

· What Companies Should Be Asking Their Security Teams Right Now

· A timeline of the fatal shooting of UnitedHealthcare CEO Brian Thompson and search for his killer

· UnitedHealth CEO's killing unleashes social media rage against insurers

· UnitedHealthcare CEO kept a low public profile. Then he was shot to death in New York

· Bullets fired at healthcare CEO in fatal shooting had words carved on them

· Message on bullets fired by healthcare CEO’s assassin bear eerie link to book condemning insurance companies

· Copycat, Contagion, and the Robin Hood Effect as Risk Enhancers in Targeted Violence

Faith-Based Threats

· Terror attack on Bavarian Christmas market foiled by police

· Man in van filled with explosives, guns intended to attack a North Texas church, report states

· FeatherRiver School of Seventh-Day Adventists Shooting:

o 2 kindergarteners wounded and gunman dead after shooting at California religious school

· Five-Eyes security and law enforcement agencies release joint authored analysis of youth radicalization & PDF analysis.

Six password takeaways from the updated NIST cybersecurity framework. Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of more effective protections.

Quick Hits:

· FBI IC3 PSA:Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud

· Russian Woman Arrested In U.S. For Alleged Ties To Russian Intelligence

· NGA: 2024 State Experts Roundtable On Protecting Energy Infrastructure From Physical Attacks

· Manager of Chatham County Company Charged with Skimming Hundreds of Thousands of Dollars From Employer with Fake Invoices

· The California tsunami danger is real. The 7.0 earthquake is wake-up call to prepare.

o 'Swaying back and forth': Magnitude 7 earthquake, aftershocks rock California

o Tsunami warning canceled after strong California earthquake

Salt Typhoon:

o White House says at least 8 US telecom firms, dozens of nations impacted by China hacking campaign

o FCC chair proposes cybersecurity rules in response to China's Salt Typhoon telecom hack

Health:

o What is mystery 'disease x' and why have dozens died in DR Congo?

o Unknown disease kills 143 in southwest Congo, local authorities say

o FINAL REPORT: COVID Select Concludes 2-Year Investigation, Issues 500+ Page Final Report on Lessons Learned and the Path Forward

· Korea arrests CEO for adding DDoS feature to satellite receivers

· Outraged? You’re more likely to share misinformation, study finds

· Romania hit by major election influence campaign and Russian cyber-attacks

· EU orders TikTok to freeze Romanian elections data

· Choosing secure and verifiable technologies

· CISA Releases New Public Version of CDM Data Model Document

Weekly Security Sprint EP 91. Holiday scams, prepping the board / ransomware, and bomb threats Dec 04, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Seasonal Scams!

CISA: Shop Safely This Holiday Season

FTC: Scammers are delivering phishing messages this holiday season

ClouDSEK: Cyber Monday Scams: A Comprehensive Analysis of Threats and Mitigation Strategies

Ransomware & Resilience!

UK NCSC: Cyber Security Toolkit for Boards: updated briefing pack released. New presentation includes voiceover and insights on ransomware attack on the British Library.

Cannabis industry is apparent target of Everest Ransomware, security experts warn

Cannabis-ISAO

eCrime

The costs of ransomware: Cyber attack prompts Stoli Group USA bankruptcy filing

Risky Biz News - Hoboken ransomware attack

Starbucks, Grocers Revert to Manual Processes After Ransomware Attack on Third-Party Software System

Risky Biz News - Bologna FC ransomware attack

The Evolution of BlackBasta Malware Dissemination

Ransomware-driven data exfiltration: techniques and implications

The ransomware attack that started it all. A North Korean hacker group’s attack on Sony Pictures in 2014 was the precursor to today’s global ransomware menace, according to US intelligence community’s ransomware expert, Laura Galante.

Ransomware Roundup - Interlock

Key Considerations for Legal Compliance in Ransomware Recovery

FBI-Wanted Hacker Behind Global Ransomware Attacks Arrested in Russia

Threats to Public Officials and associated risks

Trump administration picks targeted with bomb threats and swatting

FBI Statement Regarding Threats to Nominees and Appointees

Most of Connecticut's delegation in Congress targeted by bomb threats

Jeffries office: Bomb threats made against Dem lawmakers ‘unacceptable’

Arizona Man Sentenced for Making Online Threats Against Public Servants Including Federal Officials

Quick Hits

Live Virtual Presentations on Targeted Violence Prevention. The U.S. Secret Service National Threat Assessment Center (NTAC) is pleased to offer new opportunities to attend live virtual presentations on preventing targeted violence. In these presentations, our expert researchers will share findings and implications from decades of research on targeted violence and offer strategies for preventing acts of violence impacting the places where we work, learn, worship, and otherwise live our daily lives. This list of available virtual training events is regularly updated, and presentation topics change from month to month. Register Here

HSI Investigation Leads to Seizure of $3.5 Million Dollars Stolen in Business Email Compromise Scam

CISA: AI Red Teaming: Applying Software TEVV for AI Evaluations

Biden tightens tech controls on China as clock ticks down

Russian ‘spy ring plotted high-level espionage, including honey traps.’

The Gate 15 Interview EP 52. Angela Haun, ONE-ISAC, good intentions, and Rick Springfield Nov 25, 2024

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Angela Haun. Angela is the Executive Director with the Oil and Natural Energy Information Sharing and Analysis Center (ONE-ISAC). Appointed as ONE-ISAC Executive Director in September 2018, Angela is a retired FBI Special Agent with extensive experience in cybersecurity and protecting critical assets. Since joining the ONE-ISAC, she has expanded the ONE-ISAC’s membership with a Strategic Partnership Pilot Program, bringing new organizations, expertise, resources and funding to support the ISAC’s efforts. In addition, Angela has been a subject matter expert speaker, organizer and participant in numerous energy-related conferences, briefings, exercises, meetings, webinars and other events. Ms. Haun is actively pursuing upgraded technologies and additional benefits for ONE-ISAC member analysts and executives.Prior to her work in support of ONE-ISAC, Angela served over twenty years at the FBI. Learn more about Angela on LinkedIn.

“Potential gets me so excited!”

In the discussion Angela and Andy discuss:

Angela’s Background.
ONG-ISAC background.
The new, ONE-ISAC.
Private-public partnership.
Good intentions, unintended consequences.
An increasing appreciation of OT security.
Destructive attacks.
Building Resilience.
We play Three Questions and discuss playing golf course, the U.S. Capitol, and Rick Springfield, Jessie’s Girl!

Selected links:

ONE-ISAC. ONE-ISAC serves as a central point of coordination and communication to aid in the protection of exploration and production, transportation, refining, and delivery systems of the ONE industry, through the analysis and sharing of trusted and timely cyber threat information, including vulnerability and threat activity specific to ICS and SCADA systems.
Critical Infrastructure Security and Resilience Month
Critical Infrastructure Security and Resilience Month Toolkit
The Gate 15 Interview: Jeff Troy, President, Aviation ISAC, on public service, cybersecurity, understanding threats (and... colonizing the ocean?), 23 Aug 2023

Weekly Security Sprint EP 90. CISA future, more liability, and password problems Nov 20, 2024

In this week's Security Sprint, Dave and Andy covered the following topics.

Warm Start:

• Auto-ISAC: Thomas Farmer Assumes Position as Director of Operations

• News from the Auto-ISAC Cybersecurity 2024 Summit

• Follow Up from last Sprint: FBI Statement Regarding Offensive Text Messages

o Bigoted text messages after Trump victory also targeted Latinos, LGBTQ+ communities, FBI says

o FBI investigates new wave of offensive messages targeting Hispanic, LGBTQ people

• Groundbreaking Framework for the Safe and Secure Deployment of AI in Critical Infrastructure Unveiled by Department of Homeland Security

• Media Advisory: Chairman Green Announces Worldwide Threats Hearing Featuring DHS Secretary Mayorkas, FBI Director Wray, NCTC Acting Director Holmgren: November 20, 2024, at 10:00 AM ET

• Senate Judiciary Committee: Big Hacks & Big Tech: China’s Cybersecurity Threat: November 20, 2024, at 2:00 PM ET

Main Topics:

Homeland Security Transitions. Rand Paul has plans to kneecap the nation’s cyber agency. The incoming chair of the Senate Homeland Security Committee has pledged to severely cut the powers of the Cybersecurity and Infrastructure Security Agency or eliminate it entirely.

• CISA Director Jen Easterly to depart on Inauguration Day

• House Homeland Releases “Cyber Threat Snapshot” Highlighting Rising Threats to US Networks, Critical Infrastructure

• Joint Statement from FBI and CISA on the People's Republic of China (PRC) Targeting of Commercial Telecommunications Infrastructure

• Salt Typhoon: T-Mobile Hacked in Massive Chinese Breach of Telecom Networks

• Salt Typhoon: Intelligence community briefed Congress on Chinese telecom intrusions

• Volt Typhoon rebuilds malware botnet following FBI disruption

• China's Hacker Army Outshines America

Liability: Legal Report: A Michigan Agency Agrees to $13 Million Settlement Concerning Surprise Active Shooter Drill.

Cyber Resilience:

• NordPass: Top 200 Most Common Passwords.

• 2023 Top Routinely Exploited Vulnerabilities. PDF: AA24-317A 2023 Top Routinely Exploited Vulnerabilities

Quick Hits:

• Palo Alto! Risky Biz News: Unpatched zero-day in Palo Alto Networks is in the wild.

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

o CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability

o CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability

• EPA: Management Implication Report: Cybersecurity Concerns Related to Drinking Water Systems.

o US EPA report cites cybersecurity flaws in drinking water systems, flags disruption risks and lack of incident reporting

o Drinking water systems for 26M Americans face high cybersecurity risks

• Moody’s Cyber Heat Map flags extreme cyber risks for critical infrastructure, impacting telecommunications and airlines

• 35 dead as driver hits crowd at sports center in southern Chinese city

• ODNI - Potential Global Economic Consequences of a Use by Russia of Nuclear Weapons in Ukraine

• Australia-Japan-United States Trilateral Defense Ministers' Meeting November 2024 Joint Statement

• Justice Department Announces Murder-For-Hire and Related Charges Against IRGC Asset and Two Local Operatives

• Iranian “Dream Job” Campaign 11.24

• Fans scuffle despite heavy security presence at France-Israel soccer match

• Hate, Extremism & Terrorism:

o Houston man charged with attempting to provide material support to ISIS

o The FBI says it stopped a possible terrorist attack in Houston

o California Teenager Pleads Guilty in Florida to Making Hundreds of ‘Swatting’ Calls Across the United States

o Nazi Group Marches Through Ohio Town

o Germany: 17-year-old arrested over alleged terror plot

o Teens accused of plotting to bomb pro-Israel rally on Parliament Hill

o Man dead after explosions outside Brazil supreme court ahead of G20

Nerd Out EP 53. Holiday celebrations and threats, plus favorite things to eat and watch Nov 19, 2024

In the latest episode of Nerd Out, Dave is joined by Bridget Johnson and Joe Levy to do their annual talk about holiday threats and ways to be ever vigilant. Then they talked about their favorite foods and things to watch.

Joe Levy is the Assistant General Manager at the Barclays Center.

Bridget Johnson is a terrorism and extremism expert who has decades worth of experience analyze threat activities.

Weekly Security Sprint EP 89. Post election texts, terror arrests and threats, and compromised emails Nov 12, 2024

In this week's Security Sprint, Dave and Andy covered the following topics.

Warm Start:

• US cybersecurity chief says disinformation surge hasn't impacted election

• FBI Statement About Fabricated Videos and Statements Falsely Attributed to the FBI.

• Food and Agriculture Sector Eyes Cybersecurity Threats

• Food and Ag Sector 2024 Cyber Threat Report (PDF)

Main Topics:

Black people are receiving racist text messages about picking cotton 'at the nearest plantation.' The FBI and the FCC have weighed in on the messages that multiple Black people across the country received on Wednesday.

• FBI Statement on Offensive and Racist Text Messages

• FB-ISAO reports Antisemitic text messages

• Louisiana attorney general reveals new findings on racist texts

• Text service says it shut down accounts allegedly behind racist messages

Be security curious amid enduring extremism & terrorism threats, mass gatherings:

• Man Arrested and Charged with Attempting to Use a Weapon of Mass Destruction and to Destroy an Energy Facility in Nashville

• Cholo Abdi Abdullah Convicted for Conspiring to Commit 9/11-Style Attack at the Direction of Al Shabaab

• Florida Man Indicted for Posting Threats on the Internet

FBI Cyber Threat Updates:

• Easy Access to Information for Conducting Fraudulent Emergency Data Requests Impacts US-Based Companies and Law Enforcement Agencies. As of August 2024, FBI noted an uptick in criminal forum posts regarding conducting fraudulent emergency data requests and is releasing this notification for industry awareness. Cybercriminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes.

• HSI and Partners Announce Return of $1.8 Million Stolen During Business Email Compromise Scam

Quick Hits:

• Israel to collect soccer fans from Amsterdam after apparent antisemitic attacks

• Israeli soccer fans attacked in Amsterdam, in what Dutch authorities call antisemitic incidents

• Dave’s Severe Weather threat and preparedness reminders

• China Hack Enabled Vast Spying on U.S. Officials, Likely Ensnaring Thousands of Contacts

• U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack

• Russia Suspected of Plotting to Send Incendiary Devices on U.S.-Bound Planes

• Mystery fires were Russian 'test runs' to target cargo flights to US

• Halliburton misses profit estimate, buyback target as cyber attack hurts. Halliburton missed Wall Street estimate on a previously disclosed cyber hack that forced the oilfield services provider to pause a share repurchase program, executives said on Thursday.

• Unwrapping the emerging Interlock ransomware attack

• NEWPARK RESOURCES INC. Newpark Resources, Inc. is a worldwide provider of value-added drilling fluids systems and composite matting systems used in oilfield and other commercial markets. NEWPARK’s 8K.

• Major Oilfield Supplier Hit by Ransomware Attack

• 764 Terror Network Member Richard Densmore Sentenced to 30 Years in Prison

Weekly Security Sprint EP 88. Elections, Liability, and Off-boarding. Nov 05, 2024

In the latest Security Sprint, Dave and Andy covered the following topics.

Warm Start.

• CISA: Critical Infrastructure Security and Resilience Month 2024. “Resilience means doing the work up front to prepare for a disruption, anticipating that it will in fact happen, and exercising not just for response but with a deliberate focus on continuity and recovery, improving the ability to operate in a degraded state, and significantly reducing downtime when an incident occurs.”

o A Proclamation on Critical Infrastructure Security and Resilience Month, 2024

o Biden declares November as critical infrastructure security and resilience month, calls safeguarding these systems

• FS-ISAC: Ransomware Essentials. A Guide for Financial Services Firm Defense (PDF)

Main Topics:

Election Week!

• Joint ODNI, FBI, and CISA Statement.

• US cybersecurity chief says disinformation surge hasn't impacted election

• CISA: Election Security Rumor vs. Reality

• Georgia Poll Worker Arrested for Making Bomb Threat to Election Workers

• FBI PSA: Scammers Exploit 2024 US General Election to Perpetrate Multiple Fraud Schemes

• Colorado accidentally put voting system passwords online, but officials say election is secure

• Joint ODNI, FBI, and CISA Statement on Russian Election Influence Efforts (01 Nov).

Liability:

• Attorney General James Secures $2.25 Million from Capital Region Health Care Provider to Protect Patient Data

• HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $500,000

• HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000

Insider Threats! Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information

Quick Hits:

• Wiz CEO says company was targeted with deepfake attack that used his voice

• Ripple effect: the devastating impact of data breaches

• Canadian Centre for Cyber Security - Cyber Security Readiness

• Defendants with Ties to White Supremacy Sentenced in Connection with Plot to Destroy Energy Facilities

• United States Welcomes the United Kingdom’s Actions Against Known Purveyors of Kremlin Disinformation

• Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives

• Army of bots promotes petrostate hosting global climate talks

• Reset Tech Investigation - Clickbait Cures: How Meta and Google Tolerate a Dubious Meds Market in the EU

• Fitness app Strava gives away location of Biden, Trump and other leaders, French newspaper says

• Meet Interlock — The new ransomware targeting FreeBSD servers

• Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

• Spain floods disaster: death toll rises to 205 as extra troops mobilised

• Biden Administration Announces Additional Security Assistance for Ukraine

• Iran Tells Region ‘Strong and Complex’ Attack Coming on Israel

• Cybersecurity Advisory – Threats Posed by Remote Technology Workers with Ties to Democratic People’s Republic of Korea

• Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments

• New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad

• Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication

• Canadian Centre for Cyber Security - National Cyber Threat Assessment 2025-2026

• Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats

• Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

• Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

Weekly Security Sprint EP 87. AI, MDM, Elections and Hiring Risks Oct 29, 2024

In this week's Security Sprint, Dave and Andy covered the following topics.

Warm Start:

Organizational Cyber Security Culture

• The Gate 15 Interview – Rob Sherman on CISOs: “Focus on risk, focus on resilience.” Plus: A Salt and Pepper America, burnout, beta, and more!

• TribalHub x Gate 15: Organizational Cyber Culture Meets Concert Moments & The Gate 15 Interview – TribalNet! Building a Cybersecurity Culture, Tribal-ISAC, and how we rock!

Memorandum on Advancing the United States’ Leadership in Artificial Intelligence; Harnessing Artificial Intelligence to Fulfill National Security Objectives; and Fostering the Safety, Security, and Trustworthiness of Artificial Intelligence

• Statement from National Economic Advisor Lael Brainard on National Security Memorandum (NSM) on Artificial Intelligence (AI)

• FACT SHEET: Biden-⁠Harris Administration Outlines Coordinated Approach to Harness Power of AI for U.S. National Security

• Biden administration urges US agencies to ‘harness’ AI systems for national security

• White House will order Pentagon and intel agencies to increase use of AI

• US to unveil AI national security memo to avoid China’s ‘strategic surprise’

Main Topics:

Info Ops

• Russian propaganda exploits US hurricane response to undermine FEMA and Ukraine support.

2024 Elections

• Joint ODNI, FBI, and CISA Statement.

• Pennsylvania officials rebut false voter fraud claims from home and abroad

• U.S. officials say Russia smeared Tim Walz, might stoke post-vote violence

• American creating deepfakes targeting Harris works with Russian intel, documents show

• CISA Launches #PROTECT2024 Election Threat Updates Webpage

• Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications

• Chinese Hackers Are Said to Have Targeted Phones Used by Trump and Vance

• Foreign threats to the US election are on the rise, and officials are moving faster to expose them

• Election Security Update as of Late October 2024

• Foreign Threats to US Elections After Voting Ends in 2024

• Foreign influence operations will expand before election and linger afterward, US agencies say

• Recorded Future: Operation Overload Impersonates Media to Influence 2024 US Election

• Microsoft: As the U.S. election nears, Russia, Iran and China step up influence efforts

• Justice Department Announces Four Cases Brought by Election Threats Task Force

• Secretary of State’s Office says they stopped cyberattack aimed at crashing voter website

• Wisconsin sued over voting system’s allegedly weak cyber protections

• Philadelphia Resident Charged for Election-Related Threat to State Party Representative

• Maine man made homemade bombs and dropped some from drones, officials say

• Dr. Paul Requests Information On DHS & CISA’s Participation At Election Day Cybersecurity Conference

Quick Hits:

Terrorism

• Arizona grand jury indicts juvenile for planning attack at Phoenix Pride Festival

• Maryland Man Charged With Attempting To Provide Material Support To ISIS

• Suburban Chicago Man Sentenced to 18 Years in Prison for Trafficking Fentanyl and Attempting To Support ISIS

Ransomware:

• Black Basta ransomware poses as IT support on Microsoft Teams to breach networks

• New Iranian-based Ransomware Group Charges $2000 for File Retrieval

• Japanese Man Convicted of Making Virus Using AI; Likely 1st Person in Japan to be Convicted in Criminal Case for Abusing Generative AI

• New Qilin.B Ransomware Variant Boasts Enhanced Encryption and Defense Evasion

• Crystal Rans0m: Rust-Based Hybrid Ransomware

• Avast Releases Free Decryptor for Mallox Ransomware

• Decrypted: Mallox ransomware

• Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action

• Embargo ransomware: Rock’n’Rust

• macOS NotLockBit | Evolving Ransomware Samples Suggest a Threat Actor Sharpening Its Tools

• Akira Ransomware Evolution: A move towards cross-platform adaptability

The Gate 15 Interview EP 51. Rob Sherman on CISOs: “Focus on risk, focus on resilience.” Plus: A Salt and Pepper America, burnout, beta, and more! Oct 28, 2024

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Rob Sherman. Rob is the Chief Information Security Officer (CISO) for American Tower Corporation, a global digital infrastructure provider. Among his role and responsibilities, he established the global information security program responsible for governance, risk, compliance and security operations for the company’s corporate and line-of-business operations. Among his many hats, Rob is a CISO, attorney, cyber program builder, involved in incident response, with over 25+ years of it and infrastructure experience. Learn more about Rob: LinkedIn

In the discussion Rob and Andy discuss:

Rob’s Background.
Organizational Culture
Leaning into resilience
Ransomware
What worries Rob Sherman
Burnout in cybersecurity
Three Questions - beta tapes, Top Gun, a Salt and Pepper America and more!

Weekly Security Sprint EP 86. Election security, arrests, and exercises Oct 23, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Election 2024:

Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of the efforts posed by foreign threat actors to spread disinformation in the lead up to, and likely in the days following, the 2024 U.S. general election. Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle

CISA:

DOJ:

USGS: (Some) Assembly Required. How to sign your organization up for the Great ShakeOut.

Quick Hits

Weekly Security Sprint EP 85. Election security, ransomware, and conspiracies Oct 14, 2024

In this week's Security Sprint, Dave covered the following topics.

Warm Start - the importance of taking time off.

Topics.

1. Election Security.

Trump campaign event arrest.
Arrest for an election day attack. https://www.voanews.com/a/afghan-charged-in-election-day-terror-plot-passed-multiple-screenings/7818235.html
CISA is ready. https://www.unomaha.edu/ncite/news/2024/10/cisa-at-ncite.php

2. Ransomware.

Ransomware in 2024: Latest Trends, Mounting Threats, and the Government Response. https://www.trmlabs.com/post/ransomware-in-2024-latest-trends-mounting-threats-and-the-government-response

3. Conspiracy Theories.

Suspect arrested after reports of threats toward FEMA operations in North Carolina. https://www.cnn.com/2024/10/14/us/fema-helene-north-carolina-reported-threats/index.html
‘It’s mindblowing’: US meteorologists face death threats as hurricane conspiracies surge. https://www.theguardian.com/us-news/2024/oct/11/meteorologists-death-threats-hurricane-conspiracies-misinformation

Nerd Out EP 52. The return of Bridget and talk of election security, and global terrorism Oct 14, 2024

In the latest episode of Nerd Out, Dave welcomed back a friend of the pod, Bridget Johnson! Bridget caught everyone up on her latest work and new ventures before the two talked about the upcoming election and potential for violence. They transitioned to global terrorism and the potential risks associated with the continued conflict in the Middle East.

Bridget is a part of the McCrary Institute. You can sign up for their products at:

Newsletter signup - https://lp.constantcontactpages.com/sl/fS5OMD4/mccrarysignup
Pods - https://www.youtube.com/@McCraryInstitute

Weekly Security Sprint EP 84. Anniversary PSA, Milton, and MDM Oct 08, 2024

In the latest episode of the Security Sprint, Dave goes solo and talks about the following topics.

Warm Start - the importance of exercises.

October 7th Anniversary PSA.

IC3 PSA: Anniversary of October 7, 2023, Hamas Attacks May Motivate Individuals to Violence in the United States
The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) are issuing this Public Service Announcement to highlight potential threats in the United States from a variety of actors in response to the one-year anniversary of the HAMAS attacks on Israel on October 7, 2023, and consistent calls by foreign terrorist organizations (FTOs) to their supporters seeking to provoke violence in the West.

Hurricane Milton Preparedness and looking ahead.

MDM and Disaster Scams. NWS: Hurricane Milton Approaching Florida. Milton continues to intensify in the Gulf of Mexico today. Heavy rainfall ahead of Milton continues today with localized flooding concerns. This hurricane will approach the west coast of Florida during the middle of the week. Significant impacts are likely with a large and powerful hurricane at landfall in Florida, with life-threatening hazards along portions of the coastline.

Weekly Security Sprint EP 83. Helena recovery, Crimes report, and CSAM Oct 01, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Open

Water, Water, Everywhere!

§ WaterISAC – EPA: National Security Information Sharing Bulletin

§ WaterISAC - Cybersecurity Fundamentals for Water and Wastewater Utilities

§ WaterISAC: Incident Awareness – Ransomware Attackers Target Kansas Water Treatment Facility

§ Kansas water plant cyberattack forces switch to manual operations

§ WaterISAC: EPA’s Hazard Mitigation for Natural Disasters: A Starter Guide for Water and Wastewater Utilities

§ Fears of Weakness in Water Cybersecurity Grow After Kansas Attack

§ WaterISAC: Potential Supply Chain Impacts from East Coast and Gulf Coast Labor Negotiations (Updated September 26, 2024)

§ Deluge of Threats to Water Utilities: Securing Operational Technology Against Cyberattacks

INC Ransomware had a very active weekend! GRIP subscribers saw some of that in the SUN, and see more in this week’s Ransomware and Data Breach Digest and a special Bricklayer AI-informed TARGET Report on INC Ransomware.

Main Topics

Severe Weather, Hurricane Helene, and Resilience Planning.

Crime

CSAM. A Proclamation on Cybersecurity Awareness Month, 2024.

Quick Hits

JCAT First Responders Toolbox: Enhancing Bystander Reporting to Prevent Terrorism
UK NCSC: Multi-factor authentication for your corporate online services
NZ NCSC - Joint Guidance: Detecting and mitigating Active Directory compromises
CISA Warns of Hurricane-Related Scams.
Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity,
Consumer Financial Protection Bureau's Frauds and scams, and
CISA’s Phishing Guidance, Stopping the Attack Cycle at Phase One to help organizations reduce likelihood and impact of successful phishing attacks.
Wifi suspended at big UK train stations after ‘cybersecurity incident.’
Israel issues warnings, guidelines for travel abroad ahead of Jewish holidays
Indictment Alleges the Activity Was a More Recent Phase of a Wide-Ranging Hacking Conspiracy in Support of IRGC Targeting of Current and Former U.S. Officials
Iranian hackers indicted Friday allegedly sought to impersonate Ginni Thomas as they targeted Trump campaign
Treasury Sanctions Iranian Regime Agents Attempting to Interfere in U.S. Elections
Rewards for Justice: Election interference Individual - IRGC Hackers, up to $10 Million
Election Security Update as of Mid-September 2024: 45 Days Until Election 2024.
Staying a Step Ahead: Mitigating the DPRK IT Worker Threat
Iran was behind thousands of text messages calling for revenge over Quran burnings, Sweden says
Maryland Woman Sentenced for Conspiring to Destroy the Baltimore Region Power Grid
Patch for Critical CUPS vulnerability: Don't Panic
Neo-Nazis are using AI to rebrand Hitler for a new generation
Axios Vibes: Americans blame politicians for misinformation
Neo-Nazi Telegram Users Panic Amid Crackdown and Arrest of Alleged Leaders of Online Extremist Group
Man threw explosive device inside California courthouse on day of arraignment
Republican Homeland Security Committee bill set to combat CCP cyber threats, boost cyber resilience

The Gate 15 Interview EP 50. TribalNet! Building a Cybersecurity Culture, Tribal-ISAC, and how we rock! Sep 23, 2024

In this episode of The Gate 15 Interview, we’re mixing things up! Andy Jabbour recorded this session onsite at TribalNet 2024 with TribalHub’s Senior Marketing & Communications Manager, Michelle Bouschor, who took over as moderator. They were joined byAdam Gruscynski, IT Director, Potawatomi Casino Hotel and Tribal-ISAC Steering Committee member and Drew Ludwick, Director of IT Operations, Muckleshoot Casino Resort, to discuss ideas around cybersecurity and organizational culture.In the discussion the group discusses:

Organizational culture and what makes a cyber strong organizational culture.
Tribal-ISAC! What it is, how it’s like other ISACs, what makes it special.
How to build a strong organizational culture and the importance of leadership buy-in and taking things in “chewable bites.”
Why we love TribalNet!
Some of our favorite concert experiences – some we shared as we talked from Linkin Park to Snoop.
And more, of course!

Selected Links:

Michelle Bouschor. With 15 years of experience in tribal casino marketing, tribal government public relations, media, and community relations, I’ve honed my skills in navigating the unique landscape of indigenous communities. For the past 5 years, I’ve proudly contributed to TribalHub, leveraging my expertise to empower tribal entities through innovative solutions and strategic partnerships. Passionate about fostering collaboration and growth within tribal communities, I’m dedicated to driving positive change and sustainable development.
· Michelle on LinkedIn

Adam Gruscynski. Responsible for the day-to-day operations of the IT Department for Potawatomi Casino Hotel while ensuring all of the technology needs, whether current or future, of the organization are met. Adam joined Potawatomi Casino Hotel in 2008. During his time at PCH, Adam has gained an abundance of experience by taking on various roles including IT Security Manager, Senior Cybersecurity Engineer, Lead Network Administrator, Network Administrator, and Application Administrator. Prior to PCH, Adam was Network Engineer at the Milwaukee Journal Sentinel where he began his career as Help Desk Intern.
· Adam on LinkedIn

Drew Ludwick. A seasoned IT executive with over 25 years of progressive leadership experience in technology management, specializing in cybersecurity, strategic planning, and technology governance. Known for shaping and executing technology strategies aligned with business goals, leading diverse technology teams, and fostering innovation.
· Drew on LinkedIn

Nerd Out EP 51. Assassination attempts and DVE, planning for fall and winter activities, and pager warfare. Sep 19, 2024

In the latest episode of Nerd Out, Dave and Alec covered the following areas when Dave wasn't having technical issues.

The second assassination attempt and what it means for DVEs and venue security.
Recent Terrorgram arrests.
Planning for outdoor events in the fall and winter.
Israel's pager attack and the impact for third party protection.
Nerd news talking Marvel, Star Wars, and why we haven't watched Rings of Power.

Weekly Security Sprint EP 82. Assassination, BEC, and All-Hazards Sep 17, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

TribalNet!
TLP:CLEAR | FB-ISAO Newsletter. The September 2024 Newsletter has been directly distributed to members and may be accessed here.

Main Topics:

Assassiination / Election Security:

FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of attempts to undermine public confidence in the security of U.S. election infrastructure through the spread of disinformation falsely claiming that cyberattacks compromised U.S. voter registration databases. PDF.
CISA: Physical Security Checklist for Election Offices and Election Infrastructure Cybersecurity Readiness and Resilience Checklists
2025 Counting and Certification of Electoral Votes Designated a National Special Security Event

BEC. Business Email Compromise: The $55 Billion Scam. The BEC scam continues to target small local businesses to larger corporations, and personal transactions while evolving in their techniques to access those business or personal accounts. Between December 2022 and December 2023, there was a 9% increase in identified global exposed losses. In 2023, the IC3 saw a growth in BEC reporting where funds were sent directly to a financial institution housing custodial accounts held by third-party payment processors, or peer-to-peer payment processors, and cryptocurrency exchanges which directly contributed to the increase in global exposed losses. IC3 data shows the BEC scam has been reported in all 50 states and 186 countries, with over 140 countries receiving fraudulent transfers. Based on the financial data reported to the IC3 for 2023, international banks located in the United Kingdom and Hong Kong often acted as an intermediary stop for funds, followed by China, Mexico, and the UAE. The following BEC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between October 2013 and December 2023:

o Domestic and international incidents: 305,033

o Domestic and international exposed dollar loss: $55,499,915,582

o Total U.S. victims: 158,436

o Total U.S. exposed dollar loss: $20,089,561,364

o Total non-U.S. victims: 6,546

o Total non-U.S. exposed dollar loss: $1,638,490,375

All-Hazards. The disaster no major U.S. city is prepared for. Experts warn this type of catastrophe — a combined power outage with a heat wave — is a scenario that cities and states are unprepared for. “I don’t think it’s likely — I think it’s an absolute certainty,” said Brian Stone, a professor and director of the Urban Climate Lab at the Georgia Institute of Technology. “I think it’s an absolute certainty that we will have an extreme heat wave and an extended blackout in the United States.”

Quick Hits:

Weekly Security Sprint EP 81. Arrest and Disruption Tuesday - hostile events, terrorgram, and more. Sep 10, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

Press Release! Gate 15 Partners with Cyware to Enhance Cybersecurity and Homeland Security Resilience. Gate 15's Resilience and Intelligence Portal (GRIP) now leverages the robust capabilities available in Cyware's Collaborate platform to provide the homeland security community with all-hazards technology-enhanced, human-driven analysis products.

Main Topics:

Physical Threats, Notable Dates:

· Pakistani National Charged for Plotting Terrorist Attack in New York City in Support of ISIS

· Man Plotted to Kill Jews in New York on Oct. 7 Anniversary, U.S. Says

· Man Arrested For Making Threats To Elected Officials

· U.S. charges Hamas leaders with terrorism, citing Oct. 7 attack

Terrorgram Arrests

· Leaders of Transnational Terrorist Group Charged with Soliciting Hate Crimes, Soliciting the Murder of Federal Officials, and Conspiring to Provide Material Support to Terrorists

· Feds say white supremacist leaders of "Terrorgram" group plotted assassinations, inspired attacks

Influence Ops

· Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere.

· Info Ops: ODNI - Election Security Update as of Early September. Foreign actors are increasing their election influence activities as we approach November.

· US seeks to reassure voters that presidential election will be safe.

· Russia focusing on US social media stars to covertly influence voters

· Treasury Takes Action as Part of a U.S. Government Response to Russia’s Foreign Malign Influence Operations

· AP: Right-wing influencers were duped to work for covert Russian influence operation, US says

· Conservative Podcasters Respond to Russian Influence Allegations

· The Record: US indicts two RT employees for alleged Russian disinformation effort

· TV Presenter Who Worked for Channel One Russia Charged with Violating U.S. Sanctions Imposed on Russia

· 2024's triple threats on election disinformation

· TikTok: Continuing to protect the integrity of TikTok through the US elections

· Chinese State-Linked Influence Operation Spamouflage Masquerades as U.S. Voters to Push Divisive Online Narratives Ahead of 2024 Election

· Activists Charged With Pushing Russian Propaganda Go on Trial in Florida

· AI-Fakes Detection Is Failing Voters in the Global South

· Activists Charged With Pushing Russian Propaganda Go on Trial in Florida

Quick Hits:

More Russia:

o FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure

o Exclusive: US sees increasing risk of Russian ‘sabotage’ of key undersea cables by secretive military unit

Georgia: Apalachee High School Shooting:

o 14-Year-Old School Shooter Kills Four and Wounds Nine

o At least nine people were injured. Here’s what else to know.

o What we know about the Georgia high school shooting

o Georgia High School Received Threat Warning Of Shooting Before Gunman Opened Fire: Report

o Father of Teen Suspect Charged in Georgia School Shooting

o Georgia school-shooting suspect struggled with mental health, aunt says

o ASIS: Apalachee High School Shooting: What We Know

o Georgia Gunman Colt Gray Was ‘Ridiculed’ and Called Gay by Bullies at School

o Mother of Georgia suspect is said to have called school before shooting, warning of ‘emergency’

Sextortion

o Sextortion Scams Now Include Photos of Your Home.

o Sextortion scam now use your "cheating" spouse’s name as a lure

o Nigerian Brothers Sentenced in Sextortion Scheme that Resulted in Death of Teen

o Nigerian brothers jailed in US for sextortion scam targeting teenagers

o Four Delaware Men Charged with International “Sextortion” and Money Laundering Scheme

Weekly Security Sprint EP 80. The start of alphabet soup with Insider Threat, and National Preparedness, plus election security Sep 03, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

National Insider Threat Awareness Month!

· Insider Threat! Employee arrested for locking Windows admins out of 254 servers in extortion plot

· Insider Threat: Pa. church member accused of stealing $225K from congregation

· GRIP: Insider Threat Awareness -Don't Let Errors Cost You, 28 August 2024

· Palo Alto: Deepfake report: https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/

National Preparedness Month!

Addressing OT cyber risk management threats and attacks with risk registers and tabletop exercises

Election Security:

· Man Charged with Threatening Election Officials, State Judge, and Federal Law Enforcement Agents

Donald Trump Assassination Updates:

o Opening Statement to Media on Updates to the Butler, Pennsylvania, Assassination Attempt Investigation

o FBI Pittsburgh Special Agent in Charge's Remarks to Media on Updates to the Butler, Pennsylvania, Assassination Attempt Investigation

o Would-be Trump assassin saw ex-president as 'target of opportunity.'

o FBI releases photos of the gun used in Trump assassination attempt

· DOD Will Provide Homeland With Support During Presidential Campaigns

· US voters targeted in phishing campaign

· When Get-Out-The-Vote Efforts Look Like Phishing

· Intel officials say they anticipate more hacking attempts as US election nears

· Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024

Quick Hits:

· Two Foreign Nationals Charged in Swatting Conspiracy Targeting Lawmakers, Private Victims, Houses of Worship, and Businesses

· European terror attacks alarm US intelligence, NYPD briefing shows

· CIA official: Suspects in foiled plot to attack Taylor Swift shows aimed to kill ‘tens of thousands.’

· Solingen Stabbing Ignites Fears of Resurgent Jihadism Targeting Germany

· CISA - Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

· Halliburton cyberattack linked to RansomHub ransomware gang

o FBI: RansomHub ransomware breached 210 victims since February

o US agencies warn against ransomware group behind hundreds of attacks in recent months

· KnowBe4 Report Reveals Critical Infrastructure Under Siege with Cyber Attacks Increasing 30 Percent in One Year

· Chinese government hackers penetrate U.S. internet providers to spy

o Lumen: Taking The Crossroads: The Versa Director Zero-Day Exploitation

o Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say

o China’s Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs

· Microsoft: Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

· Cybercrime and sabotage cost German firms $300 bln in past year

· France formally charges Telegram founder, Pavel Durov, over organized crime on messaging app

· Worldwide Trends in COVID-19-Related Attacks Against Healthcare: A Review of the Safeguarding Health in Conflict Coalition Database

· Kasada’s Releases 2024 State of Bot Mitigation Report

· CISA Launches New Portal to Improve Cyber Reporting

· Hate Group’s Anti-Muslim Rhetoric Reflects Anti-LGBTQ+ Conspiracy Theories

· Recorded Future: H1 2024 Check Fraud Report: Geographic Trends and Threat Actor Patterns

Venue Security, The IAVM Podcast Series EP 8. Managing Risk plus: Bobbleheads! Partnerships! and the value of diversity. Sep 02, 2024

In this final episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Byron K. Johnson II, Director of Public Safety and Security, with the Raleigh Convention and Performing Arts Complex, which includes several venues in lovely Raleigh, North Carolina. Raleigh Convention & Performing Arts Complex: “The City is proud to own and manage several marquee venues in the area. Whether you want to see a concert, host a convention, or catch a ballet, we’ve got you covered:

In the discussion Byron and Andy address the concept of a venue, its diverse range of facilities, common and specific risks, and the evolving nature of the industry. They also delved into the aspects of risk management, the importance of understanding unique risks associated with different types of events and facilities, and the role of technology in venue management. In closing, they emphasized the value of diverse perspectives in risk assessment and decision-making, the significance of leadership, and the importance of a strong reputation in the community. Plus:

Byron’s background.
The IAVM Academy for Venue Safety and Security (AVSS) with some name dropping!
Leadership, being open minded, and open to sharing.
The value of risk assessments and bringing in diverse perspectives.
The importance of building relationships with the DHS Protective Security Advisors!
With a kind Byron shoutout to our Gate 15 podcasts and more.

Venue Security, The IAVM Podcast Series has been a collaboration between Gate 15 and the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) as Andy Jabbour speaks with special guests from the IAVM community. This episode is our last in this limited run series.

Weekly Security Sprint EP 79. European events; the importance of information sharing; and are we resilient Aug 27, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

CISA: Shaping the legacy of partnership between government and private sector globally: JCDC

Main Topics:

International Security Incidents:

Forgotten radios and missed warnings: New details emerge about communication failures before Trump rally shooting. The day before the attempted assassination of Donald Trump, a tactical team of local police officers set aside radios for their Secret Service partners so the two agencies could communicate during the former president’s July 13 campaign rally. But those radios were never picked up.

Invest in Resilience! Cyber Resilience Overestimation Leads to Business Continuity Issues, Ransom Payments

Quick Hits:

From cybercrime to terrorism, FBI director says America faces many elevated threats 'all at once'

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection

Alabama Man Pleads Guilty to Detonating an Explosive Device Outside of the Alabama Attorney General’s Office

VFC: Bomb Threats at Jewish Institutions

Bomb threats reported at more than 100 Canadian Jewish institutions

Oregon Man Charged in Swatting and Bomb Threats Scheme That Targeted Jewish Hospitals in New York City and Long Island

Arizona man in custody amid investigation into alleged threats to kill former President Donald Trump

Iran Tries To 'Storm' U.S. Election With Russian-Style Disinformation Campaign

Meta: Taking Action Against Malicious Accounts in Iran

How Russian Trolls Are Trying to Go Viral on X

Trump attorney was targeted by hackers, sources say

‘Several opportunities’ to prevent Maine mass shooting were missed, commission finds

International report confirms record-high global temperatures, greenhouse gases in 2023

Weekly Security Sprint EP 78. Physical security threats, sabotage, and cyber resilience Aug 20, 2024

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

Faith-Based and Israel-Gaza Related Updates: FB-ISAO Newsletter, August 2024.
FB-ISAO: Best Practices for Securing Your Donation Sites
WaterISAC 2023 Year-In-Review

Three Main Topics.

Extremism and Physical Security:

“Dead society”: Tracing the Online Dimension of a Militant Accelerationist-Inspired Attack in
Turkey
Man Arrested for Explosives Threats and Attack on Energy Facility

Sabotage:

UK Sabotage. Countering the Threat of Sabotage Operations to UK Interests and National Security
Germany investigates suspected intrusion, sabotage at military base
Germany investigates possible sabotage of water supply at military base
Poland Says Received German Request To Arrest Suspect In Nord Stream Probe

Cyber Resilience:

Carbon black supplier Orion loses $60 million in business email compromise scam
Attorney General James Secures $4.5 Million from Biotech Company for Failing to Protect
New Yorkers’ Health Data
Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware
disaster

Quick Hits:

Recorded Future: Malign Influence Threats Mount Ahead of US 2024 Elections
NCRI - The CCP’s Digital Charm Offensive
OpenAI: Disrupting a covert Iranian influence operation
X Ran Ads On Five Accounts Pushing Lies and Hate During UK Riots
Far-right influencers turn against Trump campaign
Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to
distinguish who is real online (PDF).
Department of Defense Civilian Employee Charged with Taking Classified Documents
Hackers may have stolen the Social Security numbers of every American. Here’s how to
protect yourself
Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy
Amid Lawsuit
Brian Krebs: NationalPublicData.com Hack Exposes a Nation’s Data
National Public Data reports highly publicized breach affected a total 1.3 million
people
The Slow-Burn Nightmare of the National Public Data Breach
Google: Iranian backed group steps up phishing campaigns against Israel, U.S.
A Single Iranian Hacker Group Targeted Both Presidential Campaigns, Google Says
Arizona Man Pleads Guilty for Making Online Threats Against Public Servants Including
Federal Officials
Suspect identified in break-in at Trump campaign office in Virginia: Sheriff's office
Threat of US Civil Unrest Is Low But Rising, Analysis Finds oOne in five voters and a third of Republicans believe the FBI was behind the
assassination attempt on Donald Trump
Trump's Shooting Rattled QAnon Believers. Then They Doubled Down
Comer Seeks Information from Google and Meta on Potential Censorship of President
Trump Assassination Attempt
Meta warns of troll networks from Russia, Iran ahead of US elections
Fake accounts on Meta pushed conservatives to run for office as independents
HHS: United States Government’s Response to the Clade I Mpox Outbreak in the Democratic
Republic of the Congo and Other Countries in the Region
WHO: WHO Director-General declares mpox outbreak a public health emergency of
international concern.
Earth just had its warmest July on record; July was the globe’s 14th month in a row of
record warmth

The Gate 15 Interview EP 49. Adam Vincent on Bricklayer AI, Artificial Intelligence, Star Trek, and a heart for service Aug 19, 2024

In this episode of The Gate 15 Interview, Andy Jabbour talks with Adam Vincent. Adam Vincent is the Founder & CEO at Bricklayer AI. Bricklayer AI is the first generative AI solution that brings autonomous AI agents and human experts into a single collaborative and effective security team. Bricklayer AI’s security-trained, generative AI agents execute critical security roles, operations, and procedures, empowering organizations to enhance the scale, speed, and sophistication of their security operations, investigate incidents faster and more thoroughly, enrich and analyze threat intelligence more completely, and enforce compliance standards continuously. Additionally, Adam has a long history of delivering leadership to early-stage companies to drive the development and launch of innovative products, create strategic GTM plans to capture explosive growth, enable sales and marketing, accelerate revenues, and increase profitability. Among his notable achievements, Adam:

Founded and built a cybersecurity SaaS firm from $0 to $30M ARR
Achieved 30% revenue CAGR over 5 years from 2016 to 2021
Sold high margin $5M+ revenue government business unit
Achieved an 86% CEO approval score on Glassdoor

Bricklayer AI is the first AI cybersecurity solution that enables autonomous AI specialists to work alongside human experts, to run a smarter, faster, and more effective security operations team. With Bricklayer AI, multiple independent AIs collaborate and use AI tools to accomplish complex cybersecurity procedures, all controlled using natural language. AI Security Analysts, AI Threat Intelligence Analysts, and AI Incident Responders add speed, augment and accelerate security teams’ capabilities in order to stay ahead of today’s most sophisticated AI-enabled threats. Learn more at bricklayer.ai.

In the discussion Adam and Andy discuss:

Adam’s Background
Bricklayer Basics: What is Bricklayer AI?
AI 101.
Bricklayer vs. Common LLMs.
BlackHat 2024.
What’s next for future of Bricklayer AI and artificial intelligence.
Three Questions!
Star Trek, a heart for service, boating, and more.

Selected links:

⁠Bricklayer AI⁠. Build your own automated AI security team. Put autonomous AI specialists to work alongside your human experts, to run a smarter, faster, and more effective security operations team.

⁠Bricklayer AI Announces $2.5M Pre-Seed Investment to Bring Autonomous AI Security Analysts into the SOC⁠, 02 May 2024

Weekly Security Sprint EP 77. The top 3 - Swift attack disruption, weatherman, and political violence. Aug 13, 2024

In this week's Security Sprint, Dave and Andy covered to following topics:

Taylor Swift Terrorism Threat:

· Two held in Vienna over Taylor Swift concert threat

· Taylor Swift concerts in Vienna canceled after Austrian police say foiled terrorist plot targeted shows

· Officials say suspects in foiled plot at Taylor Swift shows hoped to kill as many people as possible

· Taylor Swift ISIS suspects ‘hired as guards’ wanted ‘to bomb gig & mow down fans’ before terror plot foiled by US spies

· Taylor Swift concert terror suspect, 17, began working at venue days before foiled plot, say police

· Alleged Taylor Swift terror plot fits a worrying trend as ISIS targets teens online

· Suspect in Taylor Swift Vienna concert plot confessed to planning suicide attack, officials say

· Taylor Swift ISIS bombing suspect pictured holding dual knives as chilling details of terrorist plot revealed

· After Vienna threat: Music venues as terrorist targets

· Taylor Swift concert terror plot suspect sought to kill self and 'as many people as possible,' officials say

· Iraqi teen held in Vienna after Taylor Swift attack plot foiled

· Officials say suspects in foiled plot at Taylor Swift shows hoped to kill as many people as possible

Hurricanes & Severe Weather.

· CSU's 2024 Atlantic seasonal hurricane forecast was released on 4 April and updated on 6 August

· NOAA: Highly active hurricane season likely to continue in the Atlantic

· Debby finally moves out of the US, some flooding risk and power outages remain

· NOAA: Nation hit with record heat, wildfires and Hurricane Beryl in July

Election Security & Broader Considerations

· Microsoft: Iran Targeting 2024 US Election.

· Iran uses fake news sites to interfere in U.S. election, Microsoft says

· We received internal Trump documents from ‘Robert.’ Then the campaign confirmed it was hacked

· Trump campaign says it is victim of foreign hack after leak of Vance report

· The Hacking of Presidential Campaigns Begins, With the Usual Fog of Motives

· DOJ: Pakistani National with Ties to Iran Charged in Connection with Foiled Plot to Assassinate a Politician or U.S. Government Officials

o Pakistani national with ties to Iran charged in connection to a foiled assassination plot potentially targeting Trump

· Winchester Man Arrested for Making Threats Against Vice President

· Virginia man charged with threatening to kill Vice President Kamala Harris

· CAIR Welcomes Charges Against Man Who Allegedly Made Death Threats Targeting VP Harris, Previously Threatened Muslims

Quick Hits:

· CrowdStrike: Channel File 291 Incident: Root Cause Analysis is Available. Read the findings, mitigations and technical details of the Channel File 291 incident.

· Ransomware & Data Breaches:

o Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication.

o Rapid7: Rapid7’s Ransomware Radar Report Shows Threat Actors are Evolving …Fast.

· Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory

· Justice Department Disrupts North Korean Remote IT Worker Fraud Schemes Through Charges and Arrest of Nashville Facilitator

· Research Report: Internet-Connected Industrial Control Systems (Part One)

· White House working on cyber insurance policy proposal for ‘catastrophic’ incidents

· Hackers leak 2.7 billion data records with Social Security numbers

· On the Adoption of the UN Convention Against Cybercrime

· DOJ: Assault of Congregants Outside a Washington D.C. Synagogue Charged as a Federal Hate Crime

· U.S.: SEC ends probe into MOVEit attacks impacting 95 million people

· Critical Infrastructure: Rewards for Justice: CyberAv3ngers.

· White House cyber czar touts regulatory harmonization bill advancing through Congress

Nerd Out EP 50. Venue protection, 2/3 of the year awards, acolytes and dragons! Aug 12, 2024

In the latest episode of Nerd Out, Dave and Alec looked at some recent security concerns related to venues including the cancellation of Taylor Swift concerts in Austria, and sabotage surround the Olympics. Then they moved to the 2/3 of the year awards - congratulations to our winners!

MVP. Secure by Design. https://www.cisa.gov/securebydesign
The Cobra (Sly Stallone) Award (you're the disease, and I'm the cure). Gate 15 GRIP (no shameless plugs).
The Dennis Green (they are who we thought they are). Politically motivated threat actors.
The Aldus Snow (don't forget about me). Ransomware - as if there was another.
Dumpster Fire award - CrowdStrike - despite their up front stance and taking accountability, this is still a big deal.
Scotty Doesn’t Know award (the threat that is lurking within). AI powered BEC. https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html
Avengers Team Up award. Co-winners. Companies helping rural healthcare (https://www.healthcareitnews.com/news/microsoft-and-google-white-house-offers-cybersecurity-tools-rural-hospitals) and the Loudon County Sherrif’s office for helping faith-based organizations.
Heath Ledger Joker award. Accelerationist - they just want to watch the world burn.

Then the nerds go all in on the season and the finale's of the Acolyte and House of the Dragon.

Some of the references from the above topics include:

T Swift Plot

French Infrastructure Attacks

Weekly Security Sprint EP 76. Sabotage, Middle East escalation, check scams, and the weatherman returns Aug 06, 2024

In this week's Security Sprint, Dave covered the following topics:

Warm Start. Sheriff's Office hosts summit focusing on safety at houses of worship

Main Topics.

French coordinated infrastructure sabotage
Middle East tensions and possibility of escalation with implications for the homeland
Writing Paper Checks Is Not Safe: Cyber Security Goes Well Beyond Your Computer or Phone - National Cybersecurity Center
Extreme heat, bone-dry vegetation and human misconduct prompting intense wildfire season
Deadly Tropical Storm Debby begins its Southeast deluge

Venue Security, The IAVM Podcast Series EP 7. Cyber Resilience, the Human Factor and Reducing Risk Aug 05, 2024

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Ross Girouard, Assistant General Manager, Credit Union of Texas Event Center, an over 6,000 fixed-seat multi-purpose indoor arena located in Allen, Texas, north of Dallas, and Michael McDermott, City of Allen, Texas.

Credit Union of Texas Event Center Facebook & X/Twitter
CUTXEventCenter.com

Phishing and common Concerns
Venue-specific cybersecurity considerations
Cyber Resilience!

Network Segmentation!
Phishing Simulation!
Contingency Planning!
Relationships & the Human Factor!
Understanding risk, risk prioritization and risk management!
Balancing convenience and security

Arena football war stories
The criticality of communications
More!

‘If you have a busy IT guy during the event, you’ve got a problem…’-Michael‘Cybersecurity has to be part of your everyday team’-RossIn the discussion we address:

Weekly Security Sprint EP 75. North Korea mischief, and physical security matters Jul 30, 2024

In this week's Security Sprint, Dave and Andy covered the following topics.

North Korea Cyber Threats to U.S. Businesses:

FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity.
North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.
DOJ: North Korean Government Hacker Charged for Involvement in Ransomware Attacks Targeting U.S. Hospitals and Health Care Providers
Microsoft: Onyx Sleet uses array of malware to gather intelligence for North Korea
Google: APT45: North Korea’s Digital Military Machine.
North Korean hacking group targeted weapons blueprints, nuclear facilities in cyber campaigns
KnowBe4: How a North Korean Fake IT Worker Tried to Infiltrate Us

CISA: Resources for Onboarding and Employment Screening Fact Sheet. Resource Materials: Resources for Onboarding and Employment Screening Fact Sheet

Physical Incidents:

Quick Hits

Olympics:

CrowdStrike: Remediation And Guidance Hub: Falcon Content Update For Windows Hosts,

Donald Trump Assassination Attempt: Takeaways from FBI testimony: Trump shooter searched details of JFK assassination and flew drone near rally site

Other items that may be of interest:

Weekly Security Sprint EP 74. Information sharing and resiliency; Crowdstrike, MDM, and Health Jul 23, 2024

In this weeks Security Sprint, Dave and Andy covered the following topics: Warm Start: · FB-ISAO Releases an All-Faiths Analysis of Attacks on U.S. Houses of Worship in 2023. · New Cyware Survey Reveals Critical Gaps in Cybersecurity Threat Intelligence Sharing and Collaboration. · Private-public partnership releases new bank resources for cloud computing adoption. o Financial Sector Cloud Outsourcing Issues and Considerations. Main Topics: CrowdStrike Outage: · CISA: Widespread IT Outage Due to CrowdStrike Update (being updated; update 9:45 a.m., EDT, July 21, 2024) · Canadian Centre for Cyber Security - Alert - Issue impacting CrowdStrike Falcon EDR · UK NCSC: Statement on major IT outage · NZ-NCSC: NCSC statement on global IT outage · CrowdStrike says significant number of devices back online after global outage. o Technical Details: Falcon Content Update for Windows Hosts, 20 Jul · Microsoft: New Recovery Tool to help with CrowdStrike issue impacting Windows endpoints · CrowdStrike CEO George Kurtz speaks out after failed tech update causes worldwide chaos at airports and banks · Microsoft says 8.5M Windows devices were affected by CrowdStrike outage · Brian Krebs: Global Microsoft Meltdown Tied to Bad Crowdstrike Update · Blue Screens Everywhere Are Latest Tech Woe for Microsoft · Don’t Fall for CrowdStrike Outage Scams Donald Trump Assassination Attempt & Associated Physical Security: · FBI, DHS warn of possible retaliation for attack on Trump. · Trump’s would-be assassin researched previous mass shooter Ethan Crumbley and his family before attack. · Gunman Might Have Scoped Out Site Six Days Before Trump Rally. · Secret Service Arrests Florida Man Threatening to Kill Joe Biden. · Roswell Man Indicted for Threatening FBI Director Christopher Wray. · Secretary Mayorkas Delivers Remarks at White House Press Briefing. · TIME: What We Know—and Don’t Know—So Far About the Trump Rally Gunman · Militias Are Recruiting Off of the Trump Shooting Misinfo: o Conspiracy theories spread wildly after the first assassination attempt on a US president in the social media age o One in Three Biden Supporters Think Trump Shooting Might Have Been Staged o 4chan post claiming Secret Service told not to fire on Trump shooter explodes into full-on TikTok conspiracy o Top Conspiracy Theories Around Trump Assassination Attempt Debunked Health: · CDC Confirms Human Cases of H5 Bird Flu Among Colorado Poultry Workers. · In 2 years since the launch of 988, 10 million contacts have been answered · Global childhood vaccination hits plateau, with 35 million not fully protected from measles · UK Covid-19 Inquiry: Resilience and preparedness (Module 1) Ransomware: · CDK hack shows SEC disclosure standards are unsettled · ReliaQuest: Ransomware and Cyber Extortion in Q2 2024 · California officials say largest trial court in US victim of ransomware attack. · Two Foreign Nationals Plead Guilty to Participating in LockBit Ransomware Group Quick Hits: · China seeks space supremacy and to exploit it ‘to our detriment’: US intelligence head · US to issue proposed rules limiting Chinese vehicle software in August · Fragmented and multiplied cybercriminal landscape, warns new Europol report · Europol: Internet Organised Crime Threat Assessment (IOCTA) 2024. · Patagonia invaded privacy by using AI to analyze customer service interactions, lawsuit alleges · CISA Releases Playbook for Infrastructure Resilience Planning. · Software Bill of Materials (SBOM) FAQ Resource. · Why the Pentagon Is Warning That ISIS Attacks Could Double This Year · US says ISIL trying ‘to reconstitute’ amid uptick in Syria, Iraq attacks · Neo-Nazi group demonstrates on Tennessee overpass

The Gate 15 Interview EP 48. ENCRYPTION, part 2. A conversation with Elizabeth Nolan Brown and Jessica Dickinson Goodman: Encryption, privacy and why good intentions aren’t good enough. Jul 21, 2024

In this episode of The Gate 15 Interview, Andy Jabbour talks with Reason Magazine’s Elizabeth Nolan Brown and Jessica Dickinson Goodman in part two of our two-part series on encryption. Jessica and Gate 15 are members of the Global Encryption Coalition.

Elizabeth Nolan Brown. Senior Editor, Reason; President, Feminists for Liberty. Elizabeth Nolan Brown is a senior editor at Reason and the author of Reason’s biweekly Sex & Tech newsletter, which covers issues surrounding sex, technology, bodily autonomy, law, and online culture. She is also co-founder of the libertarian feminist group Feminists for Liberty, and a professional affiliate of the journalism program at the University of Cincinnati. Brown has covered a broad range of political and cultural topics since starting at Reason in 2014, with special emphasis on the politics, policy, and legal issues surrounding sex, speech, tech, justice, reproductive freedom, and women’s rights. She lives in Cincinnati, Ohio, with her husband, sons, and two cats. Andy is a big fan of her cat and family pictures. Read here complete bio at Reason.

LinkedIn
You can find her on most popular social media sites as ENBrown.

Jessica Dickinson Goodman. Jessica Dickinson Goodman is the current chair of the Chapter Seeding Committee of the San Francisco Bay Area ISOC Chapter and past-President, serving in that role for three years. As Board President, encryption protection and education played a major role in her agenda. She ran a monthly tactical tech support webinar series for community members in how to use encryption tools to protect personal privacy in a post-Dobbs world, wrote and published Encryption for Babies, is featured on the front page of the Global Encryption Coalition’s YouTube channel talking about encryption.

In the discussion Liz, Jessica, and Andy discuss:

Liz and Jessica’s backgrounds.
Encryption 101 and why is it important.
What led you to join the Global Encryption Coalition.
Liz’s journalistic background covering sex, tech, privacy and related matters at Reason.
Are we too paranoid?
Law enforcement & legislation & breaking encryption.
STOP CSAM, the EARN IT Act and Section 230.
Protecting children vs. protecting privacy or protecting children and protecting privacy.
Recommendations for law enforcement and legislators.
Three Questions!
And more.

Selected Links:

Global Encryption Coalition. The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. Its mission is to promote and defend encryption in key countries and multilateral fora where it is under threat. The GEC also supports efforts by companies to offer encrypted services to their users.
GEC members
Elizabeth Nolan Brown, selected writings:

Weekly Security Sprint EP 73. The importance of venue security - the assassination attempt, and Copa crisis Jul 16, 2024

In this week's Security Sprint, Dave and Andy talked about the following topics. FB-ISAO Threat Assessment Statement: Threat Levels Remain at Elevated – July 2024 FB-ISAO Updates! FB-ISAO Newsletter, v6, Issue 7 The FB-ISAO FireArms in the House Series: What Did We Learn? WaterISAC Surpasses 600 Members, Strengthening Water and Wastewater Security Nationwide Critical infrastructure organizations want CISA to dial back cyber reporting Real Estate Coalition Raises Concerns Over Cyber Reporting Requirements Briefing 23: Space Sector at Risk as Ransomware Groups and Nation State Actors Collaborate Guarding Health: Errol Weiss on Protecting the Healthcare Sector from Cyber Threats Assassination Attempt FBI, DHS warn of possible retaliation for attack on Trump FBI Update on the FBI Investigation of the Attempted Assassination of Former President Donald Trump Secretary Mayorkas Delivers Remarks at White House Press Briefing Statement From U.S. Secret Service Director Kimberly Cheatle DHS secretary says direct line of sight 'should not occur' in wake of Trump assassination attempt What We Know—and Don’t Know—So Far About the Trump Rally Gunman Rooftop where gunman shot at Trump was identified as a security vulnerability before rally: sources Secret Service investigating how gunman was able to get so close to Trump Local Cop Confronted Trump Gunman Before Shooting—but Backed Away New information emerges on Trump shooting suspect Misinfo: Misinformation spreads swiftly in hours after Trump rally shooting Social Media Platforms Deluged by Unsubstantiated Claims About Trump Rally Conspiracy theories about the Trump rally shooting flourish online Trump Assassination Attempt Sparks Antisemitic Conspiracy Theories and Violent, “Revenge” Rhetoric Far-Right Extremists Call for Violence and War After Trump Shooting Donald Trump talks unity after shooting attempt Copa America final kick-off delayed after fans struggle to enter stadium in Miami Copa America final delayed after hordes of fans climb vents, walls to ‘forcibly enter’ Hard Rock Stadium in chaotic scene Copa América final start delayed after fans rush gates Copa America security disaster ‘not a good look’ for US ahead of World Cup: Alexi Lalas Venue Security, The IAVM Podcast Series: Throwing down the gauntlet with Brendan Farley as we discuss the art and science of crowd management. The Gate 15 Interview: Dr. G. Keith Still on crowd security, drinking whisky, smashing ashtrays in Saudi Arabia, the Land of Ice and Fire, and what not to ask a Scotsman. 24 Jul 2023. Nerd Out Security Panel Discussion: EP 19. Talking Crowd Control and the Holidays – in 2 Parts! Nov 2021. Quick Hits A Globally Integrated Islamic State Tenuous Taliban control gives life to al-Qaida, Islamic State Goldman Sachs: AI Is Overhyped, Wildly Expensive, and Unreliable. Justice Department Leads Efforts Among Federal, International, and Private Sector Partners to Disrupt Covert Russian Government-Operated Social Media Bot Farm TikTok Content Farms Use AI Voiceovers to Mass-Produce Political Misinformation CSU's 2024 Atlantic seasonal hurricane forecast was released on 4 April and updated on 9 July Colorado Reports Three Presumptive Positive H5 Cases in Poultry Workers Bird flu spread to cows takes 'dangerous' step towards infecting humans through respiration, scientists warn AT&T Discloses Breach of Customer Data US and Germany foiled Russian plot to assassinate CEO of arms manufacturer sending weapons to Ukraine New Jersey Man Charged with Soliciting Destruction of Energy Facilities Victims of cyber extortion and ransomware increase in 2024 Orange Cyberdefense: Cy-Xplorer 2024 - When bits turn to blackmail - all about ransomware and cyber extortion Black man dies, crying for help, after hotel guards pin him down, video shows CISA Releases Insider Threat Reporting Templates

Nerd Out EP 49. Foreign Influence, extremism, a top 3, and the Acolyte Jul 10, 2024

In the latest episode of Nerd Out, Dave and Alec went through the recent news talking about the foreign influence that is creating security concerns around the world. Then they looked at the latest extremist news before getting into a new segment that talks to three of their considerations for building a security program. Then they wrapped up digging into the happenings of the Acolyte and what they think may happen in the finale. Some of the articles referenced in the pod include: State sponsor. https://amp.cnn.com/cnn/2024/07/09/politics/intelligence-russian-sabotage-threat-us-bases-europe https://www.cnn.com/2024/06/30/europe/russia-hybrid-war-nato/index.html https://www.atlanticcouncil.org/commentary/testimony/the-urgent-threats-posed-by-the-ira[…]stify-before-the-us-house-committee-on-homeland-security/ https://extremism.gwu.edu/sites/g/files/zaxdzs5746/files/Hezbollah's_Operations_and_Networks_in_the_United_States_June30_2022.pdf Protests. https://abcnews.go.com/US/wireStory/iran-encourages-gaza-war-protests-us-stoke-outrage-111792439 https://www.jpost.com/international/article-807189 https://www.policemag.com/vehicle-ops/news/15670549/group-burns-portland-police-vehicles-over-propalestinian-protests FTO/HVE. https://abcnews.go.com/Politics/foreign-terrorists-targeting-us-increasingly-fbi-director/story?id=109045112 https://www.washingtonpost.com/national-security/2024/07/05/gaza-terrorism-israel-us-intelligence/ https://www.voanews.com/a/new-migration-patterns-fuel-islamic-state-s-plans-for-the-us-/7676413.html https://gnet-research.org/2024/07/04/the-digital-weaponry-of-radicalisation-ai-and-the-recruitment-nexus/ https://www.cbsnews.com/news/more-information-emerges-about-8-tajikistani-men-arrested-for-suspected-isis-ties/ https://nypost.com/2024/07/09/us-news/suspected-jihadist-caught-with-weapons-outside-laguardia-indicted/#:~:text=A%20suspected%20Jihadist%20from%20Queens,with%20his%20license%20plate%20covered. DVE. https://www.militarytimes.com/news/your-military/2024/07/03/toxic-politics-increase-terrorism-extremism-risk-dhs-official-says/ https://abcnews.go.com/US/yellowstone-national-park-shooting-update/story?id=111794858 https://www.cbsnews.com/sanfrancisco/news/san-jose-explosives-arrest-ridder-park-drive/

Weekly Security Sprint EP 72. Sequel week - hurricanes, FBI reports, ransomware Jul 09, 2024

In this week's Security Sprint, Dave and Andy covered the following topics: DHS Announces $18.2 Million In First-Ever Tribal Cybersecurity Grant Program Awards. “For far too long, Tribal Nations have faced digital and cybersecurity threats without the resources necessary to build resilience,” said Secretary of Homeland Security Alejandro N. Mayorkas. Main Topics: Beryl!! & Hurricane Preparedness. Port of Corpus Christi announcement. https://portofcc.com/hurricane-beryl-impact-to-the-port-fully-transitioned-to-post-storm-recovery/ Airline impacts. https://www.cbsnews.com/news/hurricane-beryl-houston-texas-travel-flights-airlines/ Ransomware Ransomware Attack Demands Reach a Staggering $5.2m in 2024 Risky Biz News: Ransomware attacks increase hospital mortality rates Risky Biz News: A ransomware attack is putting lives at risk across South Africa Halcyon Whitepaper: What CFOs Should Know about Ransomware FBI Helps Public to Recognize Signs of Concerning Behavior https://www.fbi.gov/news/stories/behavioral-analysis-unit-asks-public-to-talk-to-someone-you-trust-if-you-notice-concerning-behaviors Microsoft: Combatting AI Deepfakes: Our Participation in the 2024 Political Conventions CDC Reports Fourth Human Case of H5 Bird Flu Tied to Dairy Cow Outbreak Quick Hits: Another far right group marches through downtown Nashville Pa. Capitol evacuated over emailed bomb threat 'Local Residents' Terrorizing City Council Meetings Were Actually Overseas, Feds Allege Europol: Taking action against antisemitism – close to 2 000 pieces of content flagged for removal Fifty violent attacks shock France ahead of crunch vote A Hacker Stole OpenAI Secrets, Raising Fears That China Could, Too Europol coordinates global action against criminal abuse of Cobalt Strike CISA: Guide to Operational Security for Election Officials

Venue Security, The IAVM Podcast Series EP 6: Throwing down the gauntlet with Brendan Farley as we discuss the art and science of crowd management. Jul 08, 2024

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Brendan Farley, Vice President of Operations & General Manager, San Diego Theaters.In the discussion we address:

Brendan’s background.
What Crowd Management is.
Crowd Management training, sharing, learning, exercising.
Managing the dynamic and complexities of the social media environment.
Understanding protests and the importance of de-escalation.
Tom Cruise, Top Gun and throwing down the gauntlet!
Collaboration, collaboration, hyper-collaboration! Leveraging public sector resources.
What’s on Brendan’s mind?
More!

“Safety and security is definitely a team sport.” – Brendan Farley, during our podcastAs discussed in the pod, for additional discussion on this topic, see:
Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

Weekly Security Sprint EP 71. Playing the hits - hurricanes, ransomware, hostile events Jul 02, 2024

In this weeks Security Sprint, Dave and Andy discussed: Warm Start WaterISAC: Cybersecurity Fundamentals for Water and Wastewater Utilities DHS Faith-Based Security Advsory Council. Latest Recommendations: o June 24, 2024 | FBSAC Countering Transnational Repression (TNR) Subcommittee Final Report. With contributions from FB-ISAO’s Mayya Saab. AMWA comments on DHS’ proposed cyber reporting rule · ABA, associations: Proposed cyber reporting rule misses the mark · CISA Misses Mark on Proposed Cyber Incident Reporting Rule Main Topics Beryl! Sea Level Rise!! · Why Hurricane Beryl is a warning of what is to come this season · Beryl rapidly intensifies to become unprecedented Category 4 hurricane in June · Rising sea levels will disrupt millions of Americans’ lives by 2050, study finds Cyber threats, frustrations and celebrating orgs taking a proactive approach to security and resilience! · Join the GRIP! New! The GRIP Interviews: Part Three. Sharing Intel, Building Resilience! · Troy Hunt, HIBP: The State of Data Breaches. “I don't see anything changing any time soon, and anecdotally, it's worse now than it was 5 or 10 years ago.” · ‘I don’t see it happening’: CISA chief dismisses ban on ransomware payments · Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk · Progress Software Releases Security Bulletin for MOVEit Transfer · TeamViewer Trust Center: Security Update – June 28, 2024, 12:10pm CEST · Teamviewer accuses Russia-linked hackers of cyberattack Hate, Extremism, Terrorism · 'They see Tennessee as a battleground.' New data points to dramatic rise of hate in Tennessee · DHS identifies over 400 migrants brought to the U.S. by an ISIS-affiliated human smuggling network · Last of Five Defendants with Ties to White Supremacy and Who Were Charged with Targeting Energy Facility Enters Guilty Plea… · Evidence mounts Islamic State is looking to the US southern border · First Responders Toolbox: Terrorism Prevention Spectrum Social Media & Private Public Coordination · The Supreme Court rules for Biden administration in a social media dispute with conservative states · Chairman Jordan Statement on Murthy v. Missouri Supreme Court Ruling. · Ranking Member Thompson Statement on Supreme Court Decision Murthy v. Missouri. International · US military bases in Europe raise security threat levels · Several US military bases in Europe on heightened alert amid possible terrorist threat · China’s envoy to France labels Taiwanese government ‘rebel regime’ to be expelled ‘at any time.’ Quick Hits USSS: NEW: National Threat Assessment Center (NTAC) Releases Guidance for State & Local Law Enforcement to Prevent Targeted Violence. o Google disrupted over 10,000 instances of DRAGONBRIDGE activity in Q1 2024 o A Russian Propaganda Network Is Promoting an AI-Manipulated Biden Video o Recorded Future: Russia-Linked CopyCop Expands to Cover US Elections, Target Political Leaders o Russia-linked group criticizes Biden, praises Trump in latest influence campaign o Navigating the Misinformation Minefield. Elections in 2024 o Reality Check Commentary: ‘Information Voids’ Cause AI Models to Spread Russian Disinformation · Polyfill Supply Chain Attack Hits Over 100k Websites · Canadian Centre for Cyber Security: Cyber security gudance for democratic institutions: artificial intelligence (ITSAP.00.135) · Canadian Centre for Cyber Security - Tips for backing up your information (ITSAP.40.002) · CISA: Looking Ahead to Better Prepare Today · Key Emerging Risks: Cascading Effects of Natural Disasters, Supply Chain Resilience · The 10 Major Risks Shaping Insurance Today · AI, Economy, Geopolitical Conflicts Lead to Highest Level of Corporate Risk in 12 Years: Report

Weekly Security Sprint EP 70. Shout outs, weather events, resilience, and FBI report Jun 25, 2024

In this week's Security Sprint, Dave and Andy talked about the following topics: Warm Start · Space ISAC! Space industry group warns of escalating cyber threats, outmatched defenses · Secretary Mayorkas Outlines National Priorities for Critical Infrastructure Security and Resilience for Next Two Years · Cannabis ISAO! Navigating cybersecurity in the cannabis industry with the CEO of SideChannel · The GRIP is here! Gate 15’s Resilience and Intelligence Portal now available · “I’ve been paid to kill you but wish to spare you.” Death Threat Email Scams · The Gate 15 Interview – ENCRYPTION, part 1. A conversation with Sharon Polsky and Hanna Bozakov: A magic key to backdoor encryption can’t exist in a free and open society. Main Topics Severe Weather! CDK Global: Highlighting the need for ransomware resilience! o CDK Global outage caused by BlackSuit ransomware attack o Ripple effect from CDK hack widens as more US auto dealers flag hit o After 2 hacks, CDK Global warns customers of social-engineering attacks o ‘It’s like we returned to the Stone Age’: North Bay car dealers weigh in amid cyberattack o With Pen and Paper in Hand, Car Dealers Improvise as Cyber Outage Persists o CDK Starts Restoring Systems After Car Dealer Hack FBI Report. FBI Releases 2023 Active Shooter Incidents in the United States Report, 24 Jun. Active Shooter Safety Resources Shooting at grocery store in Arkansas kills 3 and wounds 10 others, police say Michigan 19-year-old charged after allegedly planning synagogue attack Two French teens charged over terror plot to attack Jewish targets West Boca Raton man threatened mass shooting at synagogue, arrest report says Info Ops: Vlad’s online bot army spewing fake quotes from Lionel Messi, Jennifer Aniston & other celebs in new propaganda campaign Top 10 Generative AI Models Mimic Russian Disinformation Claims A Third of the Time, Citing Moscow-Created Fake Local News Sites as Authoritative Sources China accuses U.S. of "malign intention" to discredit its COVID vaccines ISIS Created Fake CNN and Al Jazeera Broadcasts How Deepfakes May Impact Upcoming Elections Worldwide Deluge of fake news websites threatens to drown out truth during US election Attitudes towards COVID-19 vaccines may have “spilled over” to other, unrelated vaccines along party lines in the United States How AI turned a Ukrainian student into a fake Russian fan of China Overview and key findings of the 2024 Digital News Report Quick Hits Second Edition of NCIRP 2024 Newsletter and upcoming Virtual Listening Session. The preregistration link is here:  https://cisa.webex.com/weblink/register/r9d7d76a2172c4c2948186580e8ac0a79. The Cybersecurity and Infrastructure Security Agency’s (CISA) Chemical Security Assessment Tool (CSAT) was the target of a cybersecurity intrusion by a malicious actor from January 23, 2024, to January 26, 2024. White House: Fact Sheet: Cybersecurity Resources (21 June 2024) GrimResource - Microsoft Management Console for initial access and evasion Canadian Centre for Cyber Security - Protecting high-value information: Tips for small and medium organizations (ITSAP.40.001) Discussions on Deterring Malicious Cyber Activity and the UN Framework of Responsible State Behavior in Cyberspace Five Eyes’ Critical 5 nations focus on adapting to evolving cyber threats to boost critical infrastructure security, resilience CISA: Enhancing Election Security Through Public Communications Scathing report on Medibank cyberattack highlights unenforced MFA US bans Kaspersky software for alleged Russian links New Government Ban on Kaspersky Would Prevent Company from Updating Malware Signatures in U.S. NCC Group Monthly Threat Pulse – Review of May 2024 Don't blame us for people suffering - London hospital hackers Former Colorado Resident Sentenced to Life in Prison for Federal Hate Crimes and Firearm Offenses Related to Mass Shooting at Club Q

The Gate 15 Interview EP 47. ENCRYPTION, part 1. A conversation with Sharon Polsky and Hanna Bozakov: A magic key to backdoor encryption can’t exist in a free and open society. Jun 24, 2024

In this episode of The Gate 15 Interview, Andy Jabbour talks with Sharon Polsky and Hanna Bozaov in the first of a two-part series on encryption. All three participants are members of the Global Encryption Coalition. Sharon Polsky. Sharon joins us from Canada. She is president of the Privacy and Access Council of Canada, and has most recently testified at Parliamentary and Senate committees, and spoke the 2023 IGF in Kyoto. A brief bio is available here. Sharon on LinkedIn. Hanna Bozakov. Hanna joins us from Germany. Hanna is with Tuta Mail, the encrypted email service from Germany, formerly Tutanota. Together with Tuta, she fights for our right to privacy and freedom of speech. Hanna on LinkedIn. Encryption 101: What it is and why is it important. The Global Encryption Coalition and why they’re involved. Law Enforcement & legislation in Canada, Europe and broadly. Best privacy practices for individuals and organizations. Recommendations for law enforcement and legislators Three Questions! In the discussion Sharon, Hanna and Andy discuss:“There is no way to implement such proposals in the context of end-to-end encrypted communications without fundamentally undermining encryption and creating a dangerous vulnerability in core infrastructure that would have global implications well beyond Europe” – ⁠⁠Meredith Whittaker⁠⁠, President, Signal, in a ⁠⁠public blog post⁠⁠, 17 Jun 2024, in response to controversial European Union legislative proposal to scan the private messages of citizens in a bid to detect child sexual abuse material (CSAM). “Politicians must understand that the magic key for law enforcement to unlock encrypted data will never exist. There are too many examples in history that show how vulnerabilities that should have been only known to law enforcement got exploited by Chinese hackers, by Russian state hackers. So yes, criminals use encryption to hide their criminal activities but this does not justify outlawing encryption for everyone. If we do this the Internet as a whole will become so insecure… if you want to live in free and open democracies - not in a Stasi like country where everything is monitored - we must accept there is no easy solution. Our freedom requires privacy and thus encryption. So one thing is for sure - encryption must remain secure, otherwise the bad actors will have already won.” – Hanna Bozakov, Tuta Mail, in our interview, 18 Jun 2024 Selected links: Global Encryption Coalition. The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. GEC members The Road to Digital Hell Is Paved With Good Intentions, 15 May 2024 Europol: European Police Chiefs call for industry and governments to take action against end-to-end encryption roll-out, 21 Apr 2024 Europol: Equilibrium between security and privacy: new report on encryption, 10 Jun 2024 TechCrunch: Stop playing games with online security, Signal president warns EU lawmakers, 17 Jun 2024 Tuta Mail: German government publishes law to guarantee ‘right to encryption.’ 25 Mar 2024 ASIS: Legal Report: Weakening Encryption Would Threaten Right to Privacy, European Court Rules, 22 May 2024 Tuta Mail. “Tuta is the world’s most secure email service, easy to use and private by design. You get fully encrypted calendars and contacts with all our personal and business email accounts. Secure, green and ad-free. Email to feel good about.” Some of the organizations Sharon is involved in: President — AMINAcorp.ca President — Privacy and Access Council of Canada Vice-Chair, Digital Governance Council Technical Committee for Privacy & Access Control Standards Vice-Chair, Digital Governance Council Technical Committee for Canadian Information Privacy Protection Framework PbD — Privacy By Design Ambassador

Weekly Security Sprint EP 69. Summer Scams & CISA is BIG TIME! Terror Alarms, NTAS Bulletins and FUD! Living on the Edge! Hurricane Season! Jun 18, 2024

In the Weekly Security Sprint, Andy and Jen covered the following topics. Opening. TLP:CLEAR | FB-ISAO Newsletter H2OSecCon Spring 2024: A Resounding Success in Water and Wastewater Sector Security. Security Awareness/Scams/PSA | Vacation Planning and Travel Scamming Protect Yourself from Summer Vacation Scams: Stay Cyber Aware During Your Vacation Phone Scammers Impersonating CISA Employees CISA - National Internet Safety Month: This June, Take 4 Easy Steps to Stay Safe Online Other Notables – I love when big orgs put money where their mouth is… America’s rural hospitals keep getting attacked by cybercriminals. Microsoft and Google are working to fix that Summer Scams & CISA is BIG TIME! Protect Yourself from Summer Vacation Scams: Stay Cyber Aware During Your Vacation Phone Scammers Impersonating CISA Employees CISA - National Internet Safety Month: This June, Take 4 Easy Steps to Stay Safe Online. Terror Alarms, NTAS Bulletins and FUD! 8 people with suspected ties to ISIS arrested in Philly, NYC and LA: Sources Feds arrest 8 Tajik nationals in US after surveillance abroad found potential ties to terrorism, sources say Pressure mounts on Biden admin to issue national terrorism alert after arrest of suspected ISIS-tied border crossers. Related Reminder: DHS Continues to See High Risk of Foreign and Domestic Terrorism in 2024 Homeland Threat Assessment. Turner says US is at ‘highest level of a possible terrorist threat’ New York Threat 'Extremely Serious,' Official Warns, as ISIS Crosses Border Dr. Paul Leads Letter Requesting Hearing on Threat of Terrorists Exploiting Southern Border Threats of terrorism in the U.S. are ‘more diverse and difficult to counter.’ Recorded Future: Israel-Hamas Conflict and US Elections Drive Violent Extremist Threats in 2024 Fort Worth Man Charged With Threatening Federal Agent: ‘Guns Will Come Out.’ Arizona Man Charged with Selling Guns for Use in Mass Shooting Man arrested in New York City with a gun, 8 loaded magazines, an NYPD vest and other weapons Vulnerability Management: Living on the Edge! Edge Devices: The New Frontier for Mass Exploitation Attacks2024 Attack Intelligence Report Hurricane Season! CSU: Forecast for 2024 Hurricane Activity AI/Preparedness/Resilience CISA, JCDC, Government and Industry Partners Conduct AI Tabletop Exercise Joint Cyber Defense Collaborative (JCDC) Artificial Intelligence Cyber Tabletop ExerciseRoadmap for AI Scenario Document | Joint Cyber Defense Collaborative Artificial Intelligence Cyber Tabletop Exercise Quick Hits Executive Order on White House Council on Supply Chain Resilience Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested How Email Scammers Hit Arlington, Mass., Covered Their Tracks Europol: Announcement of two major actions targeting terrorist propaganda online on a global scale Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda Attorney General Merrick B. Garland Statement on FBI’s Quarterly Uniform Crime Report FBI Releases 2024 Quarterly Crime Report and Use-of-Force Data Update IIJ REMVE Initiative: Addressing the Threat of REMVE Radicalization to Violence in the Americas Terrorist Designations of Nordic Resistance Movement and Three Leaders Global leader of ISIS targeted and possibly killed in U.S. airstrike Joint U.S.-Türkiye Designations of an ISIS Smuggling Network Teenager's chilling five-word warning as he plotted suicide bomb attack on synagogue 'Neo Nazi' knifeman attacks two children, leaving 12-year-old seriously wounded at Finnish shopping centre Catoosa County man charged with terroristic threats after posting videos online Nashville school shooter's violent rant REVEALED at last: Audrey Hale wrote about her 'torture' as a trans girl and how she would 'kill' to get puberty blockers Aghan teen arrested for knife attack on women in Germany ISIS tells Americans they’ll 'drink their blood' in terrifying promise to attack

Weekly Security Sprint EP 68. Physical Security - palooza! Jun 11, 2024

In this week's Security Sprint, Dave and Andy covered the following topics as part of a focus on physical security articles and resources. Mobilization Indicators - 2021 version. https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf Attorney General Merrick B. Garland Statement on FBI’s Quarterly Uniform Crime Report. The Justice Department issued the following statement from Attorney General Merrick B. Garland on the release of the FBI’s Quarterly Uniform Crime Report, which shows a decrease in violent crime and property crime in the first quarter of 2024 compared to the same time period last year. FBI Releases 2024 Quarterly Crime Report and Use-of-Force Data Update U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency Interagency Security Committee: Managing Risk of Adverse/Involuntary Employee Separations An Interagency Security Committee Guide, 2024 Edition. This guide provides best practices on how to conduct an employee separation risk assessment and categorize that risk, keys to success for notifying the employee, managing access to facilities and information technology (IT) systems, remote worker considerations, and post-separation vigilance. UK NPSA: Mitigation of Terrorist Threats at Venues during Ingress and Egress Guidance. NPSA has produced new guidance that helps to highlight the main security concerns and provides various strategies to reduce the risks. FBI Urges Safety and Security During Pride MonthSuspected IS supporter arrested at Cologne airport. A suspected supporter of the Islamic State (IS) was arrested a week before the start of the UEFA European football championship in Germany, the Federal Public Prosecutor’s Office said Sunday. According to a spokesperson for the Karlsruhe authority, the suspect was arrested at Cologne/Bonn Airport on Friday. ISIS makes ‘lone wolves’ threat to Paris 2024 Olympics with chilling mock-up of Eiffel Tower being attacked by drone Canadian Centre for Cyber Security How to protect your organization from insider threats (ITSAP.10.003) Cyber threat bulletin: Cyber Centre urges Canadians to be aware of and protect against PRC cyber threat activity Cyber threat bulletin: The cyber threat to major international sporting events

Venue Security Pod EP 5. Eric Neill talks about security! Saying “hello,” the importance of communications, de-escalation and how to get better every day. Jun 10, 2024

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Eric Neill, Director of Theatre Operations at the Boch Center in Boston. Eric as worked in Performing Arts Venues for the past 25 years in Boston and NYC. He has over 25 years of security management experience specializing in event security and executive protection. Eric is the holder of many other security and life safety certificates including Executive Protection from LaSorsa & Associates and Emergency Trauma Response and is a certified instructor of the ALIVE Active Shooter. Eric holds memberships in American Society for Industrial Security (ASIS), National Fire Protection Association (NFPA) and International Association of Venuw Managers (IAVM) where is a graduate of the Academy of Venue Safety and Security and is currently the Chairman of Performing Arts Security & Safety Committee. Mr. Neill is honored to have received the National Defense Service Medal while serving in the United States Coast Guard and the Hero’s Among Us Award in 2012 where he was honored at the TD BankGarden and Boston’s City Hall.

In the discussion we address:
• Eric’s background.
• Security Protocols.
• Screening and search procedures.
• Managing VIP areas.
• Handling disruptive attendees.
• More!

Weekly Security Sprint EP 67. Olympic threats, extremism, preparing for AI and elections Jun 04, 2024

On this week's Security Sprint, Dave and Alec talked about the following topics. Nerd Spoiler - initial excitement for The Acolyte Olympic threats. Physical https://www.bbc.com/news/world-europe-68815081 https://www.dailymail.co.uk/news/article-13451553/French-cops-foil-Incel-plot-carry-ma[…]-years-Elliot-Rodger-massacre-left-six-dead-California.html https://www.bbc.com/news/articles/cv22xy1y884o https://thesoufancenter.org/intelbrief-2024-april-26/ https://www.politico.eu/article/france-paris-olympics-emmanuel-macron-terror-security/ https://news.sky.com/story/paris-olympics-16-year-old-arrested-after-he-said-he-wanted-to-die-a-martyr-at-games-13122216 https://www.asisonline.org/security-management-magazine/latest-news/today-in-security/2024/march/paris-olympics-security-challenges/ Cyber https://www.nytimes.com/2024/04/16/world/europe/paris-olympics-cyberattacks.html https://www.nytimes.com/2024/04/08/us/politics/france-cyberattacks-summer-olympics.html https://hackread.com/cybersecurity-loopholes-paris-2024-olympics-infrastructure/ https://apnews.com/article/paris-olympics-cybersecurity-cyberattacks-russia-a2fef5133e4ea142bfcb4111d987ff50 https://www.france24.com/en/live-news/20240327-french-cyberdefence-chief-warns-paris-olympics-a-target https://thesoufancenter.org/intelbrief-2024-may-28/ https://www.hstoday.us/subject-matter-areas/counterterrorism/detroit-man-arrested-and-charged-after-attempting-to-provide-money-to-isis/ https://www.justice.gov/opa/pr/idaho-man-arrested-attempting-provide-material-support-isis https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf https://www.dhs.gov/nationwide-sar-initiative-nsi https://www.dhs.gov/see-something-say-something https://apnews.com/article/warner-trump-facebook-russia-disinformation-election-6bd27f4e79af8073589222a4a6e4c579 https://www.dni.gov/files/NCTC/documents/jcat/firstresponderstoolbox/151s_First_Re[…]iolent_Extremists_Use_of_Generative_Artificial_Intelligence.pdf Quick hits https://hackread.com/one-phish-two-phish-red-phish-blue-phish/ https://www.sans.org/newsletters/ouch/simple-steps-vacation-cybersecure/ https://www.washingtonpost.com/world/2024/06/03/poland-russia-belarus-sabotage-arrests/aaed2f10-21b6-11ef-bc8d-a8ae61b84dde_story.html https://therecord.media/thousands-of-devices-vulnerable-checkpoint

Nerd Out EP 48. Hostile Events, foreign influence, weather events, and Marvel! May 27, 2024

In the latest episode of Nerd Out, Alec and Dave talked through a series of topics that include examining the recent arrest of an individual who was planning a hostile event, as well as others that were disrupted speaking to the importance reporting suspicious behaviors. Then they talked about nation-states and their ability to influence through a variety of actions and leading up to the election. They wrapped up the security portion of the pod on severe weather and the importance of preparedness. Finally, the ran through the upcoming slate of Marvel movies and television shows to determine if they are in or out.

Some of the materials discussed in the pod include:

Mass shootings

https://www.nbcnews.com/news/us-news/new-jersey-marine-accused-threats-kill-white-people-mass-shooting-rcna152082
https://www.cbsnews.com/philadelphia/news/delaware-county-linen-shooting-pennsylvania/
https://www.nbcphiladelphia.com/news/local/chester-workplace-shooting-delaware-county-linen-deadly-disgruntled-employee-pennsylvania/3866970/
https://projects.voanews.com/mass-shootings/english/locations/workplace.html
https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf
https://www.dhs.gov/nationwide-sar-initiative-nsi/online-sar-training
https://www.dhs.gov/see-something-say-something
https://www.cisa.gov/topics/physical-security/insider-threat-mitigation
https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic

Foreign Influence

https://www.reuters.com/world/uk/suspects-alleged-russia-linked-uk-arson-attack-face-trial-next-year-2024-05-10/#:~:text=United%20Kingdom-,Suspects%20in%20alleged%20Russia%2Dlinked%20UK%20arson,to%20face%20trial%20next%20year&text=LONDON%2C%20May%2010%20(Reuters),British%20court%20heard%20on%20Friday.
https://www.nbcnews.com/news/investigations/russias-brazen-intensifying-sabotage-campaign-europe-rcna147178
https://abcnews.go.com/International/wireStory/poland-arrests-sabotage-suspects-warns-potential-hostile-acts-110438127
https://apnews.com/article/russia-estonia-baltics-sabotage-spying-kallas-62835b00fdb31f648ebe2259908ca2a1
https://www.wsj.com/world/europe/europe-sees-signs-of-russian-sabotage-but-hesitates-to-blame-kremlin-72598d4b
https://www.telegraph.co.uk/news/2024/05/11/russia-recruiting-far-right-extremists-attacks-west-putin/

Hurricanes

https://www.noaa.gov/news-release/noaa-predicts-above-normal-2024-atlantic-hurricane-season
https://tropical.colostate.edu/forecasting.html
https://www.ready.gov/

Weekly Security Sprint EP 66. Cyber Storm, Hostile Events, MDM, and deceptive hiring May 21, 2024

On the latest episode of the Security Sprint, Dave and Andy talked about the following topics. Warm Start Information Sharing: A Valuable Tool in Preventing Cyber Attacks CISA: Prepared Together – Cyber Storm IX Recap Main Topics Physical Threats & Violence Gate 15 White Paper: The Hostile Event Attack Cycle (HEAC), 2021 Update New Jersey Marine arrested after allegedly making threats to kill White people, 'began planning' mass shooting DOJ: Maryland Woman Pleads Guilty to Conspiring to Destroy the Baltimore Region Power Grid U.S. Department of State: Worldwide Caution, 17 May. Due to the potential for terrorist attacks, demonstrations, or violent actions against U.S. citizens and interests, the Department of State advises U.S. citizens overseas to exercise increased caution. Elections, Info Ops, Resources: Misinformation perceived as a bigger informational threat than negativity: A cross-country survey on challenges of the news environment Sekoia: Master of Puppets: Uncovering the DoppelGänger pro-Russian influence campaign Canadian Centre for Cyber Security How to identify misinformation, disinformation, and malinformation (ITSAP.00.300). Opening Statement by CISA Director Jen Easterly at the Update on Foreign Threats to the 2024 Elections Hearing US intelligence spotted Chinese, Iranian deepfakes in 2020 aimed at influencing US voters Contagious Disruption: How CCP Influence and Radical Ideologies Threaten Critical Infrastructure and Campuses Across the United States Russian Connections to Israel-Gaza Protests Democratic People's Republic of Korea Leverages U.S.-Based Individuals to Defraud U.S. Businesses and Generate Revenue. Charges and Seizures Brought in Fraud Scheme, Aimed at Denying Revenue for Workers Associated with North Korea Justice Department Announces Arrest, Premises Search, and Seizures of Multiple Website Domains to Disrupt Illicit Revenue Generation Efforts of Democratic People’s Republic of Korea Quick Hits UK NCSC: Business email compromise: new guidance to protect your organisation Canadian Centre for Cyber Security Rethink your password habits to protect your accounts from hackers (ITSAP.30.036) CISA: Encrypted DNS Implementation Guidance Software Transparency in SaaS Environments TLP:CLEAR | FB-ISAO Newsletter. Reliaquest: New Black Basta Social Engineering Scheme Microsoft: Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Stairwell threat report: Black Basta overview and detection rules Iran Declares Mourning Period As President, Foreign Minister Killed In Helicopter Crash Israel insists 'it wasn't us' after 'Butcher of Tehran' Iranian president is killed in mysterious helicopter crash a month after ordering missile attack on the Jewish state while Islamic regime supports Hamas in Gaza war ICC prosecutor seeks arrest warrants against Netanyahu, Hamas leaders. Senators unveil plan to regulate AI, as companies race ahead Men accused of plot to attack Jews with machine guns in north-west England DHS Announces Creation of the Homeland Intelligence Advisory Board. U.S. Attorney’s Office and Law Enforcement Partners Take Action Against Money Mules in Order to Disrupt Transnational Fraud Schemes and Educate Public. Two Foreign Nationals Arrested for Laundering At Least $73M Through Shell Companies Tied to Cryptocurrency Investment Scams Feds nab alleged money launderers for pig butchering scheme Senator Vance issues warning on China-backed Volt Typhoon threat to US critical infrastructure BreachForums seized by FBI for 2nd time 6K-plus AI models may be affected by critical RCE vulnerability Tinyproxy (CVE-2023-49606) – Vulnerability Analysis and Exploitation British engineering giant Arup revealed as $25 million deepfake scam victim

The Gate 15 Interview EP 46: Helping Our Loved Ones Have a Summer Security Mindset. Mark and Kaylani on Situational Awareness, Preparedness and Big Smiles. May 14, 2024

In this episode of The Gate 15 Interview, Andy Jabbour talks with Mark Herrera, Director of Education for the International Association of Venue Managers (IAVM) and more importantly, with special guest, his granddaughter, Miss Kaylani Herrera, the reigning New Mexico Cinderella State Tot.In the discussion we break from our usual type of Interview to pause and think about talking to our friends and loved ones about having an appropriate security mindset as we head into summer. As we look towards a season of mass gatherings, special events, travel and other situations that may experience security incidents, it’s important to help our loved ones think about the potential of threats, being prepared, and having an age-appropriate security mindset. Mark, Kaylani and Andy address: The importance of threat and situational awareness. How to prepare family, not scare them. Age-appropriate security conversations. School safety. And we play Three Questions with Kaylani! Mark is the Director of Safety and Security for the International Association of Venue Managers and recognized as one of the top 25 most influential leaders in the meetings and event industry. In addition, as the Director of Safety and Security for the International Association of Venue Managers, Herrera represents the Department of Homeland Security Office of Infrastructure Protection as the current Chair for the Public Assembly Facility Sub-Sector Council. Herrera is also a seasoned law enforcement officer and trainer, having spent twenty years with the Hobbs, New Mexico, Police Department. See Mark on LinkedIn for his complete bio. Mark on Instagram. Miss Kaylani’s Bio. Hi, everyone, my name is Kaylani Herrera. I’m seven years old, currently in the second grade and attend Saint Helena Catholic school. I am your 2023-2024 NM Cinderella state Tot. I recently started competing in the natural pageant world. At my first pageant I was crowned the Lea County overall tot, from there I went on to compete at the state level pageant that was held in June and won the overall New Mexico tot ages 4-6 along with New Mexico State talent competition and first alternate cameo. When I am not busy fulfilling my queen duties, I also am a dancer and Gymnast. I recently competed in my first gymnastics meet and won 4th place overall for my age division. I enjoy spending time with my sister and parents, playing with my dog Dallas as well as talking with my Gpa (Mark Herrera) about how to make the world a safer place.

Weekly Security Sprint EP 65. Protest Influence / Interference, Ransomware, AI, lessons learned May 14, 2024

In this week's Security Sprint, Dave and Andy talked about the following topics: Main Topics ⁠A Russian Influence Campaign Is Exploiting College Campus Protests⁠ ⁠FBI PSA: Foreign Terrorist Organizations and their Supporters Likely Heighten Threat Environment during 2024 Pride Month⁠, May 10, 2024 ⁠GW: Majority Of University Protesters Arrested Weren’t Even Students, Police Say⁠ ⁠The network behind campus antisemitism⁠ ⁠Secret Hamas Files Show How It Spied on Everyday Palestinians⁠ ⁠Guidance for organisations considering payment in ransomware incidents⁠ ⁠U.S. Charges Russian National with Developing and Operating Lockbit Ransomware⁠ ⁠Increase of Lockbit ransomware attacks⁠ ⁠Ascension: Network Interruption Update⁠ ⁠Fitsec: Welcome to Fitsec's Akira Help⁠ First Responders Toolbox: ⁠Violent Extremists’ Use of Generative Artificial Intelligence⁠. = o ⁠Statement from NSC Spokesperson Adrienne Watson on the U.S.-PRC Talks on AI Risk and Safety⁠ o ⁠US, China meet in Geneva to discuss AI risks⁠ ⁠Faith-Based Daily Awareness Post 13 May 2024⁠ o ⁠Abbeville: Parishioners stop teen armed with rifle from entering church during Mass⁠ o ⁠Bomb Squad at Clearlake Baptist Church-Packaged Marked “Bomb” with Swastikas Brought Inside⁠ Quick Hits Mass Gatherings Tool (CISA). https://www.cisa.gov/resources-tools/resources/mass-gathering-security-planning-tool CISA updates: ⁠CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources⁠ ⁠Fact Sheet: Biden-⁠Harris Administration Releases Version 2 of the National Cybersecurity Strategy Implementation Plan⁠ ⁠Thompson, Swalwell Release Statement on the Biden Administration Releasing the First Cybersecurity Posture of the United States Report⁠ ⁠CISA wants ‘high-quality feedback’ for another month on CIRCIA rule⁠ Secure by Design: CISA Unveils New Public Service Announcement – We Can Secure Our World. Today, the Cybersecurity and Infrastructure Security Agency (CISA) is pleased to launch ⁠We Can Secure Our World⁠. ⁠CISA Announces Secure by Design Commitments from Leading Technology Providers⁠ ⁠ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies⁠ ⁠CERT-NZ: Joint Guidance: Choosing Secure and Verifiable Technologies⁠ ⁠CISA Unveils New Public Service Announcement – We Can Secure Our World⁠ ⁠CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly'⁠ Elections: o ⁠Open Hearing: An Update on Foreign Threats to the 2024 Elections⁠ o ⁠Exclusive: Homeland Security ramping up 'with intensity' to respond to election threats⁠ o ⁠In Arizona, election workers trained with deepfakes to prepare for 2024⁠ o ⁠Top FBI Official Urges Agents to Use Warrantless Wiretaps on US Soil⁠ o ⁠MI: AG Nessel Charges Attorney Stefanie Lambert and Former Adams Township Clerk Scott for 2020 Election Voter Data Breach⁠. o ⁠The Answer to Election Deniers Is in an Idaho County Website⁠ RSAC 2024: ⁠Technology and the Transformation of U.S. Foreign Policy⁠ ⁠RSAC 2024: US Secretary of State Blinken advocates solidarity, not sovereignty, for cyber⁠ ⁠Volt Typhoon operation came up 'directly' in US-China talks, ambassador says⁠ ⁠Warner: Lawmakers 'in process' of finding Section 702 fix⁠ ⁠Cyber world heads to San Francisco⁠ ⁠RSAC 2024: AI adds new dimension to virus detection⁠ ⁠RSAC 2024: How to use AI without getting in trouble⁠ ⁠Readout of Deputy Attorney General Lisa Monaco’s Trip to California and Participation in the 2024 RSA Cybersecurity Conference⁠ ⁠DHS, CISA Announce Membership Changes to the Cyber Safety Review Board⁠ ⁠Canadian Centre for Cyber Security⁠ ⁠Common employee IT security challenges (ITSAP.00.005)⁠ ⁠Zscaler takes "test environment" offline after rumors of a breach⁠ · ⁠Brown Pushes Biden Administration to Ban All Connected Vehicles From China And Vehicles Using Chinese Smart Technology⁠ · ⁠UK NPSA: Hostile Activity Mitigations⁠. Updated 10 May.

Weekly Security Sprint EP 64. Verizon DBIR, MDM, Hurricanes, Cyber Resilience May 07, 2024

In this week's Security Sprint, Dave and Andy talked about the following topics. Warm Start: Tribal-ISAC merch! National Security Memorandum on Critical Infrastructure Security and Resilience. Biden-Harris Administration Announces New National Security Memorandum to Strengthen U.S. Department of Energy’s Role in Ensuring Security and Resilience Across America’s Energy Sector Biden signs new memo to boost security of US critical infrastructure White House announces new policy guiding infrastructure protection Verizon 2024 Data Breach Investigations Report Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways Verizon DBIR: Enterprises Know The Pain Of Zero Day Exploits All Too Well Verizon’s 2024 DBIR Unpacked: From Ransomware Evolution to Supply Chain Vulnerabilities Bitsight Reveals More than 60 Percent of Known Exploited Vulnerabilities Remain Unmitigated Past Deadlines in First-of-its-Kind Analysis of CISA’s KEV Catalog Organizations patch CISA KEV list bugs 3.5 times faster than others, researchers find Forescout: Exposing the exploited: Analyzing vulnerabilities that live in the wild Info Ops Russia is trying to exploit America's divisions over the war in Gaza; The effort includes artificial intelligence, fake social media accounts and a spike in state-sponsored Russian propaganda NewsGuard: Russia-Ukraine Disinformation Tracking Center: 477 Websites Spreading War Disinformation And The Top Myths They Publish Campus Protests Give Russia, China and Iran Fuel to Exploit U.S. Divide; America’s adversaries have mounted online campaigns to amplify the social and political conflicts over Gaza flaring at universities, researchers say. Hurricane Preparedness. A Proclamation on National Hurricane Preparedness Week, 2024. Oklahoma and Kansas at High Risk of Extreme Storms and Tornadoes Heavy rains ease around Houston but flooding remains after hundreds of rescues and evacuations Dashcam shows tornado obliterate Nebraska building Nebraska tornado survivor recounts mayhem: 'The windows exploded and glass was flying everywhere' Death toll from southern Brazil rainfall rises to 78, many still missing China & Resilience! SAVE THE DATE! CISA Hosts CISA Live! – “People’s Republic of China Cyber Threats and What We Can Do”. On Wednesday, May 15, we will host our next CISA Live! - “People’s Republic of China Cyber Threats and What We Can Do” Under the Digital Radar: Defending Against People’s Republic of China’s Nation-State Cyber Threats to America’s Small Businesses. Quick Hits Australian police shoot dead 'radicalized' teen Germany Travel Advisory-Level 2: Exercise Increased Caution-May 1, 2024 Sweden “On Terror Level Four” As Security Is Tightened A Week Before Eurovision Song Contest Bird flu's wild range; Counties where avian flu has been detected in wild mammals since 2022 House Energy and Commerce Committee: What We Learned: Change Healthcare Cyber Attack French cyberwarriors ready to test their defense against hackers and malware during the Olympics The United States Condemns Malicious Cyber Activity Targeting Germany, Czechia, and Other EU Member States FBI Releases 2023 Elder Fraud Report with Tech Support Scams Generating the Most Complaints and Investment Scams Proving the Costliest CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity Communication gaps between IT departments and senior corporate leadership worsening application security risks SBOM Sharing Primer CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities Maersk says Red Sea disruption will cut capacity by 15-20% in second quarter Chinese-Made Surveillance Cameras Are Spreading Across Eastern Europe, Despite Security Concerns Wichita government shuts down systems after ransomware incident

Weekly Security Sprint EP 63. The return of the Cybersecurity Evangelist, protests, weather, vulnerabilities and more. Apr 30, 2024

Jennifer Lyn Walker returns to the Security Sprint and partners with Dave on the following topics. Protests. CNN: https://www.cnn.com/business/live-news/university-protests-palestine-04-29-24/h_5c66b0505df54a3db5b57e3949161257 AP: https://apnews.com/article/israel-palestinian-campus-student-protests-war-8b0d3a0cedb17f5e892c6ca43bbdf628?taid=6630becafd4f33000168594c&utm_campaign=TrueAnthem&utm_medium=AP&utm_source=Twitter National Small Business Week, Take Steps to Secure Your Business During National Small Business Week, Take Steps to Secure Your Business https://www.cisa.gov/news-events/news/during-national-small-business-week-take-steps-secure-your-business Secure Your Business https://www.cisa.gov/secure-our-world/secure-your-business Severe Weather. Tornados. NBC: ⁠https://www.nbcnews.com/news/weather/overnight-tornadoes-storms-leave-heavy-destruction-nebraska-iowa-rcna149658⁠ https://apnews.com/video/oklahoma-tornadoes-natural-disasters-ef4b5e6696bf47d69a869102f5b7a441 Hurricanes. https://engr.source.colostate.edu/researchers-predicting-well-above-average-2024-atlantic-hurricane-season/ Lots of Water… DHS asked to consider potentially 'devastating’ impact of hacks on rural water systems https://therecord.media/water-utility-cyberattacks-lawmakers-letter-to-dhs Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats https://www.fbi.gov/news/speeches/director-wrays-remarks-at-the-vanderbilt-summit-on-modern-conflict-and-emerging-threats Quick Hits. https://www.thebaltimorebanner.com/education/k-12-schools/eric-eiswert-ai-audio-baltimore-county-YBJNJAS6OZEE5OQVF5LFOFYN6M/ Vulnerabilities – PAN OS & Siemens RUGGEDCOM; Cisco Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability https://www.securityweek.com/siemens-industrial-product-impacted-by-exploited-palo-alto-firewall-vulnerability/ Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack https://thehackernews.com/2024/04/palo-alto-networks-outlines-remediation.html ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/ Scams Japanese police create fake support scam payment cards to warn victims https://www.bleepingcomputer.com/news/security/japanese-police-create-fake-support-scam-payment-cards-to-warn-victims/ FBI warns of massive wave of road E-Z Pass - toll SMS phishing attacks https://www.bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/ Researchers find dozens of fake E-ZPass toll websites after FBI warning https://therecord.media/researchers-find-dozens-of-ezpass-spoofs AI 6 security items that should be in every AI acceptable use policy https://www.csoonline.com/article/2093806/6-security-items-that-should-be-in-every-ai-acceptable-use-policy.html Misc (didn’t get to, but providing for bonus) Top 10 physical security considerations for CISOs https://www.csoonline.com/article/566635/what-is-physical-security-how-to-keep-your-facilities-and-devices-safe-from-on-site-attackers.html

The Gate 15 Interview EP 45. Curt Tilley, DHS Office of Bombing Prevention Apr 29, 2024

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Curtis E. Tilley, Branch Chief, Training, Office for Bombing Prevention (OBP), Cybersecurity and Infrastructure Security Agency (CISA). · Curtis on https://www.linkedin.com/in/curt-tilley-0089b6b2/. - Those who want to engage with the DHS Office of Bombing Prevention may email at mailto:obp@cisa.dhs.gov. In the discussion we address: - OBP’s background. - Some bomb threat and IED history. - The enduring threat and challenge of the IED threat. - Preparedness and resources. - How to contact OBP. - We talk about what’s on Curt’s mind. - We play Three Questions and talk Macho Man Randy Savage, being the big man on campus, serving our communities and more! A few references mentioned in or relevant to our discussion include: - https://www.hstoday.us/subject-matter-areas/emergency-preparedness/profiles-in-excellence-curtis-tilley-branch-chief-office-for-bombing-prevention-cisa/ (13 Mar 2023) - Watch the discussion noted above https://youtu.be/NhWHpE2kEs8 - http://www.cisa.gov/obp - https://www.youtube.com/watch?v=xUgLIIduLWY - https://www.cisa.gov/ - https://www.dni.gov/nctc/timeline.html

Weekly Security Sprint EP 62. A jumbalaya of news - emergency comms, China, deep fakes, and de-escalation Apr 23, 2024

In the latest episode of the Security Sprint, Dave and Andy talked about the following topics. Warm Start · CISA Announces 9th Cyber Storm National Exercise. The Cybersecurity and Infrastructure Security Agency (CISA) is hosting its ninth iteration of the Cyber Storm (CS IX) Cyber Exercise. It’s the nation’s largest cyber exercise designed to improve the cybersecurity posture of our nation’s critical infrastructure. Through extensive planning, this exercise strengthened cybersecurity preparedness and response capabilities through exercising policies, processes, and procedures for identifying and responding to a multi-sector significant cyber incident impacting critical infrastructure. For more information and resources, visit Cyber Storm IX: National Cyber Exercise | CISA & Cyber Storm IX: National Cyber Exercise | CISA FB-ISAO: Best Practices for Securing Your Router / Wi-Fi 'NCSC Cyber Series' podcast now available on Spotify Main Topics: US 911 emergency call line outage resolved in some areas The PRC has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist… Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats FBI says Chinese hackers preparing to attack US infrastructure Gallagher’s ominous farewell Chinese Government Poses 'Broad and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says UK: Government cracks down on ‘deepfakes’ creation “Proactive De-escalation” Quick Hits · Russian US election interference targets support for Ukraine after slow start · Microsoft: Nation-states engage in US-focused influence operations ahead of US presidential election · Information operations will be ‘foundational’ to future DOD efforts, Cybercom chief says · How A.I. Tools Could Change India’s Elections · Google: Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm · Secret Russian foreign policy document urges action to weaken the U.S. · RAND: Generative Artificial Intelligence Threats to Information Integrity and Potential Policy Responses · Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations · Montgomery Co. student charged with threats of mass violence after police discover disturbing ‘manifesto.’ · CISA and Partners Release Advisory on Akira Ransomware · FBI: Akira ransomware raked in $42 million from 250+ victims · Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities · FACT SHEET: Biden-⁠Harris Administration Releases Strategy to Strengthen Global Health Security · U.S. Government Global Health Security Strategy 2024 (PDF) · Undersea ‘hybrid warfare’ threatens security of 1bn, Nato commander warns · Joint Guidance on Deploying AI Systems Securely · UK NPSA: Personal Safety and Security for High-Risk Individuals · 840-bed hospital in France postpones procedures after cyberattack · Cloudflare: DDoS threat report for 2024 Q1 · Hearing - Held for Ransom: How Ransomware Endangers Our Financial System. See the full hearing video on YouTube. · Ex-White House cyber official says ransomware payment ban is a ways off · Top officials again push back on ransomware payment ban · Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse · UnitedHealth Group reports that the Change Healthcare ransomware attack has had an $872 million financial hit on its business so far · Congress rails against UnitedHealth Group after ransomware attack · AHA testifies at hearing on health care cybersecurity

Nerd Out EP 47. Middle East, Domestic Issues, and the Acolyte! Apr 22, 2024

In the latest episode of Nerd Out, Dave welcomes in Alec Davison as his partner in crime for the podcast. After they get through the excitement of the latest Taylor Swift album, they talked through the latest activity in the Middle East and what it could mean domestically. Then they looked at the latest news related to the U.S. election including the recent incident outside of the Trump trial and potential concerns that may play out over the course of the year especially related to mis/dis/mal-information. They wrap up the pod with some real nerd discussions on Star Wars and what the new series has to offer! Alec Davison is the Lead Analyst at the Water Information Sharing and Analysis Center (WaterISAC). In addition, he works as a Risk Analyst at Gate 15. He holds an M.A. in Security Policy Studies from George Washington University. Some of the resources discussed in the pod include: https://www.cisa.gov/resources-tools/resources/personal-security-considerations-action-guide https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic https://www.dni.gov/files/NCTC/documents/jcat/firstresponderstoolbox/89s_-_Violent[…]il_Unrest_and_Public_Assemblies_in_the_United_States-survey.pdf Mobilization/SARs https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf https://www.dhs.gov/nationwide-sar-initiative-nsi Info sharing communities https://www.dhs.gov/fusion-centers https://www.nationalisacs.org/

Weekly Security Sprint EP 61. Iran, Hostile Events, Cyber awareness, Vehicle Ramming and more! Apr 16, 2024

In this week's Security Sprint, Dave and Andy discussed the following topics: Warm Start Palo Alto Command Injection Vulnerability in PAN-OS GlobalProtect 'Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400 Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) Volexity on GitHub Adding content for Palo Alto Networks GlobalProtect post Palo Alto Networks Security Advisories CVE-2024-3400 CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect Palo Alto: Applying Vulnerability Protection to GlobalProtect Interfaces Compromise of Sisense Customer Data Brian Krebs: Why CISA is Warning CISOs About a Breach at Sisense Sisense customers told to reset credentials amid supply chain attack fears Risky Biz News: Sisense breach has CISA and everyone else panicking Main Topics: Israeli war cabinet to meet again to consider response to Iran’s attack o Iran Issues Fresh Threat to U.S. o US will not take part in any Israeli retaliatory action against Iran o The Latest | World leaders urge Israel not to retaliate for the Iranian drone and missile attack o U.S. details Pentagon’s role in defending Israel from Iranian attack o Analysis: Israel Repelled Iran’s Huge Attack. But Only With Help From U.S. and Arab Partners. Idaho Man Arrested for Attempting to Provide Material Support to ISIS Idaho teen arrested for allegedly plotting to attack church in name of ISIS What we know about Clenard Parker, the man accused of driving into a Brenham DPS office 'Obvious' Sydney killer targeted women - Australian police. Man who confronted attacker with bollard and other bystanders praised for heroic acts during Bondi stabbings. Stabbing rampage at Sydney mall leaves at least 7 dead, including attacker Sydney stabbing: Police say no ideological motivation English Tutor Identified as Mall Stabbing Attacker Left Behind Disturbing Facebook Post Sydney knife attacker Joel Cauchi 'had worked as male escort' before Bondi shopping centre stabbing False claims started spreading about the Bondi Junction stabbing attack as soon as it happened Posture Statement of General Timothy D. Haugh 2024. “ Beijing, Moscow, and Tehran increasingly use social media and state-sponsored disinformation sites, both overt and covert, to shape narratives and sow confusion..." Chinese nationalist trolls pretend to be Trump supporters ahead of US elections Quick Hits: UK NPSA: Personal Safety and Security for High-Risk Individuals Delaware Woman Arrested for International Sextortion and Money Laundering Scheme LastPass: Hackers targeted employee in failed deepfake CEO call UNSW: World-first Cybercrime Index ranks countries by cybercrime threat level Google Insider Threat: https://www.justice.gov/opa/pr/chinese-national-residing-california-arrested-theft-artificial-intelligence-related-trade Director Wray's Remarks to the ABA Standing Committee on Law and National Security Russia thwarts planned terrorist attack on Moscow Synagogue Change Healthcare breach data may be in hands of new ransomware group Politico: Grassley knocks agencies slacking on cyber CISA & FBI: Transitioning to .Gov: Helping Mitigate Election Office Cybersecurity and Impersonation Risks CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat / CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System. CDC Data Modernization Efforts Accelerate Nation’s Ability to Detect and Rapidly Respond to Health Threats The Black Market That Delivers Elon Musk’s Starlinks to U.S. Foes China's attacks on U.S. infrastructure aren't going anywhere Police Scour LockBit Ransomware Evidence, Turning Up 200 Leads TLP:CLEAR | FB-ISAO Newsletter Man on terror watchlist was released by Border Patrol

Weekly Security Sprint EP 60. Cyber news and breaches, security mindfulness, all-hazards and more! Apr 09, 2024

Warm Start: · GridEx VII Report Highlights Further Action to Enhance Grid Resilience · US electric grid growing more vulnerable to cyberattacks, regulator says · CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan Main Topics: · US Environmental Protection Agency hack exposes data of 8.5 million users. · Sophos - Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector. · Bomb threats follow Libs of TikTok's campaign against Planet Fitness o Bomb threats reported at Planet Fitness locations in Northern Va. amid transgender controversy o No threat found after several Planet Fitness locations in Jacksonville received bomb threats o Alabama Planet Fitness locations receive bomb threats, evacuated by FBI o Planet Fitness bomb threats in Connecticut spark concerns o Police: Planet Fitness locations evacuated after bomb threats o Planet Fitness locations in Daphne, Fairhope, and Mobile receive bomb threats · Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden. · Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023. The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion. o Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf o Cyber board says Chinese hack of US officials was 'preventable' o Microsoft faulted for ‘cascade’ of failures in Chinese hack · CSU: Forecast for 2024 Hurricane Activity. “We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.” Info Ops: o Russian trolls target U.S. support for Ukraine, Kremlin documents show o New effort to "inoculate" U.S. voters against AI misinformation o AI-generated story that Iran had fired missiles at Tel Aviv were amplified by X's own systems o Microsoft: China tests US voter fault lines and ramps AI content to boost its geopolitical interests Quick Hits: · CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities. · DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource. · FTC Announces Impersonation Rule Goes into Effect Today (01 Apr) · FBI Atlanta gate crash: Man tries to breach security by tailing employees · Suspect arrested after vehicle crashes into gate at Atlanta FBI field office · The Surprising Intelligence Community Outreach to Russia · Why Russian intelligence dismissed US warnings of terror threat · Germany announces military overhaul with eye on cyber threats · “All your base are belong to us” – A probe into Chinese-connected devices in US networks · Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure · Risky Biz News: Backdoor found in 92k D-Link NAS devices · Omni Hotels experiencing nationwide IT outage since Friday · A Quantitative Analysis of the Security Ratings of the S&P 500 · How a steel ball protected Taiwan’s tallest skyscraper in an earthquake · Rotterdam teen arrested for plotting a terror attack, prosecutors say · ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data · The Unification Church Infiltrated Japan’s Government. Now Its Sights Are Set on the U.S. · India rescues 250 citizens enslaved by Cambodian cybercrime gang · Targeted Phishing Linked to 'The Com' Surges · GenAI: The next frontier in AI security threats · ChatGPT jailbreak prompts proliferate on hacker forums · Threat Actors Deliver Malware via YouTube Video Game Cracks · 7 Types of Business Email Compromise (BEC) Attacks · SEO Poisoning

Venue Security, The IAVM Podcast Series EP 4: “Don’t’ get complacent.” Christopher Post, on communications and preparedness. Apr 08, 2024

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Christopher Post, Assistant General Manager, Amarillo Civic Center Complex. Christopher graduated from West Texas A&M University with a Bachelor of Business Administration. He has been in venue management for 18 years and prior to that, was a professional musician for a little over 20 years (yes, he started very young!). As Assistant General Manager, his duties have included serving as the Emergency Coordinator and First-Aid Response Trainer for the Amarillo Civic Center since 2009. He is a graduate of IAVM’s AVSS and VMS. Read more at his complete LinkedIn profile.

Amarillo Civic Center Complex® - Meet. Play. Celebrate.

Christopher’s background.
Clear, consistent, collaborative, communications.
Throwing EAP’s in the trash a few times.
The 10-80-10 rule.
The value of full-scale exercises.
Name dropping some champions from the community.
More!

“It has to be muscle memory, it has to be automatic.”In the discussion we address:

Weekly Security Sprint EP 59. Terrorism news, Hurricanes, and Health Preparedness Apr 02, 2024

The following topics were discussed on the latest Security Sprint: Warm Start Major companies put U.S. cyber defenses to the test in simulated attack The Auto-ISAC Launches Automotive Threat Matrix (ATM) Tool to Enhance Vehicle Cybersecurity Governance Change Healthcare Wake-Up Call: Is Sector Too Codependent? Denise Anderson and Errol Weiss of Health-ISAC Discuss Critical Cyber Issues. Signing of MOU between CI-ISAC Australia and Health ISAC Main Topics Russia, Terrorism ISIS issues horrifying warning as 'lone wolves' ordered to target Christians and Jews. ISIS spokesperson Abu Hudhaifa al-Ansari told "lone wolves" to mobilise and target Christians and Jewish people in the US, Europe and Israel. ISIS calls for Ramadan massacre of Christians and Jews by lone wolves across US, Europe and Israel Reuters: Iran alerted Russia to security threat before Moscow attack Egyptian suspect, 62, to face trial after police foil alleged ISIS terror attack on Notre Dame Cathedral ISIS Issues Fresh Threat To Putin: Reports No evidence so far of Ukraine's involvement in Moscow terrorist attack: Putin What is ISIS-K, the terror group claiming responsibility for the Moscow concert hall attack? Russian intel heads allege Western support for Moscow attack Rocked by Deadly Terror Attack, Kremlin Amps Up Disinformation Machine “Israel is ISIS” and other lies about the Crocus City Hall terror attack Improving the Security of Soft Targets and Crowded Places: A Landscape Assessment Keeping Soft Targets and Crowded Places Safe from Mass-Casualty Attacks: Insights from a Landscape Assessment Explosive Atlantic hurricane season predicted for 2024, AccuWeather experts warn; April Fools! Atlantic hurricanes to be given both first and last names Health and Broader Preparedness: Future State of Smallpox Medical Countermeasures National Academies report says US not ready for intentional, accidental smallpox outbreak Gate 15: Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 Apr 2020 Gate 15: Pandemic Preparedness: Start Your After-Action Report & Improvement Planning (NOW), 26 Mar 2020) Quick Hits CISA Seeks Input on CIRCIA Notice of Proposed Rulemaking. CISA releases draft rule for cyber incident reporting Thompson, Clarke Release Statement on CISA Cyber Incident Reporting Proposed Rule WSJ: U.S. Publishes Draft Federal Rules for Cyber Incident Reporting CISA publishes 447-page draft of cyber incident reporting rule CISA’s cyber incident reporting rules will apply to 316K entities CISA's proposed framework for cyber incident reporting rules includes subpoena power CISA: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094 Red Hat: Urgent security alert for Fedora 41 and Rawhide users. FBI PSA: Child Sexual Abuse Material Created by Generative AI and Similar Online Tools is Illegal Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians The Audacious MGM Hack That Brought Chaos to Las Vegas IRS kicks off annual Dirty Dozen with warning about phishing and smishing scams Ivanti-linked breach of CISA potentially affected more than 100,000 individuals AT&T notifies users of data breach and resets millions of passcodes How the Baltimore bridge collapse spawned a torrent of instant conspiracy theories Misinformation Milestone of More than 100 Israel-Hamas War False Claims Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign Readout from state convening to discuss cybersecurity and the water sector FS-ISAC: New Cyber Threats To Challenge Financial Services Sector In 2024 Rewards for Justice – Reward Offer for Information on ALPHV BlackCat-linked Cyber Actors Targeting U.S. Critical Infrastructure

The Gate 15 Interview EP 44: Faith-Based ISAO and DHS CISA on partnership, risk reduction, pizza MREs, and some great rock n’ roll Apr 02, 2024

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Mayya Saab, Executive Director, Faith-Based Information Sharing & Analysis Organization (FB-ISAO), Susan Schneider, presently detailed as Associate Director, Non-governmental Engagements, with the DHS Office of Partnership and Engagement, and Daniel Avondoglio, with the Office of Security Programs at CISA. Mayya on LinkedIn. Susan on LinkedIn. Daniel on LinkedIn. Those who want to engage with the DHS Office of Partnership and Engagement may email ngoengagement@hq.dhs.gov. This discussion is not limited in only being relevant to the faith-based community but addresses considerations and ideas relevant to the broader community. During the podcast, when discussing 2023 Threat Data, Andy noted that it is possible that mosques came under attack more frequently than the data suggested. Out of a total of 1027 incidents, mosques were targeted 5% of the time. That percentage, 5%, accounts for the overall number of mosques in the United States and correctly reflects the percentage of mosques that were targeted in 2023. What is FB-ISAO and what DHS is doing for the faith-based community. The general threat environment and how current geopolitical events are impacting that. Private-Public Partnership. Mitigating Risk. Resources! Connecting. Planning. Training. We play Three Questions and talk summer, food and music! And more! FB-ISAO CISA You can find more information about what the FBSAC is here Faith-Based Security Advisory Council | Homeland Security (dhs.gov) and what they are working on here: Taskings to FBSAC from DHS Secretary | Homeland Security Protecting Houses of Worship | Cybersecurity and Infrastructure Security Agency CISA Resources for Leaders of Faith-Based Communities, Organizations, and Institutions | Homeland Security (dhs.gov) This website provides leaders of faith-based communities, organizations, and institutions resources across DHS to prepare for and respond to a range of public safety challenges. FB-ISAO: The 2023 Threat Data in Review, 12 Feb FB-ISAO: What We Learned About Ransomware Resilience, 20 Feb Within this website is a fact sheet with resources on training, services, and grants. Resources for Community Organizations and Service Providers | Homeland Security (dhs.gov) The DHS Center for Faith-Based and Neighborhood Partnerships recently conducted a Spring Religious Observances Threat Briefing, here is a link to news and events of the center for additional information and past webinars: News and Events from the DHS Center for Faith-Based and Neighborhood Partnerships | FEMA.gov Secure Our World Tip Sheets (Punjabi) | CISA recently translated cyber products into Punjabi. National Critical Functions Several recent Gate 15 podcasts addressed the Lakewood Church shooting, including: Special Podcast. Lakewood Church Shooting with Faith-Based ISAO Nerd Out EP 45. Venue security, extremist news, and what to look for in 2024. Weekly Security Sprint EP 53. A Super Bowl amount of information – Church shooting, AI (good and bad), and much more. The Gate 15 Interview with Kirk Cerny: Security, old wagons, leadership integrity, Wyoming, and… the afterlife? “We are fundamentally an Agency of partnerships”“there’s no such thing as a small act of hate”- two quotes shared in the podcast, both attributed to Secretary of Homeland Security, Alejandro Mayorkas.Two notes.In the discussion we address:The QR code and associated web address below are for CISA’a “Active Assailant Security” list-serve, managed by CISA’s Active Assailant Security Branch, through the GovDelivery platform. We encourage those interested in the topic of “active assailant security” to scan the QR code or go to this web site and subscribe to receive relevant products and announcements as they become available.A few references mentioned in or relevant to our discussion include:

Weekly Security Sprint EP 58. Moscow Attack, Weather report, and much more Mar 27, 2024

In this week's Security Sprint, Dave and Andy covered the following topics: Opening Guest Blog Posts – Another Great Way to Contribute to FB-ISAO’s Mission Biden-Harris Administration engages states on safeguarding water sector infrastructure against cyber threats Health-ISAC Publishes 2023 Annual Report Main Topics: Moscow Attack & Terrorism Russia says 60 dead, 145 injured in concert hall raid; Islamic State group claims responsibility Maps and Diagrams of the Moscow Concert Hall Attack. U.S. Warned Russia Before Moscow Attack That Killed at Least 60 Islamic State releases Moscow attack video as death toll rises to 137 How the deadliest attack on Russian soil in years unfolded over the weekend What We Know About ISIS-K, the Group That Has Been Linked to the Moscow Attack State Department: The Islamic State Five Years Later: Persistent Threats, U.S. Options, 21 March CISA: Complex Coordinated Attacks Security Awareness for Soft Targets and Crowded Places Macron Says Islamic State Branch Behind Russia Attack, Also Targeted France Germany arrests suspected ISIS supporters accused of planning terror attack on Swedish parliament (19 Mar) Weather. Spring Outlook: Warmer for most of U.S., wetter in the Southeast; Low flood potential likely, as drought worsens for parts of the Plains Chinese Cyber Threats Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians BBC LIVE - UK to accuse China of major hack as Beijing warns against 'smears.' China targets group of MPs and peers with string of cyber-attacks Insider Threats & Espionage Airman Accused of Sharing Classified Info With Boogaloo Buddies Owners of China-Based Company Charged with Conspiracy to Send Trade Secrets Belonging to Leading U.S.-Based Electric Vehicle Company U.S. Accuses Two Men of Stealing Tesla Trade Secrets Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign. Over the past few months, Pajanor and staffers at Catholic Charities across the country, a decentralized, 113-year-old faith-based non-profit, have become the targets of right-leaning media personalities, conspiracy theorists and even members of Congress. Quick Hits UK NCSC: Responding to a cyber incident – a guide for CEOs UN adopts first global artificial intelligence resolution Imposing Sanctions on Actors Supporting Kremlin-Directed Disinformation Efforts CDC: US life expectancy rises after 2-year dip Lessons Learned from the COVID Pandemic: ‘There Needs to Be an Honest Discussion’ New report blasts government's COVID response, warns of repeating same mistakes In a pandemic milestone, the NIH ends guidance on COVID treatment Launch of Foreign Ministry Channel for Global Health Security Baltimore Key Bridge collapse live updates: 2 rescued, several others believed in water Attorney General Merrick B. Garland Statement on FBI Quarterly Uniform Crime Report. National Guard ready to assist states with cyber response, say officials Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds Unsaflok flaw can let hackers unlock millions of hotel doors Kremlin Uses Word 'War' For Ukraine Invasion For First Time CISA: Nothing Scares the PRC More Than a Russian Defeat in Ukraine Justice Department Sues Apple for Monopolizing Smartphone Markets Understanding and Responding to Distributed Denial-Of-Service Attacks Repository for Software Attestation and Artifacts Now Live Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity Google, Meta and others face tough questions in Australia over cyber extremism threats

Nerd Out EP 46. Be Curious - Dave going solo! Mar 19, 2024

In the latest episode of Nerd Out, Dave is solo and integrating his love for Ted Lasso into the security world. Challenging everyone to be curious, Dave evaluates the famous dart game in Ted Lasso (season 1) and calls out three points for individuals and organizations to be focused on as we evaluate threats. Whether it be the terrorist or extremist threat, or MDM, Dave reminds everyone to be mindful in their security preparedness planning.

Weekly Security Sprint EP 57. Terrorism threats, IoT labeling, Exploitation threats, and more. Mar 18, 2024

In this week's Security Sprint, Dave and Andy talked about the following topics: Warm Start: Growing need to address cybersecurity challenges across US healthcare sector for improved resilience Health-ISAC Supports Health Industry Cybersecurity Strategic Plan; Joint effort gives measurable objectives toward resilience within 5 years Terrorism & Extremism Gaza War could spark radicalization for years to come: https://theintercept.com/2024/03/14/fbi-gaza-war-domestic-radicalization-hamas/ U.S. Senate Select Committee on Intelligence: Worldwide Threats C-SPAN: Intelligence Officials Testify on Global Threats Before Senate Cmte. 2024 Annual Threat Assessment of the U.S. Intelligence Community Top threats to watch in Intel’s worldwide forecast Four things we learned when US spy chiefs testified to Congress FBI director warns of 'dangerous individuals' coming across southern border US Intelligence Chiefs Deliver Grim Warning on Ukraine U.S. intelligence officials warn of global security threats during Senate hearing The Terrorist: How a devout Christian kid became a radicalized mass murderer A New Terror Threat Is Emerging in Europe Linked to Iran, Gaza War Illegal migrant from Lebanon caught at border admitted he’s a Hezbollah terrorist hoping ‘to make a bomb’ — and was headed for NY FB-ISAO: March 2024 Threat Level Statement Update PSA - Extortion: On popular online platforms, predatory groups coerce children into self-harm. Using flattery and guile, he persuaded the 14-year-old girl to send a nude photo. It instantly became leverage. Over the following two weeks in April 2021, he and other online predators threatened to send the image to the girl’s classmates in Oklahoma unless she live-streamed degrading and violent acts, the girl’s mother told The Washington Post. They coerced her into carving their screen names deep into her thigh, drinking from a toilet bowl and beheading a pet hamster — all as they watched in a video chatroom on the social media platform Discord. The pressure escalated until she faced one final demand: to kill herself on camera. Related: There Are Dark Corners of the Internet. Then There's 764. What to Know About the Proposed TikTok Legislation IoT: https://www.nextgov.com/cybersecurity/2024/03/fcc-approves-cyber-labeling-program-iot-devices/394946/ Quick Hits: Earth just had its warmest February on record European Environment Agency: Europe is not prepared for rapidly growing climate risks Ransomware: Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption Malwarebytes: Ransomware review: March 2024 GRIT Ransomware Report: February 2024 Haiti: Haitian PM tenders resignation after Jamaica talks Haitian gangs abduct churchgoers amid escalating violence: 'Kidnappings everywhere' Haiti security mission in limbo as urgency grows Rush to deploy multinational force sets conditions on Haiti Plan to install new leaders in Haiti appears to crumble after political parties reject it American missionaries trapped in Haiti seek prayers and help Undersea cable failures cause Internet disruptions for multiple African countries Info Ops: Blinken Warns of Disinformation Threat to Democracies. South Korea hosted summit warns of AI risks to democracy How a Foul Ball From 2014 Became Part of a Russian Disinformation Campaign White House’s Efforts to Combat Misinformation Face Supreme Court Test Exclusive: Trump launched CIA covert influence operation against China US is still chasing down pieces of Chinese hacking operation, NSA official says UK NCSC: Cloud-hosted supervisory control and data acquisition (SCADA) US GAO - Science & Tech Spotlight: Combating Deepfakes HHS Office for Civil Rights Issues Letter and Opens Investigation of Change Healthcare Cyberattack The water industry wants to write its own cybersecurity rules. Will Biden and Congress go for it? CISA: Secure Cloud Business Applications: Hybrid Identity Solutions Guidance

Weekly Security Sprint EP 56. IC3 Report, Information Ops, Religious Holidays, Domestic Threats Mar 12, 2024

In the latest episode of the Security Sprint, Dave and Andy covered the following topics. Warm Start Healthcare: Health-ISAC: Facing a major incident? Don't navigate it alone. Here's how Health-ISAC's community stepped up during the recent Change Healthcare event. Opinion: Conflicting government cyber mandates risk undermining US security. “Our nation faces a complex range of cyber threats Quote of the week: Risky Biz News: The aftermath of Microsoft's SVR hack is rearing its ugly head. In an update on the same incident posted late Friday afternoon—as is the practice of every respectable corporate company—Microsoft says it found new evidence over the past weeks that the Russian hackers were now weaponizing the stolen information. Main Topics FBI IC3 2023 Internet Crime Report FBI: Critical infrastructure suffers spike in ransomware attacks Americans lost a record $12.5 billion to online fraud last year Info Ops: Spate of Mock News Sites With Russian Ties Pop Up in U.S Proliferating 'news' sites spew AI-generated fake stories TAG Bulletin: Q1 2024 AI Tools Are Still Generating Misleading Election Images Fake U.S. local news network exposed as Russia-linked propaganda front: report ElevenLabs Block on Cloning Biden's Voice Easily Bypassed Russian influence operations against Baltic states and Poland having ‘significant impact’ on society A New Playbook for Addressing Health Misinformation AI will likely increase energy use and accelerate climate misinformation – report Upcoming Holiday Security Awareness Domestic Threats Inspired Terror: In Video Uploaded To Internet, Teenage Stabber Of Jew In Zürich Swears Allegiance To Islamic State (ISIS), Calls On Muslims To Target Jews And Christians Everywhere Insider Threats: Air Force Employee Indicted for Unlawful Disclosure of Classified National Defense Information. Air National Guardsman Agrees to Plead Guilty to Unlawfully Disclosing Classified National Defense Information. Chinese National Residing in California Arrested for Theft of Artificial Intelligence-Related Trade Secrets from Google Quick Hits 4 tabletop exercises every security team should run. European Environment Agency: Europe is not prepared for rapidly growing climate risks EXECUTIVE SUMMARY European climate risk assessment TH-AL-24-001-EN-N.pdf Ransomware tracker: The latest figures [March 2024] Learning Lessons from The Cyber-Attack: British Library cyber incident review, March 2024 The Week in Ransomware - March 8th 2024 - Waiting for the BlackCat rebrand The clowns and fools behind ransomware attacks BlackCat ransomware shuts down in exit scam, blames the "feds" No security issues as Super Tuesday draws to a close, CISA official says Canadian Centre for Cyber Security Security tips for organizations with remote workers - ITSAP.10.016 UK NPSA: Insider Events - Communications Guidance CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices European court favors strong encryption, calling it key to privacy rights Update to national cybersecurity strategy implementation plan coming before the end of summer JetBrains TeamCity under attack by ransomware thugs after disclosure mess CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog International: As gangs attack a critical port, ‘Haiti will go hungry soon’ Tabletop exercise hosted by Europol to disrupt terrorist content online Tesla Berlin Gigafactory to be without power for another week following eco-terrorist attack Germany: Sabotage case launched against Tesla protesters German police carry out raids against people suspected of posting misogynistic hate speech online Sweden officially joins NATO, ending decades of post-World War II neutrality Sweden police arrest suspected Islamists believed to prepare attack U.S. Embassy & Consulates in Russia Security Alert: Avoid Large Gatherings over the Next 48 Hours U.S. warns of imminent Moscow attack by 'extremists,' urges citizens to avoid crowds

Venue Security, The IAVM Podcast Series EP 3: Stella Salyer on Leadership, First Aid and Emergency Response: (way) better safe than sorry. Mar 11, 2024

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Stella Salyer, Assistant General Manager, Sales & Services, Virginia Beach Convention Center. Stella is a Nationally Registered Advanced Emergency Technician and volunteers every weekend in Virginia Beach’s 911 system. She holds certifications in Mass Casualty and Tactical Emergency Critical Care, Stop the Bleed instructor, and is a Proctor for Virginia Beach EMS’s Advanced EMT Academy. Read more at her complete LinkedIn profile. Contact Stella by email: ssalyer@vbgov.com.In the discussion we address:

Stella’s background.
First Aid and Emergency Response.
Leadership during incidents.
What’s on Stella’s mind.
With a shoutout to Farrow Bouton, New Orleans Director of Event Services, for his and Smoothie King Center’s kind support to IAVM and AVSS 2024.

Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

Weekly Security Sprint EP 55. MDM, hostile events, health, and ransomware Mar 05, 2024

On this week's Security Sprint, Dave and Andy discussed the following topics: Opening TribalHub hosts online Tribal Cybersecurity Summit March 7. Gate 15 is grateful to contribute to Tribal-ISAC and to facilitate the Opening Welcome and Keynote: Cybersecurity Organizational Structures and Best Practices Based Upon Tribe Size and Cyber Maturity Level! Health-ISAC Workshop: Enhancing Threat Awareness and Preparedness for Active Shooter/Hostile Event Response (ASHER) Attacks in Health Services Facilities Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC PCAST Releases Report on Strategy for Cyber-Physical Resilience Main Topics Info Ops – Dave BP article Content Farms. https://www.bleepingcomputer.com/news/security/content-farm-impersonates-60-plus-major-news-outlets-like-bbc-cnn-cnbc/ AI Chatbots Provide False Information About November Elections 2024 Elections Misinformation Tracking Center Pennsylvania creates fact-checking website ahead of 2024 election Media Habits and Misinformation Susceptibility of Adults Aged 55 Years and Older: Findings from a RAND American Life Panel Survey Germany accuses Moscow of ‘disinformation attack’ in leaking senior officers’ call Man Pleads Guilty to Firebombing Planned Parenthood Clinic and Plotting to Attack Electrical Substation CDC: Immunization and Respiratory Diseases Bulletin. Wenstrup Announces Hearing on White House’s Role in Pandemic Preparedness and Response Ransomware Updates: Proofpoint: 2024 State of the Phish 69% of Organizations Infected by Ransomware in 2023. Trend Micro: LockBit Attempts to Stay Afloat With a New Version Top 10 Issues General Counsel Need to Know About Ransomware in 2024 CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware Fulton County, Georgia, refuses to pay ransom, again The Mysterious Case of the Missing Trump Trial Ransomware Leak A large US health care tech company was hacked. It’s leading to billing delays and security concerns Health-care hack spreads pain across hospitals and doctors nationwide Quick Hits CORRECTED: SAVE THE DATE! CISA Hosts CISA Live! – Open Source Software Security on Thursday, March 7 at 1:00 PM EST! The White House Warns Cars Made in China Could Unleash Chaos on US Highways Statement from President Biden on Addressing National Security Risks to the U.S. Auto Industry FACT SHEET: Biden-⁠Harris Administration Takes Action to Address Risks of Autos from China and Other Countries of Concern US to probe if Chinese cars pose national data security risks U.S. launches investigation of Chinese vehicles, citing security risks Senator asks FTC to investigate automakers’ data privacy practices CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities FACT SHEET: President Biden Issues Executive Order to Protect Americans’ Sensitive Personal Data AI & Tech As House task force work begins, Rep. Bonamici is ‘very worried’ about AI — ‘and we all should be’ Google working to fix Gemini AI as CEO calls some responses "unacceptable" US tech giants refuse to work with Britain’s top secret military censorship board How AI Will Help the World's Top Hospital CEOs Transform Health Care OpenAI claims the Times cheated to get ChatGPT to regurgitate articles Tumblr and WordPress to Sell Users’ Data to Train AI Tools Apple to disclose AI plans later this year, CEO Tim Cook says Denmark closes probe into Nord Stream blasts saying there’s not enough grounds for a criminal case NIST Cybersecurity Framework 2.0 Officially Released. PRESS RELEASE: Future Software Should Be Memory Safe Joint Statement Endorsing Principles for 6G: Secure, Open, and Resilient by Design Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams

Weekly Security Sprint EP 54. Board talks, AI, event preparedness, ransomware and more Feb 28, 2024

Dave and Andy discussed the following topics: NCSC / Boards. https://www.ncsc.gov.uk/blog-post/cyber-security-governance-the-role-of-the-board AI. Air Canada Has to Honor a Refund Policy Its Chatbot Made Up. Gab’s Racist AI Chatbots Have Been Instructed to Deny the Holocaust Bobbi Althoff deepfake spotlights X’s role as a top source of AI porn AI-generated video is here to awe and mislead From ChatGPT to Gemini: how AI is rewriting the internet Google pauses AI-generated images of people after ethnicity criticism Exclusive: Reddit in AI content licensing deal with Google FCC advisory committee to focus on how AI can defend against unwanted calls Ransomware U.S. and U.K. Disrupt LockBit Ransomware Variant Ransomware Operation LockBit Reestablishes Dark Web Leak Site Trend Micro: LockBit Attempts to Stay Afloat With a New Version US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say Change Healthcare Cyberattack: Network Connectivity Issues, Indicators of Compromise Health-ISAC: Change Healthcare / Optum Network Connectivity and Additional Recommendations Venue Consideration. https://www.stuff.co.nz/culture/350189027/spark-arena-gives-training-security-staff-after-seat-stealers-ruin-50-cent Quick Hits SAVE THE DATE! CISA Hosts CISA Live! – K-12 School Safety on Thursday, February 29 at 12:30. On Thursday, February 29, we will mark the 4th year of SchoolSafety.gov on our next CISA Live!. Weather. https://www.cnn.com/2024/02/26/weather/thunderstorms-midwest-heat-weather-climate/index.html Health. https://www.cidrap.umn.edu/influenza-general/us-flu-levels-stubbornly-high-covid-declines-further Resources Canadian Centre for Cyber Security Best practices for passphrases and passwords (ITSAP.30.032). Cybersecurity Emotions Canadian Centre for Cyber Security Digital footprint (ITSAP.00.133) Canadian Centre for Cyber Security Secure your accounts and devices with multi-factor authentication (ITSAP.30.030) UK NCSC: Private Branch Exchange (PBX) best practice Updated: Top Cyber Actions for Securing Water Systems AT&T. $5! AT&T to Reimburse Customers Struck by Outage AT&T is mocked by customers after network outage downed 70,000 phones and triggered fears of 'Leave the World Behind' apocalypse Russia Biden announces 500 new sanctions targeting Russia over war on Ukraine, Navalny death US and EU pile new sanctions on Russia for the Ukraine war’s 2nd anniversary and Navalny’s death Statement from President Joe Biden Ahead of the Two-Year Anniversary of Russia’s Brutal Assault Against Ukraine Senate Majority Leader Chuck Schumer is in Ukraine to meet Zelenskyy as US aid hangs in the balance President Biden to hit Russia with 'major sanctions' in response to death of Navalny Other. New Biden order would stem flow of Americans’ sensitive data to China CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure Brussels spyware bombshell: Surveillance software found on officials’ phones East coast cable issues hit operators Israeli daily claims Yemeni attacks harmed telecom lines in Red Sea Damage causes outage for Africa's first subsea cable

The Gate 15 Interview with Kirk Cerny EP 43. Security, old wagons, leadership integrity, Wyoming, and… the afterlife? Feb 26, 2024

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Kirk Cerny, Chief Operating Officer at Haystax. Kirk is a security and counterintelligence professional with 20 years of leadership experience in public & private C-suites. Kirk specializes in threat prevention and mitigation, compliance, and more! Kirk on LinkedIn. Kirk’s Background Haystax School and Facility Security Public Safety & First Responders The new Dragon Pipeline What’s on Kirk’s mind We play Three Questions and talk old wagons, great states, and magic eight balls. Plus: Leadership, values, Gary Fisher, and lots more! Haystax Haystax School Safety in Action: Houston UASI Threat Response CISA Reflecting on the Parkland tragedy, its lasting impacts, and work still to be done, 14 February 2024 In the discussion we address:A few references mentioned in or relevant to our discussion include:

Nerd Out EP 45. Venue security, extremist news, and what to look for in 2024. Feb 20, 2024

In the latest episode of Nerd Out, Dave is joined by stalwarts Bridget Johnson and Joe Levy to talk about the latest security news. They talked about the impacts of the Lakewood Church shooting, and what to take away from it. Then they talked about other incidents, and the latest news from the terrorism front. Is it all quiet or is this just a ruse. Finally, they talk about what to look forward to in 2024, and it really shouldn't be a surprise. Joe Levy is the Assistant General Manager at the Barclays Center. Bridget Johnson is a terrorism and extremism expert who has decades worth of experience analyze threat activities.

Special Podcast. Lakewood Church Shooting with Faith-Based ISAO Feb 14, 2024

In this special podcast, Andy welcomes in Dave and key members of the Faith-Based Information Sharing and Analysis Organization (FB-ISAO) to talk about the Lakewood church shooting. They looked at how the event unfolded, security processes, and lessons learned. Guests include: Mayya Saab, the Executive Director of FB-ISAO Ed Heyman, Co-Chair of the FB-ISAO ORG Phil Froehlich, Co-Chair of the FB-ISAO ORG

Weekly Security Sprint EP 53. A Super Bowl amount of information - Church shooting, AI (good and bad), and much more. Feb 12, 2024

In this week's Security Sprint, Dave and Andy discussed the following topics: Warm Start: Announcement! WaterISAC is excited to announce that this Spring, it will be hosting H2OSecCon as a one-day virtual event on Thursday, May 23 from 11 AM - 5 PM ET! T National Rural Water Association and WaterISAC Collaborate to Benefit Small Water Utilities Nationwide AMWA reiterates cybersecurity views to Homeland Security Subcommittee Lakewood Church Shooting Shooting at Joel Osteen's Lakewood Church in Houston: Female shooter killed, 5-year-old child shot Joel Osteen statement in response to this incident, post to Threads Woman Opens Fire at Joel Osteen’s Texas Megachurch During Live TV Broadcast Additional physical security items of note: Philadelphia Man Charged with Making Antisemitic and Islamophobic Threats Islamic State, Al-Qaeda Call for Violence Against Jewish Communities Following October 7 Attack Tennessee man who was working with militias planned to act as a sniper and attack Southern border, feds say. U.S. Strike in Baghdad Kills Iranian-Backed Militia Commander Iraq Criticizes US Strikes After Baghdad Attack Killed Iran-Backed Militant Group Commander CISA Releases Violence Prevention through De-escalation Video. AI. FCC Confirms that TCPA Applies to AI Technologies that Generate Human Voices AI-Generated Voices in Robocalls Are Now Illegal How a Biden AI robocall in New Hampshire allegedly links back to a Texas strip mall Taylor Swift deepfakes on X falsely depict her supporting Trump AI Deployed Nukes 'to Have Peace in the World' in Tense War Simulation NYPD and WhatsApp. https://nypost.com/2024/02/05/business/nypd-tests-old-school-tactics-in-the-bronx-to-combat-shoplifting/ Info Ops: Russia Is Boosting Calls for 'Civil War' Over Texas Border Crisis. Chinese Websites Posing as Local News Outlets Target Global Audiences with Pro-Beijing Content CISA Launches #Protect2024 Resources Webpage for State and Local Election Officials Quick Hits: Severe Weather: Historic storm sends debris through LA’s Hollywood Hills and leaves 1.1 million without power 3 dead as storm pummels California, causing flooding and dozens of mudslides in L.A. area More than 120 people are dead and entire neighborhoods have been reduced to ashes in record-breaking Chile wildfires The growing inadequacy of an open-ended Saffir–Simpson hurricane wind scale in a warming world Hurricanes are getting so intense, scientists propose a Category 6 More on Scams & Fraud: Think you know what the top scam of 2023 was? Take a guess As Nationwide Fraud Losses Top $10 Billion in 2023, FTC Steps Up Efforts to Protect the Public IRS warns tax professionals to be aware of EFIN scam email; special webinars offered next week Ransom where? Everywhere. Chainalysis: Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline Ransomware Payments Hit a Record $1.1 Billion in 2023 GRIT Ransomware Annual Report 2023 (Q1-Q4) The Record: Ransomware tracker: The latest figures [February 2024] Malwarebytes 2024 State of Malware: Known ransomware attacks up 68% in 2023 Nation States Subcommittee Chairman Garbarino Statement On PRC Persistent Access To U.S. Critical Infrastructure. CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance NSA: Combatting Cyber Threat Actors Perpetrating Living Off the Land Intrusions. NSA and Partners Spotlight People’s Republic of China Targeting of U.S. Critical Infrastructure More Cyber News. Verizon insider data breach hits over 63,000 employees Ivanti: CVE-2024-22024 (XXE) for Ivanti Connect Secure and Ivanti Policy Secure Researchers say attackers are mass-exploiting new Ivanti VPN flaw UK NCSC: Vulnerability management Canadian Centre for Cyber Security How updates secure your device (ITSAP.10.096)

Venue Security, The IAVM Podcast Series EP 2: Gil Fried, The Crowd Management Doctor on Training and Supervising Security Staff Feb 12, 2024

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Gil Fried, Professor and Assistant Dean of the College of Business at the University of West Florida and a member of the International Association of Venue Managers (IAVM) Venue Safety and Security Committee. In the discussion we address:

Gil’s background.
Training and Supervising Security Staff.
Sports Facilities and the Law & Crowd Management Doctor (on YouTube).
What’s on Gil’s mind, including raucous crowds.

Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

Weekly Security Sprint EP 52. Geo-political impacts, cyber warnings, BEC, scams, ransomware and more! Feb 07, 2024

In this week's Security Sprint, Dave and Andy covered the following topics: In our warm start we address cyber threats from China and threats to the Water Sector, see quick hits for links. And we celebrate Pod friend Bridget Johnson on her new role. Main Topics: Cyber Warnings - BEC Evolving Threat Landscape: Crime, Confusion, Deepfakes, BEC, fake data breaches, fake political robocalls… Deepfake Scam Video Cost Company $26 Million, Hong Kong Police Says. Europcar says someone likely used ChatGPT to promote a fake data breach. OpenAI: Building an early warning system for LLM-aided biological threat creation FBI PSA: Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams Ransomware: Corvus: Q4 Ransomware Report: 2023 Ends as a Record-Breaking Year Ransomware Retrospective 2024: Unit 42 Leak Site Analysis. The year saw a 49% increase in victims reported by ransomware leak sites, with a total of 3,998 posts from various ransomware groups. The ransomware business is booming, even as enforcers shut down some major players; Palo Alto Networks’ Unit 42 found a 49 percent bump in victims reported by ransomware leak sites in 2023 Quick Hits Brothers Charged After Seizure of Homemade Explosives, Ghost Guns in Their Astoria Apartment Queens bust: 2 brothers kept homemade explosive devices, 'hit list' in Astoria apartment, authorities allege. Investigators also recovered notebooks with hit lists that included police officers, politicians and celebrities, along with a scanner radio set to the frequency of the neighboring police precinct…The apartment is located right across from a Con Ed power facility. Cyber Threats to Critical Infrastructure and the United States Hearing Notice: The CCP Cyber Threat to the American Homeland and National Security Exclusive: US disabled Chinese hacking network targeting critical infrastructure FBI director to warn Congress of dangers Chinese hackers pose to American infrastructure, innovation Opening Statement by CISA Director Jen Easterly CISA: People's Republic of China Cyber Threat Water, Water, Everywhere! Announcement! WaterISAC is excited to announce that this Spring, it will be hosting H2OSecCon as a one-day virtual event on Thursday, May 23 from 11 AM - 5 PM ET! Sign Up For Updates Here! Securing Operational Technology: A Deep Dive into the Water Sector Environment, Manufacturing, and Critical Materials Subcommittee Hearing: "Ensuring the Cybersecurity of America's Drinking Water Systems" Chair Rodgers Opening Remarks on the Cybersecurity of America’s Drinking Water System More Cyber. The U.S. economy is booming. So why are tech companies laying off workers? Statement From Secretary of Defense Lloyd J. Austin III on U.S. Strikes in Iraq and Syria Geo-politics. Sullivan: Middle East strikes "not the end" of U.S. drone attack response Houthis may sabotage western internet cables in Red Sea, Yemen telecoms firms warn Iran Says Yemen Strikes 'Contradict' US, UK Policy Hostages at Procter & Gamble plant outside Istanbul rescued after 9-hour ordeal US Senate Judiciary Committee Hearing: Big Tech and the Online Child Sexual Exploitation Crisis Senator to Big Tech: ‘Collectively, your platforms really suck at policing themselves’ Ivanti Updates: Supplemental Direction V1: ED 24-01: Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities CISA orders Ivanti devices targeted by Chinese hackers be disconnected QAnon-aligned son decapitates federal employee dad, shows off ‘traitor’s’ head in sick YouTube video Virtual Event: Preventing Mass Attacks In Our Communities. In this event, researchers from the US Secret Service National Threat Assessment Center discuss their findings on mass attacks perpetrated in public and semi-public spaces, including businesses, restaurants, bars, retail outlets, houses of worship, schools, open spaces and more. Click Here To Register.

Weekly Security Sprint EP 51. Confiscated weapons, new DOJ / FTC guidance, AI, and more cyber news. Jan 30, 2024

Dave and Andy discussed the following topics. Swatting! Police Arrest Teen Said to Be Linked to Hundreds of Swatting Attacks CISA's Easterly the target of ‘harrowing’ swatting incident Nikki Haley targeted in 'swatting' incident at her home Physical Security. Cleveland Clinic confiscated 30K weapons last year Security guard accused in Edmonton city hall shooting makes court appearance DOJ: Justice Department and the FTC Update Guidance that Reinforces Parties’ Preservation Obligations for Collaboration Tools and Ephemeral Messaging FTC: FTC and DOJ Update Guidance That Reinforces Parties’ Preservation Obligations for Collaboration Tools and Ephemeral Messaging Risky Biz News: DOJ and FTC tell companies to stop deleting chats Artificial Intelligence (AI) and Investment Fraud: Investor Alert UK NCSC: Global ransomware threat expected to rise with AI, NCSC warns UK NCSC: The near-term impact of AI on the cyber threat. British intelligence warns AI will cause surge in ransomware volume and impact CISA Joins ACSC-led Guidance on How to Use AI Systems Securely UK NCSC: The near-term impact of AI on the cyber threat NZ NCSC: Joint Guidance: Engaging with Artificial Intelligence OpenAI and Other Tech Giants Will Have to Warn the US Government When They Start New AI Projects Fact Sheet: Biden-⁠Harris Administration Announces Key AI Actions Following President Biden’s Landmark Executive Order OpenAI Quietly Scrapped a Promise to Disclose Key Documents to the Public 23andMe admits it didn’t detect cyberattacks for months Ransomware-palooza! Symantec - The 2024 Ransomware Threat Landscape Annual GRIT Ransomware Report – 2023 Dragos Industrial Ransomware Analysis: Q4 2023 Who pays, and why: A researcher examines the ransomware victim’s mindset The Conjoined Triangle of Ransomware Ransomware Attacks Spotlight Need for FIs to Gauge Third-Party Risk Water Sector ransomware and other updates: Veolia Responds to Cyber Incident – company statement Water services giant Veolia North America hit by ransomware attack Water facility operator says ransomware attack affected North America division Chairs Rodgers and Carter Announce Subcommittee Hearing on Ensuring Cybersecurity of America’s Drinking Water Systems CISA's Water Sector Guide Puts Incident Response Front & Center WaterISAC: 15 Security Fundamentals You Need to Know West Virginia Department of Health Takes Steps to Prevent Cyberattacks Against Water Systems Quick Hits: In major gaffe, hacked Microsoft test account was assigned admin privileges Florida Bill Seeks Safe Harbor for Organizations with Robust Cybersecurity Programs HHS Releases New Voluntary Performance Goals to Enhance Cybersecurity Across the Health Sector and Gateway for Cybersecurity Resources NCTC First Responder’s Toolbox: Responses to Overseas Conflicts May Impact Public Safety Agencies in the Homeland Mother of all breaches - a historic data leak reveals 26 billion records: check what's exposed UK tells business leaders to ‘toughen up’ against cyberattacks CISA Blog: We Must Consider Software Developers a Key Part of the Cybersecurity Workforce Guidance: Assembling a Group of Products for SBOM

Weekly Security Sprint EP 50. Uvalde Report, Sextortion, Ransomware and new Resources Jan 23, 2024

Dave and Andy discussed the following topics: New Tribal-ISAC podcasts! Raise Your Tribes Cybersecurity IQ: Part 1 Raise Your Tribes Cybersecurity IQ: Part 2 CISA Releases 2023 Year in Review! Uvalde. ⁠Justice Department Releases Report on its Critical Incident Review of the Response to the Mass Shooting at Robb Elementary School in Uvalde, Texas⁠. Ransomware Ransomware Resilience: You can’t afford _not_ to exercise! Check Point Research: 2023 – The year of Mega Ransomware attacks with unprecedented impact on global organizations New ransomware: Pings Ransomware Slug (via X, victim claimed in today’s ransomware listings) Insane (via X, victim claimed in today’s ransomware listings) First American cyber incident expected to impact Q4 2023 financials; Delayed closing due to the Dec. 20, 2023, cyber incident are expected to lead to weaker fourth quarter financials at the title firm Toronto Zoo says staff personal info stolen in ransomware cyberattack Ransomware negotiation: When cybersecurity meets crisis management ⁠Sextortion: A Growing Threat Targeting Minors⁠. UK NPSA: Counter-State Threats⁠. ⁠UK NPSA: SCaN for Line Managers⁠. Quick Hits New USGS map shows where damaging earthquakes are most likely to occur in US. US Secret Service: Live Virtual Presentations on Targeted Violence Prevention. CISA - Active Shooter Preparedness Webinar, Region 9 - 7 FEB 2024 CISA and FBI Release Known IOCs Associated with Androxgh0st Malware CISA: Cybersecurity Guidance: Chinese-Manufactured UAS Election 2024 Authorities map out potential threats ahead of New Hampshire primary OpenAI bans bot impersonating US presidential candidate Dean Phillips AI is destabilizing ‘the concept of truth itself’ in 2024 election Former Jan. 6 Select Committee deleted more than 100 encrypted files from its probe in the days before Republicans took over the House majority

The Gate 15 Interview EP 42: Foster on building high-performing cybersecurity teams, complex threats, bringing the noise and musical obsessions Jan 22, 2024

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Eric Foster, Chief Operating Officer at Stairwell. Prior startups include Cyderes.com (co-founder under Gary Fish, sold to Apax Partners / merged with Robert Herjavec’s Herjavec Group), RiskIQ.com (sold to Microsoft), MMAjunkie.com (founder, sold to USA Today) and eScout.com (incubation team, sold to PerfectCommerce). Active advisory roles include: Onspring.com, Stairwell.com. Past advisory roles: PhoneFactor (sold to Microsoft). Eric is a recognized domain expert in Information Security, Regulatory Compliance, and CusEricer Success. In the discussion we address: Eric’s origin story His experience as a founder and entrepreneur, and the importance of mentorship Building high-performance teams and developing corporate culture Eric’s work from founding CYDERES to his current work with Stairwell The complex intersection of geopolitical threats and increased conflict in a world that is rapidly accelerating in positive directions in technology We play Three Questions and talk careers in an alternate universe, flying through space with Elon, Eric’s musical obsessions, and more – including Radiohead and Sleep Token! A few references mentioned in or relevant to our discussion include: CYDERES Stairwell Learn more about the Stairwell Culture Google Blog: A new approach to China, January 12, 2010 (in late 2009, Google was the victim of a major cybersecurity attack, code named Operation Aurora)

Nerd Out EP 44. The Middle East, threats to Houses of Worship, and 2024 Outlook Jan 16, 2024

In the latest episode of Nerd Out, Dave is joined by Alec Davison and Ed Heyman for the first episode of 2024. They opened the discussion recapping some of the events over the past several weeks to include the Prague and Iowa school shootings, cyber threats, natural disasters and health conditions before getting into the ever-expanding conflict in the Middle East and what it may mean for security teams. The group also looks at the impacts these events have had on faith-based organizations and then look ahead to events that could shape 2024. Ed Heyman is a security professional with over 30 years of experience in the intelligence and security community and he is the co-chair of the Faith-Based Information Sharing and Analytical Organization (FB-ISAO) Organizational Resilience Group. Alec Davison is a threat and risk analyst with Gate 15 where he works with various industries on threat awareness and security preparedness matters. Some of the links mentioned in this episode include: https://www.politico.com/news/2024/01/10/american-intel-officials-hezbollah-u-s-attac[…]4?utm_source=iterable&utm_medium=email&utm_campaign=8745640_ https://foreignpolicy.com/2023/12/19/hamas-terrorism-threat-global-europe-germany-arrests/ https://www.jpost.com/international/islamic-terrorism/article-782053 https://www.ic3.gov/Media/Y2023/PSA231212 https://www.ic3.gov/Media/Y2024/PSA240112 https://www.voanews.com/a/us-faith-based-groups-face-increased-threat-this-holiday-season/7387281.html https://abcnews.go.com/Politics/threats-jews-muslims-arabs-continue-social-media-dhs/story?id=106291629 https://www.lawfaremedia.org/article/the-signal-in-the-noise-the-2023-threats-and-those-on-the-horizon

Weekly Security Sprint EP 49. ISAC news, weather impacts, plus your dose of cyber and physical security news Jan 15, 2024

In this week's Security Sprint, Dave and Andy covered the following topics. ISAC Exciting Announcements! Tribal-ISAC joins National Council of ISACS for cyber security, information sharing Japanese Auto-ISAC and Auto-ISAC Formalize Agreement to Enhance Vehicle Cybersecurity Severe Weather Awareness Iowa Caucus Impacts Texas "Freeze" Buffalo Bills great stadium dig-out Main Topics School Data Base Leak. https://www.wired.com/story/us-school-shooter-emergency-plans-leak/ SEC X Compromise. SEC account hack renews spotlight on X's security concerns US SEC says breach of its X account did not lead to breach of broader SEC systems A Hacker's Perspective: Social Media Account Takeover Prevention Guide Scams. https://news.trendmicro.com/2024/01/12/fake-apple-and-capital-one-notifications-top-scams-of-the-week/ Physical Threats. Malicious Actors Threaten U.S. Synagogues, Schools, Hospitals, and Other Institutions With Bomb Threats, 12 Jan. “Since 8 December 2023, the FBI has opened investigations on more than 100 separate threats targeting more than 1,000 institutions in 42 states and the District of Columbia." New FB-ISAO Newsletter! FB-ISAO Newsletter, v6, Issue 1. US, UK launch retaliatory strikes against Houthis in Yemen Protests erupt outside Yemen Mission in NYC to condemn US attacks on Houthi rebels — some protesters attacking couple holding Israeli flag: ‘Long live Hamas, you piece of s–t!’ Joint Statement from the Governments of Australia, Bahrain, Canada, Denmark, Germany, Netherlands, New Zealand, Republic of Korea, United Kingdom, and the United States Statement from President Joe Biden on Coalition Strikes in Houthi-Controlled Areas in Yemen Statement by Secretary of Defense Lloyd J. Austin III on Coalition Strikes in Houthi-Controlled Areas of Yemen Background Press Call by Senior Administration Officials and Senior Military Official on Developments in the Middle East Houthi rebels say US will pay a ‘heavy price’ for strikes that killed 5, injured Lulzsec Hacktivists Leak American Bank Logins in Protest Against Yemen Airstrikes Moscow Blasts U.S.-British Strikes in Yemen Who Are the Houthis and Why Did the US and UK Launch Strikes on Them? Quick Hits FBI arrests Florida man accused of threatening ‘mass casualty event’ American intel officials warn of risk of Hezbollah attacking U.S. Ivanti Vulnerabilities. Ivanti Blog Post: Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN CISA Adds Two Known Exploited Vulnerabilities to Catalog CERT-NZ: Vulnerabilities in Ivanti Connect gateways actively exploited Canadian Centre for Cyber Security Ivanti security advisory (AV24-020) Ivanti warns of Connect Secure zero-days exploited in attacks Ivanti customers urged to patch vulnerabilities allegedly exploited by Chinese state hackers Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation. Canadian Centre for Cyber Security Ivanti Connect Secure and Ivanti Policy Secure gateways zero-day vulnerabilities Risky Biz News: Chinese APT exploits two Pulse Secure zero-days Ivanti Zero-Day Vulnerabilities (CVE-2023-46805 and CVE-2024-21887) State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns The vulnerability forecast for 2024 WEF: Global Cybersecurity Outlook 2024 Joint Report on the Implementation of the Cybersecurity Information Sharing Act of 2015

Weekly Security Sprint EP 48. Physical Security Galore! Jan 09, 2024

In this Week's Security Sprint, Dave and Andy talked about the following topics: New! Venue Security, The IAVM Podcast Series: Mark Herrera on leadership, resilience and partnership. In this inaugural episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Mark Herrera, Director of Education for the International Association of Venue Managers (IAVM). Physical Security Incidents and Challenges Motive sought for mass shooting at Prague university that left more than a dozen dead 1 killed, 5 injured by Iowa school shooter on the first day after winter break FBI calls bomb threats that led to brief lockdowns and evacuations of some state capitols a hoax Bomb Hoaxes and ‘Swatting’ Attempts Target Public Officials as 2024 Begins CA synagogues on high alert after receiving threatening emails Suspects held over alleged Argentina parcel plot Blasts kill nearly 100 at slain commander Soleimani's memorial; Iran vows revenge Islamic State claims responsibility for deadly Iran attack, Tehran vows revenge CAIR: Join the Jan. 13th ‘March on Washington for Gaza’ in Washington, D.C. Groups plan massive march for Gaza cease-fire in DC next week. The Council on American-Islamic Relations (CAIR) and other organizers will begin the Gaza solidarity event at the National Mall on Jan. 13 at 1 p.m., gathering near the Washington Monument. CISA: Personal Security Considerations Action Guide. This action guide provides actionable recommendations and resources intended to prevent and mitigate threats to a critical infrastructure worker’s personal safety. Election Season Challenges FBI Washington Field Office Marks Third Anniversary of January 6 Violence at the U.S. Capitol A quarter of Americans believe FBI instigated Jan. 6, Post-UMD poll finds Pence dismisses conspiracy theory FBI instigated Jan. 6 attack Quick Hits: Enduring Threats! Multiple Hazard Storm Impacting the Central and Southern U.S. Exceptional winter storm to bring travel woes as it wallops central and eastern US President Joseph R. Biden, Jr. Approves Rhode Island Disaster Declaration NOAA: Get your snow smarts on: 9 forecast tools you can use; Find out if rain, snow, sleet and hail are coming your way Ransomware. TribalHub: Ransomware Resilience Best Practices. British Library ransomware cyber attack ‘set to cost £7million’ The State of Ransomware in the U.S.: Report and Statistics 2023 Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data After injecting cancer hospital with ransomware, crims threaten to swat patients LockBit leveraging vulnerable drivers to disable security solutions in latest campaigns Motor Mouth: Ransomware is coming for the auto industry PS99, hopes for free diamonds leads to ransomware The Week in Ransomware - January 5th 2024 - Secret decryptors Law firm that handles data breaches was hit by data breach San Bernardino housing authority cyberattack affected nearly 19,000 people At Least 141 Were Hospitals Directly Affected by Ransomware Attacks in 2023 Electronic Ransomware Zeppelin ransomware source code sold for $500 on hacking forum Uncovering Rhysida and their activities Ransomware Roundup - 8base Albabat Ransomware Another covid wave hits U.S. as JN.1 becomes dominant variant. COVID Mask Mandates Return to Hospitals in Five States FBI PSA: Chinese Police Imposters Incorporate Aggressive Tactics to Target U.S.-Based Chinese Community. Ukraine says Russia hacked web cameras to spy on targets in Kyiv

Venue Security, The IAVM Podcast Series EP 1: Mark Herrera on leadership, resilience and partnership Jan 08, 2024

In this inaugural episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Mark Herrera, Director of Education for the International Association of Venue Managers (IAVM). In the discussion we address:

Mark’s background.
We introduce this new podcast series.
Leadership & Team Engagement.
Building Resilience.
Building Partnerships.
What’s on Mark’s mind.

Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

Weekly Security Sprint 47. New SEC rules, AI, embezzlement, ransomware and more. Dec 18, 2023

In this week's Security Sprint, Dave and Andy talk about the following topics: Happy Holidays and Happy New Cyber Incident Reporting Requirements! New SEC cyber rules are about to go into effect. Expect some bumps Justice Department Issues Guidelines in Response to National Security and Public Safety Exemption in SEC Rule FCC Approves Major Updates to Data Breach Notification Rules CISOs Gear Up For Compliance with SEC Cyber Regulation Main Topics: AI threats and terrorism. https://gnet-research.org/2023/12/15/artificial-intelligence-as-a-terrorism-enabler-understanding-the-potential-impact-of-chatbots-and-image-generators-on-online-terrorist-activities/ Seasonal Security Reminders Denmark, Germany, Netherlands arrest 7 terror suspects, including alleged Hamas members, authorities say. FBI PSA: Threat of Violence Likely Heightened Throughout Winter. ‘Exponential increase’ in antisemitic swatting threats in US this weekend DHS Center for Faith-Based and Neighborhood Partnerships Invitation: Non-Profit Security Grant Program FY2024 Winter Webinar Series + Other DHS Resources 13-year-old accused of plotting mass shooting at Canton Jewish synagogue Juvenile Arrested for Conducting Swatting Attacks Targeting Synagogues and Other Institutions UK NPSA: Social Media Auditors. Embezzlement. Cardinal found guilty of embezzlement in Vatican ‘trial of the century’ Ransomware & Cyber Threat Updates Another Record-Breaking Month for Ransomware: November Up 110% YoY eCrime Cybersecurity Advisory: Karakurt Data Extortion Group GRIT Ransomware Report: November 2023 Malwarebytes: Ransomware review: December 2023 3 Ways Threat Actors Will Kick Off the New Year, According to Corvus Intel Vulnerabilities Now Top Initial Access Route For Ransomware Spider-Man And Wolverine Devs Hit By Alleged Ransomware Attack [Update] French Authorities Arrested a Russian National For His Role In The Hive Ransomware Operation Hackers Popped a Porn Site for Inflation Fetishists Quick Hits Earth had its warmest November on record; 2023 still on track to be the globe’s warmest year recorded Former Special Agent in Charge of the New York FBI Counterintelligence Division Sentenced to 50 Months for Conspiring to Violate U.S. Sanctions on Russia. Recorded Future: Aggressive Malign Influence Threatens to Shape US 2024 Elections China’s cyber army is invading critical U.S. services Multistakeholder cooperation to protect water sector from growing threats See Something Say Something Campaign: Everyone Plays a Role in “If You See Something, Say Something®.” The Case for Memory Safe Roadmaps CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793 Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang CISA Releases Social Media Threat Guidance for School Staff and Authorities Infographic Intelligence Sharing is Caring: Collective Defense for a Safer Nation NSA Releases Recommendations to Mitigate Software Supply Chain Risks Statement by Marc Rogers on the CTI League

The Gate 15 Interview EP 41. Cyware’s Tom Stockmeyer on info sharing, threat intel, collective defense, popcorn and The Big House Dec 18, 2023

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Tom Stockmeyer, Cyware’s Director, Enterprise East, ISAC's and Federal. Cyber security leader with experience in helping threat sharing communities such as ISACs and ISAOs and their Member companies improve the fidelity of their intel and accelerate threat intel sharing amongst Members. Tom served in the Marine Corps from 1979 to 1983. He has an MBA from the Michael Coles School of Business, Kennesaw University. Tom has held several executive positions, has served on numerous technology Boards.

Tom on LinkedIn.

In the discussion we address:

Tom’s background from the Marine Corps to technology, entrepreneurship, to Cyware.
Information Sharing successes and challenges, ISACs, ISAOs and Cyware helping to secure organizations across the Fortune 1000 and more.
Challenges to effective info sharing.
A shoutout to the good work being done at Aviation ISAC.
Cyware, continuous innovation and automated collective defense.
Long weekends and holiday threats.
We play Three Questions and talk microwave food, the Marines, classic rock, classic movies and more!

A few references mentioned in or relevant to our discussion include:

Cyware
Intelligence Sharing is Caring: Collective Defense for a Safer Nation, an article in HS Today by Cyware CEO Anuj Gul, 13 Dec 2023
Cyware Intel Exchange (CTIX)
Cyware Collaborate (CSAP)
Cyware Solutions for ISACs, ISAOs, and CERTs
The Gate 15 Interview: Jeff Troy, President, Aviation ISAC, on public service, cybersecurity, understanding threats (and… colonizing the ocean?)

Nerd Out EP 43: Reviewing security predictions, and security news of the year Dec 13, 2023

In the latest episode of Nerd Out Dave welcomes back his old Risk Roundtable partners as Jennifer Lyn Walker makes time way from her media tour to join Andy Jabbour on a special year-end review. Dave takes the gang through some of the security predictions for 2023 and determine if they hit the mark, were slightly off target, or missed the target. Then they looked at the top security news of the year ranging from ransomware to casino breaches and geopolitical events.

Weekly Security Sprint EP 46. Hostile Events, Scams, Cyber Threats, and the Weatherman Dec 12, 2023

The following topics were discussed during this week's Security Sprint. US critical infrastructure sector faces cyber threats surge in 2023, calls for urgent action, enhanced measureswith input from Denise Anderson, President and CEO of the Health Information Sharing and Analysis Center (Health-ISAC), and Gate 15’s own Jennifer Lyn Walker, in her capacity as Director of Infrastructure Cyber Defense for WaterISAC UNLV Shooting. https://www.cnn.com/us/live-news/unlv-shooting-12-06-23/index.html DHS Releases Physical Security Performance Goals for Faith-Based Communities. Building on longstanding efforts and redoubling work to support faith-based communities in response to the ongoing conflict in the Middle East, the Department of Homeland Security (DHS), through Cybersecurity and Infrastructure Security Agency (CISA), released new resources to help houses of worship and other faith-based organizations enhance their security. These Physical Security Performance Goals – modeled after the successful Cybersecurity Performance Goals – are a collection of cost-effective actions specifically tailored for faith-based organizations that can be implemented to reduce risk without sacrificing accessibility. Severe Weather. Winter weather. https://www.newsweek.com/winter-storms-warnings-states-snow-wind-1851154 Tornados. https://www.tennessean.com/story/news/local/2023/12/09/tennessee-tornadoes-clarksville-springfield-nashville-madison-hendersonville-fatalities-severe-storm/71866438007/ Scams. FBI Warning. https://www.fbi.gov/contact-us/field-offices/norfolk/news/fbi-warning-tis-the-season-for-holiday-scams FTC Warning.https://consumer.ftc.gov/consumer-alerts/2023/11/stay-scam-free-no-matter-how-far-away-you-roam Cybersecurity Publications. The Record at Recorded Future: FBI explains how companies can delay SEC cyber incident disclosures CrowdStrike: How Malicious Insiders Use Known Vulnerabilities Against Their Organizations Trend Micro’s 2023 Review: Reflecting on Cybersecurity Trends Quick Hits Texas Bomb Threats. https://www.msn.com/en-us/news/us/statewide-bomb-threat-hoax-hits-texas-schools/ar-AA1ldyG2 ORC. https://homeland.house.gov/hearing/from-festive-cheer-to-retail-fear-addressing-organized-retail-crime/ FEMA Advisory: FEMA’s National Preparedness Report Highlights Cyber Security, Building Codes and Individual Preparedness for a Resilient Nation Google’s Year in Search CISA: Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk CISA and International Partners Release Advisory on Russia-based Threat Actor Group, Star Blizzard Two Russian Nationals Working with Russia’s Federal Security Service Charged with Global Computer Intrusion Campaign Apple Report: 2.6 billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers Sellafield nuclear site hacked by groups linked to Russia and China Ministers pressed by Labour over cyber-attack at Sellafield by foreign group Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system Burglaries at over 40 Denver-area marijuana dispensaries lead to charges for members of two organized crime groups Police Log: Man Arrested for Armed Robbery at Dispensary, Employee Busted for Stealing Packages Suspect charged in break-in at Ferndale cannabis store 'Horrifying': Store clerk kicked unconscious in string of violent cannabis robberies Why was the Ontario Cannabis Store sitting on a CA$500 million cash stockpile?

Weekly Security Sprint EP 45. Physical Security incidents, geo-political considerations, weather updates, and more. Dec 05, 2023

In this week's Security Sprint, Dave and Andy talk about the following topics.

TribalHub's Fall 2023 Magazine is Here!
ZeroFox Unspoken Security Podcast: Build Diverse Teams...or Die! In this episode of Unspoken Security, AJ Nash and Errol Weiss - Chief Security Officer for the Health Information Sharing and Analysis Center (Health-ISAC) - talk about the importance of building diverse intelligence teams. They share their insights on the evolution of program and team building over the last decade (or more) and focus on how the exponential growth of hybrid and remote work as a result of the COVID-19 pandemic has changed our world.

Terrorism & Extremism

Former U.S. Marine Pleads Guilty to Firebombing a Planned Parenthood Clinic. https://www.justice.gov/usao-cdca/pr/former-us-marine-pleads-guilty-firebombing-planned-parenthood-clinic-orange-county-and
19-Year-Old Charged with 13 Counts of Interstate Threats. https://www.justice.gov/usao-pr/pr/19-year-old-victoria-gabriela-rodriguez-morales-charged-13-counts-interstate-threats
On the Release of the 2022 Country Reports on Terrorism
US Department of State: Country Reports on Terrorism 2022
German Police Arrest Islamist Teens Planning Attack on Christmas Market, Synagogue
‘Goal is at least 20 people’: Teen arrested for allegedly threatening to shoot up church in comments on YouTube videos about Pulse nightclub massacre
Dozens of Troops Suspected of Advocating Overthrow of US Government, New Pentagon Extremism Report Says
'Can't wait for the innocent to die': Man arrested for terrifying bomb threats via 911 texts

Severe Weather

Geopolitics & Cascading Effects

Quick Hits

Weekly Security Sprint EP 44. False alarms, scams, holiday risks and more! Nov 28, 2023

In this week's Security Sprint, Dave and Jen talk about the following topics: Buffalo Border Explosion: https://abc7chicago.com/niagara-falls-rainbow-bridge-explosion-border/14100486/ Scams and Black E-commerce threats. FBI Report. https://www.fbi.gov/contact-us/field-offices/elpaso/news/fbi-el-paso-warns-of-not-so-jolly-holiday-scams How to shop online safely. https://www.cyber.gc.ca/en/guidance/how-shop-online-safely-itsap00071 Thanksgiving Cyber feast: Safeguarding against seasonal scams. https://cybersecurity.att.com/blogs/security-essentials/thanksgiving-cyber-feast-safeguarding-against-seasonal-scams ‘Tis the Season for Cybercrime: What to Watch for and How to Protect Yourself. https://www.fortinet.com/blog/industry-trends/protecting-yourself-against-cybercrime-this-season Black Friday & Cyber Monday | A Guide to Avoiding Cyber Scams During the Holiday. https://www.sentinelone.com/blog/black-friday-cyber-monday-a-guide-to-avoiding-cyber-scams-during-the-holidays/ The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season. https://securelist.com/black-friday-cyberthreat-report-2023/111076/ How to stay protected on the web this holiday season. https://www.zscaler.com/blogs/product-insights/how-stay-protected-web-holiday-season Black Friday & Cyber Monday Ecommerce Security Threats. https://blog.sucuri.net/2023/11/ecommerce-security-black-friday-cyber-monday-threats.html Guide to Retail Security: Protecting Against Cyber and Physical Threats During the Holidays. https://flashpoint.io/blog/2023-holiday-retail-security/ Quick Hits. Shopping Safety. https://fox4kc.com/news/after-shootings-at-kc-area-shopping-centers-police-stress-black-friday-safety/ Vermont Hate-Based Shooting. https://www.cnn.com/2023/11/26/us/palestinian-students-shot-burlington-vermont/index.html Ohio Walmart Shooting. https://abcnews.go.com/US/ohio-walmart-shooting-suspect-motived-racial-extremism-fbi/story?id=105110784&cid=social_twitter_abcn

The Gate 15 Interview EP 40: Akmal Ali on the four core tenants of effective security management, dodging wrenches, and enjoying the Monday mornings! Nov 27, 2023

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Akmal Ali, Founder & CEO of Aluma and inOrbit. Formerly serving as the Deputy Director of the SAFETY Act program within U.S. Department of Homeland Security, Akmal was a key contributor in expanding the scope of the program, as the department considered how to responsibly leverage the granted protections to further its mission to protect the homeland. These efforts included the expansion of for security services, cybersecurity and venue security-related applications from the private sector. The impact of this expansion is still a hallmark of the program today, as operators of many high-profile venues rely upon and engage with DHS in seeking SAFETY Act protections. At DHS, Akmal participated in extensive intra- and inter-agency collaboration with other government agencies to include the Transportation Security Administration, Customs and Border Protection, Domestic Nuclear Detection Office, U.S. Department of Defense, U.S. Department of Energy, and the Federal Aviation Administration. As a result of this experience, Akmal was exposed to a wide range of industries and perspectives that helped forge the underlying principles for how Aluma serves its clients today. Since departing DHS in 2011, Akmal has carried those ideals with him as he’s worked some of the country’s most high-profile and innovative companies. Akmal is based in the Washington, DC area. Akmal on LinkedIn. In the discussion we address: Akmal’s background, from Afghanistan to Jacksonville to Washington, D.C. The SAFETY Act, venue security, resilience and risk management Akmal’s companies, Aluma and inOrbit (and the great story of that name) Volunteering with the International Association of Venue Managers, IAVM’s Academy for Venue Safety and Security and serving with “The Avengers of Security Professionals” including Brad Mayne, Mark Herrera, Joe Levy, Alex Keen Akmal shares the four core tenants of effective security management Dodgeball, Patches O'Houlihan, the Detroit Lions and the Jacksonville Jaguars, great pizza, great movies, a dip into the philosophy of Akmal, and more! A few references mentioned in or relevant to our discussion include: Aluma inOrbit DHS: The Office of SAFETY Act Implementation

Weekly Security Sprint EP 43. Workplace Violence, passwords, and security quick hits. Nov 20, 2023

In this week's Security Sprint, Dave and Andy talk about the following topics: Workplace Violence. CISA: Preventing Workplace Violence: Security Awareness Considerations Infographic. The Preventing Workplace Violence: Security Awareness Considerations Infographic is a new CISA product designed for critical infrastructure leaders, human resources personnel, managers, and workers of any level. Passwords. The worst passwords of 2023 are also the most common, "123456" comes in first. NordPass has published their 2023 edition of the top 200 most common passwords and unsurprisingly very few of the entries are secure. The top 10 can all be cracked in under a second using simple brute-force tools. Dave Round-UP CDC - Flu season. https://www.cidrap.umn.edu/influenza-general/us-flu-activity-continues-rise-steadily Taylor Swift. https://abcnews.go.com/International/Culture/taylor-swift-fan-dies-eras-tour-concert-rio/story?id=105006498 Security guard incident in Canada which was captured on Social Media. FBI IC3 PSA: 2023 Holiday Shopping Scams 2023 Holiday Scam Predictions—Here’s What You Should Know FBI Warns of Scammers Targeting Senior Citizens in Grandparent Scams and Demanding Funds by Wire, Mail, or Couriers Pro Bono Investigations for Elderly Scam Victims Threats to Homeland The Committee on Homeland Security: Worldwide Threats to the Homeland Witness testimony can be found here Director Wray's Opening Statement to the House Committee on Homeland Security. U.S. political violence driven by new breed of ‘grab-bag’ extremists Ransomware CSA - Scattered Spider #StopRansomware: Rhysida Ransomware CISA Releases Update to Royal Ransomware Advisory AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2) Quick Hits Faith-Based and Israel-Gaza Related Updates: FB-ISAO Newsletter, v5, Issue 11. Official Tribal-ISAC Announcement: Tribal-ISAC Announces Membership as an Approved Expense of the Tribal Cybersecurity Grant Program CISA turns 5 and looks to the future Critical infrastructure policy rewrite expected to ‘emphasize’ CISA, NSC official says Readout of President Joe Biden’s Meeting with President Xi Jinping of the People’s Republic of China China is using the world’s largest known online disinformation operation to harass Americans, a CNN review finds NCSC Annual Review 2023 - Looking back at the National Cyber Security Centre's seventh year and its key developments and highlights, between 1 September 2022 and 31 August 2023 CISA: Secure Tomorrow Series Toolkit ACSC and CISA Release Business Continuity in a Box HHS Factsheet: National Climate Assessment 5 Unveiled FCC Adopts Rules to Protect Consumers' Cell Phone Accounts

Weekly Security Sprint EP 42: Ransomware, Resilience, MDM and more. Nov 20, 2023

In the latest epsiode of the Weekly Security Sprint, Dave and Andy talked about the following topics: Announcement! Venue Security, The IAVM Podcast Series! A new monthly podcast starting in 2024. Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community. SHIELDS READY. The Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) launched the new Shields Ready campaign to encourage the critical infrastructure community to focus on strengthening resilience. Resilience is the ability to prepare for, adapt to, withstand, and rapidly recover from disruptions caused by changing conditions. CISA Launches Critical Infrastructure Security and Resilience Month 2023 Scams. ‘with sales come scams’. https://www.ncsc.gov.uk/news/black-friday-bargain-hunters-warned-of-enhanced-online-scams-after-millions-lost-last-year MDM The Truth Crisis | The Rising Threat of Online Misinformation and Disinformation The Gate 15 Interview: Malicious Info Operations & MDM, the Space Sector, supply chain resilience, the City of Light, and nudging the world in a better direction. Nerd Out: EP 41. Dave Clark joins to talk about MDM and other nerd topics. Ransomware. Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools. CYBERSECURITY ADVISORY - #StopRansomware: Royal Ransomware, November 13, 2023 update Security Affairs: DOLLY.COM PAYS RANSOM, ATTACKERS RELEASE DATA ANYWAY Brazen ransomware attack on US unit of Chinese banking giant has financial sector on alert Risky Biz News: Clop is coming after your SysAid servers Basically all of Maine had data stolen by a ransomware gang; Maine's state agencies are the latest victims in the far-reaching MOVEit file transfer tool hack. Boeing data published by Lockbit hacking gang Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 Same threats, different ransomware; A threat cluster's switch from Vice Society to Rhysida Hive Ransomware's Offspring: Hunters International Takes the Stage Ransomed[.]vc Sunsets Operations, Auctions Off Infrastructure Critical Vulnerability: SysAid CVE2023-47246 Quick Hits Critical infrastructure Updates: Major Australian Ports Affected By Cyber Incident Operations at DP World Australia resume, though ‘doesn’t mean the incident has concluded’ Washington state transportation services partially restored after cyberattack The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology International Terrorism: Five right-wing terrorists arrested throughout Europe with the support of Eurojust and Europol Israel: Mossad foils Hezbollah terror plot against Jews in Brazil FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents Faith-Based and Israel-Gaza Related Updates: OpenAI blames DDoS attack for ongoing ChatGPT outage. In a series of Telegram messages seen by TechCrunch, hacktivist group Anonymous Sudan took credit for the alleged attack. In the messages, Anonymous Sudan said the reason it targeted OpenAI is due to the company’s “general biasness towards Israel and against Palestine”. Earthquake Preparedness. FEMA’s Earthquake & Wind Programs Branch, along with the National Earthquake and Hazard Reduction Program (NEHRP), is excited to announce the updated Earthquake Safety Checklist (FEMA B-526). CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain FEMA’s National Business Emergency Operations Center (NBEOC) - YouTube

Nerd Out: EP 42. A holiday extravaganza with security tips and the annual holiday food review! Nov 14, 2023

In the latest episode of Nerd Out, Dave, Joe and Bridget catch up on the latest activity related to the Israeli-Hamas conflict before getting into some holiday security tips. Each Nerd took a spin through some important security preparedness reminders that include increased awareness, impacts from potential protests and demonstrations, winter weather concerns, and holiday travel tips. Finally, the team turned their focus to an annual tradition - their holiday food reviews. Joe Levy is the Assistant General Manager at the Barclays Center. Bridget Johnson is a terrorism and extremism expert who has decades worth of experience analyze threat activities.

Weekly Security Sprint EP 41. Normalizing violent threats, Critical Infrastructure Security and Resilience month, cybersecurity resources and tools. Nov 06, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics: Physical Security. Increasing acceptance of threats of violence MAGA Commentator Wants People to Shoot Charity Workers Assisting Migrants 'Be looking over your shoulder': MAGA man arrested for threats against Fani Willis Threats to U.S. senator amid spike in anti-Jewish, anti-Muslim activity; U.S. officials say they are responding to a rise in threats against Arab, Jewish and Muslim communities as Gaza war intensifies DOJ: Nevada Man Arrested And Charged For Making Threats To United States Senator Vehicle Ramming. Nuclear Power Plant. https://www.nbcnews.com/news/us-news/police-searching-suspect-drove-fence-south-carolina-nuclear-station-at-rcna123489 CISA Security Planning Workbook. https://www.cisa.gov/sites/default/files/2023-10/CISA_AASB_Security_Planning_Workbook_508_Compliant_20230929.pdf US Senate Hearing: Threats to the Homeland Secretary Mayorkas Testimony to Committee on Homeland Security & Governmental Affairs FBI Director Wray: Threats to the Homeland Cybersecurity. CISA Launches Critical Infrastructure Security and Resilience Month 2023. The Cybersecurity and Infrastructure Security Agency (CISA) announced the kickoff of Critical Infrastructure Security and Resilience Month. Yesterday, the White House issued a Presidential Proclamation to commemorate November as Critical Infrastructure Security and Resilience Month and called on Americans to recognize the importance of this month to enhance our collective national security and resilience… This November, CISA is asking everyone to Resolve to be Resilient by preparing and investing in resilience today, so that, as a nation, we can recover quickly in the event of an incident tomorrow. We are highlighting practices critical infrastructure organizations can implement to recover rapidly in the aftermath of any significant disruption: Assess Your Risk. Make a Plan and Exercise It. Continuously Improve and Adapt. NCSC. https://www.ncsc.govt.nz/news/record-high-financially-motivated-cyber-activity/ Zero-Day. https://cyberscoop.com/cisa-zero-day-ransomware/ Quick Hits Maine gunman’s family contacted police months before massacre, sheriff says NIJ: Five Things About Protecting Against Mass Attacks FACT SHEET: Biden-⁠Harris Administration Convenes Third Global Gathering to Counter Ransomware 2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard w reference to our good friends at eCrime – the single best source for ransomware information U.S. officials hold their breath for Iranian cyberattacks Man Armed with Weapons Found Dead at Colorado Amusement Park, Investigation Underway; Authorities said that the 22-year-old suspect wore body armor and had with him a semi-automatic rifle and IEDs FIRST has officially published the latest version of the Common Vulnerability Scoring System (CVSS v4.0) FBI Tech Tuesday: Beware of Scams on Popular Peer-to-Peer Payment Apps SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures Citrix Bleed: Two ransomware groups now exploiting bug for initial access “This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard; By some estimates, 20,000 devices have already been hacked. Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey GCA Launches a User-friendly Cybersecurity Tools Wiki NZ NCSC: The NCSC announces record-high financially motivated cyber activity

Weekly Security Sprint EP 40. Maine, expanded conflict, scams, and more! Oct 30, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics:

Maine Shootings

FB-ISAO: October 2023 Threat Level Statement Update – Threat Levels Raised to ELEVATED.

The Physical Threat Level is “ELEVATED.” ELEVATED means that FB-ISAO is unaware of any specific threats, but there is concern that an event is more likely than normal. We are also closely monitoring events and are considering an escalation to “SEVERE,” meaning that an event is highly likely, but decided to not escalate to that level at this time.
The Cyber Threat Level is “ELEVATED.” ELEVATED means that FB-ISAO is unaware of any specific threats, but there is concern that an event is more likely than normal.

Scams

FBI IC3 PSA - Scammers Solicit Fake Humanitarian Donations: “The FBI is warning the public that scammers are committing charity fraud by soliciting fake humanitarian donations during the Israel HAMAS conflict. Scammers quickly pivot to charity fraud when catastrophic events occur, such as a war, a natural disaster, or an epidemic.”
Anonymous Sudan Claims KFC Cyberattack Amidst Geopolitical Tensions
Shooting outside Upper Darby mosque under investigation: police
Cops stop car showing anti-Israel slogans, swastikas; say loaded gun found inside. Driver reportedly aimed to 'educate the public' on Israel-Hamas war's 'true events.'
Israel flag in front of Nash Co. church vandalized
CAIR Video: Muslim Woman Targeted by Hateful Tirade in Maryland

AI. FACT SHEET: President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence.

Quick Hits

Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous.
Mass exploitation of CitrixBleed vulnerability, including a ransomware group.
CVE-2023-4966: Critical security update now available for NetScaler ADC and NetScaler Gateway
Neuberger: New global initiatives will include information sharing, ransomware payment tracking
DDoS threat report for 2023 Q3
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
Cisco IOS XE Software Web UI Command Injection Vulnerability
CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2023-20273 Cisco IOS XE Web UI Unspecified Vulnerability
Space ISAC Watch Center Prepares for Cyber Threats in Space
Empowering Small and Medium-Sized Businesses; A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan
Logging Made Easy. CISA’s newest tool is a free and open logging and protective monitoring solution serving all organizations. Secure your Windows-based equipment today with Logging Made Easy.

Weekly Security Sprint EP 39. ISIS call to action, ransomware, and FBI reporting Oct 23, 2023

In this week's Security Sprint, Dave and Andy talked about the following Topics. Hurricane season thoughts. ISIS Calls for Jewish Attacks Around the World. “Terrorist group ISIS has called for violent targeting of Jewish people worldwide in response to the ongoing conflict between Israel and Hamas… Published on Friday in Arabic in Al-Naba, a weekly magazine by ISIS, it advocates for violence and murder against Jewish people worldwide. Ransomware New Portman Report Demonstrates Threat Ransomware Presents to the United States. “This report details the attacks by Russia-based ransomware group REvil on three American companies, and the experiences of those companies during the incident response." CISA, NSA, FBI, MS-ISAC Publish Updated #StopRansomware Guide UK NCSC: Principles for ransomware-resistant cloud backups; Helping to make cloud backups resistant to the effects of destructive ransomware. Our new principles to help make cloud backups more resilient; Introducing a new set of NCSC principles to strengthen the resilience of organisations' cloud backups from ransomware attackers. Canadian Centre for Cyber Security - Social engineering – ITSAP.00.166, Social engineering – ITSAP.00.166 (PDF, 267 KB) Phishing Guidance: Stopping the Attack Cycle at Phase One FBI Releases 2022 Crime in the Nation Statistics. The FBI released detailed data on over 11 million criminal offenses reported to the Uniform Crime Reporting (UCR) Program… The FBI’s crime statistics estimates for 2022 show that national violent crime decreased an estimated 1.7% in 2022 compared to 2021 estimates. Statement from President Joe Biden on Hate Crime Statistics FBI report: Violent crime decreases to pre-pandemic levels, but property crime is on the rise Violent crime down, carjackings up, according to FBI crime statistics FBI: Violent Crime Down To Pre-Pandemic Levels, But Property Crimes Rising ADL: FBI Data Reflects Deeply Alarming Record-High Number of Reported Hate Crime Incidents in the U.S. in 2022 UCR’s Crime Data Explorer Quick Hits: Russia, shifting tactics, fans doubt in election integrity, U.S. says; A new intelligence assessment indicates the Kremlin appears to be expanding its long-running efforts to weaken the world’s democracies CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities "The Phantom Hacker:" FBI Phoenix Warns Public of New Financial Scam CISA: Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks FBI IC3 PSA: Additional Guidance on the Democratic People's Republic of Korea Information Technology Workers

The Gate 15 Interview EP 40: The Return of Kim Milford! On being a CISO, cyber resilience in higher ed and… cumquats? Oct 23, 2023

In this episode of The Gate 15 Interview, Andy Jabbour welcomes back Kim Milford, Deputy Chief Information Officer (CIO) and Chief Information Security Officer (CISO) at the University of Illinois Urbana-Champaign. In April 2023, Kim Milford accepted the role of Deputy CIO and Chief Information Security Officer (CISO) at Illinois. In this role, Ms. Milford draws on her experience in research and education to lead strategy, direction, and innovation related to cybersecurity, identity protection, and privacy. Prior to this role, Kim was the Executive Director and CISO at the REN-ISAC, working with research and education institutions and partners to provide member institutions with the information and tools to better defend their environments from threats. Her service in higher education began in 1998 having held leadership positions at Indiana University, the University of Rochester, and University of Wisconsin-Madison. Kim provides cybersecurity expertise and presentations at national and regional conferences and seminars. She guest lectures and teaches cybersecurity courses and training, and has authored/co-authored many articles on the subject. Ms. Milford has a B.S. in Accounting from Saint Louis University in St. Louis, Missouri and a J.D. from John Marshall Law School in Chicago, Illinois. Kim on LinkedIn. In the discussion we address: Life as a CISO Social engineering and taking a more human-centric approach to security Identity as an initial attack vector Challenges around regulated research Private-Public Partnership Cyber Resilience Liberated thinking on strategy and technology Digital Twins and privacy (link to Gartner) And we play Three Questions with Kim Milford A few references mentioned in or relevant to our discussion include: University of Illinois Urbana-Champaign, Office of the Chief Information Officer Technology Services EDUCAUSE CISA The Power of Resilience, 09 Aug 2023 The Gate 15 Interview: From Blended Threats to Pandemic Lessons Learned, a Candid Conversation on Higher Education Security and Resilience with REN-ISAC’s Kim Milford (23 November 2020) Gate 15: Security Spotlight: An Interview with REN-ISAC Executive Director, Kim Milford (11 June 2018)

Nerd Out: EP 41. Dave Clark joins to talk about MDM and other nerd topics. Oct 18, 2023

In the latest episode of Nerd Out, Dave brings in another Dave and fellow Nerd. Dave Clark joins the show to talk all things mis/dis/mal-information (MDM) as well as some other nerd topics. Dave Clark shared his journey from being a linguist in the Army to a sports journalist to working with MDM. He also talked about some of the challenges and then some important steps for individuals and organizations to take to verify the information is as complete as possible. Then taking a break from work, Dave and Dave talked about what they are watching and some of the challenges with some great shows. Dave Clark is....

Weekly Security Sprint EP 38. Protests, hostile events, security vulnerabilities and reports and more. Oct 16, 2023

In this week's security sprint, Dave and Andy talk about the following topics: Israel War Director Wray Addresses International Association of Chiefs of Police Conference. FBI director warns of rise in terror threats against Americans, potential copy-cat attacks on US soil. Faith Based Updates: FB-ISAO Newsletter, v5, Issue 10 The White House Office of Faith-Based and Neighborhood Partnerships releases Allied Against Hate: A Toolkit for Faith Communities - Tools and Resources to Protect Places of Worship DHS: Resources and Information for Faith and Community Leaders Regarding the Situation in Israel Hostile Events State Fair of Texas evacuated after shooting, one suspect in custody Suspect charged in State Fair of Texas shooting that injured 3 School plot: https://www.news4jax.com/news/local/2023/10/06/3-creekside-high-students-facing-charges-for-school-threat-hit-lists-deputies-say/ Nation State. 12 October 2023 NCSC / FBI Safeguarding Our Future bulletin – Russian Intelligence Poses a Persistent Threat to the United States. IBM Security Intelligence: 10 years in review: Cost of a Data Breach Quick Hits Signal says there is no evidence rumored zero-day bug is real. Ransomware: CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware. As part of the Ransomware Vulnerability Warning Pilot (RVWP), CISA launched two new resources for combating ransomware campaigns: Ransomware Vulnerability Warning Pilot updates: Now a One-stop Resource for Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware Colonial Pipeline was hacked. No, wait, Accenture was hacked. No, wait….. untangling claims. (2) Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group Reports of second cyberattack on Colonial Pipeline false, company says Robert M. Lee on ransomware group statement. Newest Ransomware Trend: Attackers Move Faster with Partial Encryption The Week in Ransomware - October 13th 2023 - Increasing Attacks US Secret Service: Announcing a New Series of Live Virtual Presentations on Targeted Violence Prevention. CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments CISO Research Reveals 90% of Organizations Suffered At Least One Major Cyber Attack in the Last Year; 83% Report Ransomware Payments FTC Data Shows Consumers Report Losing $2.7 Billion to Social Media Scams Since 2021 UK NCSC: Mastering your supply chain: A new collection of resources from the NCSC can help take your supply chain knowledge to the next level EPA calls off cyber regulations for water sector

Weekly Security Sprint EP 37. Conflict in the Middle East, CISA advisories, lessons learned, and more! Oct 09, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics. War in Israel CISA Top 10 Cybersecurity Misconfigurations. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations Virginia Beach Shooting Lessons Learned. State commission reviewing Virginia Beach mass shooting offers little new insight but recommends more tools for its work. Gate 15 offers our Hostile Event Preparedness Series and check out the Gate 15 White Paper on The Hostile Event Attack Cycle (HEAC). and we’d be happy to help your organization with active shooter/hostile events planning, exercising and overall preparedness. Don’t wait. CISA: National School Safety Summit. The National Summit on K-12 School Safety and Security, hosted by the Cybersecurity and Infrastructure Security Agency (CISA), brings federal, state and local school leaders together to share actionable recommendations that enhance safe and supportive learning environments in kindergarten through grade 12 (K-12) schools. To register, please visit 2023cisaschoolsummit.eventbrite.com. Red Cross Issues Wartime Hacktivist Rules; Attackers Shockingly Don’t Care Quick Hits Microsoft: Espionage fuels global cyberattacks Ransomware: MGM Resorts Refused to Pay Ransom in Cyberattack on Casinos; Fallout will have a $100 million negative impact on quarterly earnings, Las Vegas-based company says CISA and NSA Release New Guidance on Identity and Access Management FBI Highlights Online Safety Tips During Cybersecurity Awareness Month. Germany Political Event (or something). https://apnews.com/article/germany-afd-chrupalla-rally-incident-hospital-61606f839d8563ee77228dbd914ae35f

Weekly Security Sprint EP 36. Cybersecurity Awareness Month, Physical Security issues, Ransomware and much more! Oct 02, 2023

In this week's Security Sprint, Dave and Andy talk about the following topics: Cybersecurity Awareness Month. A Proclamation on Cybersecurity Awareness Month, 2023. CISA Kicks Off 20th Anniversary of Cybersecurity Awareness Month with New Public Awareness Campaign to Secure Our World Transforming Vulnerability Management: CISA Adds OASIS CSAF 2.0 Standard to ICS Advisories NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management Procurement and Acceptance Testing Guide for Servers, Laptops, and Desktop Computers CISA: Cyber Training Bulletin Transforming Vulnerability Management: CISA Adds OASIS CSAF 2.0 Standard to ICS Advisories NSA Launches 10th Annual Codebreaker Challenge for 2023 Check out NSA Cyber Director Rob Joyce’s social media meme-fest! Here, on Threads. Gate 15, along with many ISACs, ISAOs and other great organizations, is Cybersecurity Awareness Month Champion! Headlines Beware of Floor Plans. https://www.cnn.com/2023/09/28/politics/dhs-investigating-ransomware-attack FBI PIN: Two or More Ransomware Variants Impacting the Same Victims and Data Destruction Trends Most dual ransomware attacks occur within 48 hours. Ransomware attack on Johnson Controls may have exposed sensitive DHS data Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang The Week in Ransomware - September 29th 2023 - Dark Angels FB-ISAO: September 2023 Threat Level Statement Update – Threat Levels Remain at GUARDED. The U.S. National Strategy to Counter Antisemitism: Key Actions by Pillar | The White House Fact Sheet: Biden-Harris Administration Takes Landmark Step to Counter Antisemitism | The White House Secretary Mayorkas Delivers Remarks at the Protecting Places of Worship Roundtable. Peruvian National Arrested In Peru For Sending Over 150 Hoax Bomb Threats To Schools And Other Institutions In The United States And Soliciting Child Pornography. VA man who made threats against church arrested after showing up to Sunday service armed with gun, knive Armed suspect arrested at Haymarket church, while service in progress Sept. 24 - Bull Run, VA Pastor says ‘miracle of God’ led to peaceful arrest of armed man at Va. church Target Press Release: Target Closes Select Stores to Prioritize Team Member and Guest Safety US GAO - Critical Infrastructure Protection: National Cybersecurity Strategy Needs to Address Information Sharing Performance Measures and Methods. Quick Hits FCC Net Neutrality. https://techcrunch.com/2023/09/26/fcc-announces-plans-to-reinstate-net-neutrality/ Apple updates. https://www.securityweek.com/macos-14-sonoma-patches-60-vulnerabilities/ Prepare for the unlikely. https://www.dhs.gov/science-and-technology/news/2023/09/25/preparing-unlikely FBI PSA: "Phantom Hacker" Scams Target Senior Citizens and Result in Victims Losing their Life Savings FEMA and FCC Plan Nationwide Emergency Alert Test for Oct. 4, 2023. Test Messages Will be Sent to All TVs, Radios and Cell Phones Massive emergency alert test scheduled to hit your phone on Wednesday. Here's what to know. Bridging the gender gap in the public sector. Bipartisan Senate Intelligence Committee Report Warns of New Threats from China and Russia (PDF report) CISA, NSA, FBI and Japan Release Advisory Warning of BlackTech, PRC-Linked Cyber. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices Global Engagement Center Special Report: How the People’s Republic of China Seeks to Reshape the Global Information Environment. Critical vulnerabilities in Exim threaten over 250k email servers worldwide. CISA releases Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management. A Hardware Bill of Materials Framework for Supply Chain Risk Management A Hardware Bill of Materials Framework for Supply Chain Risk Management Fact Sheet The Cybersecurity 202 - Want to learn what’s in your hardware? CISA has an idea for that.

Weekly Security Sprint EP 35. Yes, Virginia, Jen is a big deal, plus security planning, scams, threat TTPs, and more! Sep 25, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics. Security Planning CISA: New Product - Protecting Houses of Worship: Perimeter Security Considerations Infographic. The Cybersecurity and Infrastructure Security Agency (CISA) released the Protecting Houses of Worship: Perimeter Security Considerations Infographic. CISA: Security Planning Workbook. Security Planning Workbook (PDF) DHS: This #SeeSayDay Take the Pledge to Protect Your Community If You See Something, Say Something® #SeeSayDay. Selected FB reports: Statement from President Joe Biden on Yom Kippur Synagogues brace for bomb threats, ‘swatting’ attacks as Yom Kippur begins Escambia County church a 'total loss' after overnight fire Bomb Threat Forces Evacuation at Screening of John MacArthur’s ‘The Essential Church’ at G3 National Conference Anne Arundel police announce arrests in three hate bias cases at area churches FBI WARNED SIKHS IN THE U.S. ABOUT DEATH THREATS AFTER KILLING OF CANADIAN ACTIVIST INVITATION: Protecting Places of Worship Weeks of Action Virtual Events + DHS Resources Bomb threats target US synagogues during Rosh Hashanah West Virginia Man Admits to Obstructing Tree of Life Trial TikTok Shoplifting Threats. https://www.the-sun.com/news/9148713/retail-chains-tiktok-videos-shoplifting-warning-employees/ Jen Walker, Superstar, and Ransomware Resilience Congratulations to our 2023 SC Media Women in IT Security honorees. “Today SC Media shines a spotlight on 20 business leaders as part of our 2023 Women in IT Security program. Thank you to SC Media for recognizing Gate 15's very excellent Jennifer Lyn Walker in the 2023 Women in IT Security list‼️ Private Public Partnership. FBI Director Christopher Wray Speaks at 2023 mWISE Cybersecurity Conference. Cyberspace Solarium Commission’s (CSC’s) 2023 Annual Report on Implementation. Key Takeaways from the 2023 Security Summit Hosted at the Fortinet Championship. Ransomware. House Oversight Committee: Combating Ransomware Attacks MGM Resorts are operating ‘normally’ after hacks, sort of TribalNet: Cyber experts wrap up MGM hack at San Diego conference. The MGM Breach and the Role of IdP in Modern Cyber Attacks TribalNet: Gaming tech exec says it’s time finally to talk about cybersecurity MGM vs. Caesars: Cybersecurity Expert Rates Hacking Responses PhilHealth hit by Medusa ransomware, aims for site restoration by Monday Ransomware group claimed to have hit a New Jersey cardiology group. Did they? Growing Ransomware Threats: Looming Danger for ICS, Industrial Companies Morroco disaster scams / misinformation on social media, scams The Gate 15 Interview: Malicious Info Operations & MDM, the Space Sector, supply chain resilience, the City of Light, and nudging the world in a better direction. Misinformation research is buckling under GOP legal attacks GOP legal attacks create a chilling effect on misinformation research The Rise of Generative AI and the Coming Era of Social Media Manipulation 3.0 Quick Hits: Perspective: Homeland Security and the Shutdown Threat: Planning for an Unnecessary Contingency Alarm bells ring as lawmakers prep for possible shutdown U.S. braces for calamitous, costly government shutdown in eight days IT-ISAC: Cyber experts set out plan to secure crucial 2024 US election Health-ISAC QR Codes. https://www.aha.org/h-isac-white-reports/2023-09-19-h-isac-tlp-white-observed-increase-qr-code-phishing-attacks-september-19-2023 Harmonization of Cyber Incident Reporting to the Federal Government. El Nino winter. https://www.cnn.com/2023/09/25/weather/el-nino-winter-us-climate/index.html

The Gate 15 Interview EP 39: Malicious Info Operations & MDM, the Space Sector, supply chain resilience, the City of Light, and nudging the world in a better direction. Sep 25, 2023

In this episode of The Gate 15 Interview, Andy Jabbour talks with Robert (Bob) Kolasky, “Advancing National Security Risk Management through Technology, Innovation and Governance,” who is presently serving as Senior Vice President for Critical Infrastructure at Exiger, where he is focusing on developing cutting-edge risk management solutions for critical infrastructure companies and supporting government agencies. Leads market strategy for addressing third party and supply chain risk in critical infrastructure and delivering analysis to support enhanced business and government operations. He also serves in a number of other roles including:

Nonresident Scholar, Technology and International Affairs Program, Carnegie Endowment for International Peace
Senior Associate, Center for Strategic and International Studies (CSIS)
Senior Fellow, McCrary Institute at Auburn University

Bob on LinkedIn.
Bob on Twitter, @BobKolasky.

We talk on Information Sharing Operations including the grouping of Mis- Dis- and Mal- info and what those terms mean, free speech and private-public coordination, solutions, and a speed round!
We revisit our discussion on space as critical infrastructure.
We explore what’s on Bob’s mind, including protecting our supply chains and cloud security.
Three (more!) Questions with Bob Kolasky as we talk about scooters, the City of Light/the City of Love, and nudging the world in a better direction.
And more!

Exiger website
The DHS Risk Lexicon (PDF)
COLUMN: Addressing the Homeland Security Threat from China, 18 Jan 2023
COLUMN: Advancing Homeland Security Risk Governance, 22 Sep 2022
COLUMN: The Country Can’t Afford a ‘Pause’ on Combating Disinformation and Violence, 15 Jul 2022
Pro-China Disinformation Campaign Claims US Started Maui Fires in a ‘Weather Weapons’ Experiment, Falsely Citing the UK’s MI6
5th Circuit finds Biden White House, CDC likely violated First Amendment
Bob’s Exiger profile
The Gate 15 Interview: Bob Kolasky talks critical infrastructure, risk, Guns N’ Roses and pizza! (November 2021)

Previously, Bob served as Cybersecurity and Infrastructure Security Agency’s (CISA) Assistant Director, leading the National Risk Management Center (NRMC) and in a number of other critical homeland security roles and responsibilities.
In the discussion:
A few references mentioned in or relevant to our discussion include:

Nerd Out: EP 40. The Homeland's 50 Trailblazers, Homeland Threat Assessment, Fall events and some fun! Sep 19, 2023

In the latest Episode of Nerd Out, Dave welcomes back Joe Levy and Bridget Johnson to talk about the latest security news and they start off with the recent release of Homeland Security Today's "Homeland's 50 Trailblazers" which recognizes individuals who have advanced their career in service to the nation, tackled progressively more complex and important responsibilities, addressed or are addressing an urgent homeland security challenge, and continue to forward mission. Even though Dave and Joe were denied yet again, the team talked about what distinguished these individuals before moving on to the release of the DHS 2024 Homeland Threat Assessment which replaced the National Terrorism Advisory System Bulletin. Then the merry band of Nerds discussed trends from the summer season as they look ahead to threats in the fall. Dave, Joe and Bridget then wrap up with some football talk and then their own joys of the fall season while teasing the annual fall food draft coming in November! Homeland's 50 Trailblazers: https://trailblazers.hstoday.us/ Homeland Threat Assessment: https://www.dhs.gov/sites/default/files/2023-09/23_0913_ia_23-333-ia_u_homeland-threat-assessment-2024_508C_V6_13Sep23.pdf

Weekly Security Sprint EP 34. MGM breach, disaster planning, Homeland Threat Assessment and more! Sep 18, 2023

In this week's Security Sprint, Dave, Andy and Jen cover the following topics: Casino, Ransomware Washington Post Cybersecurity 202 - What’s behind recent hacks of casinos? Tactics of MGM-Caesars attackers were known for several months. High-profile cyberattacks will be talk of tribal technology conference this week. Very good perspective and tips from social engineering SME, Rachel Tobac, on LinkedIn BlackCat/ALPHV reportedly encrypted more than 100 MGM ESXi hypervisors Hackers tied to Las Vegas attacks known for sweet-talking their way into company systems The chaotic and cinematic MGM casino hack, explained MGM wrestling with fallout from days-long apparent cyberattack Two Vegas casinos fell victim to cyberattacks, shattering the image of impenetrable casino security Ransomware Resources! UK NCSC: Ransomware, extortion and the cyber crime ecosystem. Weatherman Segment. Nipah virus outbreak. https://www.cnn.com/2023/09/14/india/kerala-nipah-virus-india-outbreak-intl-hnk/index.html Libya flooding. https://apnews.com/article/libya-floods-derna-storm-daniel-mass-graves-72307547f3e0ff4fbf715a7f64c69383 Homeland Threat Assessment. DHS Continues to See High Risk of Foreign and Domestic Terrorism in 2024 Homeland Threat Assessment. Annual Threat Assessment to Replace Regular NTAS Bulletins and Provide the Public and our Partners with More Comprehensive Analysis of Most Pressing Threats and Challenges. HS Today: Homeland Threat Assessment Says Violent Extremists Are Improving Online Materials, Information Sharing, and Collaboration Cybersecurity 202 - DHS warns about 2024’s cyberthreats WaterISAC - H2O Surging Towards Safety & Security. 2023 Sponsorship Prospectus. Quick Hits: Faith Based Security: FB-ISAO Newsletter, v5, Issue 9 At least 49 synagogues have been evacuated due to bomb threats in the last 2 months. Next up, the High Holidays. Ahead of High Holidays, US Jewish leaders stress need for security vigilance as antisemitism surges Synagogues are doing active shooter training amid rise in antisemitism On Telegram, Accelerationist Group Claims Responsibility For Calling In Bomb Threats To Synagogues, Black Churches, LGBTQ+ Bar, Vows To Continue 'Swatting' Activities; Posts Livestreams Of Religious Services Online As They Call In Threats Altoona man with swastika tattoo charged for taping razor blade on church handrails, police say ‘Unacceptable’: North Shore church, crosswalk defaced amid rash of anti-LGTBQ vandalism across city Third Buddhist temple break-in in just weeks Man slugged unconscious outside mosque in Long Island City: NYPD MIAMI JEWISH SCHOOL EVACUATED OVER BOMB THREAT Experts: Hatred links Jacksonville shooting, antisemitic displays in Central Florida Athens neighborhood targeted by anti-Semitic flyers NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats CISA: Vulnerability Scanning for Water Utilities FBI PSA - Violent Online Groups Extort Minors to Self-Harm and Produce Child Sexual Abuse Material CISA Releases its Open Source Software Security Roadmap White House urging dozens of countries to publicly commit to not pay ransoms The world just sweltered through its hottest August on record; Both hemispheres saw record-warm seasons. Identity of NSA hacker behind cyberattack on China’s leading aviation university identified; to be disclosed in due course China blacklists US defence companies over Taiwan arms sales US to revamp its aerospace forces as it faces China threat Speculation grows over whereabouts of China’s Defense Minister Li Shangfu Automotive Security: Stolen Auto Accounts: The $2 Price Tag on Your Car’s Identity Nearly 15,000 accounts raided at automaker sites to harvest vehicle IDs, report says Car Hackers Are Out for Blood EU to probe ‘flood’ of cheap Chinese electric vehicles, sparking trade war fears Have a SAFE ride – Cyber Threats in the Automotive Sector

Weekly Security Sprint EP 33. Embezzlement, See Something - Say Something, Morocco, Blended Threats and more! Sep 11, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics: 9/11. Bells toll as the U.S. marks 22 years since 9/11, from ground zero to Alaska Embezzlement. https://www.8newsnow.com/news/local-news/las-vegas-casino-employee-accused-of-stealing-776k-from-resort-property/ Blended Threats. https://innotechtoday.com/how-to-bridge-the-gap-between-cybersecurity-and-physical-security/ See Something , Say Something. If You See Something, Say Something® Awareness Day | Homeland Security. Play a role on national "If You See Something, Say Something®" Awareness Day, on September 25. We can all help keep safe by learning the indicators. FBI Director Wray issues warning about number of Russian spies in the US Terrorism and Immigration: A Risk Analysis, 1975–2022 Yet Another Study Debunks The ‘YouTube’s Algorithm Drives People To Extremism’ Argument Devastation in Morocco. Morocco earthquake live briefing: Almost 2,500 dead; officials accept search-and-rescue help The destruction in Morocco in maps, videos and photos Morocco earthquake: foreign aid teams join efforts to find survivors Great ShakeOut Earthquake Drills. This year's International ShakeOut Day is October 19, when millions of people worldwide will participate in earthquake drills at work, school, or home! At 10:19 a.m. (local time) on 10/19, you can join millions of people across the world practicing earthquake safety. Swatting: Click Here podcast: 83. "Ding-dong ditch" on steroids Bomb threat at Arlington National Cemetery delays funeral services Swatting started in the gaming world and it’s coming for the rest of us Los Altos Hills synagogue evacuated after Shabbat bomb threat Quick Hits: China’s military seeks to exploit U.S. troops, veterans, general warns Pro-China Disinformation Campaign Claims US Started Maui Fires in a ‘Weather Weapons’ Experiment, Falsely Citing the UK’s MI6 Chinese Gate-Crashers at U.S. Bases Spark Espionage Concerns; Washington has tracked about 100 incidents involving Chinese nationals trying to access American military and other installations Hongkonger John Shing-wan Leung ‘posed as philanthropist’ to spy on China for US US, Canadian warships transit Taiwan Strait in latest joint mission Health-ISAC Members Prove To Be Resilient and Avoid the Wall of Shame, by Errol Weiss on LinkedIn. This is a great post and a great example of the power of a healthy ISAC/ISAO. MGM Resorts says it identified ‘cybersecurity issue’ that’s affecting some of company’s systems Annual Peak Of Atlantic Hurricane Season Has Arrived International report confirms record-high greenhouse gases, global sea levels in 2022 Earth had hottest three-month period on record, with unprecedented sea surface temperatures and much extreme weather DOJ: Multiple Foreign Nationals Charged in Connection with Trickbot Malware and Conti Ransomware Conspiracies CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack This and so much on ransomware, hate crimes, much, much more, daily in the Gate 15 SUN. To be subscribed for free please email Gate15@Gate15.global

Weekly Security Sprint EP 32. National Preparedness Month, Burning Man, Insider Threat Awareness, Ransomware and more! Sep 04, 2023

In this week's Security Sprint, Dave and Andy talk about the following topics: Burning Man. https://www.cnn.com/2023/09/04/us/burning-man-storms-shelter-monday/index.html Alphabet months begins! FEMA Advisory: FEMA, Ready Campaign Launch National Preparedness Month (September 1, 2023). September marks National Preparedness Month, the annual recognition set to remind everyone in America how important it is for individuals, families and communities to prepare for disasters and emergencies that can happen at any time. Earlier this year, FEMA Administrator Deanne Criswell announced this year’s theme would focus on preparing older adults and their caregivers ahead of disasters. NCSC And Federal Partners Focus on “Bystander Engagement” During National Insider Threat Awareness Month 2023. This year’s NITAM campaign focuses on bystander engagement. An engaged bystander is an individual who is aware of concerning behaviors and knows how to act on those concerns appropriately. The NITAM 2023 campaign encourages government and industry employees to recognize and report behaviors of concern to appropriate parties so early intervention can occur and at-risk employees can be connected to resources and assistance if appropriate. Back to School Scams & Sextortion Parents reveal teen sons committed suicide after being ‘sextorted’: ‘This is terrorism’ FBI Tech Tuesday - Safe Online Surfing: https://www.fbi.gov/contact-us/field-offices/phoenix/news/fbi-tech-tuesday-safe-online-surfing FBI PSA. https://www.justice.gov/usao-wdwa/pr/fbi-and-partners-issue-national-public-safety-alert-financial-sextortion-schemes Ransomware Subscribe to the SUN! Email Gate15@gate15.global TribalNet agenda set for San Diego conference TribalNet Conference and Tradeshow, by TribalHub Canadian Centre for Cyber Security - Baseline cyber threat assessment: Cybercrime Quick Hits and Soap boxes. White House Advisory Group: Water Sector Needs Cybersecurity National Standard. A new article looks at the report and quotes Gate 15’s Jennifer Lyn Walker. “I agree that a specialized workforce is needed,” said Jennifer Lyn Walker, director of Cyber Defense for Gate 15, and director of Infrastructure Cyber Defense for WaterISAC. “The large (better resourced) utilities are more inclined to have specialized staff, although some may not offer truly competitive wages. I believe many (if not most) of the small utilities (less resourced) aren’t even considering specialized staff, let alone the ability to afford them.” PDF report. U.S. and International Partners Release Report on Russian Cyber Actors Using “Infamous Chisel” Malware; Joint report provides technical analysis of malware targeting Android devices used by Ukrainian military. The malware analysis report provides technical details of a new kind of malware used to target Android devices in use by Ukrainian military personnel. Andy gets on the soapbox and opines on bias in analysis. Dave Weatherman Report. Disaster scams. https://www.cisa.gov/news-events/alerts/2023/08/31/cisa-warns-hurricane-related-scams

Weekly Security Sprint EP 31. Hostile Events, Space, Doxxing, a PSA, and so much more! Aug 28, 2023

In this week's Security Sprint, Dave and Andy discussed the following topics: Gate 15 is on Threads! @gate_15_resilience Jacksonville Murders and other physical security updates. Gunman Kills 3 in Racially Motivated Attack on Jacksonville Dollar Store Jacksonville gunman was turned away from historically Black university before killing 3 in racist shooting at nearby store, authorities say Ryan Palmeter, Dollar General Suspect: 5 Fast Facts You Need to Know Ryan Palmeter Video: Dollar General Suspect Video Released Jacksonville Gunman Used Gun With Swastika on It to Kill 3 in Racist Attack, Police Say At least seven injured in shooting at Caribbean parade in Boston. Safeguarding The US Space Industry; Keeping Your Intellectual Property In Orbit (PDF). “Foreign intelligence entities recognize the importance of the commercial space industry to the US economy and national security, including the growing dependence of critical infrastructure on space-based assets." OODA Loop: What To Do About The U.S. Intelligence Community Warning on Safeguarding The Space Industry. Axios: Space is the next cybersecurity frontier Scientists Still Looking For Reasons Cybercriminals Are Disabling These Space Telescopes Space ISAC Swatting and Doxxing. Keep what you want, add what you want. Bomb threat at a Forest Park church induced panic, police say Threats against public officials on the rise as 2024 nears Surrenders and threats of arrest ahead of Trump’s booking in Georgia Bumbling alleged arsonist sets himself ablaze trying to burn down Florida church Trump’s Georgia arraignment expected to be televised, Fulton County judge says 3 killed, 6 injured in mass shooting at Orange County biker bar Bomb threat at Fulton County Courthouse after Trump arrest: report PSA: FEMA and FCC Plan Nationwide Emergency Alert Test for 04 Oct 2023. The Federal Emergency Management Agency, in coordination with the Federal Communications Commission, will conduct a nationwide test of the Emergency Alert System (EAS) and Wireless Emergency Alerts (WEA) on Oct 4 at 2:20 p.m. FCC’s Public Notice EMR-ISAC InfoGram Aug. 24 – S&T report evaluates gunshot detection technology for first responders; Nationwide emergency alert test on Oct. 4 Radio World Quick Hits Idalia Intensifying and Forecast to Become a Major Hurricane. NHC issuing advisories for the Atlantic on Hurricane Franklin and TS Idalia Governor Ron DeSantis Issues Updates on Tropical Storm Idalia Key Messages regarding Tropical Storm Idalia Tropical Storm Franklin leaves a body count and damage in the Caribbean 7 tornadoes confirmed as Michigan storms down trees and power lines; 5 people killed USG Updates TLP:CLEAR FBI FLASH: Suspected PRC Cyber Actors Continue to Globally Exploit Barracuda ESG Zero-Day Vulnerability CISA, NSA & NIST: Quantum-Readiness: Migration to Post-Quantum Cryptography FBI PSA - FBI Guidance for Cryptocurrency Scam Victims Of possible interest The Cheap Radio Hack That Disrupted Poland's Railway System UK air traffic control experiencing 'technical issue' Elon Musk stopped policing political misinformation Ransomware MOVEit, the biggest hack of the year, by the numbers Banning Ransomware Payments Brings New Challenges. With references to our friends Silas Cutler and eCrime! Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 ransomware groups have breached over 2,200 victims Rhysida claims ransomware attack on Prospect Medical, threatens to sell data Thousands have SSNs leaked after ransomware attack on Ohio state archive org Connecticut hospital nurse says ransomware attack has affected payroll From Russia and Ukraine, with love Statement from President Joe Biden on Ukraine Independence Day THE CYBERSECURITY 202 - Without Prigozhin, expect some changes around the edges on Russian influence operations Intentional explosion downed Prigozhin’s plane, says US intelligence

The Gate 15 Interview EP 38: Jeff Troy, President, Aviation ISAC, on public service, cybersecurity, understanding threats (and… colonizing the ocean?) Aug 28, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Jeff Troy, President, CEO at Aviation Information Sharing and Analysis Center (A-ISAC). Over the past five years, Jeff has led the Aviation ISAC, a trust-based community focused on the sharing of threat intelligence and best practices. He has developed the strategic plans, driven the team’s expansion of services and overseen extensive growth in membership. He established relationships with global regulators, industry associations and private sector companies to drive cyber risk reduction across the aviation eco-system. He co-authored a white paper on Ransomware and continues to partner with international groups on the ransomware threat. Concurrently, Jeff is on the National Defense ISAC Board of Directors. Jeff spent 25 years as a Special Agent of the FBI. He served as Chief, Cyber Division, and retired as the Deputy Assistant Director for Cyber National Security and Cyber Criminal Investigations. · Jeff on LinkedIn. · Email: jtroy@a-isac.com · Web: a-isac.com In the discussion we address: · Serving in the FBI and ideas for young people thinking about their futures · Transitioning from the public sector to the private sector · Key ideas on how to building a successful information sharing community · Understanding how to think about threats · Responsibly and thoughtfully reducing risk and building reslience · Blended Threats · The importance of patching and baking security into technology · The upcoming Aviation ISAC Summit in Ireland · The Ocean State · Deep ocean colonies · More! Some links from our discussion include: · Aviation Cybersecurity Summit, 12-14 Sep 2023 in Dublin, Ireland · NBC News: FBI says mastermind of botnet nabbed, 27 Jul 2010

Weekly Security Sprint EP 30. Hurricane Hilary and the aftermath (scams), Pride Flag attack, ransomware, and more! Aug 21, 2023

In this week's Security Sprint, Dave and Andy covered the following topics: ICYMI last week’s Nerd Out Security Panel Discussion presented the 2nd Annual Two-Thirds of the Year Awards. Mother Nature and Severe Weather. Heath Ledger Joker Award. Extreme Heat. Dennis Green “They are who we thought they were” Award. Mother Nature Selected links follow, much more being shared with some of our Gate 15 communities. Hilary Impacting the Southwest. Read More ESF #14 Cross-Sector Business and Infrastructure Partners Conference Series Concerning Tropical Storm Hilary - FOR WIDE DISSEMINATION. You are invited to join a Cross-Sector Business and Infrastructure partners conference series concerning Tropical Storm Hilary, hosted by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA). § Date: Daily, starting Monday, August 21st until further notice § Time: 3:00 pm Eastern § Please click the link below to join the webinar: https://fema.zoomgov.com/j/1614360427 o Local info on Hilary: San Diego, Los Angeles Hilary releases fury on Southern California Tropical Storm Hilary causes flooding in SoCal hospital Hilary’s jagged path: How the storm wound up over Compton and Dodger Stadium Natural Disasters and Investment Scams – Investor Alert California Quake Rattled Nerves, but Didn’t Appear to Cause Major Damage NHC issuing advisories for the Atlantic on TS Gert TS Emily TS Franklin Key Messages regarding Tropical Storm Franklin Key Messages regarding Post-Tropical Cyclone Hilary Winds Push Destructive Fire Through Washington State As fires rage in British Columbia, more residents prepare for evacuations Hostile Event. LGBTQ+ Attack. California shop owner shot dead over LGBTQ+ Pride flag displayed at store Ransomware: As with the above spotlight, selected links follow, much more being shared with some of our Gate 15 communities. Ransomware Diaries: Volume 3 – LockBit’s Secrets. Haggling With Hackers: Surprising Lessons From 50 Negotiations With Ransomware Gangs The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice Ransomware Roundup – Trash Panda and A New Minor Variant of NoCry TRACKING RANSOMWARE – JULY 2023 Cuba Ransomware Deploys New Tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America Cyberattack Still Disrupting Prospect Medical’s Hospitals, Clinic Services Cyberattack on Popular Property Listing Software Throws Bay Area Real Estate Market into Chaos Ransomware gang threatens Raleigh Housing Authority months after devastating attack Bunker Hill Community College discloses May ransomware attack Quick Hits Risky Biz News: Twitter to remove block feature: Now completely to the other side of the spectrum, Twitter has announced plans to remove the ability for users to block other users, meaning trolls will be able to harass whoever they want. FBI IC3 - Cyber Criminals Targeting Victims through Mobile Beta-Testing Applications Report: Tesla Data Breach Was an Inside Job Summer Break Isn’t a Vacation for Cybercriminals: Education and Research Organizations are Top Targets According to Check Point Research Australian Lender Latitude Financial Reports AU$76 Million Cyberattack Costs Friday Prayers in Washington DC Masjid Muhammad Interrupted by Bomb Threat Brookline temple swatted JEWISH CENTER AND SYNAGOGUE IN ATLANTA EVACUATED AFTER BOMB THREAT Report spotlights 52 US doctors who posted potentially harmful COVID misinformation online CISA: CISA and Election Security Partners Hold Tabletop the Vote Election Security Exercise CISA Releases Infrastructure Resilience Planning Framework Launchpoint CISA Publishes JCDC Remote Monitoring and Management Systems Cyber Defense Plan UK NCSC - 'Online safety' vs 'cyber security' - Fiona F explains why 'cyber security' is a vital part of online safety. From cyber strategy to Implementation: what CEOs and boards need to Know

Weekly Security Sprint EP 29. MDM, Swatting, National Intelligence Strategy, Cyber Resilience, a Virginia history lesson and more! Aug 15, 2023

In the Weekly Security Sprint, Dave and Andy talk about the following topics: Mis/Dis/Mal-information (MDM) Hawaii and Chile heat weapons. Utah man suspected of threatening President Joe Biden shot and killed as FBI served warrant. From 2017, Over 12,000 tweets are calling for Trump's assassination. Here's how the Secret Service handles it 'Remember Waco and Ruby Ridge': Man killed by FBI for making Biden death threat memes already a far-right rallying cry Faith-Based Security & False Reports ‘Online trolls’ target 26 synagogues in series of antisemitic swat calls and bomb threats: ADL. ADL Statement on Continued Series of Antisemitic Swatting Incidents Targeting Synagogues and Other Institutions US synagogues continuously targeted by 'swatting' Fake bomb threat forces Fullerton synagogue to evacuate during Sabbath service Lil Durk Calls Out Merch Thieves After False Active Shooter Report at Chicago Concert Eiffel Tower evacuated twice over bomb threat 3D-printed firearms plot exposes alarming antisemitism surge in LA. How Jewish community safety group tracked down suspect linked to extremist threat in Reseda Reseda Man Affiliated with Violent White Supremacist Group Charged in Federal Criminal Complaint with Drug and Ammunition Offenses Homeless man arrested, accused of threatening North Little Rock church Man arrested for threatening business, mosque Police Investigating Vandalism at Philadelphia Buddhist Temple PA Man Arrested for Making Ethnic Threats against Church 2023 National Intelligence Strategy (NIS). The 2023 National Intelligence Strategy (NIS) provides the Intelligence Community (IC) with strategic direction from the Director of National Intelligence (DNI) for the next four years. CISA: The Power of Resilience. “This is resilience: Doing the work up front to prepare for a disruption, anticipating that it will in fact happen, and exercising not just for response but with a deliberate focus on continuity and recovery, improving the ability to operate in a degraded state and significantly reducing downtime when an incident occurs…” Quick Hits NOAA forecasters increase Atlantic hurricane season prediction to ‘above normal.’ Top U.S. cyber official offers 'stark warning' of potential attacks on infrastructure if tensions with China escalate. China would consider attacks on US railroads, pipelines if it invades Taiwan, Easterly says China to disclose secret US ‘global reconnaissance system,’ claims official. Jen Walker spoke to this on a recent Gate 15 Security Sprint: Weekly Security Sprint EP 27. New SEC Rules and cybersecurity for everyone, not-so-subtle China cyber threat foot-stomping plus anger, radicalization and political violence, the critical-ist of infrastructure and…so much more! THE CYBERSECURITY 202 - China’s hacking of Japan’s defense networks ‘was bad — shockingly bad China's Plan to Rule the World Through Its Smart Devices, FCC Urged to Act President Biden Signs Executive Order on Addressing United States Investments In Certain National Security Technologies And Products In Countries Of Concern Cyber Updates Nexus Podcast: Jennifer Lyn Walker on Cybersecurity Risks in the Water Sector CISA: Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report, PDF. CISA: Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Executive Summary, PDF. Akamai Research: Rampant Abuse of Zero-Day and One-Day Vulnerabilities Leads to 143% Increase in Victims of Ransomware Key Findings from the 1H 2023 FortiGuard Labs Threat Report. Administrator of ‘Bulletproof’ Webhosting Domain Charged in Connection with Facilitation of NetWalker Ransomware AI Biden-⁠Harris Administration Launches Artificial Intelligence Cyber Challenge to Protect America’s Critical Software The “AI Cyber Challenge” (AIxCC) THE CYBERSECURITY 202 - The Biden administration wants to put AI to the test for cybersecurity Virginia is For Lovers, a history

Nerd Out: EP 39. The 2nd Annual Two-Thirds of the Year Awards Aug 15, 2023

In the latest episode of Nerd Out Dave rolls out the second annual Two-Thirds of the Year Awards. The winners are: Heath Ledger Joker Award. Extreme Heat. Avengers Team Up Award. ISACs. Scotty Doesn't Know Award. Insider Threats. Dumpster Fire Award. MOVEit Aldus Snow Award. Ransomware Dennis Green "They are who we thought they were" Award. Mother Nature The Cobra Award - "You're the disease and I'm the cure". Patching MVP. eCrime

Weekly Security Sprint EP 28. The return of the weatherman, CISA strategic plans, espionage, exploited vulnerabilities and…so much more! Aug 08, 2023

In this week's Security Sprint, Dave and Andy talk about the following topics. Hurricanes. CSU released its final forecast for the 2023 Atlantic hurricane season on Thursday, 3 August. CISA Cybersecurity Strategic Plan. CISA Cybersecurity Strategic Plan: Shifting the Arc of National Risk to Create a Safer Future. China Espionage. https://www.justice.gov/usao-sdca/pr/us-navy-sailor-arrested-and-charged-espionage More CISA. CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022. Top 12 vulnerabilities list highlights troubling reality: many organizations still aren’t patching; The list includes well-known vulnerabilities impacting Fortinet's VPNs and Log4Shell that hackers still routinely exploit. Cloudflare: Unmasking the top exploited vulnerabilities of 2022 QH Biden-⁠Harris Administration Launches New Efforts to Strengthen America’s K-12 Schools’ Cybersecurity The Synagogue Attack Stands Alone, but Experts Say Violent Rhetoric Is Spreading Pensacola police arrest 4 teens in connection to string of antisemitic vandalism Man who allegedly fired shots at Jewish school shared grievances against it, flashbacks of father’s violent death & Former student fired gun at Jewish school, shot by police Police investigating vandalism at Utah’s oldest Black church Georgia man accused of breaking into Florida church, ‘baptizing’ himself Bomb threat shuts down OHSU clinic after anti-trans information posted online The USCP Remains Vigilant Following False Active Shooter Report The Senate went into a shelter-in-place and partial evacuation following reports of an possible active shooter on the Capitol campus. Outside of Trump’s arraignment, revelers mark dueling visions of justice Among MAGA extremists, Trump charges draw big talk, small crowds Security upped near Fulton courthouse as possible Trump indictment nears Malwarebytes: 2023 State of Ransomware Threat Intelligence. Report: Ransomware Command-and-Control Providers Unmasked by Halcyon Researchers Cloud company assisted 17 different government hacking groups -US researchers Dragos Industrial Ransomware Attack Analysis: Q2 2023 RUSI: Cyber Insurance and the Ransomware Challenge. Threat Research Analysis of Ransomware Victims from Ransom Leak Site Data August 2023 Threat Horizons Report Provides Cloud-Focused Cybersecurity Insights and Recommendations SC Magazine: No evidence organizations with cyberinsurance more likely to pay ransom How Tampa General Hospital thwarted a ransomware attack The Week in Ransomware - August 4th 2023 - Targeting VMware ESXi Additional MOVEit-related health data breaches reported 1.7 Million Oregon Health Plan Members Affected by MOVEit Hack US govt contractor Serco discloses data breach after MoveIT attacks Crozer Health’s computer systems were knocked offline Thursday by a ransomware attack Ransomware Roundup - DoDo and Proton Ransomware attacks cost manufacturing sector $46 billion in downtime since 2018, report claims CYFIRMA: RANSOMWARE TRENDS : H1 2023 – Part 1 Qilin Ransomware Gang Adopts Uncommon Payment System: All Ransom Payments Funneled through Affiliates

Weekly Security Sprint EP 27. New SEC Rules, China cyber threat foot-stomping plus anger, radicalization, political violence, the critical-ist of infrastructure and…so much more! Aug 01, 2023

In the week's Security Sprint, Andy and Jen talked about the following topics: Jen’s Cyber Updates SEC: SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies. Final Rule; Fact Sheet. Fortinet: Cybersecurity, A Necessity for the Sustainability of Society Tenable: FAQ: What the New SEC Cybersecurity Rules Mean for Infosec Leaders Florida mandates cybersecurity training for state workers FACT SHEET: Biden-⁠Harris Administration Announces National Cyber Workforce and Education Strategy, Unleashing America’s Cyber Talent. Survey: Political Violence is Justified ‘Anger and radicalization’: rising number of Americans say political violence is justified; Survey shows a small but significant share of Americans believe in use of force to attain political goals – on both the left and the right Infrastructure Cyber Threats U.S. Hunts Chinese Malware That Could Disrupt American Military Operations; American intelligence officials believe the malware could give China the power to disrupt or slow American deployments or resupply operations, including during a Chinese move against Taiwan. ICYMI: SAVE THE DATE! H2OSecCon Powered by WaterISAC. October 19 -20 Virtual 2023. H2OSecCon is coming back for a second year and will be held virtually from October 19 20. This two-day virtual conference will focus on IT and OT cybersecurity, physical security, and resilience for the water and wastewater sector. Space: If you’ve ever heard our Gate 15 podcasts, including our interviews with the team at Space ISAC, you know we’re on board with this: Bipartisan bill designates space as critical infrastructure sector. FYSA: TAG Cyber Announces Release of 2023 Q3 Edition: Focused on Cybersecurity in Outer Space. Threats and Scams Attackers exploit Windows-based ‘search-ms’ protocol Ransomware Delivery URLs: Top Campaigns and Trends & Web browsing is the primary entry vector for ransomware infections USPS Phishing Scam Targeting iOS Users CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA Releases Malware Analysis Reports on Barracuda Backdoors Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins Known Exploited Vulnerabilities Catalog US contractor says info of up to 10 million leaked in MOVEit breach: An IT firm that provides services to Medicaid, Medicare, U.S. student loan servicers and other government programs confirmed that the information of up to 10 million people may have been accessed by hackers exploiting the MOVEit file transfer software. Quick Hits Severe Weather – this is being covered every day in the Gate 15 SUN CISA Establishes Regional Election Security Advisors to Strengthen Front Line Support to the Election Community CISA: Cybersecurity Performance Goals: Sector-Specific Goals President Biden Announces Key Nominees, including Harry Coker, Jr., Nominee for National Cyber Director. 2023 Cofense Phishing Intelligence Trends Review: Q2 CISA, USCG Publish Analysis Report on Findings During 2022 Risk and Vulnerability Assessments CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078 Google - The Ups and Downs of 0-days: A Year in Review of 0-days Exploited In-the-Wild in 2022 Categorizing the CISA KEV by Technology Type

Weekly Security Sprint EP 26. Jul 24, 2023

In the week's Security Sprint, Andy and Jen talked about the following topics: Jen’s Cyberthreat Mash-Up Citrix! CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519. New critical Citrix ADC and Gateway flaw exploited as zero-day Citrix Releases Security Updates for NetScaler ADC and Gateway. Citrix has released security updates to address high and critical vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467) affecting NetScaler ADC and NetScaler Gateway. ACSC: Citrix Products NetScaler ADC and NetScaler Gateway Zero Day Vulnerability 2023-050: Citrix NetScaler Critical Vulnerability. PDF. MOVEit! EMSISOFT - Unpacking the MOVEit Breach: Statistics and Analysis. The tail of the MOVEit hack may be longer than we realize. Clop now leaks data stolen in MOVEit attacks on clearweb sites. Clop gang to earn over $75 million from MOVEit extortion attacks Microsoft expanding cloud logging to give customers deeper security visibility. CISA: CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly CISA: Microsoft to Offer Some Cybersecurity Free After Suspected China Hack More ransomware! Coveware Q2 Ransomware Report: Ransom Monetization Rates Fall to Record Low Despite Jump In Average Ransom Payments. Quarterly GRIT Ransomware Report – Q2 2023. Complete Q2 GRIT Ransomware Report here. “ DOJ merges cyber, cryptocurrency units to go after ransomware attacks The FBI’s Cynthia Kaiser on how the bureau fights ransomware The Week in Ransomware - July 21st 2023 - Avaddon Back as NoEscape Ransomware Roundup - Cl0p QILIN Ransomware Report Linux Ransomware Poses Significant Threat to Critical Infrastructure Between Two Nerds: Shaping ransomware group behaviour (podcast) New blog posts from CISA! CISA: Take the First Steps Towards Better Cybersecurity With these Four Goals. CISA: Evolving CDM to Transform Government Cybersecurity Operations and Enable CISA’s Approach to Interactive Cyber Defense Jen manifests her Cybersecurity Evangelist to talk scams! Called a bogus airline customer support number? Google is hustling to fix that Plane sailing for ticket scammers: How to keep your flight plans safe Increase in Tech Support Scams Targeting Older Adults and Directing Victims to Send Cash through Shipping Companies Scams Targeting the Elderly: FBI IC3 Increase in Tech Support Scams Targeting Older Adults and Directing Victims to Send Cash through Shipping Companies FBI: Tech support scams now use shipping companies to collect cash Health Preparedness! FACT SHEET: White House Launches Office of Pandemic Preparedness and Response Policy and more on severe weather, climate and health: Mosquitos Are Moving to Higher Elevations—and So Is Malaria. Tornado damage to Pfizer plant will probably create long-term shortages of some drugs hospitals need WSJ: The World Bakes Under Extreme Heat Boiling in Phoenix: City set to break U.S. record for consecutive days over 110 degrees Texas power use hits record high as heatwave lingers Heatwave brings health warnings as extreme weather grips globe The heat index reached 152 degrees in the Middle East — nearly at the limit for human survival Tokyo Heat Smashes 150-Year Trend as Extreme Weather Bakes Globe Smoke from Canadian wildfires places 60 million US residents under air quality alerts Ongoing rounds of rain to keep flash flood risk elevated in northeastern US QH: SAVE THE DATE! H2OSecCon Powered by WaterISAC. United States tops 400 mass shootings in 2023 IBM Report: Half of Breached Organizations Unwilling to Increase Security Spend Despite Soaring Breach Costs. Report overview. PDF in DB. What’s new in the 2023 Cost of a Data Breach report New CISA Products Released. CISA Develops Factsheet for Free Tools for Cloud Environments. NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing. New Zealand shooter kills two ahead of Women's Soccer World Cup

The Gate 15 Interview: Dr. G. Keith Still on crowd security, drinking whisky, smashing ashtrays in Saudi Arabia, the Land of Ice and Fire, and what not to ask a Scotsman. Jul 24, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Dr. G. Keith Still, Crowd Dynamic Expert, Visiting Professor of Crowd Science at University of Suffolk and Director, Crowd Risk Analysis Ltd. G. Keith Still BSc PhD FIMA FICPEM SFIIRSM FIPM FHEA MAE has a PhD in “Crowd Dynamics”. He combines risk analysis with crowd behavior in both crowd models and crowd simulations. He is a visiting Professor at University of Suffolk and teaches at Breda University of Applied Science (Holland). Keith has over 30 years of consulting experience across a range of international crowd safety and risk analysis environments and has advised on crowd behavior, crowd risks and crowd safety considerations for events of 500 people to 3,000,000 people. He has published two books on the subject of Crowd Safety and Crowd Risk Analysis “Introduction to Crowd Science” and “Applied Crowd Science.”His project/consulting work includes planning for the Royal Wedding (UK, 2011), Hajj projects, (Saudi Arabia, Jamarat 2000 - 2005, Makkah 2000 - 2013), Olympic Events (Sydney 2000, London 2014), New Year Events (London, Sydney, Dubai), Canada Day (Ottawa).

Dr. Still on LinkedIn.
By email: Gkstill@me.com

In the discussion we address:

Keith’s background, teaching and current activities
The International Association of Venue Managers (IAVM) and the Academy for Venue Safety and Security (AVSS)
His visits to Saudi Arabia and experience securing the Hajj as well as smashing ashtrays and one of his favorite anecdotes
The importance of risk registers and risk assessments
The potential dangers of an attitude of “we’ve always done it this way, why should we change,” the psychology of behavior, and other ideas.
And Keith plays Three Questions to discuss travel, food, kilts and more.

Some links from our discussion include:

Nerd Out Security Panel Discussion: EP 38. ISACs, ISAOs, and the Faith-Based community with FB-ISAO Executive Director Mayya Saab Jul 17, 2023

In the latest episode of Nerd Out, Dave welcomed Mayya Saab, the Executive Director of the Faith-Based Information Sharing and Analytics Organizations (FB-ISAO). The pair discussed Maya's path to working in security and preparedness and how it prepared her for her current role. Then Mayya talked about the importance of Information Sharing and Analytic Centers and Organizations, and specifically the FB-ISAO. Mayya, talked about how their community of faith works, and why it is important that these organizations work together with their government partners. Finally Mayya talked about the collaboration within FB-ISAO, and what's next.

Weekly Security Sprint EP 25. National Cybersecurity Strategy, Mass Killings Report, and more cybersecurity news plus quick hits Jul 17, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics: National Cybersecurity Strategy. Biden-⁠Harris Administration Publishes the National Cybersecurity Strategy Implementation Plan (PDF). With notable references to ISACs & ISAOs, some emphasis on SBOMs, and more. National Cyber Director unveils ‘roadmap’ for cyber strategy goalsTHE CYBERSECURITY 202: Court temporarily dunks water cybersecurity initiative Water Cybersecurity Plan on Pause. Biden administration water cybersecurity plan temporarily blocked https://apnews.com/article/mass-killings-record-gun-violence-0174103c37756fe4d247fd15cd3bc009 USA Today. https://www.usatoday.com/in-depth/graphics/2022/08/18/mass-killings-database-us-events-since-2006/9705311002/ Assessing the Political Motivations Behind Ransomware Attacks. https://www.karennershi.com/Assets/Assessing_Political_Motivations_Behind_Ransomware.pdf THE CYBERSECURITY 202 - What we know (and don’t know) about the government email breach Microsoft Email Hack Shows Greater Sophistication, Skill of China’s Cyberspies Chinese threat actors hacking Microsoft and through that other organizations including The Dept. of State. Analysis of Storm-0558 techniques for unauthorized email access. ‘On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation into this incident and deploy defense in depth measures to harden all systems involved, we’re providing this deeper analysis of the observed actor techniques for obtaining unauthorized access to email data, tools, and unique infrastructure characteristics.’ Chinese hackers breach U.S. government email through Microsoft cloud Chinese Hackers Breached Email of Commerce Secretary Raimondo, State Department Officials Targeting of State Department, Others in Microsoft Hack ‘Intentional’ Bicameral, Bipartisan Leaders Introduce Legislation To Strengthen Federal Cybersecurity Director Wray Champions FBI Before House Judiciary Committee Christopher Wray's Congress Testimony—Five Key Moments The FTC is investigating whether ChatGPT harms consumers; The agency’s demand for OpenAI’s documents about AI risks mark the company’s greatest U.S. regulatory threat to date Ordering the Selected Reserve and Certain Members of the Individual Ready Reserve of the Armed Forces to Active Duty What Is Operation Atlantic Resolve? Biden's Plan for U.S. Troops in Europe Growing reliance on satellites requires new approach to cybersecurity in space, expert says OT Cybersecurity Breach Disrupts Operations at the Port of Nagoya, Japan CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online.

Weekly Security Sprint EP 24. Hostile Events, "Cyber Punk" scams, negligent insiders and the weatherman Jul 10, 2023

In this week's Security Sprint, Dave and Jen discussed the following topics: China Hostile Event. BBC. https://www.bbc.com/news/world-asia-china-66151247 Cyber Scams. Cyberpoint. https://blog.checkpoint.com/security/amazon-prime-day-this-year-already-started-for-cybercriminals-check-point-research-calls-online-shoppers-to-be-wary/ Pride Event Attack. Reuters. https://www.reuters.com/world/europe/anti-lgbt-protesters-break-up-pride-festival-georgia-2023-07-08/ Water-Based Insider. https://industrialcyber.co/utilities-energy-power-water-waste/former-water-contractor-employee-tampers-with-water-treatment-systems-posing-public-health-and-safety-threat/ Quick Hits. Paris Protest. https://www.reuters.com/world/europe/paris-protest-against-police-violence-banned-after-riots-2023-07-08/ Movie. https://www.bleepingcomputer.com/news/security/moveit-transfer-customers-warned-to-patch-new-critical-flaw/?utm_source=dlvr.it&utm_medium=twitter Weatherman. https://www.nbcphiladelphia.com/weather/stories-weather/sunday-storms-could-cause-evening-flooding-in-philly/3600770/

Weekly Security Sprint EP 23. Hate based attacks, was Andy in Russia, the weather report, Cyber analysis, and more. Jun 26, 2023

In this week's Security Sprint, Dave and Andy discuss the following topics: Georgia Synagogue Incidents. Dave also touched on LGBT and Pride Month. Links relating to those and other recent faith-based incidents include: Antisemitic rally held outside of Cobb County synagogue Outrage erupts as police allow neo-Nazis to protest outside Georgia synagogue FBI: UP man accused of planning synagogue attack had guns, Nazi flag Massachusetts church vandalized after LGBTQ Pride flags removed: 'Stay Gay' Year in Review: Anti-LGBTQ+ Hate & Extremism Incidents, 2022 – 2023 White supremacists protest Pride in Perry event Sacramento children-centric LGBTQIA+ Pride event met with protesters U.S. Attorney, FBI Raise Awareness on Importance of Reporting Hate Crimes Vandalism at Fowlers United Methodist Church Annapolis church vandalized, left with $100K in damages Man dies after shooting in Meridian church parking lot NEW JERSEY JEWISH CANCER CENTER VANDALIZED WITH ANTISEMITIC GRAFFITI ANTISEMITIC 'GDL' FLYERS FOUND IN SEVERAL PENNSYLVANIA TOWNS POLICE SEARCHING FOR SUSPECT AFTER ANTISEMITIC LEAFLETS SURFACE IN PA ANTISEMITIC 'GDL' FLYERS DISCOVERED IN ST. LOUIS INDIANAPOLIS 'MOMS FOR LIBERTY' FORCED TO APOLOGIZE AFTER QUOTING HITLER ANTISEMITIC GRAFFITI DISCOVERED OUTSIDE SOUTH FLORIDA RESTAURANT Dobbs, one year later: US activists rally one year after Supreme Court allowed abortion bans A year after Roe’s fall, Women’s March returns to press for abortion access The Dobbs Decision and the End of Roe, One Year Later A Year After the End of Roe V. Wade, How Much Has Really Changed? Statement from President Joe Biden on the Anniversary of Dobbs v. Jackson Women’s Health Organization Remarks by President Biden in a Political Event with Reproductive Rights Groups Dave and Andy Discuss Andy’s Curiously-Timed Absence, Russia & Wagner Group OSAC Security Alert: Moscow (Russia), Wagner Group Fighting in Russia (24 Jun) ‘Putin humiliated’: what the papers said about the Wagner rebellion in Russia Russia: Putin accuses Wagner boss of treason in national address – video Prigozhin’s rockstar exit from Rostov shows public support for ‘traitor’ U.S. spies learned in mid-June Prigozhin was planning armed action in Russia What is the Wagner Group? A look at the mercenary group led by man accused of ‘armed mutiny’ in Russia Open rebellion against Russia may be Wagner chief Prigozhin’s last stand Russian defence minister appears in video after Wagner mutiny Russia calls for unity behind Putin after aborted mutiny Questions Swirl on Russia Truce as Leaders Stay Silent; Defense chief reappears, Kremlin media suggest Prigozhin could yet face charges Muted Response in China to Deal Halting Rebellion Soufan - Wagner Group: The Evolution Of A Private Army Russia Says Foiled Attempted Smuggling of Radioactive Material Sever Weather! Weather Report: https://www.cnn.com/2023/06/26/us/extreme-flood-risk-first-street-federal-data-climate/index.html Men die in extreme heat: https://www.cnn.com/2023/06/25/us/big-bend-national-park-deaths/index.html Cyber Force? Senate Armed Services Committee directs independent assessment for creating a Cyber Force; Quick Hits CISA Adds Six Known Exploited Vulnerabilities to Catalog. CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CISA Adds Five Known Exploited Vulnerabilities to Catalog. CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. COVID Origins ODNI RELEASES REPORT ON THE POTENTIAL LINKS BETWEEN THE WUHAN INSTITUTE OF VIROLOGY AND THE ORIGIN OF COVID-19 & THE POTENTIAL LINKS BETWEEN THE WUHAN INSTITUTE OF VIROLOGY AND THE ORIGIN OF THE COVID-19 PANDEMIC. Intelligence Community releases declassified COVID origins report, lawmakers say it ‘lends credence’ to lab leak theory

The Gate 15 Interview EP 36: Chris Anderson, Lumen Technologies on ‘working hard, trying to make a difference,’ the wild west days of DHS, private-public partnership, the glory of coffee, and more! Jun 25, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Chris Anderson, Principal Advisor, National Security & Emergency Preparedness, Lumen Technologies. Chris Anderson is an incident management and infrastructure protection expert with three decades of government, military, and private sector experience. He is currently the Principal Advisor for National Security & Emergency Preparedness at Lumen. In addition to his role at Lumen, he is the 2023 Industry Chair of the Communications Sector Information Sharing and Analysis Center.Chris previously held a variety of emergency management and national security positions at the Federal Communications Commission and US Department of Homeland Security. He served as the FCC’s Chief of Operations and Emergency Management, leading the Commission’s incident management activities, operations centers, national security coordination, and Continuity of Operations programs. Prior to joining the Commission, Chris worked in critical infrastructure protection at the Department of Homeland Security, serving in a variety of leadership positions in the Office of Infrastructure Protection, including serving as Director of the National Infrastructure Coordinating Center. Chris began his career with a decade on active duty in the U.S. Navy as a helicopter pilot and retired from the Navy Reserve in 2016.Chris is a 2010 graduate of the National War College with a master’s degree in National Security Strategy; he holds a second master’s degree in Management Information Systems from Bowie State University and received his undergraduate degree from the University of Virginia.

Chris’s background, in the Navy, at DHS, at the FCC and today with Lumen.
The wild west days of DHS and what has become CISA
‘working hard, trying to make a difference’
Incident response
Working in the public and private sector.
Chris’s thoughts on CISA and improving the private-public partnership
Working with NATO.
With shout outs to some great leaders and old friends including Bob Stephan, Linda Solheim, Bob Kolasky, Caitlin Durkovich, Steve Bieber, and others
4th of July celebrations, the glorious drink that is coffee, saving the world, and more!

Nerd Out Security Panel Discussion: EP 37. Counter-terrorism, redecorating and more - looking back and looking forward in 2023. Jun 19, 2023

After a month off, the Nerdies get back together to look at 2023. Dave welcomes back Bridget Johnson and Joe Levy to catch up on what has happened in 2023, and talk about what is surprising, and not so surprising in 2023, as well as look ahead for the rest of the year before getting into some fun summer questions. The topics included a look at the various hostile events, to include inspiration from previous threat actors, climate change and challenges addressing it, protests and demonstrations, as well as a reminder not to forget about international terror threats, how economic conditions can affect the workplace and other security challenges.

Weekly Security Sprint EP 22. Cyber and Physical Reports Galore, plus some disrupted hostile events. Jun 19, 2023

In this week's Security Sprint, Dave and Jen talk about the following topics: BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces. https://www.cisa.gov/news-events/alerts/2023/06/13/cisa-issues-bod-23-02-mitigating-risk-internet-exposed-management-interfaces Volt Typhoon https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a Hostile Event Arrests. Austria LGBTQ+ Parade Arrests. https://www.bbc.com/news/world-europe-65944514?at_link_type=web_link&at_medium=social&at_ptr_name=twitter&at_link_id=948A7BFE-0DDC-11EE-90F5-49B87E934D9D&at_campaign_type=owned&at_link_origin=BBCWorld&at_bbc_team=editorial&at_format=link&at_campaign=Social_Flow Synagogue Attack Arrest. https://www.foxnews.com/us/michigan-19-year-old-planned-synagogue-mass-shooting-fbi-claims MOVEit. https://www.cisa.gov/news-events/alerts/2023/06/15/progress-software-releases-security-advisory-moveit-transfer-vulnerability Millions of Oregon, Louisiana state IDs stolen in MOVEit breach https://www.bleepingcomputer.com/news/security/millions-of-oregon-louisiana-state-ids-stolen-in-moveit-breach/ Great recap: CVE-2023-34362: MOVEit Vulnerability Timeline of Events (Last updated at Fri, 16 Jun 2023 15:18:17 GMT) https://www.rapid7.com/blog/post/2023/06/14/etr-cve-2023-34362-moveit-vulnerability-timeline-of-events/ Friday - The Cybersecurity 202: The MOVEit ransomware reckoning has begun https://www.washingtonpost.com/politics/2023/06/16/moveit-ransomware-reckoning-has-begun/ MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately” https://nakedsecurity.sophos.com/2023/06/15/moveit-mayhem-3-disable-http-and-https-traffic-immediately/https://www.helpnetsecurity.com/2023/06/19/cve-2023-35708/https://www.washingtonpost.com/technology/2023/06/16/moveit-ransomware-attack/ TE-SAT. European Union Terrorism Situation and Trend Report 2023 (TE-SAT) which provides the most comprehensive and up-to-date intelligence picture on terrorism in the European Union. Quick Hits Verizon Data Breach investigations report comes out tomorrow LockBit CSA ⁠https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a⁠ Baseboard Management Controller (BMC) ⁠https://media.defense.gov/2023/Jun/14/2003241405/-1/-1/0/CSI_HARDEN_BMCS.PDF⁠ Proofpoint’s 2023 Human Factor Report ⁠https://www.proofpoint.com/us/blog/threat-insight/2023-human-factor-analyzes-evolving-threats-attack-chain⁠ A pretty good overview on Proofpoint’s 2023 Human Factor Report: Cybercriminals return to business as usual in a post-pandemic world ⁠https://www.helpnetsecurity.com/2023/06/16/post-pandemic-threat-landscape/⁠ How a Shady Chinese Firm’s Encryption Chips Got Inside the US Navy, NATO, and NASA Las Vegas police foil Stanley Cup terror threat hours before Golden Knights win PERSPECTIVE: The Rising Incel Terrorism Threat and the Broader Problem of Misogynistic Violence Why connected cars are the next frontier in cybersecurity New Food and AG-ISAO. Food Producers Band Together in Face of Cyber Threats CISA, FBI, and MS-ISAC Update Joint CSA on Progress Telerik Vulnerabilities. Forrester: Ransomware, Business Email Compromise and AI Among Top Cybersecurity Threats in 2023 Real Estate Firm Hack Affects 319,500 Patients, Employees; Owner of Addiction Treatment Centers, Medical Offices and Hotels Hit by Ransomware GAO: Violent Extremism and Terrorism: Agencies Can Take Additional Steps to Counter Domestic Threats, GAO-23-106758 ‘More extreme, more violent’: experts’ warning over khaki-clad Patriot Front; Their button-up shirts and chinos have prompted mockery but experts say the far-right group is becoming increasingly violent

Weekly Security Sprint EP 21. Critical Infrastructure incidents, Indictments, Heat injuries, PPD-21! Jun 13, 2023

In the latest episode of the Weekly Security Sprint, Dave and Andy covered the following topics: Infrastructure Security. Idaho Power Plant. https://www.ktvb.com/article/news/crime/man-shooting-at-idaho-power-equipment-hells-canyon-brownlee/277-27bfdfd6-9718-4497-979d-7ac51ce2f7e1 I-95 Bridge Collapse. https://www.phila.gov/2023-06-11-updates-on-the-i-95-fire-and-partial-highway-collapse/ Trump Indictment Special Counsel Jack Smith Delivers Statement House Judiciary Committee: Testimony Reveals Senior FBI Official Expressed Concerns about Trump Raid Trump will face judge in historic court appearance over charges he mishandled secret documents. Miami officials stress 'law and order' in preparation for Trump's indictment hearing BBC LIVE - Miami ready for protests before Trump court appearance Journalists barred from using cameras, cellphones in courthouse during Trump arraignment Fears that Republicans’ rhetoric after Trump indictment could spark violence Trump’s Miami court date brings fears of violence, rally plans ‘I Want Blood’: Heavily-Armed Trump Supporters Say They’ll Protest Trump’s Indictment Trump Supporters’ Violent Rhetoric in His Defense Disturbs Experts Trump Extremists Demand Civil War, Mass Murder After New Indictment Kari Lake Warns Biden, DOJ Will Have to Go Through ‘Card-Carrying Members of the NRA’ to Get to Trump Heat injuries links Heat Injuries for Organizers. https://www.multco.us/help-when-its-hot/tips-summer-event-organizers CDC. https://www.cdc.gov/niosh/topics/heatstress/heatrelillness.html CSC 2.0. CSC 2.0 offers recommendations for enhancing private-public collaboration with an eye to the pending PPD-21 update. Overall, good recommendations, with some notable misses. CSC 2.0. Revising Public-Private Collaboration to Protect U.S. Critical Infrastructure FB Security CNN. One of the most dangerous hours in America is now 11 o’clock on Sunday morning Secretary Mayorkas Brings Together Faith Leaders to Discuss Efforts to Enhance DHS’s Work to Protect Houses of Worship. Planning and Armed Congregants Top Church Security Measures; Pastors’ Views on Church Security: A Survey of American Protestant Pastors (PDF) Quick Hits The Light: Inside the UK’s conspiracy theory newspaper that shares violence and hate San Francisco 49ers to recruit IT staff and overhaul cybersecurity processes after data breach; Ransomware attack saw personal data of more than 20,000 people exposed to criminals. Gate 15’s ~ Ransomware Resilience ~ Security Summer Sale! NWS: Poor Air Quality Persists. Read More FBI IC3 - Business Email Compromise: The $50 Billion Scam FBI IC3-Malicious Actors Manipulating Photos and Videos to Create Explicit Content and Sextortion Schemes. T Seven key insights from the 2023 Verizon Data Breach Investigations Report AI’s Growth Threatens to Flood 2024 Campaigns With Fake Videos Blended Threats - Hacks Against Ukraine’s Emergency Response Services Rise During Bombings Human Rights Campaign declares a national state of emergency for LGBTQ+ people Cuba to Host Secret Chinese Spy Base Focusing on U.S. The Bold Plan to Create Cyber 311 Hotline CIA And Mossad-Linked Surveillance System Quietly Being Installed Throughout The United States: Report CISA and Partners Release Joint Guide to Securing Remote Access Software SPLC: The Year in Hate & Extremism 2022 CISA and FBI Release #StopRansomware: CL0P Ransomware Gang Exploits MOVEit Vulnerability. Ransomware group Clop issues extortion notice to ‘hundreds’ of victims MOVEit Transfer and MOVEit Cloud Vulnerability New MOVEit Transfer critical flaws found after security audit, patch now Canadian Centre for Cyber Security - MOVEit Transfer security advisory (AV23-322) MOVEit: BBC and British Airways affected by data breach at payroll company Zellis Microsoft says Clop ransomware gang is behind MOVEit mass-hacks, as first victims come forward CrowdStrike: Movin’ Out: Identifying Data Exfiltration in MOVEit Transfer Investigations

The Risk Roundtable EP: 42. Drones, AI, Organized Retail Crime and Security Mindfulness Jun 06, 2023

In the latest episode the Risk Roundtable, Andy and Dave welcome in Angie Gad to run through the hits. The topics discussed include: Drones Russia's Drone Barrage Ineffective Due to 'Poor Targeting Processes'—U.K. Inside Ukraine’s secretive drone program Russia says shoots down Ukraine-launched drones over Crimea, Kursk Gate 15 Resource Links: Drones AI Oh ****, maybe we did start building SkyNet… AI Threat Placed on Par With Pandemics, Nuclear War More than 350 people signed a statement released by the Center for AI Safety, an organization that said it works to reduce AI risks. AI-Controlled Drone Goes Rogue, 'Kills' Human Operator in USAF Simulated Test They Plugged GPT-4 Into Minecraft—and Unearthed New Potential for AI Cyber News Microsoft is attributing the these attacks to Cl0p ransomware. CISA Adds One Known Exploited Vulnerability to Catalog. CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34362 Progress MOVEit Transfer SQL Injection Vulnerability New York State Department of Financial Services MOVEit Transfer Vulnerability MOVEit: The Week in Ransomware - June 2nd 2023 - Whodunit? HuntressLabs, Mandiant, Rapid7, TrustedSec, and Trustwave have published more details on the attacks targeting MOVEit file-transfer appliances. Article: CISA orders govt agencies to patch MOVEit bug used for data theft Deployed publicly accessible MOVEit Transfer? Oh no. Mass exploitation underway New MOVEit Transfer zero-day mass-exploited in data theft attacks Joint Cybersecurity Advisory: ⁠U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence⁠, ⁠PDF⁠ ⁠'The Comm': The Group Linked to a Nationwide Swatting Rampage⁠ ⁠The 2024 race promises to be ‘very, very active’ in terms of foreign and domestic meddling, says former CISA chief⁠ Blended Threats - ⁠Study: Severe Weather–Related Power Outages Pose Increasing Threat to Patients Who Rely on Electronic Medical Equipment⁠ ⁠What the debt ceiling deal means for U.S. cyber agency⁠ Hurricanes. CSU released its second forecast for the 2023 Atlantic hurricane season on Thursday, 1 June The 2023 Atlantic Hurricane Season Is Here – Here Are The Key Things You Should Know 2023 Atlantic Hurricane Season Has Officially Begun – Here's What Is Typical In June And July Here's How To Get Ready For Hurricane Season Pride Month Concerns. Tree of Life synagogue: Gunman driven by 'malice and hate'⁠⁠MSU reports gunman watched campus tours, searched school shootings prior to mass shooting⁠ Layton Target evacuated after bomb threats reported at multiple Utah stores. Spotlight: Culture War Rhetoric Escalate to Physical Threats. ⁠At Least 9 Target Stores Received Fake Bomb Threats Over Pride Merchandise⁠ ⁠FBI investigating threats of violence to Omaha religious centers⁠. “According to authorities, the author of the note claims to represent Jane’s Revenge — an abortion rights extremist group that Homeland Security has linked to arson attacks against buildings of ideological opponents.” ⁠Recent attacks put staffers on edge as authorities look for answers; Threats cut across party lines⁠ ⁠Experts warn against canceling Pride campaigns after extremists threaten Target⁠ ⁠Target Pride backlash exposes 'rainbow capitalism' problem, designer says⁠ ⁠Pride Month is a war. Brands are the battlefield.⁠ Motorists Face Hate Messages After White Supremacists Hack Interstate Road Sign FB-ISAO Threat Level Update, June 2023. Based on this review, we have determined to maintain all threat levels at GUARDED, meaning that FB-ISAO is aware that a general risk of incidents exists, but there are no target or time specific threats requiring an escalation in our overall preparedness at this time.

Weekly Security Sprint EP 20. Memorial Day Special - NTAS, vehicle ramming, protecting places of worship, blended threats and more. May 29, 2023

In this week's Security Sprint, Dave and Andy discussed the following topics: What Memorial Day means to them. National Terrorism Advisory System (NTAS) DHS Issues National Terrorism Advisory System A Vehicle Ramming· U-Haul Truck Crashes into Security Barrier Near White House; 1 in Custody U-Haul driver identified, charged after crashing truck into barriers near White House. UK: Hostile Vehicle Mitigation (HVM) NPSA have released a new Hostile Vehicle Mitigation (HVM) video. HVM puts a protective barrier around your site protecting you, your people, and your infrastructure. Protecting Places of Worship. Protecting Places of Worship: Six Steps to Enhance Security Against Targeted Violence; Protecting Places of Worship: Six Steps to Enhance Security Against Targeted Violence Fact Sheet. FACT SHEET: Biden-Harris Administration Releases First-Ever U.S. National Strategy to Counter Antisemitism ICYMI: Security Debrief, 15 June 2020: A Letter to the Trump Administration – Establish a Faith-Based Sector of Critical Infrastructure Blended Threats COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises. This newly-discovered malware could disrupt power generation — and do physical damage When Natural Disasters Cause Network Threats. Record-breaking Tonga undersea volcano disrupted satellite signals in space. U.S. and International Partners Release Advisory Warning of PRC State-Sponsored Cyber Activity & People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection. China rejects claim it is spying on Western critical infrastructure China Hack Is Latest Challenge for West’s Diplomatic Reset With Beijing Quick Hits Ransomware Research Reveals 12 Vulnerabilities Have Become Newly Associated with Ransomware in Q1 2023 Am I Vulnerable to Ransomware? CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF). IT Worker Admits Piggybacking on Hacker's Extortion Attempt Ransomware resurgence after ‘strange year’ in 2022, insurance data shows THE MONEY MESSAGE GROUP - A NEW RANSOMWARE THREAT New Ransomware Wave Engulfs over 200 Corporate Victims NOAA predicts a near-normal 2023 Atlantic hurricane season

Weekly Security Sprint EP 19. Business Email Compromise, Pride Month, Ransomware, and Venue Security May 22, 2023

On this week's Security Sprint Dave and Andy talked about the following topics: Cyber Signals (BEC) Shifting tactics fuel surge in business email compromise. On 19 May, Microsoft “released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Ransomware Cybersecurity experts confirm school security blueprints stolen in MPS ransomware attack. Russian National Charged with Ransomware Attacks Against Critical Infrastructure. CISA and Partners Release BianLian Ransomware Cybersecurity Advisory. Ransomware Revenue Down As More Victims Refuse to Pay Ransomware comes back with a vengeance Philadelphia Inquirer hit by cyberattack causing significant disruption New RA Group ransomware targets U.S. orgs in double-extortion attacks. Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online Ransomware Roundup - Maori LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea Ransomware corrupts data, so backups can be faster and cheaper than paying up MalasLocker Ransomware Targets Zimbra Servers, Demands Charity Donation ScanSource says ransomware attack behind multi-day outages Are Ransomware Attacks Declining, or Has Reporting Worsened? Pride Month. Orlando Digital Traffic Sign Blasts Vile Message to ‘Kill All Gays.’ Threats against the LGBTQIA+ community intensifying: Department of Homeland Security. Venue Security. BBC: El Salvador stadium crush leaves at least twelve dead NY Times: What to Know About the Houston Astroworld Tragedy NBC News: Gilroy Garlic Festival Mass Shooting Quick Hits: Computer in Russia breached Metro system amid security concerns, report says. 'Belligerent' passenger arrested after hitting flight attendant with intercom phone, Frontier Airlines says | CNN DOJ: Judge Imposes Eight Consecutive Life Sentences Plus 260 Years in Prison for ISIS-Inspired 2017 Murder of Eight Victims and Attempted Murder of 18 Others in NYC Truck Attack. Congress looks to expand CISA’s role, adding responsibilities for satellites and open source software. World likely to breach 1.5C climate threshold by 2027, scientists warn Burleson Man Who Idolized Mass Shooters Charged With Possessing Homemade Bomb: Feds New Mexico Shooter Was Wearing Bulletproof Vest, Carried Cryptic Note In His Pocket, Police Say At least 3 people killed, 2 cops injured in New Mexico shooting 3 dead, 6 injured in New Mexico shooting: Police Massachusetts Man Indicted for Acting as an Illegal Agent of the People’s Republic of China Zoom executives knew about key elements of plan to censor Chinese activists Pentagon leak suspect Jack Teixeira warned about mishandling classified info, prosecutors say FBI misused surveillance tool on Jan. 6 suspects, BLM arrestees and others Homeland Security Uses AI Tool to Analyze Social Media of U.S. Citizens and Refugees; US Dept. of State: 2022 Report on International Religious Freedom Montana’s TikTok ban: why has it happened and will it work?

The Gate 15 Interview EP 35: Angie Gad on intelligence, analysis, emerging threats, and the joys of good coffee, the beach and Mediterranean Vibes! May 22, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Angie Gad. Angie is an experienced manager with a demonstrated ability to build and lead analyst teams having worked in intel and analysis in the private and public sectors. Skilled in teaching intelligence analysis, writing, and briefing with years of experience instructing and training analysts and students in analytical tradecraft. Subject matter expert on violent extremists, specifically far-right extremists, anti-government militias, and jihadists. Native Arabic speaker with experience living in the Middle East for nearly ten years. Angie Gad on LinkedIn.In the discussion we address: Angie’s background and her experiences working with the public and private sectors. Changes to the threat landscape over the last ten years. The proliferation of online platforms, social media and the complexities of emerging technologies like AI. The horseshoe of international terrorism and domestic extremism. The importance of thinking like the enemy. The beach, coffee, milk tea and Mediterranean Vibes. And more!

Weekly Security Sprint EP 18. Cyclones, faith-based community security, passion jobs, cyber and more! May 16, 2023

In this week's Security Sprint, Dave and Alec talked about the following topics: Weather: https://www.bbc.com/news/world-asia-65587321 https://www.noaa.gov/hurricane-prep Faith-Based Security: https://www.hstoday.us/subject-matter-areas/counterterrorism/nevada-man-charged-with-federal-hate-crimes-for-irvine-taiwanese-presbyterian-church-shooting/ https://www.justice.gov/opa/pr/ohio-man-charged-attempting-burn-down-church-planned-host-drag-show-events https://www.cbsnews.com/texas/news/san-marcos-man-pleads-guilty-fire-austin-synagogue/ https://www.nbcnews.com/news/us-news/man-2-teens-planned-isis-inspired-killings-chicago-mosque-spring-break-rcna21628 https://www.texarkanagazette.com/news/2023/apr/19/texarkana-arkansas-police-department-advises/ The workers leaving their dream jobs Cyber Advisories https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-131a https://www.bleepingcomputer.com/news/security/exploit-released-for-papercut-flaw-abused-to-hijack-servers-patch-now/ Quick Hits Philadelphia Inquirer attack: https://www.inquirer.com/news/philadelphia-inquirer-cyberattack-internet-security-20230515.html Biden calls white supremacy greatest terrorism threat - https://www.politico.com/news/2023/05/13/biden-howard-university-white-supremacy-terrorism-00096811 https://www.dni.gov/files/NCTC/documents/news_documents/2022_10_FBI-DHS_Strategic_Intelligence_Assessment_and_Data_on_Domestic_Terrorism.pdf Malicious AI Tool Ads Used to Deliver Redline Stealer - https://www.trendmicro.com/en_us/research/23/e/malicious-ai-tool-ads-used-to-deliver-redline-stealer.html El Niño is coming back — and could last the rest of the year, according to NOAA - https://www.usatoday.com/story/news/nation/2023/05/13/el-nino-is-likely-coming-what-is-that-will-it-lead-to-heatwaves/70211895007/

Weekly Security Sprint EP 17. More hostile events, ransomware, hurricane predictions, and an end of COVID? May 09, 2023

In the latest episode of the Weekly Security Sprint podcast, Dave and Andy talked about: Hostile Events Mass Killer Kills 8, Wounds 7 at Texas Mall & Gunman Kills 8, Injures 7 in Mass Shooting at Allen Outlets. 7 dead after driver intentionally runs over them in front of migrant shelter One dead, 4 taken to hospital after shooting in Midtown Atlanta, police say Suspected Atlanta hospital shooter Deion Patterson in custody after allegedly killing 1 and injuring 4 Deion Patterson ID’d as suspected Atlanta hospital shooter — what we know about him. Ransomware CISA Jen Easterly: The Attack on Colonial Pipeline: What We’ve Learned & What We’ve Done Over the Past Two Years Victims’ reluctance to report ransomware stymies efforts to curb cyberattacks, say federal officials As ransomware data remain ‘fuzzy,’ US cyber leaders see reasons for optimism ZeroFox: CyberEdge 2023 Cyberthreat Defense Report. Colonial Pipeline ransomware attack's unexpected legacy Counter Ransomware Initiative focused on ‘expanding the tent,’ with Jordan, Costa Rica, Colombia joining Ransomware Attack On Dallas Disrupts 911, Court And Water Systems & Dallas cyberattack highlights ransomware’s risks to public safety, health Hacked university warns of campus text alerts sent by ransomware group U.S.: Cyber Chiefs Forge Partnerships With Physical Security Units As Combined Threats Grow. Meet Akira — A new ransomware operation targeting the enterprise. Hurricanes! · Dave links! COVID. WHO says Covid-19 is no longer a global health emergency. CDC: COVID caused 6% of deaths in 2022, down from 12% in 2021 Critical Infrastructure Cybersecurity: Italian water supplier serving 500,000 people hit with ransomware attack USG Starting to Take Space Cybersecurity Seriously. Peters & Cornyn Reintroduce Bipartisan Bill To Protect Commercial Satellites From Cybersecurity Threats & article: U.S. Senators Reintroduce Legislation on Commercial Satellite Cybersecurity. Top US cyber official warns AI may be the ‘most powerful weapon of our time;’ ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways DoD Co-funds Institute to Research the Neural, Biological, and Cognitive Foundations of Artificial Intelligenc Background Press Call on New Artificial Intelligence Announcements Readout of White House Meeting with CEOs on Advancing Responsible Artificial Intelligence Innovation Statement from Vice President Harris After Meeting with CEOs on Advancing Responsible Artificial Intelligence Innovation Intelligence community working with private sector to understand impacts of generative AI; The United States’ intelligence community is looking to engage with the private sector to help them assess the technology, U.S. Director of National Intelligence Avril Haines told lawmakers Thursday. The NSA’s research chief on emerging tech — including ‘beyond belief’ leaps in AI TikTok – ‘We Respect Your Privacy, Except When We Don’t’ Risky Biz News: TikTok tracked FT journalist: TikTok has confirmed it tracked the movements of Financial Times reporter Cristina Criddle in order to discover if she was meeting with TikTok employees and identify her sources. TikTok Tracked Users Who Watched Gay Content, Prompting Employee Complaints MDM Threats as Newbots Proliferate Rise of the Newsbots: AI-Generated News Websites Proliferating Online Compromised DVR System TBK DVR Authentication Bypass Attack WaterISAC: Vulnerability Awareness – Spike in Attacks against CCTV Products with Critical Five-Year-Old Vulnerability Security Week: Exploitation of 5-Year-Old TBK DVR Vulnerability Spikes

The Risk Roundtable EP: 41. The action is the Juice....jacking, plus active shooter reports, patching, and hurricane preparedness May 02, 2023

In the latest episode of the Risk Roundtable, Dave, Jen and Andy return to talk on very real and maybe somewhat less real threats across the all-hazards environment. Jen kicks things off sharing her thoughts on the recent FBI Advisory on jUIcE JaCKiNg!! Dave continues the focus on the FBI, sharing his heartfelt thoughts relating to the new Active Shooter report. Quick hits touch on Hurricane Preparedness, Patching (always patching!) and a new COVID report. The team then talks a little US-Russian history, and some musical history, as they dive into love it, hate it, or don’t care.

Weekly Security Sprint EP 16. QHSR, a Faith-Based intervention, protests, and cannabis! Apr 25, 2023

In the latest Weekly Security Sprint, Dave and Andy discussed the following topics.

DHS!

See Something, Say Something – Possible Faith-Based Attack Averted & FB-ISAO Turns Five!

FB-ISAO: Five Years Strong. “Happy Anniversary to the Faith-Based Information Sharing and Analysis Organization. 18 April 2023, marks five years of serving the community of faith with information, analysis, and capabilities to help reduce risk while enhancing preparedness, security, and resilience across all-faiths and all-hazards. Our members include Houses of Worship, Charities, Faith-Based Schools, and their affiliated organizations. We are five years strong!”

4-20! Cannabis ISAO Shares Cybersecurity Best Practices for the Cannabis Industry

4-20 2023! Cybersecurity Best Practices for the Cannabis Industry.

Quick Hits:

Ransomware – March Was a Record Setting Month & Dragos Ransomware Report

Blended Threats – Critical Infrastructure Space Asset Disruption Impacts Farming Operations

Farmers ‘crippled’ by satellite failure as GPS-guided tractors grind to a halt. T

New FBI Elder Fraud Report

Elder fraud costs Maine victims millions of dollars, report finds.

3CX – Attack x Within x Attack

SBOM, SBOM, You’re my SBOM!

CISA Releases Two SBOM Documents. On Friday, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM documents and Minimum Requirements for Vulnerability Exploitability eXchange (VEX).
Types of SBOM document
Minimum Requirements for VEX document

Chinese Police Outposts

The Gate 15 Interview EP 34: April is Water-palooza! Chuck Egli and Jen Walker talk WaterISAC! Apr 24, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Chuck Egli, Senior Director at Gate 15 and Director of Preparedness and Response for WaterISAC, and Jennifer Lyn Walker, Director of Cyber Defense for Gate 15 and Director of Infrastructure Cyber Defense for WaterISAC. About WaterISAC: The U.S. water and wastewater sector’s leading national associations and research foundations established the Water Information Sharing and Analysis Center (WaterISAC) in 2002, in coordination with the U.S. Environmental Protection Agency. That same year, it was authorized by Congress in the Bioterrorism Act. WaterISAC is the designated information sharing and operations arm of the Water Sector Coordinating Council. WaterISAC is the only all-threats security information source for the water and wastewater sector. Members provide water and wastewater service to most of the United States, as well as in Canada, Australia, and New Zealand. Membership is also open to organizations in the U.K. and the Netherlands. WaterISAC is a non-profit organization, governed by a board of managers comprising water and wastewater utility managers and state drinking water administrators who are appointed by the partner organizations shown above. Built from the ground up to serve the water sector, WaterISAC is uniquely positioned to understand and support the sector’s needs. Read more. WaterISAC: On Twitter: @WaterISAC Chuck: On LinkedIn Jennifer: On LinkedIn and on Twitter: @Gate15_Jen Topics discussed: Chuck, Jen and WaterISAC’s backgrounds & the WaterISAC mission. The criticality of water – our most critical lifeline! WaterISAC’s evolution over the years, with great reports, resources, forums and events for the water and wastewater community. Physical and cyber threats to the Sector – from extremism and the Hard Reset to insider threats and a lot more! Adding to his comments in last month’s interview, Andy offers CISA more unsolicited guidance… Pirates, monuments, and favorite past times in Andy’s possibly nefarious social engineering game. WaterISAC About WaterISAC H2OSecCon 2022 Coming Soon! H2OSecCon 2023! Sign up for notifications and be there as a sponsor or participant! The Cybersecurity Evangelist, Episode 6 – The ISAC Edition/Series Part 2; A chat with WaterISAC CyberScoop: Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not. 10 Apr 2023 Security Affairs: A cyber attack hit the water controllers for irrigating fields in the Jordan Valley, 11 Apr 2023 The Gate 15 Interview: Climate Change Threats with Dr. Jeff Masters. Sea Level Rise, Drought, the 2023 Hurricane Season, plus Devo, Watermelon and the beauty of the Havasupai Canyon!

Nerd Out Security Panel Discussion: EP 36. Making your way into the security profession Apr 18, 2023

In the latest episode of Nerd Out, Dave took a break from the regular security news discussions and welcomed Alec Davison and April Zupan to talk about their paths to becoming security professionals. The group discussed how they got interested in security and provided some insight into their different paths and inspirations. They also shared some helpful pointers about navigating inside the analytical community, talking to senior leaders or executives, and some activities that ensure they stay on top of the news and latest threat. In between April's eloquent use of vocabulary and Alec's inspirational quotes, Dave interjected and shared some helpful hints as well.

Weekly Security Sprint EP 15. A few of our favorite things - insiders, ransomware, hostile events, and Andy's quick hits Apr 17, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics:

Insiders, hostile events, and data loss

Louisville. AP: https://apnews.com/article/downtown-louisville-shooting-dc7b45a9c5d2b384a16d653864f8b735
DoD Data Loss. USA Today: https://www.usatoday.com/story/news/politics/2023/04/13/dod-leaked-documents-pentagon-military-secrets/11648829002/

Ransomware

Major cybersecurity flaws led to Suffolk County ransomware attack:
The LockBit ransomware (kinda) comes for macOS; Analyzing an arm64 mach-O version of LockBit⁠ & ⁠LockBit ransomware gang appears to be targeting Macs for the first time
Risky Biz News⁠: NCR gets ransomwared: NCR, the world’s largest banking and payments software maker, has ⁠confirmed⁠ that a recent data center outage was caused by a ransomware attack. And see ⁠NCR suffers Aloha POS outage after BlackCat ransomware attack
Karakurt returns: Chinese security firm QiAnXin has a report on ⁠the return of Karakurt⁠, the data extortion division of the old Conti gang.
Technical Analysis of Trigona Ransomware⁠ & ⁠Trigona Ransomware Attacking MS-SQL Servers⁠
Vice Society ransomware uses new PowerShell data theft tool in attacks⁠
Risky Biz News⁠: Kadavro ransomware: Fortinet has an ⁠analysis⁠ of the new Kadavro ransomware they’ve been seeing distributed in the wild disguised as a Tor Browser installer.
Risky Biz News⁠: LockBit ransomware: French security firm Glimps has published a ⁠technical analysis⁠ of Lockbit’s new version, known as LockBit Green.
Risky Biz News⁠: RTM Locker: Trellix researchers have discovered a new RaaS platform named Read The Manual, or ⁠RTM Locker⁠.

Space as Critical Infrastructure:

FDD: Time to Designate Space Systems as Critical Infrastructure & Opinion: Time to designate space systems as critical infrastructure, and reported here: Cyberspace Solarium Commission says space systems should be considered critical infrastructure

Others:

Faith-Based Security: FB-ISAO Newsletter, v5, Issue 4. FB-ISAO is Five Years Strong, Mass Shooting at Covenant School, SPOTLIGHT: Resources, Upcoming Events.
FB-ISAO: Faith-Based Organizations Continue to Be Targets of Hostile Events.
A Proclamation on Days Of Remembrance Of Victims Of The Holocaust, 2023
Statement from President Joe Biden on Orthodox Easter
CSU released its first forecast for the 2023 Atlantic hurricane season on Thursday, April 13. We anticipate that the 2023 Atlantic basin hurricane season will have slightly below-average activity.

MDM:

THE CYBERSECURITY 202: Russians boasted of undetected bots, leaked documents show.
Risky Biz News: Misinformation superspreaders: A report found that Twitter Blue accounts are some of the platform’s biggest spreaders of misinformation.
Unleash the Twitter Bots
What it will look like if China launches cyberattacks in the U.S. “If Xi Jinping moves on Taiwan, we should assume he’ll launch cyberattacks against the United States as part of the operation,” Rep. Mike Gallagher (R-Wis.), chair of the House Select Committee on China, said in an emailed statement.
Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not. ’But even if the event turns out not to be the work of an outside malicious hacker, the threat to water treatment facilities is still very real, said Jennifer Lyn Walker, director of infrastructure cyber defense at the Water Information Sharing and Analysis Center. Furthermore, she said, the incident helped give the attention needed to kickstart a larger conversation about securing the water and wastewater systems, particularly for smaller utilities.
A cyber attack hit the water controllers for irrigating fields in the Jordan Valley; A cyber attack paralyzed the water controllers for irrigating fields in the Jordan Valley that are operated by the Galil Sewage Corporation.

Weekly Security Sprint EP 14. More hostile events - Louisville, Colorado, plus reporting suspicious activities and breach notifications, plus quick hits! Apr 10, 2023

In this weeks Security Sprint, Dave and Andy talked about the following topics: Blue Jeans Workshop Addressing MDM Threats While Protecting Free Speech; Identify and Address MDM (Mis- Dis- and Mal-information) Threats to Critical Infrastructure, While Protecting Free Speech Rights.: Physical Security: Nashville Police: Covenant Investigation Update. “Audrey Hale acted totally alone…planning over a period of months to commit mass murder at The Covenant School… motive for Hale’s actions has not been established and remains under investigation…The investigation shows that Hale fired a total of 152 rounds...” Maryland Man Charged for Making a Threatening Phone Call to an LGBTQ Advocacy Group. “The message referenced the March 27 mass shooting at a school in Nashville, Tennessee, involving multiple shooting fatalities, where the perpetrator was publicly identified as being transgender. During the call, numerous threats were made including, ‘…We’ll cut your throats. We’ll put a bullet in your head….You’re going to kill us? We’re going to kill you ten times more in full.’” 19-year-old charged with plotting shootings at Colorado Springs school, churches & Would-be Colorado school shooter’s mom says it was ‘family decision’ to call cops Texas Man Pleads Guilty to Hate Crime and Arson for Setting Fire to Synagogue Religious leader stabbed during prayer session at Paterson mosque DC church amps up security for Easter after unusual incident, pastor says Hostility Against Churches Is on the Rise in the United States. “…findings indicate that criminal acts against churches have been steadily on the rise for the past several years.” Ex-convict’s letters to shooter foretold Las Vegas massacre. “Letters addressing the gunman who in October 2017 unleashed the deadliest mass shooting in modern U.S. history in Las Vegas…foretold the carnage to come, according to documents obtained Friday.” New from WaterISAC! Physical Security Case Study: Criminal and Suspicious Activity at a Wastewater Utility Cybersecurity: Oakland Acknowledges Ransomware Attack Has Worsened A third of organizations admit to covering up data breaches. “Bitdefender found that 42% of IT and security professionals surveyed had been told to keep breaches confidential — i.e., to cover them up — when they should have been reported.” THE CYBERSECURITY 202: 'Disrupting' hackers is key, says Deputy Attorney General Lisa Monaco FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers. Ransomware! Rorschach – A New Sophisticated And Fast Ransomware; Check Point Research Unveil “Rorschach” - Previously Unseen, Fastest Ever Ransomware & The old way: BabLock, new ransomware quietly cruising around Europe, Middle East, and Asia. Others: Leaked Top Secret and Secret documents, suspected to have been altered, reveal Ukrainian military vulnerabilities and information about allies including Israel, South Korea and Turkey. Ukraine War Plans Leak Prompts Pentagon Investigation; Classified documents detailing secret American and NATO plans have appeared on Twitter and Telegram. Pentagon investigates reported leak of top-secret Ukraine documents Leaked US secret NATO-Ukraine war docs likely altered, say experts Russia Media: Leaked documents sketch out scenarios for Israeli arms pipeline to Kiev The U.S. Withdrawal from Afghanistan, view the PDF: U.S. Withdrawal from Afghanistan; This document outlines the key decisions and challenges surrounding the U.S. withdrawal from Afghanistan. DOD: Statement by Secretary of Defense Lloyd J. Austin III on the Defense Department's Afghanistan After Action Review State: After Action Review on Afghanistan Comer Slams the Biden Administration’s Excuses for the Disastrous Afghanistan Withdrawal

The Risk Roundtable EP: 40. Jen returns! Plus cybersecurity news, Nashville, staying on top of vulnerabilities and more! Apr 05, 2023

In the latest episode of the Risk Roundtable, the prodigal cybersecurity expert returns full of wisdom and words Dave admires but can't understand. Jen brings her expertise to the table and talks about 3CX, and staying vigilant. Dave builds upon vigilance talking about Nashville and about the value of taking stock of lessons learned from the latest school shooting. In the quick hits, Jen and Dave talk about protests, severe weather, and more cybersecurity updates. Not to be outdone, Andy pulls it all together and adds in his usual common sense approach and holding the security profession accountable. Then Andy runs the gang through love it, hate it, or don't care. Some of the references in the pod include: 3CX: 3CX - ⁠https://www.securityweek.com/mandiant-investigating-3cx-hack-as-evidence-shows-attackers-had-access-for-months/⁠3CX - Amazing work and helping the community - Huntress! ⁠https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats Check My Operator (3CX). “This site is a way for users to identify if they were potentially impacted by the supply chain attack against 3CX from March 2023. If the background appears in red, the IP address you are visiting this site from was flagged by security researchers as potentially impacted. We do not have the ability to determine if you are still impacted. This site is a best effort to broadly notify potential impacted parties of this attack by members of the cyber security research community. If the background appears in gray, the IP address you are visiting this site from has not been reported to this site.” Nashville: Details about the Nashville shooter's gender identity sow confusion and disinformation. Audrey Hale’s family ‘laying low,’ communicating through church in wake of Nashville shooting Attacks on Christian schools ‘inevitable' amid rising violence permeating society: Christian education expert warns Hoax Shooting Threats Shut Down New York Schools Days After Nashville Tragedy How Nashville Prepared for the Day It Never Wanted to Face Understand the Threat. Gate 15 White Paper on The Hostile Event Attack Cycle (HEAC), 2021 Update. Protests: Online threats of violence but few signs of far-right organizing around Trump indictment Marjorie Taylor Greene calls for protests in New York after Trump indictment Severe Weather: 32 dead as tornadoes torment from Arkansas to Delaware. The President has made disaster declarations for Arkansas and Mississippi as concerns remain over continued tornado and other severe weather threats. And a reminder from CISA that criminals always seek to leverage these tragedies with scams. Significant Wintry Conditions from Intermountain West to Upper Midwest Here we go again: 2nd tornado outbreak in 5 days looms for Midwest Website Security: Exchange on-prem throttling - ⁠https://techcommunity.microsoft.com/t5/exchange-team-blog/throttling-and-blocking-email-from-persistently-vulnerable/ba-p/3762078⁠ Website Injection - ⁠https://blog.sucuri.net/2023/03/the-top-10-most-dangerous-types-of-injection-attacks.html⁠ Initial Access techniques - ⁠https://blog.qualys.com/vulnerabilities-threat-research/2023/03/30/risk-fact-3-initial-access-brokers-attack-what-organizations-ignore⁠ & ⁠https://thedfirreport.com/2023/03/06/2022-year-in-review/⁠ & ⁠https://vulncheck.com/blog/2022-cisa-kev-review⁠ KEV! IABs!: Bleeping Computer: 15 million public-facing services vulnerable to CISA KEV flaws (31 Mar). Read the report from Rezilion: Get to Know KEV In Our New Research Report (30 Mar) Others: ⁠Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security⁠ Mandiant: ⁠Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan⁠, 30 Mar

Weekly Security Sprint EP 13. Nashville, Political Violence, Severe Weather, alerts, protests and Blue Jeans! Mar 28, 2023

In the latest episode of the Weekly Security Sprint, Dave and Andy covered the following topics:

Nashville School Shooting:

CNN: https://www.cnn.com/us/live-news/nashville-shooting-covenant-school-03-27-23/index.html

Gate 15's Blue Jeans Worksho

The Conversation: ⁠⁠Watermarking ChatGPT, DALL-E and other generative AIs could help protect against fraud and misinformation⁠⁠, 27 March, shared by BJW Panelist, Todd Helmus

Political Violence

NBC: Trump warns of ‘potential death and destruction’ if he’s charged in hush money probe, 24 Mar
Newsweek: Jim Jordan’s Response to Trump’s ‘Death & Destruction’ Post, 24 Mar
CBS: “Significant increase” in threats online ahead of possible Trump indictment, 20 Mar
Breaking 911: Bomb Threats Made Against Manhattan DA, Courts & NYPD HQ As Possible Trump Indictment Nears, 21 Mar
NY Post: Envelope containing suspicious powder, death threat sent to DA Alvin Bragg’s NYC office, 24 Mar

Severe Weather:

BBC: https://www.bbc.com/news/world-us-canada-65072195

Cybersecurity Regulations:

CISA: CIRCIA at One Year: A Look Behind the Scenes, 24 Mar (Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA))

Ransomware:

Palo Alto report: https://unit42.paloaltonetworks.com/multi-extortion-rise-ransomware-report/

DataBreaches.net: Blended Threats! Cyberattack disrupts Spanish medicine distribution, 23 Mar
Lawrence Abrams and Bleeping Computer: The Week in Ransomware - March 24th 2023 - Clop overload, 24 Mar

Others:

Protests: @dave links?
Washington Post’s Cybersecurity 202: Everything you need to know about Thursday’s four cyber hearings, 24 Mar
CyberScoop: The pressing threat of Chinese-made drones flying above U.S. critical infrastructure, 23 Mar
CyberScoop: Fact or fiction, hacktivists’ claims of industrial sabotage in Russia or Ukraine get attention online, 22 Mar and Mandiant: We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems, 22 Mar
DoJ: Justice Department Announces Arrest of the Founder of One of the World’s Largest Hacker Forums and Disruption of Forum’s Operation, 24 Mar & CyberScoop: The FBI’s BreachForums bust is causing ‘chaos in the cybercrime underground,’ 24 Mar
CISA: Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments, 23 Mar

The Gate 15 Interview EP 33: Climate Change Threats with Dr. Jeff Masters. Sea Level Rise, Drought, the 2023 Hurricane Season, plus Devo, Watermelon & the beauty of the Havasupai Canyon! Mar 27, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Dr. Jeff Masters. Jeff Masters, Ph.D., worked as a hurricane scientist with the NOAA Hurricane Hunters from 1986-1990. After a near-fatal flight into category 5 Hurricane Hugo, he left the Hurricane Hunters to pursue a safer passion - earning a 1997 Ph.D. in air pollution meteorology from the University of Michigan. In 1995, he co-founded the Weather Underground, and served as its chief meteorologist and on its Board of Directors until it was sold to the Weather Company in 2012. Between 2005-2019, his Category 6 blog was one of the Internet’s most popular and widely quoted sources of extreme weather and climate change information. He now frequently writes for YALE Climate Connections. On Twitter: @DrJeffMasters In the discussion we address: Jeff’s incredible Hurricane Hugo experience. Intergovernmental Panel on Climate Change (IPCC) Report and going beyond the ‘planetary boundaries of safe operation for the planet.’ Jeff’s important ideas to understand about climate change. Jeff discusses his two biggest climate concerns - the disruptive threats from sea level rise and drought, including: A potential ‘massive financial threat to the US.’ Jeff says, ‘we’re not correctly pricing risk…there threatens to be a shakeout in the…market’ and he notes insurance company struggles in Florida, Louisiana and California as examples before discussing the potential cascading effects associated with humans fleeing from the coasts. Threats to critical infrastructure, including real estate, water and wastewater, transportation and supply chains. And he explains his concerns about drought impacting food prices and leading to famine. Hurricane season 2023, an anticipated El Nino year, perhaps something that may look like the 2018 hurricane season. Plus! Devo, getting outdoors, watermelon, and the beauty of the Havasupai Canyon. A few references mentioned in or relevant to our discussion include: Jeff’s Hurricane Hugo Experience: Weather Underground: Hunting Hugo: The Hurricane Hunters' Wildest Ride, a multi-part story of Jeff’s incredible experience in the eye of Hurricane Hugo. Weather Underground: A flight through Hurricane Hugo, remembered 20 years later, 15 Sep 2009 Originally published in Weatherwise magazine, Hunting Hugo was made available in digital form, complete with the many photos I took on the flight, on the web site I co-founded, Weather Underground. A separate account of the flight was written by a reporter from Barbados who was on the flight, and was published in my Weather Underground blog in 2009. There was a 45-minute episode of “Air Crash Investigation” (AKA “Mayday”) on the Hugo flight called “Into the Eye of the Storm” that aired in 2014. Several hundred thousand dollars was spent on the episode, which included CGI effects, a set built in Toronto to simulate the flight, and actors playing the crew and scientists. In 2022, the video was available with a paid subscription to Paramount Plus. The video was also available for free at apparat.com. Take to the Sky: The Air Disaster Podcast: Episode 85: NOAA 42 Hurricane Hunters, 02 Dec 2021 Intergovernmental Panel on Climate Change (IPCC) Report: The Guardian: Scientists deliver ‘final warning’ on climate crisis: act now or it’s too late, 20 Mar IPCC Sixth Assessment Report, 20 Mar IPCC IPCO Sixth Assessment Report Working Group 1: The Physical Science Basis; Summary for Policymakers BBC: UN climate report: Scientists release 'survival guide' to avert climate disaster, 20 Mar New York Time: Earth to Hit Critical Warming Threshold by Early 2030s, Climate Panel Says, 20 Mar Climate.gov: Climate Change: Global Sea Level, 19 Apr 2022 NASA Vital Signs NASA Sea Level Change; Observations from Space NASA Sea-Level Toolkit: New Guide Helps Planners Prepare, 07 Feb 2023 CNN: Threat of rising seas to Asian megacities could be way worse than we thought, study warns, 08 Mar 2023 Space.com: Sea level rise slowed down in 2022. NASA says it's just a blip, 22 Mar NOAA: Destructive 2018 Atlantic hurricane season draws to an end; NOAA services before, during, after storms saved lives and aided recovery, 28 Nov 2018 Some of Jeff’s recent writing: YALE Climate Connections: With global warming of just 1.2°C, why has the weather gotten so extreme? Climate change increases extreme weather by adding more heat and moisture to the air and through disruption of fundamental atmospheric circulation patterns, 06 Mar 2023 YALE Climate Connections: The other ‘big one’: How a megaflood could swamp California’s Central Valley; A repeat of the state’s Great Flood of 1861-62 could cause over $1 trillion in damage, 25 Jan 2023 YALE Climate Connections: If a megaflood strikes California, these dams might be at risk; The state’s highest-risk dams protect millions of people and tens of billions in property, including Disneyland and the Naval Weapons Station Seal Beach, 26 Jan 2023

Nerd Out Security Panel Discussion: EP 35. Solo Dave talking behaviors, data, and his views on extended universes! Mar 23, 2023

On the latest episode of Nerd Out, Dave goes solo to talk about behavioral analytics, recent reporting and how to merge those together to deliver insights and develop appropriate plans. It's one thing to have the data, and it's one thing to have the reports that point to various types of behaviors, but merging them together can be a challenge. Dave also talks to the ways to develop the data if you don't have a tool. Dave wraps up by giving some thoughts on what he is seeing from the ever expanding extended universes. Is there a reason to be concerned? Could he be losing interest? Reports mentioned in this podcast include: START: https://www.start.umd.edu/spotlight/pirus-dataset-launches-major-update-adding-955-subjects-database U.S. Secret Service: https://www.secretservice.gov/newsroom/releases/2023/01/new-secret-service-research-examines-first-time-five-years-mass-violence

Weekly Security Sprint EP 12. Extremism and Terrorism Reports, Financial Crisis "fears", Climate, and quick hits! Mar 20, 2023

In this Week's Security Sprint, Dave and Andy talk about the following topics. Extremism and Terrorism: START reports. PIRUS: https://www.start.umd.edu/profiles-individual-radicalization-united-states-pirus-keshif; https://www.start.umd.edu/news/major-update-pirus-dataset-adds-955-us-subjects-2019-2021 Press Release via Yahoo! Terrorist attacks more deadly, despite decline in the West, 14 Mar, PDF and complete report, Institute for Economics & Peace: Global Terrorism Index 2023 Catholic Vote: ⁠⁠300th Catholic Church Attacked Since 2020⁠⁠, 13 Mar Banking Fears: World Economic Forum: https://www.weforum.org/agenda/2023/03/fears-global-banking-crisis-economy-roundup/ CNN: https://www.cnn.com/2023/03/16/investing/bank-scare-credit-suisse/index.html Intergovernmental Panel on Climate Change (IPCC) Report: The Guardian: Scientists deliver ‘final warning’ on climate crisis: act now or it’s too late, 20 Mar IPCC Sixth Assessment Report, 20 Mar IPCC IPCO Sixth Assessment Report Working Group 1: The Physical Science Basis; Summary for Policymakers Other: New York Post: NYC bracing for unrest after Trump calls for protests over possible arrest, indictment, 19 Mar The Register: LockBit brags: We’ll leak thousands of SpaceX blueprints stolen from supplier, 13 Mar CISA: CISA Establishes Ransomware Vulnerability Warning Pilot Program, 13 Mar DOJ: Associate Attorney General Vanita Gupta Issues Statement on the FBI’s Supplemental 2021 Hate Crime Statistics, 13 Mar Senator Mark Warner: Warner, Blackburn, Colleagues Request Cybersecurity Analysis of Chinese-Made Drones, 16 Mar SEC: SEC Proposes New Requirements to Address Cybersecurity Risks to the U.S. Securities Markets, 15 Mar CyberScoop: Presidential advisory council recommends cyber mandates for critical infrastructure, 14 Mar

Weekly Security Sprint EP 11. Cyber reports, hate based behaviors and Peacemaker is making waves into security? Mar 13, 2023

On the latest episode of the Security Sprint, Andy bails Dave out on some technology issues and they work through it to cover the following topics. FBI IC3 Report: FBI Internet Crime Report 2022 (PDF) & Report Statistics Risky Biz News: BEC loses top spot in FBI Internet Crime report, 12 Mar Physical Security: NJ [.] com: Man yelled ‘white lives matter,’ threw smoke bombs at N.J. church’s anti-racism concert, 06 Mar Michigan Man Arrested and Charged For Illegally Possessing Firearms While Making Threats to Kill Government Officials, 10 Mar Florida neo-Nazis who projected a swastika on a downtown building say the hysteria over drag queens is helping them recruit people, 10 Mar ODNI Annual Threat Assessment: 'ODNI Releases 2023 Annual Threat Assessment of the U.S. Intelligence Community and see here, PDF report, and U.S. Senate Hearing 08 Mar Risky Biz News: ODNI report highlights China as the US’ biggest cyber threat, 09 Mar SVB: Statement from President Joe Biden on Actions to Strengthen Confidence in the Banking System READOUT: Financial Stability Oversight Council Meeting on March Federal Reserve Board - Federal Reserve Board announces it will make available additional funding to eligible depository institutions to help assure … Federal Reserve Board - Joint Statement by Treasury, Federal Reserve, and FDIC Silicon Valley Bank: why did it collapse and is this the start of a banking crisis? In historic last-minute deal, HSBC acquires Silicon Valley Bank UK, says all depositors’ money is safe Silicon Valley’s surreal weekend SVB’s ventures are taken apart in China, UK after US bank’s collapse Other Cybersecurity Updates: Cyber Incident Reporting Framework: Global Edition (PDF) NBC: Data breach hits ‘hundreds’ of lawmakers and staff on Capitol Hill, 08 Mar CNN: Hundreds of US lawmakers and staff affected by data breach, 08 Mar WaterISAC: Threat Awareness – Keep Our Eyes on Emotet, 09 Mar Cofense: Emotet Sending Malicious Emails After Three-Month Hiatus, 07 Mar WIRED: The Era of Faked CCTV Has Truly Arrived, 07 Mar Washington Post: Cyberattacks Are Just One Part of Hybrid Warfare, 07 Mar Ransomware: WIRED: Ransomware Attacks Have Entered a ‘Heinous’ New Phase, 13 Mar Security Scorecard: ESXi Ransomware - A case study of Royal Ransomware Prepared by: Vlad Pasca, Senior Malware & Threat Analyst Sentinel Labs: IceFire Ransomware Returns; Now Targeting Linux Enterprise Networks, 09 Mar John Cena: Cybersecurity Enthusiast (?): @CenaOnSecurity Gate 15's upcoming Blue Jeans Workshop: Addressing MDM Threats While Protecting Free Speech

The Risk Roundtable EP 39: Special Guests, the latest scams, the National Cybersecurity Strategy and more! Mar 07, 2023

In the latest episode of the Risk Roundtable, Andy and Dave welcome in Tracy Maleef as they went through the latest security news. Tracy kicked things off by looking at a new scam reported on by the Better Business Bureau involving craft fairs (is there no place that's safe). Then the roundtable took turns looking at the recently released National Cybersecurity Strategy and what it means for individuals and organizations, especially around training and information sharing. Andy used the release to also discuss corresponding actions that the EPA is taking to improve the resiliency of the water system. Tracy then transitioned back to other types of scams and how Artificial Intelligence is even getting into the scam business targeting individuals pretending to be loved ones and how safe words could be an effective mitigating factor. Dave wrapped things up with a quick hit on venue security to which the group discussed how this is not strictly a physical security problem, but in fact a blended threat. Andy put the finishing touches on the pod with his three questions (no comment on the new CISA website redesign). National Cybersecurity Strategy: White House: FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy, 02 Mar Gizmodo: I Read the Biden Administration’s New Cyber Policy So You Don’t Have To, 04 Mar US House Committee on Homeland Security: Green, Garbarino Statement on the Release of the National Cybersecurity Strategy, 02 Mar Risky Biz News: White House unveils National Cybersecurity Strategy, 02 Mar HS Today: COLUMN: A Shared Accountability Approach to Cyber Defense, by Bob Kolasky, 02 Mar CISA Readout: Director Easterly Visits Carnegie Mellon University, Calls for “Radical Change” for Technology Product Safety in Major Address, 27 Feb Industrial Cyber: National Cybersecurity Strategy sets its eyes on improving security, resilience across critical infrastructure, 03 Mar WSJ: Cisco Chief Says Tech Products Must Be Made More Secure, 02 Mar Water Cybersecurity: EPA: EPA Takes Action to Improve Cybersecurity Resilience for Public Water Systems, 03 Mar Risky Biz News: EPA releases cybersecurity guidance for US public water sector, 05 Mar CNN: US introduces new rules to protect water systems from hackers, 03 Mar CyberScoop: EPA issues water cybersecurity mandates, concerning industry and experts, 03 Mar SC Media: EPA memo pushes states to include cybersecurity in water safety reviews, 03 Mar Industrial Cyber: EPA issues memorandum to address PWS cybersecurity using sanitary surveys, improve resilience, 06 Mar Venue Security: AP: 1 dead, 9 hurt in stampede at GloRilla concert in New York, 06 Mar Dr. G K Still on Twitter, ‘Teaching crowd safety/risk analysis around the world. Consulting and expert witness experience help develop better teaching and training courses.’ International Association of Venue Managers’ (IAVM) Academy of Venue Safety and Security (AVSS) Scams: BBB Scam Alert: Think twice before filling out craft fair applications, 03 Mar Washington Post: They thought loved ones were calling for help. It was an AI scam., 05 Mar

Weekly Security Sprint EP 10. Happy Birthday to DHS, protests, cyber threats, and more. Mar 06, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics:

National Cybersecurity Strategy:

White House: FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy, 02 Mar
Gizmodo: I Read the Biden Administration’s New Cyber Policy So You Don’t Have To, 04 Mar
US House Committee on Homeland Security: Green, Garbarino Statement on the Release of the National Cybersecurity Strategy, 02 Mar
Risky Biz News: White House unveils National Cybersecurity Strategy, 02 Mar
CISA Readout: Director Easterly Visits Carnegie Mellon University, Calls for “Radical Change” for Technology Product Safety in Major Address, 27 Feb
Industrial Cyber: National Cybersecurity Strategy sets its eyes on improving security, resilience across critical infrastructure, 03 Mar
WSJ: Cisco Chief Says Tech Products Must Be Made More Secure, 02 Mar

Water Cybersecurity:

EPA: EPA Takes Action to Improve Cybersecurity Resilience for Public Water Systems, 03 Mar
Risky Biz News: EPA releases cybersecurity guidance for US public water sector, 05 Mar
CNN: US introduces new rules to protect water systems from hackers, 03 Mar
CyberScoop: EPA issues water cybersecurity mandates, concerning industry and experts, 03 Mar
SC Media: EPA memo pushes states to include cybersecurity in water safety reviews, 03 Mar
Industrial Cyber: EPA issues memorandum to address PWS cybersecurity using sanitary surveys, improve resilience, 06 Mar

Homeland Security:

Greek Protests: https://www.bbc.com/news/world-europe-64820085
South Korean Protests: https://www.bbc.com/news/world-asia-64858944
HS Today: DHS at 20: Mission Poised ‘to Grow Even More Complex’ as New Threats May Pose ‘Even Greater Potential for Harm,’ 01 Mar
Politico: Documents: DHS has a domestic-intelligence program, 06 Mar
NIJ: Assessing Risk of Terrorist Acts by Looking at Location Data and Demographic and Social Characteristics, 27 Feb
HS Today: National Institute of Justice Examines Link Between Location of Terrorists and Risk of Terrorism, 27 Feb

Cybersecurity & Ransomware:

VulnCheck: The VulnCheck 2022 Exploited Vulnerability Report - A Year Long Review of the CISA KEV Catalog, 02 Mar
Recorded Future: 2022 Annual Report, 02 Mar
HS Today: Cyber Threat Trends to Watch This Year as Forecast by MS-ISAC, 02 Mar
Bleeping Computer: Play ransomware claims disruptive attack on City of Oakland, 03 Mar
CBS Bay Area: Ransomware hackers release some stolen Oakland data, 04 Mar

Other: Gizmodo: Yikes, the U.S. Is Now Using Facial Recognition Rigged Drones for Special Ops, 27 Feb

Weekly Security Sprint EP 9. ADL Report, Ransomware, Measles, Mis/Dis/Mal-information, and more. Feb 28, 2023

In the latest Security Sprint Dave and Andy cover the following topics: Extremism: ADL: Murder and Extremism in the United States in 2022, 22 Feb Bridget Johnson in HS Today: Jewish Community, Law Enforcement Respond with Preparedness, Unity to Extremists’ ‘National Day of Hate,’ 24 Feb ABC 6 Action News: Philadelphia mosque vandalized with paint; suspect wanted, 27 Feb Blended Threats: CNN: Cyberattack on food giant Dole temporarily shuts down North America production, company memo says, 22 Feb Gate 15: Blended Threats to Hospitals: A Growing Concern, 21 Feb Newsweek: Russian Media Hack Hits During Putin Speech, 21 Feb Information Operations: Graphika: How to Lose Influence and Alienate People, 23 Feb Meta: Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine, 22 Feb 2022 Others: The Record at Recorded Future: Oakland says 311, business license systems still down, but National Guard is helping, 24 Feb Cybersecurity 202: Federal panel says agencies need to focus on harmonizing cyber regulations, 22 Feb Malwarebytes: Royal Mail schools LockBit in leaked negotiation, 23 Feb

The Gate 15 Interview EP 32: Getting Weird with Rachel Tobac - Hacking, Twitter, MFA, Being Politely Paranoid and…Time Travel? Feb 27, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Rachel Tobac, (She/Her), CEO, SocialProof Security, Friendly Hacker. Rachel is a hacker and the CEO of SocialProof Security where she helps people and companies keep their data safe by training and pentesting them on social engineering risks. Rachel was also 2nd place winner of DEF CON’s wild spectator sport, the Social Engineering Capture the Flag contest, 3 years in a row. Rachel has shared her real life social engineering stories with NPR, Last Week Tonight with John Oliver, The New York Times, Business Insider, CNN, NBC Nightly News with Lester Holt, Forbes and many more. In her remaining spare time, Rachel is the Chair of the Board for the nonprofit Women in Security and Privacy (WISP) where she works to advance women to lead in the fields. On Twitter: @RachelTobac and see @SocialProofSec & @WISPorg On Mastodon: http://infosec.exchange/@racheltobac In the discussion we address: Rachels’ superhero origin story and her company, SocialProof Security Women in Security and Privacy (WISP) Hacking. Hacking. Hacking. Twitter and Baking Security In And a little on horror, time travel and Twin Peaks! A few references mentioned in or relevant to our discussion include: SocialProof Security Women in Security and Privacy (WISP) - Advancing Women To Lead The Future Of Privacy And Security. CNN: We asked a hacker to try and steal a CNN tech reporter’s data. Here’s what happened, 18 Oct 2019 CNN, three years later (2022): 'Don't use the same password': Watch how easy it was to hack this CNN reporter Aura: Hacking A Billionaire, with Rachel Tobac Yubico: Uber Hack Reenactment Video, with Rachel Tobac Twitter: An update on two-factor authentication using SMS on Twitter, 15 Feb 2023 Rachel’s Twitter Thread regarding the announcement CISA Director Jen Easterly’s Twitter Thread regarding the announcement The Hill on Which Rachel will die, on Twitter And check out SocialProof Security merch on Etsy; Gear for The Politely Paranoid (the stickers are awesome and on Andy’s laptop…)

Nerd Out Security Panel Discussion: EP 34. Hostile events, venue security and upcoming religious holiday preparedness. Feb 21, 2023

In the latest episode of Nerd Out, Dave is joined by Bridget Johnson and Joe Levy as they talked about some of the hostile events to date in 2023 and looked ahead to the coming faith-based holidays and celebrations in the coming months. Bridget talked about the California shootings and the power of copy cats, while Joe focused attention on the various ways that organizations can deploy security protocols to reduce risk. The nerds then took a look ahead at the upcoming religious holidays and what that might mean for accelerationists and other hate-based groups. Joe then wrapped up talking about the upcoming AVSS event that is coming up in Pittsburg. Registration Information can be found here: https://iavm.org/events/avss/

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

Weekly Security Sprint EP 8. Twitter fight over MFA, FBI threat considerations, Ransomware, Supply Chain and more. Feb 21, 2023

On this week's Security Sprint, Dave allows Andy to start off and talk about how the rightful name for the third Monday in February. Then Dave and Andy covered the following topics. Twitter & MFA Twitter: An update on two-factor authentication using SMS on Twitter, 15 Feb. TechSpot, Twitter’s SMS two-factor authentication is now a paid feature, 19 Feb Bleeping Computer, Twitter gets rid of SMS 2FA for non-Blue members — What you need to do, 19 Feb Rachel Tobac on Twitter’s update, via Twitter, 17 Feb Jen Easterly on Twitter’s update, via Twitter, 19 Feb FBI: Director Wray’s Remarks at the 2023 Homeland Security Symposium and Expo, 16 Feb Oakland’s Ransomware Attack Pogo Was Right, Data Breaches.net, Weeklong ransomware attack on Oakland government drags on, 18 Feb San Francisco Business Times: Oakland cyberattack hobbles planning department, blocks most building permits, 17 Feb Kron4: Oakland PD warns of delayed response times after city targeted by ransomware attack, 14 Feb Supply Chain. UK National Cyber Security Centre: Supply Chain Cyber Security: Assessing and gaining confidence in your suppliers: https://www.ncsc.gov.uk/files/Assess-supply-chain-cyber-security.pdf Others: LA Times: Suspect in shootings of two Jewish men in L.A. is charged with federal hate crimes, 17 Feb CERT-EU: Sustained activity by specific threat actors, 15 Feb

Weekly Security Sprint EP 7. Crowd management, Hostile Events arrests, ransomware, cyber news and more. Feb 14, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics. Event and Venue Safety and Security: Athletic Business: Crowd Crush Ensues Outside Purdue’s Mackey Arena as Students Wait for Ticket Giveaway, 08 Feb IAVM’s Academy for Venue Safety and Security Extremism: DoJ: Maryland Woman and Florida Man Face Federal Charges for Conspiring to Destroy Energy Facilities, 06 Feb HS Today: Pair Charged with Conspiring to Attack Maryland Power Facilities with Mylar Balloons, Rifle in Extremist Plot, 06 Feb Heavy: Sarah Clendaniel & Brandon Russell: 5 Fast Facts You Need to Know, 07 Feb Gate 15: The Gate 15 Interview: Brian Harrell on Energy & Infrastructure Security, plus baseball, boating & burgers!, 26 Dec 2022 Ransomware: BlackFog: Retail Sector Ransomware Attacks Grow in 2022, 07 Feb CISA: Alert (AA23-040A) - #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities, 09, 10 Feb CISA: Alert (AA23-039A) - ESXiArgs Ransomware Virtual Machine Recovery Guidance, 08 Feb VMWare: ESXiArgs: Questions & Answers Recorded Future® by Insikt Group® In Before The Lock: ESXi, 13 Feb: https://www.recordedfuture.com/in-before-the-lock-esxi Top Risks in Cybersecurity 2023: Bipartisan Policy Center: Top Risks in Cybersecurity 2023, 12 Feb Washington Post Cybersecurity 202: The top cyber risks to watch out for in 2023, 13 Feb Others: BBC: Ukraine war - Russia planning 24 February offensive, Ukrainian defence minister says, 02 Feb Darth Putin on Twitter: @DarthPutinKGB Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability, 12 Feb Group-IB: Know Thy Enemy: unraveling the “Hi-Tech Crime Trends 2022/2023” report, 10 Feb WSJ: Insurers Say Cyberattack That Hit Merck Was Warlike Act, Not Covered, 08 Feb BlackCloak Identifies Surge in Doxxing and Swatting Threats on Corporate Executives, 08 Feb Graphika: Deepfake It Till You Make It, 07 Feb Dave & Andy talking U2's top 5 albums: Nerd Out Security Panel Discussion: EP 12. High Stress and U….2., 20 Apr 2021

The Risk Roundtable EP 38: The 4 R's - ransomware, reporting, romance scams and Paul Rudd! Not to mention all-hazards! Feb 08, 2023

In the latest episode of the Risk Roundtable, Andy does double duty, first welcoming Jen to get the latest on the ransomware threats, before bringing Dave in to talk about weather and natural disasters. Jen kicked things off talking about all things ransomware to include preparedness items, the recent Hive takedown, the importance of reporting, and ways to protect yourself. Dave then joined Andy to talk about the third-wheel in the all-hazards preparedness model - weather and natural disasters, especially in light of the recent earthquake in Turkey. The roundtable took a split approach to the end of pod questions talking about marathon's, some show dilemmas and the arc of Paul Rudd!

US Secret Service: New Secret Service Research Examines for the First Time Five Years of Mass Violence Data, 25 Jan
Washington Post: N. Carolina church says it lost nearly $800K in email scam, 28 Jan
NWS: Hurricane Matthew in the Carolinas: October 8, 2016, page created: 29 Sep 2017, last updated: 26 Aug 2021

Ransomware and Cyber News:

Bleeping Computer: VMware warns admins to patch ESXi servers, disable OpenSLP service, 06 Feb
Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 03 Feb
Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb
CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb
Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb
Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb

Weekly Security Sprint EP 6. DDoS, ransomware, targeted violence, and maybe some balloon talk. Feb 07, 2023

In this week's Security Sprint, Dave and Andy talked about the following topics:

Ransomware:

Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 3 Feb
Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb
CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb
Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb
Valentine’s Day 2023, :sparkling_heart: and
Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb

DDoS:

Radware, Passion: A Russian Botnet, 31 Jan
Bleeping Computer, New DDoS-as-a-Service platform used in recent attacks on hospitals, 01 Feb
The Record: Customizable new DDoS service already appears to have fans among pro-Russia hacking groups, 03 Feb

Faith-Based Security:

Fox 5, Las Vegas: Man threatened mass shooting at Las Vegas synagogue, police say, 31 Jan
ABC 7 News: SFPD arrest man suspected of firing blank rounds inside synagogue, bringing gun into theater, 05 Feb
Chinese Balloons: US DOD: Statement From Secretary of Defense Lloyd J. Austin III, 04 Feb
And see the Gate 15 SUN from Friday and Monday for numerous links.

Baking in Cybersecurity:

Foreign Affairs: Stop Passing the Buck on Cybersecurity; Why Companies Must Build Safety Into Tech Products, 01 Feb
Washington Post Cybersecurity 202: How CISA plans to get tech firms to bake security into their products, 06 Feb

Others:

FBI: Elicitation Techniques, 31 Jan
Voice of America, Russia Developing Weapons to Target Critical Subsea Cables, Pipelines, 02 Feb
Reuters: Huge earthquake kills 2,600 in Turkey and Syria, bad weather worsens plight, 06 Feb

Weekly Security Sprint EP 5. Secret Service Report, Hive, attacks on houses of worship, insider threats and more. Jan 31, 2023

In the latest Security Sprint, Dave and Andy talked about the following topics: US Secret Service: New Secret Service Research Examines for the First Time Five Years of Mass Violence Data, 25 Jan Gate 15 White Paper: The Hostile Event Attack Cycle (HEAC), 2021 Update DoJ: U.S. Department of Justice Disrupts Hive Ransomware Variant, 26 Jan FTC: FTC Finalizes Order with Ed Tech Provider Chegg for Lax Security that Exposed Student Data, 27 Jan DoJ: Former Special Agent in Charge of the FBI New York Counterintelligence Division Charged with Violating U.S. Sanctions on Russia, 23 Jan Washington Post: N. Carolina church says it lost nearly $800K in email scam, 28 Jan Gate 15 SUN, US Section, faith-based incidents, 30 Jan CISA: JCDC Focused on Persistent Collaboration and Staying Ahead of Cyber Risk in 2023, 26 Jan Washington Post THE CYBERSECURITY 202: Anne Neuberger discusses work to protect critical infrastructure, 30 Jan CISA: Secure Your Drone: Privacy and Data Protection Guidance, 27 Jan Hawaii News Now: After signs are hacked, state warns changing roadwork message boards is illegal, 26 Jan Risky Biz News: KeePass disputes vulnerability designation for feature that exposes cleartext passwords, 29 Jan Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb: https://go.recordedfuture.com/ransomware-planning-and-protecting-your-organization?utm_campaign=ransomware-webinar&utm_source=gate15&

The Gate 15 Interview EP31: Josh Poster, Auto-ISAC, on automotive cybersecurity, preparedness, building trust, fishing and BMX! Jan 30, 2023

In this episode of The Gate 15 Interview, Andy Jabbour visits with Josh Poster, Intelligence and Analysis Operations Manager for Auto-ISAC. In that role, Josh also serves as the Leader, Auto-ISAC Intel & Analysis Division & Vice Chair, National Council of ISACs (NCI). His past roles have included Program Manager, Public Transportation and Surface Transportation ISACs, Program Manager, Information and Infrastructure Technologies, and Sr. Analyst, Electronic Warfare Associates, among others. He holds a Bachelor of Science degree in Anthropology and is a long-time leader in the ISAC and homeland security communities. ‘Preparation is prevention’ - Josh Poster ‘Everyone has a plan until they get punched in the mouth.’ – Mike Tyson In the discussion we address: Josh’s background and current position Developing trust, the importance of relationships and how those relate to both Auto-ISAC and broader, cross-sector and private-public information sharing Building confidence through preparedness We name drop longtime National Council of ISACs leaders Health ISAC’s Denise Anderson, IT-ISAC’s Scott Algeier, and Comms ISAC’s Joe Veins, as well as Bob Kolasky, formerly Assistant Director the Cybersecurity and Infrastructure Security Agency (CISA) and now Exiger’s Senior Vice President of Critical Infrastructure. We also talk about the very valued Auto-ISAC Executive Director, Faye Francy. The Gate 15 Interview EP 28: Talking election security, tea and baseball, with Scott Algeier Bob Kolasky - How the Cyber Risk Landscape Changed in 2022 – and What’s in Store for 2023 Companies recognizing bottom-line impact will spend more on cybersecurity, 13 Jan 2023 The cyber threats facing the automotive industry Fishing, Rainbow Trout, BMX and more! ‘Every single one of our members has a global presence’ - Josh Poster A few references mentioned in or relevant to our discussion include: Automotive Information Sharing And Analysis Center (Auto-ISAC) National Council of ISACs (NCI) Josh was also a guest on the podcast in September 2022: The Gate 15 Interview: Cybersecurity Awareness Month 2022 with the National Cybersecurity Alliance, Auto-ISAC and FS-ISAC! Plus, background! shout-outs!! favorite movies, tigers, and more!!! BBC, Industrial espionage: How China sneaks out America’s technology secrets, 17 Jan 2023 FEMA National Level Exercises and Cyber Storm ENISA: The European Union Agency for Cybersecurity Japanese Auto-ISAC WIRED: Hackers Remotely Kill a Jeep on the Highway—With Me in It, 21 July 2015 WIRED: The Jeep Hackers Are Back to Prove Car Hacking Can Get Much Worse, 01 Aug 2016

Nerd Out Security Panel Discussion: EP 33. Monterey Bay, Practical Security Measures, and risks for 2023. Jan 24, 2023

In the latest Nerd Out, Dave welcomes Ed Heyman and Alec Davison to talk about the recent hostile event in Monterey Bay and how organizations can take some of the lessons learned from the incident and apply them to their business. This led to a deeper discussion about simple and straightforward security measures that can go a long way to ensuring the organization is prepared for a wide variety of events. This discussion included sharing free resources around vulnerability assessments, training, and exercises. The nerds then talked about Faith-Based Organizations and some of the threats that these organizations are facing heading into 2023 to include the often-overlooked threat from above (drones), as well as the impacts that attacks on critical infrastructure can have. Ed Heyman is a security professional with over 30 years of experience in the intelligence and security community and he is the co-chair of the Faith-Based Information Sharing and Analytical Organization (FB-ISAO) Organizational Resilience Group. Alec Davison is a threat and risk analyst with Gate 15 where he works with various industries on threat awareness and security preparedness matters. Some of the resources mentioned in this episode include: Conduct a facility vulnerability assessment, such as a free assessment offered through DHS’s Protective Security Advisor (PSA) program. Train employees on how to identify suspicious behaviors and activities, using resources available through the Nationwide Suspicious Activity (SAR) Initiative (NSI) and information in the U.S. Violent Extremist Mobilization Indicators booklet (2021 edition). Maintain situational awareness about incidents and events happening in your communities that threat actors might seek to exploit to commit acts of violence, such as by connecting with your local fusion center. Prepare and/or update an emergency response plan, including by using templates and resources provided by EPA and FEMA. Rehearse and improve your plans and employee preparedness through training and exercises. DHS’s Cybersecurity and Infrastructure Security Agency (CISA) has published a series of CISA Tabletop Exercise Packages (CTEPs) that prompt participants to walk through their plans for responding to incidents. First Responder Toolbox: Free reference aid material intended to promote counterterrorism coordination among federal, state, local, tribal, and territorial government authorities and partnerships with private sector officials in deterring, preventing, disrupting, and responding to terrorist attacks.

Weekly Security Sprint EP 4. Monterey Park, Offboarding, Blended Threats, and Scams Jan 24, 2023

On this week's Security Sprint, Dave and Andy provided insights and additional thoughts into the following incidents or security news items.

DOJ: Evergreen Man Arrested for Making Threats of Violence to Law Enforcement Agencies and a Performing Arts Group, 17 Jan
HS Today: Colorado Man Accused of Threatening Mass Shootings at FBI, DHS; Used FBI’s Online Tip Form, 17 Jan
White House: Statement from President Joe Biden on the Shooting in Monterey Park, California, 22 Jan
Chainanalysis: 2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking, 12 Jan
Coveware: Improved Security and Backups Result in Record Low Number of Ransomware Payments, 20 Jan
Gate 15: Blended Threats (update 1.1): Understanding an Evolving Threat Environment, 01 Mar 2018
The Record: Samsung investigating claims of hack on South Korea systems, internal employee platform, 20 Jan
WBRZ 2, ABC News: Cyber attack on clerk of court systems prompts sheriff’s sale cancellations, 17 Jan
The Register: Punch-drunk Apple Watch called 15 cops to a boxing workout when it heard ‘shots’, 19 Jan
CNN: High egg prices may tempt you to start your own backyard flock, but chickens carry some health risks
FBI: Ten Most Wanted Fugitives FAQ — FBI

Weekly Security Sprint EP 3. Weather, network outages, protecting data, and cyber news! Jan 17, 2023

In the latest Security Sprint, Dave and Andy touched on the following topics: Milestones and notable reports. REN-ISAC Birthday! https://www.ren-isac.net/about/History/index.html CISA Year Review. https://www.cisa.gov/2022-year-review Weather. https://www.cnn.com/2023/01/13/weather/tornado-storm-damage-south-friday/index.html FAA Incident. https://www.faa.gov/newsroom/faa-notam-statement Survey of Threat Landscape. https://www.washingtoninstitute.org/policy-analysis/survey-2023-terrorism-threat-landscape Protecting data. https://www.bbc.com/news/world-asia-china-64206950 https://www.dw.com/en/us-to-invest-millions-to-expose-kim-jong-un-regime-to-north-koreans/a-64405400?maca=en-rss-en-world-4025-rdf Dose of Cyber! https://analyst1.com/ransomware-diaries-volume-1/ https://twitter.com/andyjabbour/status/1615048335760719872?s=20&t=qBDUVHXSk_jkOYKoKPv1TQ https://twitter.com/NSA_CSDirector/status/1613850710453501955?s=20&t=DsfyO-7Gt3uObRlRN4-zjg https://arstechnica.com/information-technology/2023/01/vulnerability-with-9-8-severity-in-control-web-panel-is-under-active-exploit/ https://www.reuters.com/world/europe/russian-hackers-targeted-us-nuclear-scientists-2023-01-06/ https://meduza.io/en/news/2023/01/13/phishing-scam-invites-russian-telegram-users[…]heck-conscription-lists-to-see-if-they-ll-be-drafted-in-february

The Risk Roundtable EP 37: Breaking in 2023 with continuations from 2022 - critical infrastructure risks, terrorism, and cyber hygiene Jan 10, 2023

Embarking on year 4, the Risk Roundtable jumps two feet into 2023 by talking through the various physical and cyber threats that continue to present challenges. Jen opened up the discussion covering the latest breaches with password managers, fast food restaurants and even platforms that seem to be unbreakable. Matching Jen, Dave covers the wide variety of physical security threats and environmental considerations that organizations are already dealing with this year to include critical infrastructure concerns (power stations, solar plants), terrorism, and environmental factors, to include understanding the role that politics can have in the workplace. Before moving to the roulette round Andy led a discussion about the importance of preparedness in this complex environment and the risk of not evaluating these incidents and taking appropriate action. Jen then talked about the news and cyber implications around ChatGPT, as well as ensuring organizations are aware of some upcoming timelines such as the end of support for Windows 7 (yes, it is still being used). Dave transitioned and talked about Bridget Johnson's latest piece on 7 Terrorism Trends for 2023 before Andy wrapped up with the ever-popular three questions. Some of the topics discussed include: Imperva Report: More Lessons Learned from Analyzing 100 Data Breaches https://www.imperva.com/resources/resource-library/white-papers/more-lessons-learned-from-analyzing-100-data-breaches/ Not in a million years: It can take far less to crack a LastPass password Dec 28, 2022 https://blog.1password.com/not-in-a-million-years/ Troy Hunt on Twitter regarding Twitter breach: https://twitter.com/troyhunt/status/1611263070738972677?s=61&t=vOVhs4DMT_LNUVPd9z8gkg We gave a few mentions of our esteemed colleague Bridget Johnson, @BridgetCJ on Twitter, and her recent article in HS Today, 7 Terrorism Trends to Watch in 2023. Attacks on Critical Infrastructure to include power plants, and a solar energy farm ChatGPT links: SANS Institute https://www.sans.org/webcasts/what-you-need-to-know-about-openai-new-chatgpt-bot-and-how-it-affects-your-security-lightning-talks-panel-sessions/ https://www.darkreading.com/omdia/chatgpt-artificial-intelligence-an-upcoming-cybersecurity-threat- https://www.hackread.com/hackers-openai-chatgpt-malware/ https://www.scmagazine.com/analysis/emerging-technology/cybercriminals-are-already-using-chatgpt-to-own-you

Weekly Security Sprint EP 2. Recapping terrorism, critical infrastructure threats, and cyber news! Jan 10, 2023

In this week's Security Sprint, Dave and Jen are joined by Alec Davison discuss: 7 Terrorism Trends to Watch in 2023 - https://www.hstoday.us/featured/7-terrorism-trends-to-watch-in-2023/ Two charged with attacks on four Pierce County power substations - https://www.justice.gov/usao-wdwa/pr/two-charged-attacks-four-pierce-county-power-substations| Man, 34, is charged with terrorism after he ‘deliberately destroyed solar energy plant’ - https://tetracyclined7k.com/man-34-is-charged-with-terrorism-after-he-deliberately-destroyed-solar-energy-plant/ German police arrest Iranian man suspected of planning chemical attack - https://amp.theguardian.com/world/2023/jan/08/german-police-arrest-iranian-man-suspected-of-planning-chemical-attack Political Violence. https://thehill.com/homenews/state-watch/3802461-florida-man-arrested-for-threats-of-lgbtq-mass-shooting/ https://www.npr.org/2023/01/06/1147392476/albuquerque-democrats-attacks-homes-offices-bernalillo-new-mexico Brazil protests and breach of government buildings - Brazil protests: Lula vows to punish ‘neo-fascists’ after Bolsonaro supporters storm congress Cyber. Not in a million years: It can take far less to crack a LastPass password | 1Password Mac vulnerabilities Chick fil a breach Windows 7 end of service

Weekly Security Sprint EP 1. Recapping the latest all-hazards security news - ransomware, weather, hostile events, and others. Jan 03, 2023

Gate 15 is kicking off 2023 with a new weekly pod with a sprint through the latest security news, risks and new threats and some of the key focus areas for organizations to consider behind the headlines. In this inaugural episode, Dave and Andy discuss: Ransomware: Ransomware gang apologizes, gives SickKids hospital free decryptor: https://www.bleepingcomputer.com/news/security/ransomware-gang-apologizes-gives-sickkids-hospital-free-decryptor/ Bleeping Computer: Ransomware gang cloned victim’s website to leak stolen data, 01 Jan 2023 https://www.bleepingcomputer.com/news/security/ransomware-gang-cloned-victim-s-website-to-leak-stolen-data/ ecrime Threat and Risk Intelligence Services https://ecrime.ch: Verve Security: How to Prevent Ransomware in 2023, 28 Dec 2022 https://verveindustrial.com/resources/blog/how-to-prevent-ransomware-in-2023/ which is not to be confused with The Verve: https://www.youtube.com/watch?v=1lyu1KKwC74 Climate / Weather: FEMA National Preparedness Report: https://www.fema.gov/emergency-managers/national-preparedness PDF: https://www.fema.gov/sites/default/files/documents/fema_2022-npr.pdf Hostile Events: New York City and other attacks. New York Post: Alleged Islamic extremist who attacked NYPD cops with machete was on FBI watchlist: sources, 01 Jan 2023 https://nypost.com/2023/01/01/alleged-islamic-extremist-who-attacked-nypd-cops-with-machete-idd/ New York Post: Mass shooting at Alabama New Year’s Eve celebration leaves one dead, 9 others injured, 01 Jan 2023 https://nypost.com/2023/01/01/1-dead-9-injured-in-alabama-new-years-eve-shooting/ And cyber hygiene - software updates: WIRED: Update Android Right Now to Fix a Scary Remote-Execution Flaw Plus: Patches for Apple iOS 16, Google Chrome, Windows 10, and more., 31 Dec 2022 https://www.wired.com/story/android-ios-16-windows-10-critical-update-december-2022/

The Gate 15 Interview EP30: Brian Harrell on Energy & Infrastructure Security, plus baseball, boating & burgers! Dec 26, 2022

In this episode of The Gate 15 Interview, Andy Jabbour visits with Brian Harrell, Vice President and Chief Security Officer (CSO) at AVANGRID. Brian currently serves as the Vice President and Chief Security Officer (CSO) at AVANGRID, an energy company with assets and operations in 24 states. He is responsible for the company’s cybersecurity, privacy, physical security, threat management, and business continuity. In 2018, Brian was appointed by the President of the United States to serve as the sixth Assistant Secretary for Infrastructure Protection at the U.S. Department of Homeland Security. He was also the first Assistant Director for Infrastructure Security at the Cybersecurity and Infrastructure Security Agency (CISA). He has spent time during his career in the US Marine Corps and various private sector agencies with the goal of protecting the United States from security threats. Brian is a Board Member and Strategic Advisor to many great companies. Brian on Twitter: @gridsecure In the discussion we address: Brian’s background and path from law enforcement to infrastructure, CISA to AVANGRID Information Sharing Preparedness and Best Practices Evolving threats to energy and infrastructure, including hostile events, insider threats, cyberattacks and nation state threats, 3rd party risk and more We talk baseball, burgers, and boating, plus shoutouts to some valued friends and partners! A few references mentioned in or relevant to our discussion include: AVANGRID. “AVANGRID is a leading sustainable energy company transitioning America toward a clean and connected future headquartered in Orange, CT, and has a footprint in 24 states with $40 billion in assets. Our primary businesses are Avangrid Networks, which serves 3.3 million electric and natural gas customers in the Northeast, and Avangrid Renewables, the third-largest renewable energy company in the U.S. with a diverse onshore and offshore renewable energy portfolio.” WSJ Pro Research Survey: Preparedness Results, 29 Nov 2022 The Cybersecurity and Infrastructure Security Agency (CISA) release of the Resilient Power Best Practices for Critical Facilities and Sites. This document supports emergency and continuity managers with guidelines, analysis, background material, and references to increase the resilience of backup and emergency power systems during all durations of power outages. Improving power resilience can help the nation withstand and recover rapidly from deliberate attacks, accidents, natural disasters, as well as unconventional stresses, shocks, and threats to our economy and democratic system. The Electricity Information Sharing and Analysis Center (E-ISAC) GridEx VII – November 14-15, 2023 Space ISAC DHS CISA on Cyber-Physical Convergence Gate 15: Blended Threats (update 1.1): Understanding an Evolving Threat Environment (and numerous other blog posts, papers and exercises)

Nerd Out Security Panel Discussion: EP 32. Taking stock of 2022 security surprises and making wishes for 2023. Dec 21, 2022

In the latest episode of Nerd Out, Dave, Joe and Bridget look back at 2022 to capture their top security "surprise" before looking ahead to some security wishes for 2023. While Dave was surprised with organizational responses, Joe talked about the continuous challenges the organizations face on a day in and day out basis before Bridget rained down on the holiday cheer with some thoughts on the normalization of extremist behaviors. Turning to wishes, the team looked at spreading good will by focusing on fundamentals, creating security cultures, and being aware of the various threats that are lurking out there as threat actors continue to evolve. We hope you all enjoyed the podcast for 2022 and we look forward to an exciting 2023! Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Risk Roundtable EP 36: Putting a bow on the year with Critical Infrastructure, Accelerationists, and Cyber Hygiene. Dec 06, 2022

In the latest episode of the Risk Roundtable, Dave, Jen, and Andy wrap up their third year together and talk through recent events and talk about ways to fight off those seeking to ruin the holiday spirit. Dave and Andy kicked things off talking about the incident at the North Carolina power substation and what it could mean given recent events (Walmart shooting, Colorado Springs) and how to look at it from a preparedness standpoint. Jen dropped down the chimney and spread holiday cheer with a double shot of cybersecurity tips talking about holiday scams (in only the way Jen can do), and passwords (don't be like Dave). Then Dave then took the group back through some of the 2022 predictions to see if they were right, needed more time, or were off base before Andy put a bow on the podcast with a holiday themed question.

Some of the topics discussed on the pod:

National Terrorism Advisory System & Bulletin 30 Nov 22
HS Today: ’Targeted’ N.C. Substation Gun Attack Comes Amid Escalating Critical Infrastructure Threats, 04 Dec 22
Washington Post: Walmart gunman showed troubling behavior before attack, ex-colleagues say, 04 Dec 22
CNN: Gunman kills 5 at LGBTQ nightclub in Colorado Springs before patrons confront and stop him, police say, 21 Nov 22
GridEx VII – November 14-15, 2023
Congratulations, Troy & Charlotte Hunt! @troyhunt & @Charlotte_Hunt_
And see Troy’s tweet: Happy birthday to @haveibeenpwned, born 9 years ago on 04 Dec
Catalin Cimpanu on Mastadon: ‘The only infosec predictions that need to be taken seriously are the ones in a meme format’: https://mastodon.social/@campuscodi/109427978223448015
Security Week: French Hospital Cancels Operations After Cyberattack, 05 Dec 22
https://www.sentinelone.com/blog/5-cyber-scams-to-watch-out-for-this-holiday-season/
https://www.bbb.org/article/news-releases/27843-bbb-study-update-reported-online-retail-fraud-losses-to-approach-$380m-in-2022
https://www.helpnetsecurity.com/2022/11/29/most-common-passwords-2022/
https://nordpass.com/most-common-passwords-list/
https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/

The Gate 15 Interview EP 29: Andy, James and Herb talk mass gatherings and event security, threats, and best practices, Thanksgiving, Tom Petty, Bob Marley and old-school hip-hop. Nov 28, 2022

In this episode of The Gate 15 Interview, Andy Jabbour visits with James A. DeMeo and Herb Ubbens on their work with Crowdguard, facility security and security best practices and more.

James A. DeMeo, M.S. is a best-selling author, professional speaker, and event security expert. Mr. DeMeo brings vast experience to the public/private, non-profit, sports/entertainment, corporate, higher education & vendor management/contract analyst ecosystems. Mr. DeMeo serves as Vice President for Crowdguard US, a crowd safety solutions provider & CEO of Unified Sports and Entertainment Security Consulting, LLC., (USESC) based in Raleigh, NC. He was recognized by Security Magazine as The Most Influential People in Security 2017. Mr. DeMeo is also the author of the best-selling book, What’s Your Plan? A Step-By-Step Guide To Keep Your Family Safe During Emergency Situations. Mr. DeMeo holds professional memberships with both ASIS International and National Center for Spectator Sports Safety and Security-NCS4. He serves as a remote learning Adjunct Instructor with the following Universities: Tulane University’s School of Professional Advancement-SOPA, Jacksonville State University, Dept. of Kinesiology, Mercer University-Stetson School of Business where he teaches both graduate/undergraduate students about Event Security, Facilities and Risk Assessment. Mr. DeMeo is currently enrolled in an Online Higher Education Graduate Certificate Program at Appalachian State University-Cratis D. Williams School of Graduate Studies.

James on LinkedIn
James on Twitter: @JDeMeo007

Herb Ubbens. Guiding organizations to increase their resiliency and emergency preparedness, reduce risk and provide safety and value to their clients and assets. Board Certified in Security Management (CPP) and Physical Security (PSP). SAFETY Act DHS Assessor in BPATS (Best Practices for Anti-Terrorism Security). OSHA general industry and construction trainer, safety expert and Project Manager.

Herb on LinkedIn

In the discussion we address:

James’ and Herb’s backgrounds and the work they’re doing today to draw down risk and helping to secure mass gatherings and facilities.
Physical threats and reasonable ways to reduce risk
Best practices for organizations
James’ book, “What’s Your Plan?”
Thanksgiving, favorite drinks, and Gen X rock and hip hop!

A few references mentioned in or relevant to our discussion include:

Crowdguard US website: https://crowdguardus.com
Want to see the latest innovation in pedestrian protection within public spaces? Join us for Crowdguard US Demo Day December 8, 2022 at the North Carolina Museum of Art where we will display the 2019 Counter Terror award winning Surface Guard barrier system. Read more here!
Andy mentions Dr. Tamara Herold
Incident: Several Injured After Car Reportedly Drives Into Carnival in South Central
Incident: Investigation into fatal crash at Apple store in Hingham continues
International Association of Venue Managers (IAVM)
Academy for Venue Safety and Security (AVSS)

Nerd Out Security Panel Discussion: EP 31. Elections, Holidays, and the annual holiday food draft Nov 14, 2022

In the latest episode of Nerd Out, in which Dave continues to fumble with the introduction, Joe Levy and Bridget Johnson join to talk about a smooth election day, but what could be a long, tense post-election period that will be filled with recounts, and legal challenges. As she normally does, Bridget brought in the "cheer" of how extremists are viewing the results and how it could still be used for future attacks. Joe then took a look at venue security and how organizations should be more accustomed to being prepared for these type of events. Even so, as we move into the holidays there are several challenges facing organizations to include staffing shortages as well as challenges with experience levels. Then they wrapped up the pod with a fun "holiday food draft" where the Nerds went through their favorite holiday dishes and drinks. Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Risk Roundtable EP 35: Talking elections, pathway to violence, and our Top 5! Nov 01, 2022

It's never a good thing when Jen takes time and leaves Andy and Dave to their own devices. With Jen away, Andy tried to cover down for her and gave a shout out to all the cyber work being down by great security practitioners. Then the boys dug into hostile events and some of the challenges that individuals and organizations can face, even when they do the right thing. At the same time, there are also inherent responsibilities that we all have in identifying behaviors or contributing to a threat actor's pathway to violence by inaction (Michigan school shooting). Dave and Andy then talked about the upcoming election and all the work that is going to make safe and secure elections. However, there are also some potential risks that could occur in the aftermath. Finally, Dave and Andy have some fun talking about their top 5 (or 50) movies that they just can't turn off when they happen to see them on.

Some of the areas covered on the pod include:

Gate 15 SUN: https://paper.li/gate15
Catalin Cimpanu: @campuscodi & the Risky Biz Newsletter, https://riskybiznews.substack.com
Lawrence Abrams: @LawrenceAbrams and Bleeping Computer @bleepincomputer, bleepingcomputer.com
Brian Krebs: @briankrebs, krebsonsecurity.com
Ransomware Data Leaks: @ecrime_ch, https://ecrime.ch
Gate 15: Education on Hostile Event Preparedness: Hostile Event Attack Cycle, 10 Nov 2022, 1:00-2:30pm ET
Access Gate 15 White Paper on The Hostile Event Attack Cycle (HEAC), 2021 Update: https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/
Former DHS Assistant Secretary for Infrastructure Protection Brian Harrell Urges Community to Collaborate During Infrastructure Security Month, HS Today, 30 Oct 2022 (Brian Harrell on Twitter: @gridsecure)
Nerd Out Security Panel Discussion: EP 30. Dave going solo talking Elections and Manifesto Impacts, 20 Oct 2022
The Gate 15 Interview EP 28: Talking election security, tea and baseball, with Scott Algeier, 25 Oct 2022
CISA Director, Jen Easterly, @CISAJen, on Face the Nation, @FaceTheNation, speaking to election security.
@DarthPutinKGB on Twitter and the Darth Web Shop: ‘Do not believe *anything* until The Kremlin denies it’
Prosecutors seek to introduce evidence Michigan school shooter's parents created a pathway to violence | CNN
FBI background check blocked gun sale to St. Louis school shooter
The USCP, FBI & San Francisco Police Joint Threat Investigation Conspiracy-Addled Intruder Allegedly Tried to Tie Up Paul Pelosi, Asked ‘Where’s Nancy?’
Pelosi attack stokes Congress' fears: "Somebody is going to die"
Paul Pelosi recovering as attack renews focus on toxic politics Lawmakers reveal — and dispute — FBI conclusion about 2017 baseball field shooting
Rand Paul attacker sentenced to additional prison time over yard assault
Capitol Police data indicates threats to lawmakers have surged since 2017
Domestic violent extremism investigations doubled from 2020 to 2021: FBI, DHS
An Assessment of the Second U.S. Government Domestic Terrorism Assessment
Analysis | For cyber experts, disinformation overshadows cyberthreats in midterms
Feds warn that domestic violent extremists pose heightened threat to midterm elections 'Complex threat environment' ahead of midterm elections, top cybersecurity official says
How ‘mule watchers’ evolved from a Truth Social meme into a ballot drop box patrol FBI investigating after Conservation Voters of NM gets letter with threats and ‘substance’
Experts fear rising global ‘incel’ culture could provoke terrorism

The Gate 15 Interview EP 28: Talking election security, tea and baseball, with Scott Algeier Oct 24, 2022

In this episode of The Gate 15 Interview, Andy Jabbour welcomes back Scott Algeier to discuss the work he’s doing with IT-ISAC and the Elections Industry Special Interest Group to help ensure, safe, secure, and reliable elections. Scott Algeier, who was on the Gate 15 interview earlier this year, is the Founder, President and CEO of Conrad, Inc. Cybersecurity Consulting. “Scott C. Algeier works at the intersection of cybersecurity policy and operations. He is the Founder, President and CEO of cybersecurity consulting firm Conrad, Inc., Executive Director of the Information Technology – Information Sharing and Analysis Center (IT-ISAC). Conrad, Inc. provides strategic policy and business consulting services to businesses and not for profit organizations focused on cyber security and critical infrastructure protection (CIP). Scott engages senior level policy makers in industry and government, domestically and internationally, on behalf of his clients. This includes direct engagement in the development of the nation’s most significant domestic cybersecurity and CIP policies and operational plans.” From his LinkedIn bio. To learn more about Conrad, Inc, visit the Conrad website and connect on Twitter and you can follow and learn more about Scott on LinkedIn. In the discussion we address: What the IT-ISAC and the Elections Industry Special Interest Group (EI-SIG) are doing to help ensure safe, secure, and reliable elections. Who is involved in the SIG. The SIG’s mission, including Learning from Coordinated Sharing, Planning for Major Attacks or Incidents, and Enhancing Cybersecurity Protections. The EI-SIG’s industry framework for a coordinated vulnerability disclosure program. Scott returns to play three (more!) questions. A few references mentioned in or relevant to our discussion include: Conrad website: https://www.conradinc.biz The IT-ISAC You Tube Channel with the Advancements TV segment IT-ISAC: https://www.youtube.com/itisac IT-ISAC: https://www.it-isac.org Elections Industry Special Interest Group (SIG): https://www.it-isac.org/ei-sig The Gate 15 Interview: Scott Algeier on information sharing, critical infrastructure, cybersecurity & more! https://gate15.global/the-gate-15-interview-scott-algeier-on-information-sharing-critical-infrastructure-cybersecurity-more/ IT-ISAC Partners with Elections Infrastructure Sector Coordinating Council to Launch Threat Information-Sharing Group, 08 Aug 2018: https://130760d6-684a-52ca-5172-0ea1f4aeebc3.filesusr.com/ugd/b8fa6c_765f03ef0e584e7ca6819b41b7d16847.pdf FireWall Chats Episode 10, Pt. 1 - EI-SIG Members Eric Coomer, Sam Derheimer, and Brian Hancock: https://www.youtube.com/watch?v=Vqk-EiT5qZA&t=303s FireWall Chats Episode 10, Pt. 2 - EI-SIG Members Keir Holeman, Ed Smith, and Chris Wlaschin: https://www.youtube.com/watch?v=QpSZTX8cEWY IT-ISAC EI-SIG Two Years Of Progress White Paper, August 2020 (PDF): https://130760d6-684a-52ca-5172-0ea1f4aeebc3.filesusr.com/ugd/b8fa6c_1633ac012a1148eca2bf9dbaf3c965e9.pdf If anyone has any questions on some of the work being doing by the FBI, CISA and others to help secure elections, or about some of the recent open source reporting regarding threats, please contact our team and we can provide a number of links.

Nerd Out Security Panel Discussion: EP 30. Dave going solo talking Elections and Manifesto Impacts Oct 20, 2022

In the latest episode of Nerd Out, Dave went without the panel and talked about two topics - Election preparedness and the impacts of a recent attack, specifically analyzing the manfesto from the threat actor in the recent Bratislava attack. Tackling the upcoming U.S. midterm elections, Dave talks through some of the key considerations for individuals and organizations and about the various risks not just leading up to the election, but after as well. Then Dave transitioned to talking about the recent attack against a LGBTQ business in Bratislava and the information that was gleamed from the manifesto. Particularly interesting was the inspiration that was gained from the Buffalo attacker in May. Referencing work by Nerd Out alumni Bridget Johnson, Dave talked through the importance of this analysis and then how it could be used by another threat actor in the future. Dave then wrapped up the pod (technical difficulties aside) with some mailbag questions related to weather preparedness and gaining leadership buy-in.

Referenced in the pod: https://www.hstoday.us/featured/slovak-who-attacked-gay-bar-credits-buffalo-shooter-with-giving-him-final-nudge/

The Cybersecurity Evangelist: Ep 22 – See Yourself in Cyber, the Cybersecurity Awareness Month 2022 Edition with Chris Foulon Oct 12, 2022

TCE talks Cybersecurity Awareness Month 2022 and Seeing Yourself in Cyber with Chris Foulon of the Breaking into Cybersecurity podcast.

Resources and Mentions (it’s a long list, but we love to share resources and other’s great work)

Breaking into Cybersecurity Podcast: A conversation about what you did before, why did you pivot into cyber, what was the process you went through Breaking Into Cybersecurity
- Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUI by Gary Hayslip, Christophe Foulon, Renee Small
Hack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career https://www.amazon.com/dp/1801816638/ by Ken Underhill, Christophe Foulon, Tia Hopkins
The Whole Cyber Human Initiative https://www.wholecyberhumaninitiative.org/Creating Workforce Development to fix the talent gaps today
@chris_foulon
@BreakintoCyber
Whole Cyber Human Initiative
Valorr Cybersecurity
NIST National Initiative for Cybersecurity Education (NICE)
@InfoSecSherpa(Tracy Z. Maleeff)
Cybersecurity Awareness Month https://staysafeonline.org/
@LisaPlaggemier
The Gate 15 Interview: Cybersecurity Awareness Month 2022 with the National Cybersecurity Alliance, Auto-ISAC and FS-ISAC! Plus, background! shout-outs!! favorite movies, tigers, and more!!!

Not mentioned in this podcast, but a couple of relevant (CS)²AI podcasts hosted by @Derek_Harp that I came across after – I hope they don’t mind the mentions!

(CS)2AI Podcast 53: Career Advice for Women Pursuing Cybersecurity Positions with Danielle Jablanski (Nozomi Networks) @CyberSnark
(CS)2AI Podcast 52: Cybersecurity Careers, Educational Requirements and Resume Advice with Ron BrashRon Brash (aDolus) @ron_brash

The Risk Roundtable EP 34: Awareness Month Alphabet Soup, Upcoming Festivities, and a Spicy Debate Oct 04, 2022

On the latest episode of the Risk Roundtable, Andy leads Dave and Jen through a discussion of the various awareness campaigns and how these efforts do a great job of providing resources and materials for all organizations, big and small. Focusing first on Cybersecurity Awareness Month that is ongoing in the month of October, Jen talked through the messaging, the themes (See Yourself in Cyber) and the importance of each of us doing our part. Later in the podcast, Dave shared his thoughts on National Insider Threat Awareness Month that concluded in September and the theme of Critical Thinking for Digital Space and how everyone can do their part. The team also talked about security preparedness for the upcoming holidays. Andy capitalized on the discussion to talk about security awareness and mindfulness to appreciate, regardless of who you are and what your beliefs are. To cap off the episode, Andy took the roundtable through his three questions to include the always spicy debates on pumpkin pie and pumpkin flavored drinks.

Microsoft Exchange links:

https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/
https://www.helpnetsecurity.com/2022/10/03/ms-exchange-cve-2022-41040-cve-2022-41082/
https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41082-proxyshell-variant-exploited-in-the-wild
https://isc.sans.edu/forums/diary/Exchange+Server+0Day+Actively+Exploited/29106

Additional links include:

Rob Joyce Cybersecurity Awareness Month Tweet: https://twitter.com/nsa_csdirector/status/1576879730006974464?s=21&t=i5SFfoTH_fMVxFbhMl1I2A
Catalin Cimpanu Cybersecurity Awareness Month Tweet: https://twitter.com/campuscodi/status/1573485751278379018?s=21&t=i5SFfoTH_fMVxFbhMl1I2A
Podcast link – https://gate15.global/the-gate-15-interview-cybersecurity-awareness-month-2022-with[…]ac-plus-background-shout-outs-favorite-movies-tigers-and-more/
Be A Cybersecurity Awareness Month Champion- https://staysafeonline.org/programs/cybersecurity-champion/
NCTC indicators – https://www.dni.gov/index.php/nctc-newsroom/nctc-resources/item/2272-u-s-violent-extremist-mobilization-indicators-2021
G15 resources IT - https://gate15.global/resources/insider-threat/
Jen Lyn Walker Tweet - https://twitter.com/gate15_jen/status/1576978983064780804?s=21&t=i5SFfoTH_fMVxFbhMl1I2A
Major in the United States Army and a Maryland Doctor Facing Federal Indictment for Allegedly Providing Confidential Health Information to a Purported Russian Representative to Assist Russia Related to the Conflict In Ukraine https://www.justice.gov/usao-md/pr/major-united-states-army-and-maryland-doctor-facing-federal-indictment-allegedly
Honolulu Man Pleads Guilty to Sabotaging Former Employer’s Computer Network - https://www.justice.gov/usao-hi/pr/honolulu-man-pleads-guilty-sabotaging-former-employer-s-computer-network

The Gate 15 Interview EP 27: Cybersecurity Awareness Month 2022 with the National Cybersecurity Alliance, Auto-ISAC and FS-ISAC! Plus, background! shout-outs!! favorite movies, tigers, and more!!! Sep 25, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with National Cybersecurity Alliance Executive Director, Lisa Plaggemier, Automotive ISAC Intelligence and Analysis Operations Manager & Vice Chair for the National Council of ISACs, Josh Poster, and FS-ISAC Senior Director, Strategic Partnerships, Bridgette Walsh, about Cybersecurity Awareness Month 2022! Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a proven track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa has held leadership roles with the Ford Motor Company, CDK, InfoSec and MediaPRO, and is a frequent speaker at major events including RSA, Gartner and SANS. She is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could. Twitter: @LisaPlaggemier Josh Poster is the Intelligence and Analysis Operations Manager for Auto-ISAC. In that role he also serves as the Leader, Auto-ISAC Intel & Analysis Division & Vice Chair, National Council of ISACs (NCI). His past roles have included Program Manager, Public Transportation and Surface Transportation ISACs, Program Manager, Information and Infrastructure Technologies, and Sr. Analyst, Electronic Warfare Associates, among others. He holds a Bachelor of Science degree in Anthropology and is a long time leader in the ISAC and homeland security communities. Bridgette Walsh is the Senior Director, Strategic Partnerships for the Financial Services-Information Sharing Analysis Center (FS-ISAC). Prior to her arrival at the FS-ISAC, Bridgette supported the Department of Homeland Security (DHS) mission since its inception in 2003 and has led various leadership positions within cybersecurity strategy and stakeholder engagement. She most recently served as the Deputy Assistant Director (A) for Stakeholder Engagement for the Cybersecurity and Infrastructure Security Agency (CISA) including standing up the 6th Division within CISA. She also served as the Chief of Staff for the Cybersecurity Division (CSD) in CISA and as the Senior Counselor for Cyber to the CISA Director providing strategic guidance and counselor on cyber issues for the Agency. While leading Partnerships & Engagement for the CSD Stakeholder Engagement and Cyber Infrastructure Resilience Sub-Division (SECIR) she oversaw the Departments’ development and delivery of the President’s Executive Order 13800 Critical Infrastructure deliverables and all major partnership engagements. See additional background on Bridgette below. In the discussion we address: The great organizations our guests belong to! Background on Cybersecurity Awareness Month DHS’s history and role with Cybersecurity Awareness Month Cybersecurity Awareness Month 2022 The role of the NCI and individual ISACs in message amplification Multi-factor authentication! Strong passwords and password managers! Updating software! Recognizing and reporting phishing! Books, movies, tigers and dogs, and our guests answer when they’d like to be in time! A few references mentioned in or relevant to our discussion include: Website Link: https://staysafeonline.org Cybersecurity Awareness Month Learn more about the National Cybersecurity Alliance’s Cybersecurity Awareness Month Champion program at https://staysafeonline.org/champion. Are you a Cybersecurity Awareness Month Champion yet? Sign up today to receive your toolkit of free infographics, social media posts, tip sheets and more! Join in helping everyone stay safe online. #BeCyberSmart Facebook: Staysafeonline Instagram: @natlcybersecurityalliance The Financial Services Information Sharing and Analysis Center (FS-ISAC) Automotive Information Sharing And Analysis Center (Auto-ISAC) National Council of ISACs (NCI) PPD-63 The Gate 15 Interview: Scott Algeier on information sharing, critical infrastructure, cybersecurity

Nerd Out Security Panel Discussion: EP 29. Bringing in Fall with the Hottest 50 and security news Sep 18, 2022

In the latest episode of Nerd Out, Dave, Bridget, and Joe are together again and catch up on all the summer happenings to include an update on Bridget's ever-exciting news. The Nerd Out crew then turns to another list and talk about the significance and importance of the Homeland Security Today Hottest 50 list. Bridget gives some of the background on the list and some of the criteria that brought the list together while Dave and Joe were left to wonder if they might be on the list next year. Next, the gang talked about venue security and how the big summer season went relatively smoothly and what that could mean for the fall season and the upcoming significant events and holidays.

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Risk Roundtable EP 33: Making the list and threat over/unders Aug 29, 2022

The latest episode of the Risk Roundtable brings a familiar voice to talk about the impact of her work. Homeland Security Today Managing Editor Bridget Johnson joins Andy, Jen and Dave to talk about her addition to "The List" - an accelerationist "hit list" based on her work on rooting out extremism and their propaganda. Bridget talks about the dual edged sword of safety while also knowing that her work is hitting the right spots with these hate-based actors. After Bridget left to handle matters connected to this threat, Dave, Andy, and Jen talked about the Multi-Factor Authentication and how it's important to implement but to also take appropriate care. Finally Dave took control and led the Roundtable through a new game of "Over-rated / Under-rated / Properly Rated". The team assessed where three security threats were rated and the reasons why. Andy finished things off with three questions that included Alf, Matthew McConaughey, and word association. Some of the topics discussed in this episode include: 0ktapus campaign: Twilio, Cloudflare, and over 130 more victims discovered by Group-IB: https://www.group-ib.com/media/0ktapus-campaign/ The Human Factor Report: https://www.proofpoint.com/us/resources/threat-reports/human-factor

The Gate 15 Interview EP 26. Bill Flynn, Homeland Security Expert on Threats, Preparedness, DHS, the Yankees and More! Aug 22, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with William (Bill) Flynn, the president of Garda Risk Management LLC, specializing in homeland and national security policy and operations with a focus on critical infrastructure security and resilience. Bill is a highly-sought after homeland security expert and is also a partner in The Power of Preparedness (TPOP) an e-learning company that goes beyond stand-up training to provide strategy and tactics to mitigate workplace violence and active assailant threats. He also serves on the board of the Faith-Based Information Sharing & Analysis Organization (FB-ISAO). Bill has served as a Senior Fellow at the George Washington University Center for Cyber & Homeland Security and was among the original leaders at DHS, where he served in a number of key leadership positions and including as the Principal Deputy Assistant Secretary of the Office of Infrastructure Protection (since renamed within what is today, CISA), where he led the coordinated national effort to reduce risk to our nation’s critical infrastructure. Read Bill’s complete bio below! Follow Bill on LinkedIn! Follow The Power of Preparedness on LinkedIn! Follow The Power of Preparedness on Twitter! @TPOPtraining In the discussion we address: Bill’s career of public service including time in the U.S. Navy, with the NYPD, and at DHS Bill’s ongoing work leading Garda Risk Management and with The Power of Preparedness · Threats, hostile events, behavioral indicators and preparedness Executive security and organizational risk and mitigation Creating a culture of security, the cost of preparedness vs. the costs of recovery, and the “three C’s” The Yankees, national monuments and icons, and much more! A few references mentioned in or relevant to our discussion include: The Power of Preparedness: Online Training for Active Shooter Preparedness & Verbal De-Escalation Customized for Your Industry or Organization The Gate 15 Hostile Events Preparedness Series (HEPS) and The Power of Preparedness (TPOP) Faith-Based ISAO & TPOP Get the White Paper! The Hostile Event Attack Cycle (HEAC), 2021 Update. NCTC, FBI & DHS: U.S. Violent Extremist Mobilization Indicators 2021 Critical Infrastructure Threat Information Sharing Framework A Reference Guide for the Critical Infrastructure Community, October 2016 PERSPECTIVE: Mass Shootings Are a Homeland Security Risk; Change starts with an accounting that what has been done – much of it laudable – has not been sufficient to the challenge. (Bill Flynn and Bob Kolasky, in Homeland Security Today, 11 June 2022) The crisis after the crisis: What grocers can expect after an active shooter incident. Food retail managers should be prepared to handle external communication and support for victims and their families in the aftermath of violence, writes security expert William Flynn. International Association of Venue Managers (IAVM) FMI - The Food Industry Association The Restaurant Loss Prevention & Security Association (RLPSA) Homeland Security - Office for Bombing Prevention (OBP) Homeland Security - Protective Security Advisor (PSA) Program Homeland Security - Regional Resiliency Assessment Program (RRAP) On Executive Security, Bill and Andy discussed outspoken leaders and Andy shared comments made by Whole Foods CEO, John Mackey in this recent interview: Whole Foods' John Mackey (Reason, 10 Aug 2022) Gate 15 resources pages Faith-Based Information Sharing & Analysis Organization Advisory Board

Nerd Out Security Panel Discussion: EP 28. The Nerd Out Two-Third of the Year Awards Aug 17, 2022

In the latest episode of Nerd Out, Dave goes solo and tackles security awards at the two-thirds part of the year. Looking at the important security issues or challenges of the year, Dave goes through a series of award tied to various pop-culture references before arriving at his two-thirds of the year MVP, if there really is a doubt. Then Dave transitions to a new security book he's reading and a couple shows that are on his list. Enjoy the show! Book mentioned: The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer

The Cybersecurity Evangelist: Ep 21 – Who Really Needs to Know When You’re OOO (Out-of-Office)? Aug 10, 2022

TCE is back with another travel-related PSA. In episode 21, it’s another monologue and travel-related public service announcement – this time on the risk of automatic out-of-office notifications.

The Risk Roundtable EP 32: A true all-hazards discussion - cannabis, the Hard Reset, cyber, and monkeypox! Aug 02, 2022

Ben Taylor, Executive Director of Cannabis ISAO, channels his inner Wolverine and makes his third stop on the Gate 15 podcasts as he joins Andy to talk about all things Cannabis as well as the collaborative effort to publish a joint security analysis around the Hard Reset. Dave then joins Andy to talk about recent cyber reporting and the value that they provide to organizations as they go beyond the numbers. Ensuring the episode hits key all-hazards, Andy and Dave discuss monkeypox and the lessons that can be applied from COVID that can help individuals and organizations make responsible, risk-informed decisions. Cannabis ISAO: Cannabis MSO Shares Cyber Threat Report: https://cannabisisao.org/2022/07/directors-cut-july-1-2022/ Risky Biz News, with Catalin Cimpanu (everyone with interests in cybersecurity should be subscribed to this), from 06 Jul 22: https://riskybiznews.substack.com/p/risky-biz-news-china-faces-its-first Cannabis ISAO on the Hard Reset: https://cannabisisao.org/2022/07/directors-cut-july-15-2022/ Andy’s tweet on the Hard Reset report: https://twitter.com/andyjabbour/status/1550252329378713602?s=21&t=Kbwk6HAVKIkKf7xGrRUXrQ Gate 15 White Paper: The Hostile Event Attack Cycle (HEAC), 2021 Update: https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/ Nerd Out Security Panel Discussion: EP 27. The Hard Reset and Uvalde. https://gate15.global/nerd-out-security-panel-discussion-ep-27-the-hard-reset-and-uvalde/ Cannabis ISAO website: https://cannabisisao.org Cannabis ISAO blog and Director’s Cut posts Ben’s previous pods Nerd Out Security Panel Discussion: EP 13. Cannabis ISAO! https://cannabisisao.org/home/blog/ The Gate 15 Interview: Ben Taylor, on Cannabis ISAO, Cannabis Industry security, cybersecurity, rescue dogs and more! Monkeypox WHO Director-General's statement at the press conference following IHR Emergency Committee regarding the multi-country outbreak of monkeypox - 23 July 2022 CDC Monkeypox Statement from Raj Panjabi, Director of White House Pandemic Preparedness Office, on World Health Organization Declaration on Monkeypox FACT SHEET: Biden-⁠Harris Administration’s Monkeypox Outbreak Response IBM Cost of a Data Breach Report Proofpoint State of Phish Report SEKOIA.IO Mid-2022 Ransomware Threat Landscape ENISA Ransomware: Publicly Reported Incidents are only the tip of the iceberg & ENISA Threat Landscape for Ransomware Attacks. Kim Milford, Executive Director, REN-ISAC interviewed in How Are K-12 and Higher Education Faring Against Ransomware? Andy’s thread with KELA and noting The Record: Ransomware group demands £500,000 from British schools, citing cyber insurance policy The Gate 15 Interview: Amanda Berlin and Megan Roddie talk cybersecurity, mental health hackers, DEFCON, musicals, fruits, and more! Homeland Security Today: hstoday.com

The Gate 15 Interview EP 25. Amanda Berlin and Megan Roddie talk cybersecurity, mental health hackers, DEFCON, musicals, fruits, and more! Jul 25, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Amanda Berlin and Megan Roddie, cybersecurity leaders & mental health hackers, and they’ve got their hands in a lot more too! Amanda is the Lead Incident Detection Engineer at Blumira and has worked in I.T. for almost her entire adult life. Before working at Blumira, Amanda’s responsibilities have included infrastructure security, network hardware and software repair, email management, network/server troubleshooting and installation, purple teaming with a focus on phishing employees and organizational infrastructure as well as teaching employees about security and preventing exploits. She currently serves as the Chief Executive Officer for Mental Health Hackers and is the co-host of the Brakeing Down Security Podcast (BrakeSec Podcast, @brakesec)! Megan is a Senior Security Engineer at IBM, Co-Author of SANS FOR509 and has worked in cybersecurity since graduating from Sam Houston State University (and while she was still a student!). Previous roles have been with the Texas Department of Public Safety, Recon InfoSec, and with IBM’s X-Force. She currently serves as the Chief Financial Officer for Mental Health Hackers. Megan is also a Muay Thai fighter and coach. Follow Mental Health Hackers on Twitter! @HackersHealth Follow Amanda on Twitter at @InfoSystir and on LinkedIn and follow Blumira on Twitter! Follow Megan on Twitter at @megan_roddie and on LinkedIn. In the discussion we address: Amanda & Megan’s backgrounds and origin stories Awesome tips for breaking into security! DEFCON and how to score a free breakfast at DEFCON!! Mental Health Hackers The Brakeing Down Security podcast Muay Thai, Musicals, Apples & Bannanas! Fruits, music and so much more! A few references mentioned in or relevant to our discussion include: Mental Health Hackers website Mental Health Hackers on Twitter! @HackersHealth Amanda on Twitter at @InfoSystir and on LinkedIn. Megan on Twitter at @megan_roddie and on LinkedIn. Tom Williams on Twitter: @ginger_hax Amanda’s InfoSec Staples tweet - https://twitter.com/infosystir/status/972906318875983873?s=21&t=CCp0CmDgDcZXQVWtnpEXEA Blackhat USA 2022 - https://www.blackhat.com/us-22/defcon.html?_mc=sem_bhus_sem_bhus_x_tspr_Google_defcon30_bhusagcompetitvedefcon30_2022&gclid=Cj0KCQjwn4qWBhCvARIsAFNAMihsrClH8Aygi2UnTsbSus3teDdktlK2NiamBzyAORwM5nHcaE4pynwaArHkEALw_wcB DEFCON 30 - https://defcon.org 10th Annual Brazilian Jiu-Jitsu Smackdown. A Brazilian Jiu-Jitsu event for information security professionals hosted by Jeremiah Grossman during Black Hat and Defcon - https://www.eventbrite.com/e/10th-annual-brazilian-jiu-jitsu-smackdown-tickets-348058561527 Amanda’s Book! Defensive Security Handbook: Best Practices for Securing Infrastructure (1st Edition) - https://www.amazon.com/Defensive-Security-Handbook-Practices-Infrastructure/dp/1491960388 Megan’s SANS Course! FOR509 Course Update - Introducing Google Workspace, the Multi-Cloud Intrusion Challenge - https://www.sans.org/blog/for509-course-update---introducing-google-workspace-the-multi-cloud-intrusion-challenge-and-more/

Nerd Out Security Panel Discussion: EP 27. The Hard Reset and Uvalde Jul 22, 2022

In the latest of Nerd Out, Bridget and Dave talk about all things extremism with the most recent publication of "The Hard Reset" as well as the latest accelerationist document "Make it Count". Specifically they discussed:

the contents of the documents,
the wide ranging themes,
the targets mentioned tactics and techniques,
how this information could be used,
what organizations can do
the recent joint product with contributors from multiple ISAC / ISAO, partners, and agencies

Then Dave and Bridget talked through the Uvalde school shooting and the recent lessons learned report from the Texas House of Representatives and how organizations can use the report to review their own security as well as avoid some of the issues identified. Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

Risk Roundtable EP 31: A 4th of July Security Mindfulness Special Jul 04, 2022

On America's Independence Day, Andy and Dave pulled up to discuss the latest security challenges organizations face. Starting with the recent Copenhagen incident, they talked continued a previous discussion about the noise surrounding hostile events and how they distract from the real issues. Working back to the hostile events attack cycle, Andy brought up the numerous resources, many low-cost, that organizations can leverage as they continue to build out their state of preparedness. Dave and Andy also talked about drones, their continued risk, as well as the latest efforts by the U.S. government to start to address the risk. Finally, the roundtable talked about weather events and wildfires to round about the holiday special. And even though Jen was enjoying much deserved time off, Andy made sure to bring up cyber related threats and items of interest. But no episode is complete without Andy's three questions. This month, they talked about Obi Wan (and Star Wars in general), music, and 4th of July memories! Links to items discussed in the episode include: Copenhagen shooting: Shopping mall gunman charged with murder (BBC, 4 July 2022) https://www.bbc.com/news/world-europe-62034089 Andy’s Tweet on conspiracy theories https://twitter.com/andyjabbour/status/1543935473088925697?s=20&t=5L8OF3My0RCPxfC5ZEBibg Gate 15 White Paper: The Hostile Event Attack Cycle (HEAC), 2021 Update https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/ Run. Hide. Fight. (FBI) https://www.fbi.gov/video-repository/run-hide-fight-092120.mp4/view Run. Hide. Tell. (UK) https://www.npcc.police.uk/StaySafeAssets/FINAL%20MPS168715%20Run%20Tell%20Hide%20A5%20Lflt%20Blk%20Eng%20v3.pdf Gate 15 Resources Pages https://gate15.global/resources/ Faith-Based ISAO Resources Pages https://faithbased-isao.org/resources/ What's YOUR Plan, by James DeMeo on Amazon https://www.amazon.com/Whats-YOUR-Plan-James-DeMeo/dp/099892864X Andy’s Tweet on his time discussing Hostile Events, Active Shooter and De-escalation at Loudoun Hunger Relief/@LoudounHunger. https://twitter.com/andyjabbour/status/1542876302058946571?s=20&t=YbaxIcwp_-rArFWa2WSWRg Andy’s Tweet on Outlook Rules https://twitter.com/andyjabbour/status/1543668162780139520?s=20&t=YbaxIcwp_-rArFWa2WSWRg White House, FACT SHEET: The Domestic Counter-Unmanned Aircraft Systems National Action Plan (25 April 2022) https://www.whitehouse.gov/briefing-room/statements-releases/2022/04/25/fact-sheet-the-domestic-counter-unmanned-aircraft-systems-national-action-plan/ A Drone Tried to Disrupt the Power Grid. It Won't Be the Last; An attack attempt in 2020 proves the UAS threat is real—and not enough is being done to stop it (Brian Barrett/@brbarrett in WIRED, 25 Nov 2021) https://www.wired.com/story/drone-attack-power-substation-threat/ Drone shows instead of July 4 fireworks? More Colorado communities are making the switch for fire safety (Matt Bloom, CPR News, 01 Jul 2022) https://www.cpr.org/2022/07/01/july-4-fireworks-drone-shows-wildfire-risk-colorado/ “Singles” soundtrack info on Wikipedia and listen on Spotify https://open.spotify.com/album/58BEJ01sL8wK5LV3TPyngC?si=wQzLq88lSx6iuQDurXsvhA&nd=1 “No Woman. No Cry.” From The Office via Yarn, and the legendary song by Bob Marley & The Wailers (1974) https://open.spotify.com/track/3PQLYVskjUeRmRIfECsL0X?si=5159bc1a07484b29&nd=1

The Gate 15 Interview EP 24. Scott Algeier on information sharing, critical infrastructure, cybersecurity, and more Jun 27, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Scott Algeier, Founder, President and CEO, Conrad, Inc. Cybersecurity Consulting. “Scott C. Algeier works at the intersection of cybersecurity policy and operations. He is the Founder, President and CEO of cybersecurity consulting firm Conrad, Inc., Executive Director of the Information Technology – Information Sharing and Analysis Center (IT-ISAC). Conrad, Inc. provides strategic policy and business consulting services to businesses and not for profit organizations focused on cyber security and critical infrastructure protection (CIP). Scott engages senior level policy makers in industry and government, domestically and internationally, on behalf of his clients. This includes direct engagement in the development of the nation’s most significant domestic cybersecurity and CIP policies and operational plans.” To learn more about Conrad, Inc, visit the Conrad website and connect on Twitter and you can follow and learn more about Scott on LinkedIn. “building partnerships is in large part being able to find common ground” In the discussion we address: Scott’s work at Conrad, Inc. Cybersecurity Consulting and his work with IT-ISAC and other information sharing communities. Working with critical infrastructure Building communities of trust The state of private-public partnerships The war in Ukraine and the enduring Russian cyber threat Making cybersecurity a kitchen table issue And a lot more! A few references mentioned in or relevant to our discussion include: Conrad website: https://www.conradinc.biz Some of Conrad’s clients: https://www.conradinc.biz/clients Advancements, A Series Hosted By Ted Danson, featuring IT-ISAC: https://advancementstv.com IT-ISAC: https://www.it-isac.org CyberShare - The small broadband provider ISAC: https://www.ntca.org/member-services/cybershare CompTIA ISAO: https://connect.comptia.org/membership/comptia-isao The Gate 15 Interview: Elections Security 2020, with the FBI and the Elections Infrastructure ISAC (26 Oct 2020): https://gate15.global/the-gate-15-interview-elections-security-2020-with-the-fbi-and-the-elections-infrastructure-isac/ On the importance of having a “partner mindset,” Scott says, “at the end of the day, we can do more good by collaboration than by fighting (over business)“- Scott Algeier, Founder, President and CEO, Conrad, Inc. Cybersecurity Consulting

Nerd Out Security Panel Discussion: EP 26. The Return of Travis, Energy, and Lacrosse Jun 23, 2022

The latest episode of Nerd Out feels like one of the first with the return or Travis Moran to the pod. Travis came on to talk about the energy sector and his new work to help make sure that his critical infrastructure is positioned for the number of threats facing the industry. Travis goes into detail about his role and the role of security practitioners and some of the ways that they can be successful with training and exercises. Dave then asked Travis to put on one of his old hats and talked about the looming Roe v Wade decision and what it could for organizations from a protest and demonstration standpoint. Turning to lighter fare, the two shared their love for the sport of lacrosse, Maryland's dominance, the rigor of a season, and why they may or may not be fans of the Premier Lacrosse League. Travis Moran is a Senior Reliability & Security Advisor with SERC Reliability Corporation; tmoran@serc1.org; he can be found on Twitter at @dronin_on

The Cybersecurity Evangelist: Ep 20 – Don’t Let Travel Scams Ruin your Vacation Plans Jun 17, 2022

After a drawn out thank you for the success of episode 19 (and 18), The Cybersecurity Evangelist is back to chatting about the human side of cyber in this summer PSA on travel-related scams.

Resources mentioned in this episode:

The Risk Roundtable EP 30: Jen’s a big deal, sweaty shirts, and persistent threats! Jun 08, 2022

It started off with sweaty shirts and Jen's big announcement and ended with Dave wondering about green tea. But in-between the latest episode of the risk roundtable saw Andy, Jen and Dave talk about familiar topics - namely persistent threats. Unfortunately for all the times we have talked about them, these threats hang around and continue to strike at individuals and organizations. Whether they are cyber or physical related, threat actor continue to go to the proverbial well again and again because they work. The gang talked about the latest cyber threats and recounted the latest string of hostile events ranging from Buffalo, to Texas, to California, and all the others in-between. Equally important to this discussion was the release of the latest National Terrorism Advisory System (NTAS) bulletin that addressed the latest threats and extremist risks (https://www.dhs.gov/ntas/advisory/national-terrorism-advisory-system-bulletin-june-7-2022). After going through the roulette round, Andy led Jen and a partially paying attention Dave through some fun yes or no questions. Items referenced in the Pod include: @Shadowserver https://twitter.com/Shadowserver - https://www.shadowserver.org Dave post on Active Shooter Incidents https://gate15.global/highlights-fbi-update-on-active-shooter-incidents-in-the-united-states/ Rob Yandow's paper on Physiological Response. https://gate15.global/the-brain-and-the-body-the-physiological-response-that-occurs-when-we-experience-fear-stress-trauma-and-critical-incidents/ HEAC White Paper https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/ KEV: https://www.cisa.gov/known-exploited-vulnerabilities MFA page (new) https://www.cisa.gov/mfa CISA Jen: https://twitter.com/cisajen/status/1534055424600641537?s=21&t=S54nhjh7Vjp_q7Co9wk0fg Water ISAC and Dragos. https://www.waterisac.org/portal/waterisac-partners-new-dragos-ot-cert-help-underserved-water-and-wastewater-systems @RobertMLee Dawn’s active on LinkedIn (Dawn Cappelli, CISSP) https://www.cisa.gov/uscert/ncas/alerts https://www.cisa.gov/uscert/ncas/current-activity Plus many more - listen in

The Gate 15 Interview EP 23. Leigh Honeywell: Hacker, Community Organizer and CEO at Tall Poppy May 23, 2022

Leigh is the founder and CEO of Tall Poppy, where she helps companies protect their employees from online harassment. She was previously a Technology Fellow at the ACLU’s Project on Speech, Privacy, and Technology, and also worked at Slack, Salesforce.com, Microsoft, and Symantec. She has co-founded two hackerspaces - HackLabTO in the Kensington Market area in Toronto, and a feminist space called the Seattle Attic Community Workshop in Pioneer Square, Seattle. She is now a member and Chief Security Officer of Double Union, a feminist hackerspace in San Francisco, and she advises several nonprofits and startups. Leigh has a degrees from the University of Toronto where she majored in Computer Science and Equity Studies. Leigh points out that the latter major is about equity as in equality, not as in finance. To learn more about Tall Poppy, visit the Tall Poppy website and connect on Twitter and you can follow and learn more about Leigh on Twitter: @HYPATIADOTCA and LinkedIn. “tall poppy syndrome is a cultural phenomenon in which people hold back, criticize, or sabotage those who have or are believed to have achieved notable success in one or more aspects of life, particularly intellectual or cultural wealth-‘cutting down the tall poppy.’ It describes a draw towards mediocrity and conformity. Commonly in Australia and New Zealand, ‘cutting down the tall poppy’ is used to describe those who deliberately put down another for their success and achievements.“-via Wikipedia In the discussion we address: Leigh’s background and the personal and professional progression that led her to found Tall Poppy What Tall Poppy is doing to help protect individuals through personal digital safety Hackerspaces, equity, diversity and women in cybersecurity Leadership Emerging issues in information security Leigh’s ever-colorful hair, CanRock, KiwiCon, and much more! A few references mentioned in or relevant to our discussion include: Tall Poppy website - https://www.tallpoppy.com Leigh mentioned KYC for crypto. For more on that see What Is KYC and Why Does It Matter For Crypto? (25 Mar 22) - https://www.coindesk.com/learn/what-is-kyc-and-why-does-it-matter-for-crypto/ Leigh spoke about device security and the threat of SIM swapping. Read more from this FBI IC3 Public Service Announcement, Criminals Increasing SIM Swap Schemes to Steal Millions of Dollars from US Public (08 Feb 22) - https://www.ic3.gov/Media/Y2022/PSA220208 CISA: Walk This Way to Enable MFA (05 May 22) - https://www.cisa.gov/blog/2022/05/05/walk-way-enable-mfa CISA Director Jen Easterly tweeting about #MFAMay and #MoreThanAPassword (05 May 22) The Kelihos botnet campaign aimed at Apple iCloud accounts was mentioned. Here’s a 2014 blog post from Symantec and a summary from the BBC - https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7273883f-edd4-46c6-a723-ab83ea0b8264&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments Andy mentioned another advocate for people and communities he’s a fan of. Learn more about Matt Mitchell in The Gate 15 Interview: Matt Mitchell, a Champion for Security and Privacy (26 Apr 21) Andy took the opportunity to put in a plug for the upcoming InfraGardNCR Cyber Camp (scheduled for 18-22 July!) And Leigh and Andy gave some unsolicited promotions for 1Password, and Leigh also offered BitWarden as great options for password managers. Leigh also suggested reviewing the Consumer Reports and New York Times’ Wirecutter for reliable reviews

Nerd Out Security Panel Discussion: EP 25. Buffalo and the Journey into Hate. May 18, 2022

In the latest Nerd Out podcast, Dave is joined by Bridget Johnson to talk about the hostile event at the Top's Supermarket in Buffalo, New York. Looking at the attack through the lens of Gate 15's Hostile Events Attack Cycle (HEAC), Dave and Bridget talked about all the planning and preparedness that went into the attack as documented by the attacker's manifesto. Bridget went into length about the way the attacker outlined his beliefs while showcasing his admiration and reverence to previous attackers, especially the 2019 New Zealand mosque attacker. They wrapped up the pod with some thoughts for organizations to consider and how the lessons learned and behaviors identified can be applied to any location and organization. Bridget wrapped up up with some strong words that this manifesto is dangerous and deliberately speaks to a vulnerable group who may seek inspiration in their own lives. In addition, it represents a journey into hate that organizations need to be mindful of. Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Cybersecurity Evangelist: Episode 19 - TCE Evangelizes a Few ICS Security Thingz May 13, 2022

This month, Jen tries to put the “evangelize” in The Cybersecurity Evangelist by spreading the word on some great work in the ICS cybersecurity community.

Resources evangelized in this episode:

@BEERISAC OT/ICS Security Podcast Playlist https://podcasts.apple.com/us/podcast/beerisac-ot-ics-security-podcast-playlist/id1459741251
Consequence-driven Cyber-informed Engineering (CCE) https://inl.gov/cce/
ICS4ICS https://gca.isa.org/ics4ics
Top 20 Secure PLC Coding Practices https://www.plc-security.com/index.html

The Risk Roundtable EP 29: Reports, and Innovation. May 03, 2022

In the latest episode of the Risk Roundtable, in a nod to Jen, the team goes full nerd about a series of new cybersecurity products and reports. Starting off with CISA's Known Exploited Vulnerabilities Catalog Jen can barely contain her excitement about the importance of the report while also addressing the challenges organizations face. Dave, clearly out of his element, tries to counter with his own report - Sophos' The State of Ransomware 2022 report that reminded everyone ransomware is still alive and well....and thriving. Shifting to the roulette round, Dave assumes control, albeit briefly, while Jen and Andy talk about various innovative methods organizations can take to strenghten their internal programs and processes. The roundtable wrapped up with some lighter topics during Andy's three questions that were perfect for the time of year. Some of the links discussed in the pod include: Sophos: The State of Ransomware 2022: https://news.sophos.com/en-us/2022/04/27/the-state-of-ransomware-2022/ PDF in DB KEV https://www.cisa.gov/known-exploited-vulnerabilities-catalog CISA, FBI, NSA, and International Partners Warn Organizations of Top Routinely Exploited Cybersecurity Vulnerabilities:  https://www.cisa.gov/news/2022/04/27/cisa-fbi-nsa-and-international-partners-warn-organizations-top-routinely-exploited  The Gate 15 Interview: Cannabis ISAO. https://gate15.global/the-gate-15-interview-ben-taylor-on-cannabis-isao-cannabis-industry-security-cybersecurity-rescue-dogs-and-more/ The Cybersecurity Evangelist: Ep 18 – Space Systems are Critical Infrastructure for Critical Infrastructure: https://gate15.global/the-cybersecurity-evangelist-ep-18-space-systems-are-critical-infrastructure-for-critical-infrastructure%EF%BF%BC/ Cofense Annual Phishing Report Highlights 10 Point Increase in Credential Phishing: https://cofense.com/press/cofense-annual-phishing-report-highlights/ S4x22 ICS Security Event: https://s4xevents.com/ OT/ICS Security – Consequence-driven Cyber-informed Engineering (CCE): https://www.waterisac.org/portal/otics-security-%E2%80%93-consequence-driven-cyber-informed-engineering-cce (edited)

The Gate 15 Interview EP 22. Ben Taylor, on Cannabis ISAO, cannabis industry security, cybersecurity, rescue dogs and more! Apr 25, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Ben Taylor, Executive Director for the Cannabis ISAO. Ben Taylor is the Executive Director of the Cannabis-ISAO. Ben also serves as a Risk Analyst to several Information Sharing & Analysis Centers and has previous security and operations experience as an Army Officer as well as working through the Department of Homeland Security’s (then) Office of Infrastructure Protection (now part of the Cybersecurity and Infrastructure Security Agency [CISA]). Ben has also spent several years in marketing and partner development roles within the tourism industry, to include working to promote Cannabis tourism in Oakland, California. To learn more about Cannabis ISAO, visit the Cannabis ISAO website, or on Twitter: @CannabisISAO and LinkedIn.

In the discussion we address:

Ben’s background and the work he’s doing with Cannabis-ISAO today
Some background on the development of Information Sharing and Analysis Centers (ISACs) and Organizations (ISAOs)
Physical security challenges for the Cannabis Industry
Cybersecurity threats and issues facing the sector Scams, and other threats facing the community
Among other topics, Ben plays three questions with Andy to discuss dogs, favorite books, and more!

A few references mentioned in or relevant to our discussion include:

Cannabis ISAO website https://cannabisisao.org
Cannabis ISAO Security Town Hall https://cannabisisao.org/2022/03/cannabis-security-town-hall/
Cannabis ISAO blog and Director’s Cut posts https://cannabisisao.org/home/blog/
Cannabis ISAO Director’s Cut: December 03, addressing a ransomware incident in the Cannabis Industry https://cannabisisao.org/home/report-incident/
Report an Incident - Cannabis ISAO https://cannabisisao.org/home/report-incident/
Get Involved - Cannabis ISAO https://cannabisisao.org/home/get-involved/
Executive Order -- Promoting Private Sector Cybersecurity Information Sharing (13 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-shari
Executive Order -- Improving Critical Infrastructure Cybersecurity (12 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity
Presidential Policy Directive -- Critical Infrastructure Security and Resilience (12 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil
PDD-63 - Critical Infrastructure Protection (20 May 1998) https://clinton.presidentiallibraries.us/items/show/12762
Nerd Out Security Panel Discussion: EP 13. Cannabis ISAO! (18 May 2021) https://gate15.global/nerd-out-security-panel-discussion-ep-13-cannabis-isao/
The Cybersecurity Evangelist: EP 8 – The ISAC Series, Part 4 – Faith-Based ISAO (10 Mar 2021) https://gate15.global/the-cybersecurity-evangelist-ep-8-the-isac-series-part-4-faith-based-isao/
Blog Post: So why a Cannabis ISAO? (02 Apr 2021) https://cannabisisao.org/2021/04/blog-founder/
Tucky Blunt Twitter https://twitter.com/BluntTucky
Uncle Ike’s https://ikes.com/locations/white-center/

Nerd Out Security Panel Discussion: EP24. NYC, Sweden and More. Apr 21, 2022

There was no shortage of topics for the Nerd Out gang to get into this month as Dave, Bridget and Joe dug into recent events. Starting off with some follow ups to hurricane predictions, outdoor festivals, and Piers Morgan (is it marketing or misinformation), the team batted around some of some of the challenges with these areas and some recent publications that can help teams plan for moving forward. Then the nerds really got into some great discussions around monitoring and situational awareness around recent incidents in NYC (subway shooting) and Ohio (arrest of security guard), as well as the escalated protests around the Quran burning in Sweden and if organizations need to think about copy-cats or a revival of protests and demonstrations this coming summer. Wrapping up with an attempt to be fun, the gang just showed how big of nerds they are yet still managed to give some suggestions for light-hearted shows or materials. Discussed on the pod: Conspiracy Theories: https://www.npr.org/2022/04/20/1093698123/online-conspiracy-theories-are-bleeding-into-all-parts-of-georgias-politics AstroWorld Report: https://gov.texas.gov/news/post/governor-abbotts-texas-task-force-on-concert-safety-releases-final-report Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Cybersecurity Evangelist: Ep 18 – Space Systems are Critical Infrastructure for Critical Infrastructure Apr 10, 2022

A chat with Erin Miller, Executive Director of Space ISAC, from the 37th Space Symposium

Have you ever thought about just how much reliance there is on space systems and how satellites – tons of them – are actually flying computers with IP addresses? In an episode that is out of this world, the Gate 15 Podcast Channel welcomes back a very special guest – Erin Miller, Executive Director of Space ISAC on the 18th episode of The Cybersecurity Evangelist – to talk about all that and more from the 37th Space Symposium at The Broadmoor in Colorado Springs. From an event that Erin called, “bigger than Disneyland,” we talked about the importance of securing space systems, the pivotal role that Space ISAC is playing to increase the cybersecurity posture for the global space community, and the general passion for cybersecurity among attendees and speakers at the symposium.

Resources mentioned in this episode:

Space ISAC
37th Space Symposium
Dr. Stacey Dixon (LinkedIn) – Principal Deputy Director of National Intelligence, ODNI
CISA Director, Jen Easterly (Twitter)
Women in Cybersecurity (WiCyS)
Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers
Purdue University
University of Colorado Colorado Springs
Colorado Springs Chamber & EDC
United States Space Force
United States Space Command
United States Air Force Academy
The Gate 15 Interview Ep. 16: Erin Miller, Executive Director, Space ISAC. Securing Space Infrastructure (and terrestrial critical infrastructure too!)

The Risk Roundtable EP 28: Dave's McLaughlin Group Impression. Apr 05, 2022

Little did Andy know when he let Dave take the controls that he would turn it into a mini-McLaughlin Group (those in the DMV know). In this format Andy and Jen talked about four key questions around Ukraine while Dave attempted to moderate. This discussion dove deep into concerns around the current conflict in the Ukraine, Russian capabilities and organizational defenses, as well as key areas for organizations to remain mindful of! The group landed with a dud when a pop star question fell flat, but Jen quickly picked up and talked about her recent conference attendance and meeting some power people (hi CISA Jen!). The group wrapped up with some some reminders and quick hits before heading into Andy's final 3 questions. Some of the reference mentioned in the pod include: https://criticalinfrastructuredefense.org/ https://www.cisa.gov/shields-up https://www.cisa.gov/uscert/shields-technical-guidance https://www.cyberscoop.com/ukraine-russia-us-cybersecurity-companies/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/uscert/ncas/current-activity/2022/03/29/mitigating-attacks-against-uninterruptable-power-supply-devices https://www.cisa.gov/uscert/ncas/current-activity/2022/03/17/strengthening-cybersecurity-satcom-network-providers-and-customers https://www.cisa.gov/uscert/ncas/current-activity/2022/03/15/russian-state-sponsored-cyber-actors-access-network-misconfigured https://www.cisa.gov/uscert/ncas/current-activity/2022/03/24/state-sponsored-russian-cyber-actors-targeted-energy-sector-2011 https://www.ic3.gov/Media/News/2022/220325.pdf

Nerd Out Security Panel Discussion: EP23. Ukraine, Outdoor Events and the gang! Mar 30, 2022

The gang is back together as Bridget Johnson and Joe Levy join Dave on the podcast to catch up on what they've missed while turning their attention to Ukraine and outdoor events. Within Ukraine, the nerdites talked about the effects of the current conflict, TikTok and the evolving information wars to include disinformation and misinformation campaigns on all sides, and what some outcomes may be long term. The gang then turned to thoughts of warmer weather and the upcoming outdoor events and activities. Looking at it through a security lens the Bridget, Joe and Dave looked at some important considerations while also keeping focus on those other events leading up to the 2022 election season. Before wrapping up with some pointed security plugs, the team talked about hurricane predictions and outdoor events to look forward to.

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Gate 15 Interview EP 21. Gary Warner on cyber forensics, information sharing, haikus, birdwatching and more! Mar 21, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Gary Warner, Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB) and the Director of Threat Intelligence for DarkTower. From his LinkedIn bio, “Gary is the ‘Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB). In this role, which brings together the Computer Science and Criminal Justice departments, he is concentrating on research that will help law enforcement and other security professionals to identify, apprehend, prosecute and convict those who are committing cybercrime, and spread information to victims and potential victims about cybercrime issues. 90 analysts and programmers work in the UAB Computer Forensics Lab building tools and providing intelligence for a variety of clients around Cybercrime, Fraud, and Terrorism, as well as the Social Media aspects of more traditional crimes, including Gang Activity and Transnational Drug Networks. In addition to his duties at UAB, Warner serves as the Director of Threat Intelligence for DarkTower, a subsidiary of Queen Associates in Charlotte, North Carolina. Gary Warner was the founding president of the Birmingham InfraGard chapter, and has served as secretary and member of the board of the InfraGard National Members Alliance, among other roles.

Read more on LinkedIn. Gary on Twitter: @GarWarner. Gary’s blog: CyberCrime & Doing Time; A Blog about Cyber Crime and related Justice issues. “Malware analysis is a team sport” – Gary Warner, on information sharing, during our podcast recording In the discussion we address:

• Gary’s backstory and the work he’s doing today

• Information sharing and the value of plugging into information sharing communities

• The great work being done by the FBI and CISA

• The importance of knowing your competition, China, Russia, and ongoing threats

• Some of Gary’s go-to resources

• Gary talks about haikus, Talking Heads, GarBot, birdwatching, and more! “CISA, it's a new era of info sharing in the government” before giving some shout outs to CISA’s first Director, Chris Krebs, and current Director, Jen Easterly

A few references mentioned in or relevant to our discussion include:

• CISA’s Known Exploited Vulnerabilities Catalog (KEVC), something Gate 15’s Jen Walker raves about often, including in our recent Risk Roundtable: The Risk Roundtable EP 27: Don’t let bias guide your preparedness (07 Mar 22). https://www.cisa.gov/known-exploited-vulnerabilities-catalog

• Gary discussed this event: Justice Department Announces Court-Authorized Effort to Disrupt Exploitation of Microsoft Exchange Server Vulnerabilities (13 Apr 21) https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-effort-disrupt-exploitation-microsoft-exchange

• BITNET https://bit.net

• FBI SENTINEL System https://www.fbi.gov/services/information-management/foipa/privacy-impact-assessments/sentinel

• Intellipedia https://en.wikipedia.org/wiki/Intellipedia

• REN-ISAC https://www.ren-isac.net

• Gary’s four CISA “must watch” sites from the CISA cyber landing page:

o Current activity: https://www.cisa.gov/uscert/ncas/current-activity

o Alerts: https://www.cisa.gov/uscert/ncas/alerts

o Bulletins: https://www.cisa.gov/uscert/ncas/bulletins

o Analysis: https://www.cisa.gov/uscert/ncas/analysis-reports

• Gary strongly encouraged listeners to check CISA Director Jen Easterly’s “about” section in her LinkedIn profile to understand why she is so excellently qualified to be the woman leading CISA today (something Chris Krebs, her predecessor at CISA agrees with)

The Cybersecurity Evangelist: Ep 17 – Health-ISAC, the ISAC Most Likely to Appear on the Gate 15 Podcast Channel Mar 14, 2022

This month, The Cybersecurity Evangelist chats with a couple of budding podcasters. For the third appearance on the Gate 15 Podcast Channel, the Health Information Sharing and Analysis Center (H-ISAC) joins me for episode 17.

I got to put my ISAC analyst hat on and talk with the heart of Health-ISAC – the dynamic duo of Zach Nelson (Threat Operations Center Manager) and Joshua Justice (Senior Cyber Threat Intelligence Analyst) from the Threat Operations Center about what drives Health-ISAC and the goals of the Threat Operations Center – the privacy and security of our protected health information (PHI) and why threat actors want that information – yours and mine! We also talked a little about cross-sector collaboration, especially between the ISACs, and rounded it out with a general reminder for all to be #BeCyberSmart about phishing themes leveraging the Russia-Ukraine conflict.

Resources mentioned in this episode

Health-ISAC
H-ISAC Events
The Gate 15 Interview: A Conversation with Errol Weiss, Chief Security Officer, Health-ISAC (27 July 2020)
Nerd Out Security Panel Discussion: EP 15. Let’s talk about Health! (July 2021)
Current and Emerging Healthcare Cyber Threat Landscape (watch for the TLP:WHITE version of this report)
What To Know About Medical Identity Theft (FTC)

The Risk Roundtable EP 27: Don't let bias guide your preparedness Mar 08, 2022

In the latest Risk Roundtable, Andy, Jen, and Dave talk about the war in Ukraine and what it means for preparedness. Sometimes you just have to call a spade a spade and not allow personal, political or other bias to affect your organization’s analysis or preparedness. While Andy and Dave throw flags on their previous predictions, Jen brings us back to reality and talks about being aware, being prepared, and reminds “don’t panic.” Andy then drills down on bias and how it can have an impact on organizations.

During the Roulette Round, Jen talked about CISA’s Known Exploited Vulnerabilities Catalog, vulnerabilities, and patching (while Dave ensured it wasn’t his Windows 2000 computer exposure that Jen was referring to…), then Dave brought up the importance of disaster preparedness in light of spring and summer severe weather events. Andy wrapped things up with a quick talk about the “People’s Convoy” and the battle of the Washington, D.C. Beltway! The pod wraps up with three questions – from COVID predictions, to Andy’s confusion about when seasons start, to Batman.

Link mentioned in the pod include: CISA’s Shields Up webpage: https://www.cisa.gov/shields-up CISA: Russia Cyber Threat Overview and Advisories. https://www.cisa.gov/uscert/russia#russian And our post on the Gate 15 blog from 03 March, Russian Cybersecurity Threats: 5 Asks from the FBI: https://gate15.global/russian-cybersecurity-threats-5-asks-from-the-fbi/ Bridget Johnson on Twitter, and at Homeland Security Today (HS Today) CISA Adds 95 Known Exploited Vulnerabilities to Catalog (03 Mar 22): https://www.cisa.gov/uscert/ncas/current-activity/2022/03/03/cisa-adds-95-known-exploited-vulnerabilities-catalog WaterISAC: Update (March 3, 2021) – 95 Added to CISA’s Known Exploited Vulnerabilities Catalog (03 Mar 22): https://www.waterisac.org/portal/cisa’s-known-exploited-vulnerabilities-catalog Microsoft: Customer Guidance for WannaCrypt attacks (12 May 17): https://msrc-blog.microsoft.com/2017/05/12/customer-guidance-for-wannacrypt-attacks/ ZDNet Ransomware attack: Hospitals still struggling in aftermath of WannaCrypt's rampage (15 May 17): https://www.zdnet.com/article/ransomware-attack-hospitals-still-struggling-in-aftermath-of-wannacrypts-rampage/

The Cybersecurity Evangelist: Ep 16 - Everybody Loves Love (PSA on Romance Scams) Mar 01, 2022

Why Scammers Love Love Too! On Episode 16, The Cybersecurity Evangelist talks about love! Well, more specifically romance scams. I talked about the social engineering component of romance scams, a few fraud reports and financial losses due to romance scams, red flags that could indicate someone you know is caught in a romance scam, some common and practical steps to defeating romance and other types of social engineering based scams, and the importance of reporting romance scams. No matter how painful, falling for a romance scam is nothing to be ashamed of. Romance scams can happen to anyone at any age.

Resources mentioned in this episode:

The Gate 15 SUN https://paper.li/gate15#/ (subscribe!!)
FTC https://www.consumer.ftc.gov/ & ReportFraud.FTC https://reportfraud.ftc.gov/#/
Stop. Think. Connect. https://stopthinkconnect.org/
Stay Safe Online (National Cybersecurity Alliance) https://staysafeonline.org/
Cybercrime Support Network (CSN) https://cybercrimesupport.org/
Fight Cybercrime https://fightcybercrime.org/
Identity Theft Resource Center (ITRC) https://www.idtheftcenter.org/

The Gate 15 Interview EP20. Joseph Marks and Cybersecurity 202! Feb 21, 2022

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Joseph Marks, Washington Post reporter for The Cybersecurity 202. From his Washington Post bio, “Joe Marks writes The Cybersecurity 202 newsletter focused on the policy and politics of cybersecurity. Before joining The Washington Post, Marks covered cybersecurity for Politico and Nextgov, a news site focused on government technology and security. He also covered patent and copyright trends for Bloomberg BNA and federal litigation for Law360. Marks began his career at Midwestern newspapers covering city and county governments, crime, fires and features. He spent two years at the Grand Forks Herald in North Dakota and is originally from Iowa City. Joe on Twitter, @Joseph_Marks_. Joe on LinkedIn. Subscribe to The Cybersecurity 202.

In the discussion we address:

Joe’s background and the work he’s doing today at the Washington Post
Joe’s perspective on “insider the beltway” cybersecurity
The Cybersecurity and Infrastructure Security Agency (CISA)
Cybersecurity and geopolitical threats
Joe plays three questions
and more!

A few references mentioned in or relevant to our discussion include:

Subscribe to The Cybersecurity 202 https://www.washingtonpost.com/newsletters/the-cybersecurity-202/
The Cybersecurity 202: The cyber fight in Ukraine is getting more serious, 16 Feb https://www.washingtonpost.com/politics/2022/02/16/cyber-fight-ukraine-is-getting-more-serious/
The Cybersecurity 202: Cyber’s role in the Ukraine-Russia crisis remains unclear, 15 Feb https://www.washingtonpost.com/politics/2022/02/15/cybers-role-ukraine-russia-crisis-remains-unclear/
Jen Easterly's Keynote at the Munich Cybersecurity Conference - Just one word: Culture! On YouTube. https://www.youtube.com/watch?v=Hgr4h8ufxVU
Deputy Attorney General Lisa O. Monaco Delivers Remarks at Annual Munich Cyber Security Conference https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-delivers-remarks-annual-munich-cyber-security
An interesting thread on Twitter from Doug Madory (@DougMadory), Director of Internet Analysis at Kentik (@kentikinc), on the assertion that Russia had cut a subsea cable when it annexed Crimea, mentioned without detail in the podcast. https://twitter.com/dougmadory/status/1488608548099612674?s=21
Our recent Gate 15 Risk Roundtable where Dave, Jen and I talk Ukraine and Jen shares some thoughts on preparedness: The Risk Roundtable EP 26: Making the Quantum Leap!
CISA: Shields Up https://www.cisa.gov/shields-up
CISA: Russian State-Sponsored Actors Target Cleared Defense Contractor Networks, 16 Feb https://www.cisa.gov/uscert/ncas/current-activity/2022/02/16/russian-state-sponsored-actors-target-cleared-defense-contractor
CISA: Alert (AA22-047A) - Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology, 16 Feb https://www.cisa.gov/uscert/ncas/alerts/aa22-047a
CISA: Russia Cyber Threat Overview and Advisories https://www.cisa.gov/uscert/russia

Nerd Out Security Panel Discussion: EP22. Taking your Questions! Feb 08, 2022

Dave goes solo again to handle some common questions he faces, but only after sharing some of his thoughts on the Olympics and his favorite t.v. shows. But then getting down to business Dave talked about three questions - starting your security plan (now), getting into the business (be flexible and get your foot in the door), and the security shortage (invest in your people). Security is a challenge but it's even harder when you put it off time and time again - get started and refine and improve. Dave then gets on his soapbox and tells others to get off his yard when talking about getting into the business while having organizations stop complaining about the lack of talent and instead investing in their own to build a strong workforce. Along the way, Dave even said a nice thing about Andy.

The Risk Roundtable EP 26: Making the Quantum Leap! Feb 03, 2022

In the first Risk Roundtable of 2022 - the gang is finally back in the same country again to talk about the latest security issues. Not that they went back in time, but harkening back to the Cold War, the roundtable talked about the current tensions between Ukraine and Russia. Highlighting the differences form that bygone era, Jen talked about the global reach that Russia has to target organizations well beyond the European Continent. Dave then expounded and reminded listeners of the importance of looking at capabilities and not focused on a far off land. Then Jen gave Andy much credit for recognizing our hero Troy Hunt for all the great work that he, and other security professionals and teams who provide services for free or low costs. Before going into Andy's three questions Dave expounded a bit and talked about the Global Risk Report from the World Economic Forum. The gang ended on some fun talking about Valentine's Day, Quantum Leap, and Boba! Some links: Link to Ronnie video Ronnie Rants on You Tube https://youtu.be/kd1dXZcncgI Known exploited vulnerabilities https://www.cisa.gov/known-exploited-vulnerabilities-catalog Buy me a coffee. ‘I’m no Troy Hunt’ https://gate15.global/opinion-the-best-things-in-life-are-free-like-hibp-but-maybe-chip-in/ WEF: Global Risk Report https://www.weforum.org/reports/global-risks-report-2022 CIS: https://www.cisecurity.org/controls/cis-controls-list/

Nerd Out Security Panel Discussion: EP 21. Quarantine and Colleyville Attack Jan 25, 2022

In the latest episode of Nerd Out, Dave starts off by talking about his recent quarantine experience in Costa Rica (21 days!) before welcoming in a panel to discuss the Colleyville, Texas synagogue attack. Bringing in Mayya Saab, Seth Ozer, and Ed Heyman the panel went through the hostile event and looked at initial reactions, what can be learned from this situation, and some of the key takeaways. The team then stressed the importance of training in this situation, but also discussed several low cost options and ways to make their location more secure. Mayya Saab is the Executive Director of the Faith-Based Information Sharing and Analysis Organization (FB-ISAO); Seth Ozer is Senior Consultant with Woodstone Consulting, LLC; Ed Heyman is the co-chair of the FB-ISAO Organizational Residence Group

The Gate 15 Interview EP 19. Ronnie Tokazowski, Principal Threat Advisor at Cofense on Business Email Compromise (BEC), 419 scams, Indian food, and so much more! Jan 17, 2022

Please enjoy this episode of The Gate 15 Interview podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts. In this episode of The Gate 15 Interview, Andy Jabbour speaks with Ronnie Tokazowski, Principal Threat Advisor at Cofense. Ronnie is a recognized expert cybersecurity researcher with success in reverse engineering both crimeware and Advanced Persistent Threat malware, including creation of decoders and indicators for detecting malicious attacks. When he’s not frustrating bad guys, Ronnie is an accidental YouTuber, likes cooking, spicy food, and memes. Ronnie on Twitter, @iHeartMalware. Ronnie’s YouTube channel: Ronnie Rants. In the discussion we address: Ronnie’s background and the work he’s doing at Cofense Business Email Compromise (BEC) Voodoo (no, seriously…) Ronnie’s hair and more! “(at Cofense), we try to go back to the human…” – Ronnie Tokazowski, during our discussion, 10 Jan 2022 A few references mentioned in or relevant to our discussion include: What 6 Years of Success in a Global Takedown Operation Looks Like, and How You Can Do It, Too, a Medium post by Ronnie, 02 Jan Cofense Faith-Based Information Sharing and Analysis Organization (FB-ISAO) FBI on Business Email Compromise (numerous links to BEC related information from the FBI) FBI 2020 IC3 Annual Report & 2020 State Reports G4 Boyz x G4Choppa "Scam Likely" (Official Video) G4 Boyz feat. G4Choppa - SBA Job (Official Music Video) G4Choppa & G4 Boyz - “In Scam We Trust” (Official Music Video - WSHH Exclusive) Here’s Ronnie providing some commentary: Fun with Fraudsters - Reacting to SBA Job by G4 Boyz Cofense Wins AI-Based Cybersecurity Solution of the Year in 2021 CyberSecurity Breakthrough Awards, 05 Oct 2021 Cofense Joins Microsoft Intelligent Security Association (MISA), 26 Oct 2021 Channel Insider: Best Email Security Providers & Services 2022, 23 Dec 2021 Traffic Light Protocol (TLP) Definitions And Usage, via CISA In our discussion, Ronnie mentions Brian Krebs’ Krebs on Security blog (and on Twitter, @briankrebs). Some links to his BEC-related posts can be accessed here.

The Cybersecurity Evangelist: Ep 15 - Happy New Cyber Habits 2022! Jan 11, 2022

This first TCE episode of 2022 (and first video - on Spotify) includes a few gentle and some not-so-gentle reminders on cybersecurity best practices and practices for better cyber hygiene. I start with a few cybersecurity controls for businesses to buckle down on this year, including identifying assets, vetting vulnerabilities, and pursuing more potent password policies. Then, I actually persist on the password point with some pontification about our predilection for problematic passwords and propose pointers for a more polished password posture.

While there’s probably nothing new in this episode, I hope it serves as a gentle nudge to promote better cyber hygiene habits – not just resolutions for 2022, but positive habits to develop for all-time toward a more cyber secure you! I also evangelize for a new CISA resource - the Known Exploited Vulnerabilities Catalog.

Other resource mentioned in this episode: https://www.consumer.ftc.gov/articles/password-checklist

The Gate 15 Interview EP 18. RILA Perspective on Organized Retail Crime, plus Mama’s Meatballs, Country Music and Jersey Rock n’ Roll Dec 27, 2021

The Gate 15 Interview: RILA Perspective on Organized Retail Crime, plus Mama’s Meatballs, Country Music and Jersey Rock n’ RollIn this episode of The Gate 15 Interview, Andy Jabbour speaks with two leaders from the Retail Industry Leaders Association (RILA), Ms. Lisa LaBruno, RILA’s Senior Executive Vice President of Retail Operations, and Mr. Michael Hanson, RILA’s Senior Executive Vice President of Public Affairs. The RILA “is the U.S. trade association for leading retailers. RILA partners with leading retailers to meet the challenges of a dynamic economy. Through collaboration and thought leadership, we advance ideas that foster free markets, competition, economic growth, and sustainability.” RILA on Twitter, @RILATweeets.In the discussion we address: The enduring threat of Organized Retail Crime (ORC) Private sector activity relating to ORC Private-public partnership and legislative action on ORC RILA’s focus for 2022 Country music, meatballs, Springsteen, and more! A few references mentioned in or relevant to our discussion include: RILA website - https://www.rila.org Real Estate Information Sharing and Analysis Center (RE-ISAC) RILA: CEOS Call on Congress to Address Surge of Retail Crime, 09 Dec 2021 The Buy Safe America Coalition Impact of Organized Retail Crime and Product Theft, Buy Safe America The INFORM Consumers Act of 2020, Buy Safe America Retailers Press Amazon to Back INFORM Consumers Act, Buy Safe America, 27 Aug 2020 Durbin, Cassidy, Grassley, Hirono, Coons, Tillis Introduce Bill to Ensure Greater Transparency for Third-Party Sellers of Consumer Products Online (The Integrity, Notification, and Fairness in Online Retail Marketplaces for Consumers [INFORM Consumers] Act), 23 Mar 2021 Amazon: INFORM Act punishes small businesses and favors one particular business model, 28 Apr 2021 Buy Safe release announcing the study: Retail Theft Balloons to over $68 Billion, Buy Safe America Homeland Security Express Concern on Retail Crime, Buy Safe America ‘What is organized retail crime? Organized retail crime (ORC) refers to professional shoplifting or other theft occurring in retail stores. These criminals are increasingly turning to online marketplaces to quickly and discretely move mass quantities of stolen merchandise. Unfortunately, these criminal rings are growing more brazen and violent, putting the safety of customers and store employees in jeopardy. Organized rings are often involved in other crimes within the community, including narcotics, money laundering and human trafficking.’ – Buy Safe America, https://www.buysafeamerica.org/myth-vs-facts Lisa LaBruno is RILA’s Senior Executive Vice President of Retail Operations. In this role, LaBruno leads RILA’s efforts in the association’s key retail disciplines including asset protection, store operations, supply chain and e-commerce. She directs all research initiatives, educational programming for the annual LINK and Retail Asset Protection conferences, and executive networking to promote operational excellence within the industry. She has 30 years of relevant experience in both the public and private sector, including as an assistant prosecutor (Hudson County, NJ), in-house attorney at the Archdiocese of Newark and in-house attorney at The Home Depot and serves on the Board of Directors of the Loss Prevention Foundation. Michael Hanson is RILA’s Senior Executive Vice President of Public Affairs, overseeing the Association’s government affairs and communications arms. Hanson is responsible for identifying the industry’s top public policy challenges and working with both leading retailers and key stakeholders to elevate the industry in Washington, DC and across the country. Hanson most recently served as chief public policy officer at Sabre, a leading travel technology company, where he led legi

Nerd Out Security Panel Discussion: EP 20. Retail crime and the year it was! Dec 21, 2021

The last Nerd Out episode of the season comes out strong talking about retail crime as Bridget shared stories of her busting out shoplifting trends, and then talking about the larger security issues at play (specifically overwhelming security) with the latest smash and grab incidents during the holidays. Joe then talked about the ways that these type of issues could spread to other sectors and encouraged organizations to evaluate their processes and training. The nerds then turned the clock back to look at some of the takeaways from 2021 while looking ahead to 2022 to see what organizations can do to start planning for. And for all the areas that were covered, there were so many more highlighting the continued challenge that organizations face. Wrapping up the year on a fun note, the merry band of nerds talked about their favorite holiday movie. Can you guess them all? It's been quite a year for the Nerd Out podcast and we want to wish you all a safe holidays, and we are looking forward to a great 2022! Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Risk Roundtable: EP 25. Holiday scams, reporting and year end fun! Dec 08, 2021

In the latest episode of the Risk Roundtable, Andy leads the team through a review of the latest risks facing individuals and organizations. Jen decked the halls talking about the latest holiday scams that continue to bring coal to good boys and girls. Then Dave talked about the latest school shooting in Michigan and tried not to be a Scrooge by talking about some positive take-aways while highlighting important lessons still to be learned in Christmas future. Then, while Dave danced to spinning the wheel in his head, the roundtable talked about their favorite moments from across the Gate 15 Podcast Channel, after all, we are living in a physical world (Jen). The podcast wrapped up with some holiday cheer talking about favorite television or movies for the season. From all of us at Gate 15, to all of the security teams and organizations around the world, here is hoping for a happy holidays and a wonderful 2022! Companies Linked to Russian Ransomware Hide in Plain Sight. Cybersecurity experts tracing money paid by American businesses to Russian ransomware gangs found it led to one of Moscow’s most prestigious addresses. https://www.nytimes.com/2021/12/06/world/europe/ransomware-russia-bitcoin.html Gate 15 Releases a White Paper with an Update to the Hostile Event Attack Cycle. https://gate15.global/gate-15-releases-a-white-paper-with-an-update-to-the-hostile-event-attack-cycle/ Known Exploited Vulnerabilities Catalog | CISA. https://www.cisa.gov/known-exploited-vulnerabilities-catalog Advanced threat predictions for 2022. Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. https://securelist.com/advanced-threat-predictions-for-2022/104870/

The Gate 15 Interview EP 17. Bob Kolasky talks critical infrastructure, risk, Guns N’ Roses and pizza Nov 22, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Robert (Bob) Kolasky, Cybersecurity and Infrastructure Security Agency’s (CISA) Assistant Director, leading the National Risk Management Center (NRMC) since 2018. At the NRMC, Bob “oversees the Center’s efforts to facilitate a strategic, cross-sector risk management approach to cyber and physical threats to critical infrastructure. The Center provides a central venue for government and industry to combine their knowledge and capabilities in a uniquely collaborative and forward-looking environment. Center activities support both operational and strategic unified risk management efforts. ” Bob’s complete DHS bio (https://www.cisa.gov/bob-kolasky). Bob on LinkedIn (https://www.linkedin.com/in/bob-kolasky-92ab554/). Bob on Twitter, @BobKolasky. In the discussion we address: • Bob’s background • The CISA National Risk Management Center • Election security and election integrity • DHS’s role in 5G risk management • DSH and climate change • Designated sectors of critical infrastructure and some potential upcoming changes • Growing up Gen X, music, pizza and more! A few references mentioned in or relevant to our discussion include: About the NRMC: • The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) • Visit the NRMC Initiatives to learn more about each initiative - https://www.cisa.gov/nrmc-initiatives • Visit the NRMC Newsroom for the latest press releases, media advisories, and blog articles - https://www.cisa.gov/nrmc-newsroom • Download and share the National Risk Management Center Fact Sheet - https://www.cisa.gov/publication/national-risk-management-center-fact-sheet Additional background (general): • NSA-CISA Series on Securing 5G Cloud Infrastructures • Auto-ISAC. We tipped our hats to Auto-ISAC Executive Director, Faye Francy. • The Elections Infrastructure Information Sharing and Analysis Center™ (EI-ISAC®) was established by the EIS-GCC to support the cybersecurity needs of the elections subsector. Through the EI-ISAC, election agencies will gain access to an elections-focused cyber defense suite, including sector-specific threat intelligence products, incident response and remediation, threat and vulnerability monitoring, cybersecurity awareness and training products, and tools for implementing security best practices • White House: Readout of President Joseph R. Biden, Jr. Call with President Vladimir Putin of Russia, 09 Jul (RE: ransomware). • White House: FACT SHEET: Ongoing Public U.S. Efforts to Counter Ransomware, 13 Oct. • White House: Background Press Call on the Virtual Counter-Ransomware Initiative Meeting, 13 Oct. • White House: Joint Statement of the Ministers and Representatives from the Counter Ransomware Initiative Meeting October 2021, 14 Oct. Space as critical infrastructure: • The Gate 15 Interview Ep. 16: Erin Miller, Executive Director, Space ISAC. Securing Space Infrastructure (and terrestrial critical infrastructure too!) • INSA: Designating Space Systems As New U.S. Critical Infrastructure Sector, 02 Nov. • Space hacking risks pose cyber policy test for Biden admin, 02 Nov. • Aspen Institute Panel: Space as Critical Infrastructure, 03 Nov. • Space could be the next frontier for cyber threats, 08 Nov. • FACT SHEET: Vice President Harris Announces Initiatives on Space and Cybersecurity, 10 Nov. Faith-Based organizations as critical infrastructure: • Security Debrief: A Letter to the Trump Administration – Establish a Faith-Based Sector of Critical Infrastructure, 15 Jun 2020. • The Cybersecurity Evangelist: EP 8 – The ISAC Series, Part 4 – Faith-Based ISAO Climate Change: • DHS Actions: Climate Change - https://www.dhs.gov/dhs-actions-climate-change • White House Fact Sheet: Prioritizing Climate in Foreign Policy and National Security, 21 Oct. • DHS Strategic Framework for Addressing Climate Change. “The U.S. Department

Nerd Out Security Panel Discussion: EP 19. Talking Crowd Control and the Holidays - in 2 Parts! Nov 17, 2021

In the latest episode of Nerd Out, this is a very special two parter. In the first part, the nerdies (Bridget and Joe) talk about the fallout from the Houston Astropark disaster ranging from the considerations that go into the event planning, and whether there should be a blame game. And then they look at how threat actors may use this event for future threat planning (note the Hostile Events Attack Cycle) before turning their attention to the latest National Terrorism Advisory System Bulletin release and what it could mean for the holidays. In part two, Dave welcomes in Tamara Herold and goes a little deeper into the Houston incident and what it could mean for events moving forward. Some references brought up in the podcast: Example of Crowd wave: https://www.youtube.com/watch?v=BgpdmAtbhbE Crowd Dynamics: https://www.youtube.com/watch?v=kmqsc7srIfY and https://www.youtube.com/watch?v=Txrs4ssiAz0 Roger Federer saves kid: https://www.youtube.com/watch?v=RymfiBXKuMQ 2018 Concert in Italy: https://celebrityaccess.com/2018/12/08/all-ages-concert-stampede-in-italy-leaves-at-least-6-dead/ Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: david@gate15.global Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ Tamara D. Herold, Ph.D., Associate Professor, Graduate Director, University of Nevada, Las Vegas (UNLV) Director, Crowd Management Research Council Department of Criminal Justice. Twitter: @advancetheline and @herold_tamara

The Risk Roundtable: EP 24. Are you Living in the Physical World? Nov 02, 2021

In the latest Risk Roundtable, Andy, Dave and Jen ponder whether or not we live in the physical world or if a little time off took Jen to a whole new dimension. Kicking off with another acronym soup month, the team looks at Critical Infrastructure Security and Resilience Month and the downstream impacts that can affect organizations who fail to incorporate for critical infrastructure into their preparedness plans. Then roundtable talked about the recent warning of terrorist capabilities to strike the U.S. as well as whether organizations are better prepared today to address a crisis than they were pre-COVID. In the process, the team came up with a new term - "Preparedness Calculus" - and whether organizations are evaluating events and factoring that into their preparedness process. The discussions wrapped up with Andy's three questions involving some favorite fall themes - warm clothing, turkey, and the Lion's losing. But before signing off, Dave had to talk about his enjoyment for Dune, but did he show some hypocratic tendencies? Some links to items discussed in the podcast included: White House Critical Infrastructure Month Proclamation. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/10/29/a-proclamation-on-critical-infrastructure-security-and-resilience-month-2021/ CISA Infrastructure Security Month Materials: https://www.cisa.gov/infrastructure-security-month https://www.cisa.gov/publication/guide-critical-infrastructure-security-and-resilience (2019) https://www.cisa.gov/publication/methodology-assessing-regional-infrastructure-resilience (June 2021) Critical Infrastructure Sectors. https://www.cisa.gov/critical-infrastructure-sectors See Something Say Something. https://www.dhs.gov/see-something-say-something See Something Say Something: Report Suspicious Activity. https://www.dhs.gov/see-something-say-something/how-to-report-suspicious-activity Webinar: Getting Started Now: Pandemic Preparedness After-Action Reports, 10 Apr 2020. https://gate15.global/webinar-getting-started-now-pandemic-preparedness-after-action-reports/ Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 Apr 2020. https://gate15.global/webinar-recording-getting-started-now-pandemic-preparedness-after-action-reports/ REN-ISAC and report: https://www.ren-isac.net/public-resources/workshops/index.html & https://www.ren-isac.net/public-resources/2021_REN-ISAC_Blended_Threat_Workshop_Final_Report.pdf

The Gate 15 Interview EP 16. Erin Miller, Executive Director, Space ISAC. Securing Space Infrastructure (and terrestrial critical infrastructure too!) Oct 25, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Erin Miller, Executive Director for Space ISAC (https://s-isac.org). “The Space ISAC serves to facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the sector with respect to this information.” Erin on Twitter (@erinmarmiller). Erin on LinkedIn (@erinmarlenemiller). In the discussion we address:

Erin’s background
Space ISAC, now and into the future
Blockchain in space
Threats, risks and working with the community to secure space infrastructure
Erin weighs in on important issues, including the great Pluto debate (!), and more in our three questions segment
And more!

Please enjoy this episode of The Gate 15 Interview podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts.
‘We are on a journey and our journey is multi-decades long…’
A few references mentioned in or relevant to our discussion include:

Microsoft blog: Microsoft joins Space ISAC as founding member to further space cybersecurity intelligence, 23 Jun 2021 - https://blogs.microsoft.com/blog/2021/06/23/microsoft-joins-space-isac-as-founding-member-to-further-space-cybersecurity-intelligence/
Space ISAC members and membership - https://s-isac.org/membership/
Andy shares a favorite space tweet - https://twitter.com/andyjabbour/status/1450449282318979074?s=21

Nerd Out Security Panel Discussion: EP 18. Dave Solo?! Talking Recent Events and Preparedness Oct 19, 2021

In the most recent episode of Nerd out, and as accurately described by Ron Burgundy it could be a horrible news story but Dave goes solo to talk about the recent events. These include the Norway Bow and Arrow attack, the murder of a British Member of Parliament, and two of the more recent insider threat attacks and how organizations can learn from these events and improve their security posture. Dave then goes a little pop culture to talk about his three favorite security movies and shows. He also uses these references to talk about how organizations can build and nuture their own intelligence analysts and the value they can bring to an organizations. Rough transitions aside and some help from Ron Burgundy and Syndrome aside the panel will return for next month as they look ahead to what should be a busy holiday season.

The Cybersecurity Evangelist_Ep14_Cybersecurity Awareness Month 2021 Oct 14, 2021

The Cybersecurity Evangelist "evangelizes" Cybersecurity Awareness Month 2021.

Cybersecurity Awareness Month is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security. For more information about ways to keep you and your family safe online visit https://staysafeonline.org/cybersecurity-awareness-month/ and cisa.gov/ncsam.

Other resources mentioned during this episode:

https://www.cisa.gov/cyber-essentials
https://www.ic3.gov/
https://www.sans.org/tip-of-the-day?msc=main-nav
https://cybercrimesupport.org/
https://fightcybercrime.org/
https://gate15.global/cybersecurity-awareness-month-2021-tips-from-the-pros/

The Risk Roundtable: EP 23. CAM, Disgruntled Employees, and Scott Bakula Oct 05, 2021

The latest episode of the Risk Roundtable gets the group going in all sorts of directions ranging from an opening related to COVID fatigue, Cybersecurity Awareness Month, and disgruntled employees. After deliberating whether they need a new roulette round music selection (Dave volunteered to sing it), the group sang the praises of new CISA chief Jen Easterly and the way she has been out front on all of the latest security issues, as well as sharing some of our favorite security twitter feeds, as well as hitting on the importance of Patching (catch out Jen's latest Cybersecurity Evangelist Pod for more details). The group wrapped up with Andy's three questions to address Super Bowl projections, Halloween, and what show we would want to reboot - hello Quantum Leap! Some of the reports and postings referenced in the podcast include: CISA and Krebs: https://gate15.global/cybersecurity-infrastructure-security-time-to-make-this-happen/ Cybersecurity Awareness Month - Tips from the Pros: https://gate15.global/cybersecurity-awareness-month-2021-tips-from-the-pros/ Jen Easterly Twitter: https://twitter.com/CISAJen Suzanne Spaulding Twitter: https://twitter.com/SpauldingSez Chris Krebs Twitter: https://twitter.com/C_C_Krebs Jennifer Lyn Walker, Director of Cyber Defense Posts: @Gate_15_Analyst & @WaterISAC, LinkedIn: https://t.co/XGIB3hLkam Disgruntled Employees: https://www.waterisac.org/portal/insider-threat-%E2%80%93-former-employee-indicted-unauthorized-computer-access-intent-harm-kansas HEAC White Paper: https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/

Nerd Out Security Panel Discussion: EP 17. Lessons of the past to prepare the future Sep 28, 2021

In the latest edition of Nerd Out, Dave is joined by nerdette Bridget Johnson, and nerd Joe Levy to take stock of what did and did not happen at the recent Justice for January 6th event in Washington D.C. and the preparedness lessons learned. Equally important is how could venues use those lessons to plan for the future. The team also looked at some of the root causes for the low attendance and why there may be a larger cause for concern. The merry band of nerds and nerdettes went through some fall-inspired quick hits all the while giving due credit to CISA for their bevy of resources to include the latest series: De-Escalation Series for Critical Infrastructure Owners and Operators (www.cisa.gov/publication/de-escalation-series). Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: david@gate15.global Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Gate 15 Interview EP 15. Mark Arena, Intel 471, Cyber Intelligence Expert and CEO, Intel 471 Sep 20, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Mark Arena, CEO, Intel 471. In the discussion we address: Mark’s background Intel 471 Cyber threats Future threats And more! “It all goes down to password reuse… enforce two-factor authentication on everything…” – Mark Arena Mark on Twitter: @markarenaau. Mark on LinkedIn. https://www.linkedin.com/in/mark-arena-36a86516/ Intel471 on Twitter: @Intel471Inc. Intel471 on LinkedIn. https://www.linkedin.com/company/intel-471/ A few references mentioned in or relevant to our discussion include: Intel 471: https://intel471.com Intel 471’s Cyber Underground General Intelligence Requirements Handbook. https://intel471.com/resources/cu-girh-download-request Upcoming Intel 471 video podcast! Intel 471 CTI experts will examine recent developments in the cyber underground through the lens of the media & telecommunications sector. Check it out: 28 Sep 2021, 11am (see registration link for time zone options). Register here: https://hubs.la/H0WW0Gn0. Top FBI official says there is 'no indication' Russia has taken action against hackers, The Hill, 14 Sep 2021. (https://thehill.com/policy/cybersecurity/572184-top-fbi-official-says-there-is-no-indication-russia-has-taken-action) “Based on what we’ve seen, I would say there is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment that they have created there… We’ve asked for help and cooperation with those who we know are in Russia who we have indictments against, and we’ve seen no action, so I would say that nothing’s changed in that regard,” - FBI Deputy Director Paul Abbate, via The Hill Russia is fully capable of shutting down cybercrime, CSO Online, 14 Sep 2021. (https://www.csoonline.com/article/3632943/russia-is-fully-capable-of-shutting-down-cybercrime.html) Australian Cyber Security Centre Essential Eight. (https://www.cyber.gov.au/acsc/view-all-content/essential-eight) “While no set of mitigation strategies are guaranteed to protect against all cyber threats, organisations are recommended to implement eight essential mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.” Thoma Bravo Makes Strategic Investment in Intel 471 Announcement, 08 Sep 2021. (https://intel471.com/company/press-releases/thoma-bravo-makes-strategic-investment-in-intel-471)

TCE EP13 - Prattling on About Patching on this Podcast Party of One Sep 16, 2021

Your favorite cybersecurity evangelist waxes solo and prattles on about patching in this no frills episode of TCE.

The Risk Roundtable: EP 22. Acronym Soup Sep 07, 2021

Security awareness months kick into high gear and the Risk Roundtable crew gives their thoughts on the various ones (NPM, NITAM, NCAM, XYZPDQ...) and the heart of each one - Preparedness and Awareness! The group then talks about some of the ongoing protest activities and look ahead to some upcoming events including the "Justice for J6" event. Continuing the preparedness theme, and switching to the Roulette Round the roundtable turned to everyone's favorite security researcher - Troy Hunt and him living his best life while making everyone aware of their risks as well as a lively debate on passwords. Toss in some comments about weather preparedness and whatever Andy wanted to go off on and the group wrapped up with some fun (even questionable) questions. Still not sure why everyone shutters at green holidays. Some of the references from the discussion: National Preparedness Month | Ready.gov: https://www.ready.gov/september National Insider Threat Awareness Month: https://www.odni.gov/index.php/ncsc-features/2834 Press Briefing by Press Secretary Jen Psaki and Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger, September 2, 2021: https://www.whitehouse.gov/briefing-room/statements-releases/2021/09/02/press-briefing[…]-and-emerging-technologies-anne-neuberger-september-2-2021/ The White House Memo to Industry on Ransomware: Take Action (Now): https://gate15.global/the-white-house-memo-to-industry-on-ransomware-take-action-now/ Stuff Off Search | CISA: https://www.cisa.gov/publication/stuff-off-search www.cisa.gov/sites/default/files/publications/Assets_Showing_Primer_508c.pdf Troy Hunt Montage: https://www.pentestpartners.com/security-blog/from-open-guest-wi-fi-to-pwning-a-lift/ https://abbreviations.yourdictionary.com/reference/abbreviations/what-is-an-initialism.html https://www.troyhunt.com https://haveibeenpwned.com https://www.youtube.com/watch?v=N_y8B-tmDM0 TroyHunt from BlackHat Asia Lessons from 11 Billion Breached Records (edited) https://twitter.com/rhowe212/status/1433308481214369797 https://youtu.be/N_y8B-tmDM0 https://www.ncsc.gov.uk/news/ncsc-lifts-lid-on-three-random-words-password-logic James DeMeo - What's Your Plan? https://jamesademeo.com

The Gate 15 Interview EP 14. Amanda Mason, Vice President, Intelligence, Related Companies, discusses security, info sharing, terrorism, extremism, 9/11, and more. Aug 23, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Amanda Mason, Vice President, Intelligence, Related Companies. “Our passion for urban life could not be any stronger. We are committed to moving our communities forward and enriching people’s lives.” - Stephen M. Ross, Chairman & Founder. Amanda on LinkedIn. In the discussion we address: Amanda’s background Amanda’s current responsibilities at Related Companies COVID and safe and secure operations and reopening The recent National Terrorism Advisory System Bulletin, Afghanistan and associated concerns Terrorism, extremism, and the upcoming 20th anniversary of the 9/11 attacks And more! Please enjoy this episode of The Gate 15 Interview podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts. “We can’t necessarily predict, but we can prepare.” A few references mentioned in or relevant to our discussion include: Learn more about Related! https://www.related.com New York Post, Real estate giant Related Cos. to require all employees to get vaccinated (02 Aug 2021) National Terrorism Advisory System (NTAS) Bulletin (13 Aug 2021) DHS CISA: MIS, DIS, Malinformation DHS CISA: Countering Disinformation In Social Media video DHS FEMA: Homeland Security Exercise and Evaluation Program DHS FEMA: ICS Resource Center “We have to do our tabletop exercises… we have to think of the worst case scenario.” “I can’t believe that I get to protect a landmark asset in NYC.” The Gate 15 Interview is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues. Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Anchor, Apple, Spotify, Google, as well as other locations accessible from the Anchor link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes: The Risk Roundtable, is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally. The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics. The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues. We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: podcast@ga

Nerd Out Security Panel Discussion: EP 16. Terrorism, NTAS, Misinformation, COVID, and the end credits! Aug 18, 2021

After a a busy couple of weeks, the merry band of Nerdies gathered to discuss the latest news on the terrorism and extremist front and how misinformation has shaped so much of these advanced. The group started with Bridget’s reporting of a new Al Qaeda message, which was followed with press reports extremist chatter and then the he National Terrorism Alert System Bulletin. These all gave the group an opportunity to talk to the risks to various locations, especially venues and the Commercial Facilities Sector. Next, the group transitioned to mis-information and how integral it was to both terrorist groups as well as domestic violent extremism. COVID dominated the last part of the discussion with Bridget sharing her personal story and loss before the group went through a rapid fire set of questions! But just like our favorite band of super-heroes, stay for the end credits and you might here about killer mosquitos.

Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: david@gate15.global

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Risk Roundtable: EP 22. Who's the Nerd Now? Aug 03, 2021

The discussions were lively on the latest edition of the Risk Roundtable as Jen showed off her inner nerd! With Andy nursing an injury, Dave and Jen took off on topics ranging from the latest White House memos on improving critical infrastructure to the troubling trends on COVID and what it all means for businesses and organizations. In the roulette round (Dave is on a 2 pod winning streak with the theme music) the roundtable talked about some all-hazards and preparedness for the upcoming religious holidays before Jen "nerded out" on various reports on new CVEs and displayed a very nerdy t-shirt to boot! Andy got his strength back for his three questions where Dave revealed his disgust over some veggies and lack of love for a historic band!

Some of the links mentioned in the podcast included:

National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems: https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systems/
Background Press Call on Improving Cybersecurity of U.S. Critical Infrastructure: https://www.whitehouse.gov/briefing-room/press-briefings/2021/07/28/background-press-call-on-improving-cybersecurity-of-u-s-critical-infrastructure/
FACT SHEET: Biden Administration Announces Further Actions to Protect U.S. Critical Infrastructure: https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/fact-sheet-biden-administration-announces-further-actions-to-protect-u-s-critical-infrastructure/
2021 CWE Top 25 Most Dangerous Software Weaknesses: https://cwe.mitre.org/top25/archive/2021/2021_cwe_top25.html
Joint Cybersecurity Advisory: Top Routinely Exploited Vulnerabilities: https://us-cert.cisa.gov/sites/default/files/publications/AA21-209A_Joint%20CSA_Top%20Routinely%20Exploited%20Vulnerabilities.pdf
Bridget Johnson's COVID Article: https://www.hstoday.us/subject-matter-areas/pandemic-biohazard/covid-19-a-plea-to-learn-from-those-who-have-suffered-and-lost/

The Gate 15 Interview EP 13. Peter Ashwin - Risk and Security Expert, and Original International MoM Jul 26, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Peter Ashwin, the principal and founder of Event Risk Management Solutions (ERMS), a consulting practice committed to enabling event organizers to meet the challenges of today’s volatile and uncertain world. Peter is recognized as an innovative, industry leader for the design and implementation of event security and risk management solutions to support event organizing committees and their public and private security partners deliver safe and secure, world class event experiences within complex, multi-agency environments. He is a former Australian Army special forces officer who now calls Montreal, home. Peter on LinkedIn. In the discussion we address: Peter’s background The Olympics and major event security and risk management The current threat and risk landscape Event and venue security and best practices And more!

Nerd Out Security Panel Discussion: EP 15. Let’s talk about Health! Jul 20, 2021

In the latest episode of Nerd Out, Dave is joined by everyone’s favorite Crimson Tide enthusiast - Jon Crosson. Jon is the Director of Critical Infrastructure – Vital Services for Gate 15.Jon currently supports the Health Information Sharing and Analysis Center (H-ISAC) as the Director, Special Interest Group Services. H-ISAC is a non-profit organization that is dedicated to protecting the healthcare and public health sector from physical and cyber attacks and incidents through dissemination of trusted and timely information. In the episode, Jon looks at the current security threats facing the health sector and healthcare organizations to include the impact that COVID has had, as well as the battle against mis/disinformation. Dave and Jon then look back at some of Jon's background and how he got in position to be a trusted partner in the community. And finally, turning to one of Jon's true loves, Dave and Jon talk about the upcoming college football season and the outlet for the Crimson Tide. Prior to Gate 15, Jon was a senior operations specialist and project manager for Battelle Memorial Institute. Jon held various positions supporting the Department of Defense (DOD), Department of Homeland Security (DHS) and the U.S. Nuclear Regulatory Commission.Jon served in the U.S. Army as a Field Artillery Officer from 1999-2003. He is a member of InfraGard and a graduate of the FBI Citizens’ Academy. Links to Training referenced by Jon in the pod: FEMA Emergency Management Institute (EMI) Independent Study Course List

The Cybersecurity Evangelist: EP 12 – Cyber isn’t Scary, it’s Necessary Jul 14, 2021

On episode 12 of The Cybersecurity Evangelist (TCE) podcast, I chat with a couple of Baby Boomers with varied perspectives of cybersecurity as I take TCE back to its roots – as the cybersecurity podcast for everyone. Ed Heyman (@El_Grillo1) and a mystery guest to talk about “The Great Bewilderment.” We also discuss why boomers are the generation most likely to take privacy and security seriously, and what bare minimum level of cyber awareness everyone should maintain.

Resources mentioned in this episode (along with other relevant posts not mentioned):

The Social Dilemma – The technology that connects us also controls us. (Netflix original film)
Survey finds massive gap in awareness of cyberattacks (Summary of survey by Armis, published on ZDNet)
Protecting a New Vulnerable Population on the Internet (@Bob Covello – Tripwire)
Protecting the New Most Vulnerable Population – The Grandparent Scam (@Bob Covello – Tripwire)
Protecting the New Most Vulnerable Population – Subscription Scams (@Bob Covello – Tripwire)
Protecting Your Online Privacy: Three Levels of Security (Tripwire)
Security Awareness Tip of The Day (SANS)

The Risk Roundtable: EP 21. Ransomware and Terrorism - they never seem to go away. Jul 07, 2021

The Risk Roundtable crew gathers after a long weekend and talks about the latest ransomware and terrorism news not to mention the discussion about the governments decision to release classified information.

Nerd Out Security Panel Discussion: EP 14. Reports Galore! Jul 06, 2021

In the latest episode of Nerd Out, Dave is joined by some old friends, Joe and Bridget, while they welcome in Amanda Mason to the panel where they discuss the latest series of reports from the FBI, the U.S. Senate, and from across the pond and the Manchester Arena bombing inquiry. They discuss the value of these type of reports, and the lessons that can be learned from the observations. Amanda then shares some of the insight from the January 6th incident from a first-hand view of the situation as it unfolded. After going through the reports and calling out some of the challenges highlighted the panel goes through a rapid fire session with questions ranging from security trends, ransomware (sorry Jen), and what the panel is reading or watching. The reports discussed include: Active Shooter Incidents 20-Year Review, 2000-2019 Examining the U.S. Capitol Attack: A Review of the Security, Planning, and Response Failures of January 6 Manchester Arena Inquiry Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: david@gate15.global Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ Amanda Mason is currently serving as the Vice President of Intelligence for the Related Companies. Her role is to integrate information from various sources and bridge the gap of cyber threats, national security, local law enforcement, physical security and business intelligence. In her role, she provides threat information and solutions to the various subsidiaries under Related, which include Real Estate, Infrastructure, Manufacturing, Hospitality, and International Finance. She is also a reservist currently serving as the Director of Intelligence for the District of Columbia, Air National Guard. With over 24 years of service, Amanda has held various positions in the Intelligence and Special Operations Communities.

The Risk Roundtable: EP 20. The latest security news delivered without remorse. Jul 06, 2021

The Risk Roundtable crew jumps into summer with a new episode focused on some of the latest security news. Kicking off the episode, the team looks at the latest FBI report on Active Shooters (Active Shooter Incidents 20-Year Review, 2000-2019) and how organizations can integrate this information into their security planning and preparedness. Then they switch over to talk about a threat that grows stronger each month - Ransomware. Jen breaks down the latest ransomware activity and reminds organizations to not go at it alone! Then while Dave is dancing on mute, the risk roulette goes into some topics about opting out of some services that may feel forced, and the upcoming summer season (Fourth of July) and the security precautions organizations need to remember when planning events. Andy then wraps up the episode sharing how much he loved a certain movie that was Dave's favorite book of all time. Dave might have had something....or three minutes....to say something about it. Some references from the episode: Beer, cheese, fuel, and now meat. What’s next? - Armis Amazon to share your Internet with neighbors on Tuesday - How to opt out Gate 15 HEPS FBI Active Shooter Resources A Study of the Pre-Attack Behaviors of Active Shooters in the United States Between 2000 and 2013 What’s Your Plan? Additional Links: https://blog.malwarebytes.com/malwarebytes-news/2021/06/ransomware-to-be-investigated-like-terrorism/ https://www.theguardian.com/us-news/2021/jun/04/fbi-christopher-wray-cyberattacks-9-11 https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-250-billion-usd-by-2031/ https://gate15.global/the-gate-15-interview-ransomware-running-rampant/ And more.... can be found on the Gate 15 Website blog posts: https://gate15.global/blog/

The Cybersecurity Evangelist: EP 11 – The ISAC Series – Tribal-ISAC Jun 16, 2021

My final ISAC segment for TCE was a great discussion with two Steering Committee Members from Tribal-ISAC. Bill Travitz – Director, Office of Information Technology, Eastern Band of Cherokee Indians, and Lee Edberg - IT Cybersecurity Manager for Mystic Lake Casino Hotel, Shakopee Mdewakanton Sioux Community.

The overall theme of this episode, and the ISAC series in general - We are stronger together! As Lee said, there is invaluable power in numbers with more tribes fighting the threat landscape together; get involved, get to a meeting, and contribute! Similarly for Bill, it’s about being a good neighbor, and that is a value that tribes already have! We all learn from one another.

Tribal-ISAC is open to membership for Native American and Alaskan Native tribal government, operations, and enterprises.

Resources discussed in this episode:

TribalHub
TribalNet Conference
Tribal ISAC
MS-ISAC(Multi-State Information Sharing & Analysis Center)

The Gate 15 Interview EP 12. Bryan Ware: Analytics Geek, Emerging Technologies Expert May 24, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Bryan Ware, founder and CEO of Next5 (next5.co), a technology-focused business intelligence and strategic advisory firm. In addition to being a successful entrepreneur, Bryan is a self-described “analytics geek” and emerging technologies expert. He has formerly served as the CEO at Haystax Technology and more recently served at DHS Cybersecurity and Infrastructure Security Agency (CISA) as the Assistant Director for the Cybersecurity Division. Bryan on Twitter (@bsware). Bryan on LinkedIn. In the discussion we address: Bryan’s background and his experience in the private sector and at DHS’s Cybersecurity and Infrastructure Security Agency (CISA) His new project, Next5 Critical and emerging technology and associated concerns Geopolitical and other security challenges Find out what Bryan means when he says “I believe in Liquid Diplomacy?” Here his call to service And more! “I’m most passionate about the critical and emerging technologies that are emerging now and will be most important to our lives, economies, and national security 5+ years from now” Bryan Ware A few references mentioned in or relevant to our discussion include: We discussed Bryan’s new company, Next5. From the website, “Next5 helps leading companies develop, acquire and protect the game-changing technologies of the future. Our research provides a current and expert perspective on critical emerging technologies, global supply chains, and geo-political and economic factors that shape opportunities and risks.” See more, including the Next 5 Technology Matrix, from the link above. Bryan mentioned the quote “software is eating the world,” stated by Marc Andreessen. Read more on that in the Wall Street Journal, Why Software Is Eating The World (20 Aug 2011). We mentioned the Five Eyes partnership, which is the intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. You can read a little about that from the Office of the Director of National Intelligence, here, or on Wikipedia.

Nerd Out Security Panel Discussion: EP 13. Cannabis ISAO! May 18, 2021

In the latest episode of Nerd Out, Dave welcomes in Ben Taylor, Executive Director of the Cannabis Information Sharing and Analysis Organization (ISAO). Their conversation looked at the evolution of the industry and the needs that an ISAO can provide to help those in the ever-growing Cannabis industry look at threats and develop strategies to protect their customers and organizations. Ben talked through the announcement of the ISAO and the next steps including offerings on their website and social media platforms. Dave and Ben also looked at the challenges that ISAOs face in getting attention and gaining members, but highlighted the value that they bring and the value of information sharing to the overall strength of the industry. To learn more about Cannabis ISAO, visit their website: https://cannabisisao.org or check out their social media accounts. Twitter: @CannabisISAO and LinkedIn: @CannabisISAO Ben Taylor is the Executive Director of the Cannabis-ISAO. Ben also serves as a Risk Analyst to several Information Sharing & Analysis Centers, and has previous security and operations experience as an Army Officer as well as working through the Department of Homeland Security’s Office of Infrastructure Protection. Ben has also spent several years in marketing and partner development roles within the tourism industry, to include working to promote Cannabis tourism in Oakland, California.

The Cybersecurity Evangelist: EP 10 – The ISAC Series, REN-ISAC (Part 2) May 12, 2021

TCE continues the chat with REN-ISAC’s Krysten Stevens and Brett Zupan.

On this episode:

We emphasize the importance of relationship building among higher ed and relevant community resources.
Discuss the wide and varied landscape of higher ed and research community.
We jump up on our soapboxes about how cyber is a cost of doing business, and not “if” but “when” you become a cyber attack victim.
We chat REN-ISAC services, such as Security Event System (SES), Peer Assessment Service, and Workshops (again).
Krysten brilliantly reminds us of the “trust community” that the ISACs represent.
Brett sucks up to Krysten with a nod to the technical operations team; and of course, Krysten couldn’t help but brag on her team too! As it should be. ;-)
Brett rounds out our discussion with a masterful shout out to the NCI (National Council of ISACs).

REN-ISAC Resources discussed on this episode:

Peer Assessment Service - https://www.ren-isac.net/public-resources/pas/index.html

Workshops - https://www.ren-isac.net/public-resources/workshops/index.html

Security Event System - https://www.ren-isac.net/member-resources/SES.html

Our Trust Community - https://www.ren-isac.net/what-we-do/index.html

The Risk Roundtable: EP 19. What becomes of the miscreants? May 04, 2021

A year ago, as the pandemic had taken hold around the world, there was a lot of confusion and uncertainty. And while threats were equally as susceptible to COVID, they ultimately rose to exploit the situation. Now that vaccines are being distributed and the world is slowly reopening, does this change the threat environment? The Risk Roundtable crew discusses this potential, as well as other security matters that individuals and organizations should be on guard for moving into the summer months. Then after the risk roulette discussion, complete with music (thanks Dave), Andy leads the gang in a "get to know you" series of questions.

Scams: https://www.ftc.gov/coronavirus/scams-consumer-advice

Combatting Ransomware: https://securityandtechnology.org/ransomwaretaskforce/report/

The Gate 15 Interview EP 11. Matt Mitchell, a Champion for Security and Privacy Apr 26, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Matt Mitchell, “a hacker and Tech Fellow at The Ford Foundation. Matt is working with the BUILD and Technology and Society teams at Ford Foundation to develop digital security strategy, technical assistance offerings, and safety and security measures for the foundation’s grantee partners. Matt was recently named by WIRED magazine as one of the 25 ‘innovators who are using technology to lead society through this period of global uncertainty and pointing the way to a safer future.’ called the WIRED25.” In 2017, Matt was listed by VICE's MOTHERBOARD as a HUMAN OF THE YEAR, for his work protecting marginalized communities from surveillance. Read more about Matt in this Medium post. Photo by Nick Lee, via Medium. Matt on Twitter. Matt on LinkedIn. In the discussion we address: • Matt’s background • Current projects • Privacy as a right • Privacy as security • And more! “Backdoors… they don’t work…” – Matt Mitchell, in The Gate 15 Interview, recorded 21 Apr 2021 A few references mentioned in or relevant to our discussion include: • Matt Mitchell Is Arming Underserved Communities With Anti-Surveillance Tools, Vice, 14 Feb 2017 • Ford Foundation, BUILD • Ford Foundation, Cybersecurity Assessment Tool • Nigerian Tech Hub Update: It’s Funded, Built, Educating, and… by Ronnie Tokazowski, @iHeartMalware, 08 Apr 2021 • Can you fight BEC popularity in Nigeria by steering youth to legitimate IT jobs? by Catalin Cimpanu, @campuscodi, on The Record, by Recorded Future, @TheRecord_Media, 18 Apr 2021 • Zero Trust: Enable a remote workforce by embracing Zero Trust security, Micorsoft • William Coffee, NSA 2011 Hall of Honor Inductee, African American Honoree. “In April 1946, William D. Coffee was awarded the Commendation for Meritorious Civilian service for his wartime leadership in exploiting critical enciphered messages. During a time of harsh racial discrimination, he excelled and became the acting supervisor of a segregated office that made impressive contributions to the nation's cryptologic achievements.” • CryptoHarlem • Wikipedia: CryptoParty • On Bug Bounties: Google Project Zero will give a 30-day grace period before disclosing security issues, Kim Lyons, @SocialKimLy, The Verge, @verge, 17 Apr 2021 • The do’s and don’ts of bug bounty programs with Katie Moussouris (@k8em0), by Zack Whittaker, @zackwhittaker, TechCrunch, @TechCrunch, 07 Apr 2021 • Zack Whittaker@zackwhittaker / 3:15 PM EDT•April 7, 2021 • DON'T PANIC. Making Progress on the "Going Dark" Debate, The Berkman Center for Internet & Society at Harvard University "One: the companies want to surveil the people. Two: the organizations, the companies, don't have people's best interests at heart…" – Matt Mitchell, in Vice, 14 Feb 2017

Nerd Out Security Panel Discussion: EP 12. High Stress and U....2. Apr 20, 2021

This month the panel is a party of one - Rob Yandow joins again to talk with Dave about high stress situations and preparedness. This is especially relevant given the reopenings and the latest hostile event situations. Rob goes into detail about the phsiology of fear, as well as how and why individuals respond to high stress situations the way they do. Using various examples, Rob hammers home the various stages in the survival arc - denial, deliberation, and decisive action. And most importantly, the podcast talks about the ways organizations can use this information to train and prepare to respond. Then Dave is joined by a special guest to talk about the greatest band ever.

Rob Yandow is a security expert who is a former police officer and who works with the Faith-Based Information Sharing and Analysis Organization (FB-ISAO) and serves as the Co-Chair of their Business Resilience Group - website: https://faithbased-isao.org. Twitter: @RobYandow

The Cybersecurity Evangelist: EP 9 – The ISAC Series, Part 5 – REN-ISAC Apr 12, 2021

Despite the razzing I got from the guys (David Pounder - host of the NerdOut! Security Panel Discussion, and Andy Jabbour - host of The Gate 15 Interview) during the last Risk Roundtable, the TCE ISAC Series continues!!! This time, REN-ISAC (Research & Education Networks Information Sharing & Analysis Center) joins me. REN-ISAC serves the higher education and research community by promoting cybersecurity operational protections and response.

For this episode, I enjoyed a fun and lively chat with Krysten Stevens, “new” Director of Technical Operations, and Brett Zupan, Risk Analyst and DC Liaison. We talked about threats facing the research and higher education community and bragged on Kim Milford’s (REN-ISAC’s Executive Director) amazing vision in 2019 to execute a series of workshops that had colleges, universities, and relevant community partners, such as state/local health departments and law enforcement working together through an infectious disease scenario – a scenario the team thought might be going too far…

Resources discussed on this episode:

The Risk Roundtable: EP 18. Security / Analytical Bias. Apr 06, 2021

The Risk Roundtable crew looked at the increasingly important idea of security bias and security blindness. The group specifically looked at how bias in analysis can lead to security blindness and the minimization and exaggeration of threats. Within the analytical community it is important to note how bias exists in virtually everything and the team discussed ways in which bias could exist from the analyst, but also by those that receive the data. Andy, Jen and Dave discussed some of the root causes and how this can lead to and continue a cycle of misinformation and disinformation if not handled correctly. In fact, the more divisive our politics become, the more bias our media, the more people – politicians, the media, foreign governments, and others - fan the flames of division, the more challenging the role of the analyst can become. In the end, bias is a discussion that is encouraged to be had by all organizations to ensure they are accurately representing the threat and risk to the organization.

Next the team looked at their roulette items (Dave even shared the theme song on demand!) reminding listeners of the Microsoft Exchange Vulnerability and to update their systems. In addition, as reopenings are occurring around the world in varying degrees, it is important that organizations review security plans and processes.

Items highlighted in the Podcast:

Health ISAC Spring Summit open to members and non-members: https://h-isac.org/summits/secured-in-paradise-spring-2021-summit/
Agenda: https://web.cvent.com/event/cd1e7b44-7e38-487b-bd1f-b4f39cc82a11/websitePage:645d57e4-75eb-4769-b2c0-f201a0bfc6ce

Troy Hunt Confirmation Bias - and good read: https://www.troyhunt.com/lets-stop-the-5g-hysteria-understanding-hoaxes-and-disinformation-campaigns/

Additional information about the Microsoft Exchange Vulnerability:

https://cyber.dhs.gov/ed/21-02/
https://us-cert.cisa.gov/ncas/alerts/aa21-062a

FortiOS Vulnerability: https://us-cert.cisa.gov/ncas/current-activity/2021/04/02/fbi-cisa-joint-advisory-exploitation-fortinet-fortios

CISA Cybersecurity Directives and Implementation Guidance Site: us-cert.cisa.govus-cert.cisa.gov

The Gate 15 Interview EP 10. James Whalen, Technology and Cybersecurity Leadership Mar 23, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with James Whalen, SVP, Chief Information & Technology Officer, Boston Properties. In this podcast we address:

Jim’s background
Changes in facilities; changes in security
Threats facing facilities and broader implications
Security and collaboration
And more!

James Whalen: James Whalen serves as Senior Vice President, Chief Information & Technology Officer for Boston Properties where he is responsible for the direction and implementation of technology services and solutions. Prior to joining the Company in March 1998, he served as Vice President, Information Systems of Beacon Properties. He is a graduate of the University of Notre Dame and a recipient of the New York City Urban Fellowship. Mr. Whalen is a current trustee and past President of the Boston Chapter of the Society for Information Management (SIM) and serves on the Real Estate Cyber Consortium, Realcomm Advisory Council, Commercial Facilities Cyber Working Group, TechHire Boston and Boston Private Industry Council. LinkedIn.

A few references mentioned in or relevant to our discussion include:

· The Real Estate Information Sharing and Analysis Center (RE-ISAC). “The Real Estate Information Sharing and Analysis Center (RE-ISAC), a not-for-profit information sharing entity organized by The Real Estate Roundtable in February 2003, is a public-private partnership between the US commercial facilities sector and federal homeland security officials which serves as the primary conduit of terrorism, cyber and natural hazard warning and response information between the government and the commercial facilities sector.”

· InfraGardNCR: Commercial Facilities Cyber Working Group (CCWG)

· FBI IC3 Cyber Crime Report: FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report & PDF: 2020 Internet Crime Report, 17 Mar 21

· Palo Alto Networks: Highlights from the 2021 Unit 42 Ransomware Threat Report & Ransomware Threat Assessments: A Companion to the 2021 Unit 42 Ransomware Threat Report, 17 Mar 21

· Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%, 04 Mar 21

· Realcomm Advisory Council

Nerd Out Security Panel Discussion: EP 11. Reopenings, Protests, and the future of Conspiracy Mar 16, 2021

In the latest episode of Nerd Out, Dave and his merry band of nerdies, Bridget, Travis, and Joe, look at the latest news around the reopening and what organizations need to be on guard for as crowd sizes and capacity limits will test the ongoing health pandemic. Then the group looks at the way threat actors may respond. Will it be a target of opportunity or will new security measures be disruptive enough. Next, the panel looked at recent protests, and the potential for future protests (did people really forget about May Day!) and what ways they may change in a reopened world. Finally, what is the future of conspiracy theories and the movements that were charged over the past several years? The group then lightened it up a bit and went through some lightning round questions and discovered that the Snyder Cut really isn't a thing because no one particularly cared for it in the first place to even know it was a thing.

Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: david@gate15.global

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Travis Moran is the Assistant Deputy Director, Critical Infrastructure Protection & Physical Security. Twitter: @dronin_on; email: tmoran@securecommunitynetwork.org

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

The Cybersecurity Evangelist: EP 8 – The ISAC Series, Part 4 - Faith-Based ISAO Mar 10, 2021

TCE welcomes Faith-Based ISAO Executive Director, Mayya Saab on this episode. And no, this isn't the "FBI" ISAO... ;-) Listen in to find out what Mayya loves most about her role and her heart's desire in helping the entire community of faith be secure and resilient.

Check out FB-ISAO at https://faithbased-isao.org/

The Risk Roundtable: EP 17. Oldsmar, Conspiracy Theories, and Arnold Shirts Mar 02, 2021

In the latest episode of the Risk Roundtable, Andy, Jen, and Dave look at some recent events (Oldsmar) while looking ahead to upcoming events that may present risks (Qanon, the George Floyd murder trial, and upcoming religious holidays) but only after talking about Andy's taste in shirts. Then in the risk roulette, which Dave forgot again to find music for (or did he), Dave wonders about weather preparedness is overhyped while Jen circles back to lessons learned from Solar Winds and the concept of "zero trust" - not in Andy and Dave but in terms of cybersecurity. The gang wraps up talking about some of their struggles and what they are watching. But that's not all - after the credits Dave may have redeemed himself with a new theme for the risk roulette.

Some of the links from today's episode:

YouTube: Treatment Plant Intrusion Press Conference, 08 Feb.
WaterISAC: 15 Cybersecurity Fundamentals for Water and Wastewater Utilities
Gate 15: Blended Threats: Did Florida’s Cyber Attack Whet Your Appetite for Better Preparedness and Security?
NSA: NSA Issues Guidance on Zero Trust Security Model
Forrester: Zero Trust Is Not A Security Solution; It’s A Strategy
The Hacker News: SolarWinds Blame Intern for Weak Password That Led to Biggest Attack in 2020
Vice: QAnon Isn’t So Sure Trump Will Magically Become President Again on March 4
Ready.gov: Plan Ahead for Disasters

The Gate 15 Interview EP 9. Mark Herrera on Venues, Safety, and Security in 2021 Feb 22, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Mark Herrera, Director of Education for the International Association of Venue Managers (IAVM; @IAVMWHQ). In this podcast we discuss a range of issues from the pandemic’s impact to venues, to security and preparedness with broad applicability to all organizations - from venues to places of worship, and across events and facilities of all types. We discuss a wide range of issues from the impacts of COVID on venues and events, and what lies ahead in 2021, ideas on enhancing security through conflict management and professionalism, and lot more. Mark talks about the importance of “programming the mind through mental preparation” noting that, “the body will go where the mind has been, if the mind hasn’t been there the body will not follow.” Mark is always full of great quotes. Some are shared below; listen to the conversation for more great insight and Herrera-isms! In the discussion we address: Mark’s backstory IAVM The pandemic’s impact to venues Where the venue community is going in 2021 Resetting security and the physical threat environment Organizational and personal security best practices And more! Mark Herrera: Herrera is the Director of Education & Life Safety for the International Association of Venue Managers and recognized as one of the 25 most influential leaders in the meetings and event industry. As part of his duties, Mark teaches Situational Awareness-Mindset training aimed at giving venues the tools to be safer and more secure. The training emphasizes on Exceptional Focus, Performance, and Control in Extreme Situations and Risk Mitigation through Guest Services Interjection. In addition, as the Director of Education for IAVM, Herrera represents the Department of Homeland Security Office of Infrastructure Protection through the Public Assembly Facility Sub-Sector Council. For Mark’s complete bio, see below. Twitter: @IAVM_Herrera; LinkedIn; Instagram; Facebook. · IAVM on Twitter; LinkedIn; Instagram; Facebook. And learn about: · IAVM’s Academy for Venue Safety and Security · IAVM’s VenueConnect 2021, at the Georgia World Congress Center in Atlanta, 02-05 Aug 2021

Nerd Out Security Panel Discussion: EP 10. Singapore, Norway, Minnesota - what does it mean? Feb 16, 2021

In the latest episode of Nerd Out, it was a five star day for Dave. First, you can hear him open up with his "Warrrrshington" versus President's Day poll (did you see what I did there), followed by the group getting into a discussion about behaviors and indicators of hostile events related to recent arrests and incidents in Singapore, Norway, and Minnesota, and the role that mental health plays a role into it. The team then looks at reporting such instances, before getting into the Florida Water breach and the ramifications as it highlights the various ways blended threats can have an impact to organizations. Unfortunately a real-time weather event prevented the group from getting into their lightning round (no pun intended considering the weather event), but not before Bridget was able to share her true feelings for a certain seven time Super Bowl winning quarterback. Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Travis Moran is the Assistant Deputy Director, Critical Infrastructure Protection & Physical Security. Twitter: @dronin_on; email: tmoran@securecommunitynetwork.org Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Cybersecurity Evangelist: EP 7 - The ISAC Series, Part 3 - Real Estate ISAC Feb 10, 2021

Dave "Quarter" Pounder, host of the famed NerdOut! Security Panel Discussion joins me on this episode of The Cybersecurity Evangelist. Dave and I talk about the Real Estate ISAC. And no, it's not just for real estate companies - although I may have dropped a hint in the opening commentary about TCE being a great sponsorship opportunity for Berkshire Hathaway/Warren Buffet... ;-) Wouldn't that be nice!

Dave and I had fun talking about how RE-ISAC shares information about potential physical and cybersecurity threats and vulnerabilities to help protect commercial facilities and the people who use them.

Visit https://www.reisac.org/ to learn more!

The Risk Roundtable: EP 16. Singapore, Emotet, and the Roulette. Feb 02, 2021

After opening up about their love of Groundhog day, the holiday and movie, the Risk Roundtable gang gets into the meat of their security discussions around the latest arrest in Singapore (Hostile Events), upcoming significant events to factor into consideration, and the global takedown of Emotet (the malware, not a weird allusion to the Egyptian god). Then in the Risk Roulette, which Dave still does not have good music for, the group discussions if there is anything to consider when looking at the Robin Hood / Wall Street Bets activity last week and the Capitol Hill riot, as well as the lingering effects of Solar Winds. The gang wraps it all up with some personal preferences before Andy tries to convince himself the Lions are still a football team. Some of the links referenced in the show include: EMOTET: https://www.justice.gov/opa/pr/emotet-botnet-disrupted-international-cyber-operation https://www.eurojust.europa.eu/worlds-most-dangerous-malware-emotet-disrupted-through-global-action https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/emotet-botnet-takedown-what-you-need-to-know/ https://www.bleepingcomputer.com/news/security/fonix-ransomware-shuts-down-and-releases-master-decryption-key/ “Why Joe Biden Can’t Bring His Peloton to the White House” – Popular Mechanics (https://www.popularmechanics.com/technology/security/a35190713/joe-biden-peloton-white-house-security-risk/) Is Joe Biden’s Peloton a cybersecurity risk? Don’t sweat about it - Graham Cluley (https://grahamcluley.com/is-joe-bidens-peloton-a-cybersecurity-risk-dont-sweat-about-it/)

Nerd Out Security Panel Discussion: EP 9. Moving forward from Inauguration. Jan 27, 2021

In the latest Nerd Out podcast, Bridget, Joe and Travis join Dave to discuss the continued fallout from the 06 January events at Capitol Hill and what it means post-Inauguration. Here's a hint, we still need to be prepared for domestic terror groups and how they may spin events for their benefit. The group then looks at what 06 January means from a security perspective moving forward and what lessons can be learned. Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Travis Moran is the Assistant Deputy Director, Critical Infrastructure Protection & Physical Security. Twitter: @dronin_on; email: tmoran@securecommunitynetwork.org Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Gate 15 Interview EP 8. A discussion with Advanced Intelligence Chairman and CEO Vitali Kremez Jan 25, 2021

In this episode of The Gate 15 Interview, Andy Jabbour talks with Vitali Kremez, the Chairman & CEO at Advanced Intelligence. In this podcast we discuss a lot of areas – from Vitali’s fascinating background, guitar playing, and journey to the United States, security issues, emerging and enduring threats and best practices, the evolving challenge of blended threats and convergence, and much, much more. A few relevant links to our podcast include: Advanced Intelligence Advanced Intelligence, Twitter: @IntelAdvanced VK Intel: Digital Forensics & Incident Response Twitter: @vk_dfir Bellingcat: Global Investigative Journalism Network The Citizen Lab AdvIntel & HYAS: Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders, 06 Jan 21. AdvIntel & Eclypsium: Persist, Brick, Profit -TrickBot Offers New “TrickBoot” UEFI-Focused Functionality, 09 Dec 20. AdvIntel: Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike, 06 Nov 20. DHS CISA Reduce the Risk of Ransomware, 21 Jan: “The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.” Read more. Convergence: The Cybersecurity and Infrastructure Security Convergence Action Guide describes the complex threat environment created by increasingly interconnected cyber-physical systems, and the impacts that this interconnectivity has on an organization’s cybersecurity and physical security functions. It also provides information that organizations can consider to adopt a holistic cyber-physical security approach through a flexible framework. Read more. PDF. And if you want to find out more about blended threats and convergence, check out some of our recent blog posts, including: Blended Threat Implications from Bombings like Nashville The Pandemic’s Blended Threats Impact to Healthcare Blended Threats: When Ransomware Kills… Blended Threats: That Time When Ransomware Shut Down Border Security… Blended Threats: Holding Buildings Hostage

The Cybersecurity Evangelist: EP6 - The ISAC Series, Part 2 Jan 12, 2021

This month, The Cybersecurity Evangelist talks with WaterISAC's Director of Preparedness and Response, Chuck Egli. The conversation ran a little longer than I like to aim for, but it's understandable given that Chuck and I work closely together in support of WaterISAC. Plus, with WaterISAC being one of the oldest ISACs, I'm quite certain they've earned the extra spotlight!

After a much longer than normal opening comment (I sense a trend here) running down a list of many of the ISACs - (most of) which you can find on The National Council of ISAC's webpage at https://www.nationalisacs.org/member-isacs - Chuck and I talk about all the ways WaterISAC supports the security and resilience of the water and wastewater sector with an all-hazards approach (not just cyber).

Chuck's parting thoughts: Look into your ISAC community or ISAO…there is one for you!! While many have membership models, so many of them offer information and assistance for the benefit of all toward the greater global good.

For more information about WaterISAC, check out its webpage at https://www.waterisac.org/

The Risk Roundtable: EP 15. Nashville, Solar Winds and more! Jan 04, 2021

The Risk Roundtable gang kicks off 2021 with two events that ended 2020 - the Christmas Day bombing in Nashville and the Solar Winds cyber event. Andy, Jen and Dave go through the incidents and look at the responses in each instance as well as what may come of it moving forward in 2021 though maybe no lizard people (Shoutout to "V"!). Then in the Roundtable Roulette, Dave brings up how to deal with dis/misinformation while Jen reminds everyone that new year doesn't mean that we can forget about our stable of cyber threats, most notably Ransomware which continued to evolve throughout the year. Finally, with it being a new year, the gang looked at personal and professional goals such as Dave's desire to read more, Jen completing her "she-shed" and Andy's desire to be more like Dave. Andy's reference to Russian Hacking: https://www.nytimes.com/2021/01/02/us/politics/russian-hacking-government.html

The Gate 15 Interview EP 7. A look at 2020, security, and the media with Runa Sandvik and Brad Barkett Dec 28, 2020

In this episode of The Gate 15 Interview, Andy Jabbour enjoys a really fun talk with Runa Sandvik and Brad Barkett, two security veterans both with considerable experience working to secure media at some of America’s most well-known papers. In this podcast we discuss: 2020 and the cyber threat environment The threats facing media today The role of media in security What we might anticipate in the new year Among other topics! Runa and Brad share some candid perspective, and a few fun tidbits about themselves in this year-end discussion on the cyber threat environment, security issues, and the media. Please enjoy this episode of The Gate 15 Interview on Anchor, Apple, Spotify, as well as other locations. Runa Sandvik: Runa is a senior security researcher with years of experience in security and information sharing. Today, Runa works on digital security for journalists and other high-risk people. Her work builds upon experience from her time at The New York Times, Freedom of the Press Foundation, and The Tor Project. She is a board member of the Norwegian Online News Association, and tweets as @runasand. Brad Barkett: Brad a 20 year security veteran, and has been working as a security architect for the Washington Post since 2015, with a background in telecoms, MSS, IDS, DDOS, firewalls, proxies. Currently , Brad has a preference for social topics like cyber anti-personnel, disinfo, OSINT, threat intel, social psychology, and social engineering. Long standing hobby interests include synthesis and electronic music, and more recently, being a relatively middling 40+ amateur folkstyle wrestler and nogi jiu-jitsu player. Brad has two brothers, Mike and JJ, who are also security professionals. A few references mentioned in our discussion include: · Ford Foundation Cybersecurity Assessment Tool. · Freedom of the Press Foundation · A new report from the Freedom of the Press Foundation: A record breaking number of journalists arrested in the U.S. this year · Updating how we think about security, INFILTRATE 2018, by Matt Tait

Nerd Out! Security Panel Discussion: EP 8. Looking back to look forward and holiday goodies! Dec 22, 2020

In this year end Nerd Out Security Panel Discussion podcast, the gang takes a look at the events of 2020 and the impacts they had on individuals and organizations and attempted to pull out lessons to be learned as we get ready to kick off 2021. But before digging into the topics, Bridget shared some personal news related to the impacts of COVID. The group then built upon Bridget's moving account and discussed that while COVID obviously dominated the news, there were other security issues that caused disruptions and may have gone overlooked - or maybe not. The discussion then took a detour and went into some lighter, jovial discussions around food choices around the perfect holiday meal, the team passes out some security resolutions and reminders to focus on in the hope of starting 2021 on a better foot. Thanks to all the listeners and followers - 2020 gave us the opportunity to kick off this podcast channel and we look to keep security at the forefront of these discussions in 2021 and beyond! Happy holidays! Bridget's article can be found here: https://www.hstoday.us/subject-matter-areas/emergency-preparedness/my-mom-died-of-covid-19-and-disinformation-was-the-virus-accomplice/ Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Travis Moran is the Assistant Deputy Director, Critical Infrastructure Protection & Physical Security. Twitter: @dronin_on; email: tmoran@securecommunitynetwork.org Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Risk Roundtable: EP 14. What security incident won the year? Dec 08, 2020

Wrapping up a wild 2020, the Risk Roundtable crew looks at the security event or incident that took home the prize of most impactful. And no, COVID was not allowed! Was it "truth decay", domestic terrorism, ransomware, or any number of other incidents? The only thing that could be determined was that Dave was not getting any points for his submission. Then the gang played a little Roundtable Roulette and shared some of the areas that they would be looking at moving forward while also recognizing the courage of their teammate Bridget Johnson, who recently wrote about the passing of her mother from COVID (https://www.hstoday.us/subject-matter-areas/emergency-preparedness/my-mom-died-of-covid-19-and-disinformation-was-the-virus-accomplice/). Also discussed were security situations around the vaccine dissemination and holiday shopping scams....fa-la-la-la-oh no! References brought up in the show: Coveware: Ransomware Recovery First Responders. Q3 Ransomware Demands rise: Maze Sunsets & Ryuk Returns My Mom Died of COVID-19, and Disinformation Was the Virus’ Accomplice, December 3, 2020 Bridget Johnson // https://www.hstoday.us/subject-matter-areas/emergency-preparedness/my-mom-died-of-covid-19-and-disinformation-was-the-virus-accomplice/ use a quote. COVID vaccines… WSJ Your Boss Can Restrict Your Holiday Plans in the Pandemic, https://www.wsj.com/articles/your-boss-can-restrict-your-holiday-plans-in-the-pandemic-11607301504 06 dec. Shopping scams… Jen’s fa-la-la post… Security Awareness – ’Tis the Season to be Scammy, Fa-la-la-la-la… 20 November 2020, https://faithbased-isao.org/security-awareness-tis-the-season-to-be-scammy-fa-la-la-la-la Rand: https://www.rand.org/pubs/research_reports/RR2314.html Gate 15 SUN: https://paper.li/gate15#/ - cold calls Thank you all for listening this year and we are excited to continue bringing up security matters and how they may impact organizations in 2021! We hope you all have a happy holidays and enjoy the time however you choose to celebrate. Stay safe!

The Gate 15 Interview EP 6. From Blended Threats to Pandemic Lessons Learned with REN-ISAC’s Kim Milford Nov 23, 2020

In this episode of The Gate 15 Interview, Andy Jabbour talks with Kim Milford, the Executive Director of the Research and Education Network Information Sharing and Analysis Center (REN-ISAC) which is focused on aiding and promoting operational protection and response within the research and higher education (R&E) communities. In this podcast we discuss: • REN-ISAC, higher education and critical infrastructure • The higher education threat landscape • REN-ISAC Blended Threat Workshops • Higher ed security coordination • COVID-19 lessons learned • Emerging concerns for higher ed and critical infrastructure • And more! Kim Milford serves as Executive Director of the REN-ISAC, working with research and education institutions, partners, and sponsors to provide services and information that allow member institutions to better defend technical environments from cyberthreats. Ms. Milford oversees administration and operations for the REN-ISAC. Ms. Milford served in several roles leading strategic IT initiatives since 2007 at Indiana University. Read more. Twitter REN-ISAC: “The Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) serves over 650 member institutions within the higher education and research community by promoting cybersecurity operational protections and response. REN-ISAC member institutions benefit from Security Event System (SES) threat intelligence and other automated data collection and sharing tools to enable informed decisions about threats and events, as well as peer assessment services to improve the institution’s overall security posture.” Read more. Twitter. Find out more about REN-ISAC, and access some of the items mentioned in our discussion below: REN-ISAC REN-ISAC: Higher Education Enterprise Risk Management Leadership, 06 March 2018 Security Spotlight: An Interview with REN-ISAC Executive Director, Kim Milford, 11 Jun 2018 REN-ISAC Workshops 2019 REN-ISAC Blended Threats Workshops: Read 2019 Report & Read 2019 Report Brief 2018 REN-ISAC Blended Threats Workshops: 2018 Final Findings Report & 2018 Final Findings Report Brief BT workshop pages, reports. Gate 15: Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 April 2020 Gate 15: Pandemic Preparedness: Start Your After-Action Report & Improvement Planning (NOW) 26 May 2020

Nerd Out! Security Panel Discussion: EP 7. Protests, Terrorism, Holidays and love for Chris Krebs! Nov 17, 2020

In the latest episode of the Nerd Out Security Panel Discussion podcast the gang reviews the election and what didn't happen and how lessons can be learned from that as well as looking at the current state of protests and how faith-based organizations have been on the front lines of support as well as taking up action. Then the panel looks at the current terrorism threat and how that could impact the upcoming holiday season for stores as well as faith-based organizations. In the lightning round, the panel shares pays tribute to the OG Chris Krebs for his handling of the election and dis/misinformation, as well as tackle other topics. Security expert Rob Yandow joins host Dave Pounder, Bridget Johnson and Joe Levy this month!

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Rob Yandow is a security expert who is a former police officer and who works with the Faith-Based Information Sharing and Analysis Organization (FB-ISAO) and serves as the Co-Chair of their Business Resilience Group - website: https://faithbased-isao.org. Twitter: @RobYandow

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Cybersecurity Evangelist: EP 5 – The ISAC Edition, Part 1 (for Infrastructure Security Month) Nov 10, 2020

For this November episode of TCE I’ve decided to take on ~~National Critical Infrastructure Security and Resilience Month~~, ~~Critical Infrastructure Security and Resilience Month, Critical Infrastructure Month~~, Infrastructure Security Month, whew! Actually, I’ve been almost as overwhelmed with responses from people wanting to be a part of this edition as I am with the litany of names given to this critical observance. That said, this edition/theme is likely to be in three or four parts so we can evangelize as many ISAC’s (and ISAO’s) as we can!

During this episode we get the ISAC party started with discussions from DNG-ISAC and MM-ISAC!

Links to resources and organizations mentioned in this episode:

Infrastructure Security Month https://www.cisa.gov/ismonth

Critical Infrastructure Sectors https://www.cisa.gov/critical-infrastructure-sectors

National Council of ISACs, list of member ISACs https://www.nationalisacs.org/member-isacs

Downstream Natural Gas ISAC https://www.dngisac.com/

The Social Dilemma film https://www.thesocialdilemma.com/

Mining & Metals ISAC http://www.mmisac.org/

Perch Security https://perchsecurity.com/

The Risk Roundtable: EP 13. Finally, Critical Infrastructure has come back to RR! Nov 03, 2020

At long last, and after countless suggestions, the team channels their inner "Rock" and brings Critical Infrastructure back to the Risk Roundtable. After discussing Critical Infrastructure Security and Resilience Month and some of the key threats facing critical infrastructures. Andy then guides the team through some quick hits including Jorhena's appreciation for November also serving as Gratitude Month, or Dave Pounder Appreciation Month, Dave encouraging us to consider Security Mindfulness and Jen making sure we didn't forget any of the many threats facing Critical Infrastructure. And even though this was generally an "election free" podcast, be sure to catch Jorhena as she talked about election misinformation issues on Good Morning DC - link to follow. Plus someone is a little sensitive about Spookley the Square Pumpkin.

Critical Infrastructure and Resilience Month: https://www.whitehouse.gov/presidential-actions/proclamation-critical-infrastructure-security-resilience-month-2020/

CISA Critical Infrastructure Security Reslience Guide: https://www.cisa.gov/sites/default/files/publications/Guide-Critical-Infrastructure-Security-Resilience-110819-508v2.pdf

Media in Disasters and Emergencies: Social Media Working Group for Emergency Services and Disaster Management: https://www.dhs.gov/sites/default/files/publications/SMWG_Countering-False-Info-Social-Media-Disasters-Emergencies_Mar2018-508.pdf

Andy's Election Blog - Elections Perspective: On November 4th, let us stand together as Americans: https://gate15.global/elections-perspective-on-november-4th-let-us-stand-together-as-americans/

The Gate 15 Interview EP 5: Elections Security 2020, with the FBI and the Elections Infrastructure ISAC Oct 26, 2020

In this episode of The Gate 15 Interview, Andy Jabbour talks with Ben Spear, Director of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) and Al Murray, currently serving as the Assistant Special Agent in Charge over Cyber Investigations at FBI’s Washington Field Office (WFO). In our discussion we address: Recent election history and security issues; Threats to the upcoming 2020 election; What to expect on election day (and after); Words of wisdom for citizens and elections officials. Please enjoy this episode of The Gate 15 Interview on Anchor, Apple, Spotify, as well as other locations.

Nerd Out! Security Panel Discussion EP 6. Extremist Threats at Home and Abroad. Oct 20, 2020

The Nerd Out Security Panel tackles the latest terrorist incidents in France as well as the disrupted plot in Michigan. There are a lot of valuable lessons learned from these incidents, as well as the recent revelations from the 2017 Manchester concert bombing. The group then goes rapid fire through some security topics to include concerns through the end of the year, security issues we may not be talking about, Edward Snowden, Magnum PI, Spencer for Hire and more. Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Travis Moran is the Vice President of Operations at Welund North America. Twitter: @dronin_on; email: travis.moran@welund.com Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Cybersecurity Evangelist: EP4 – “Am I doing enough?” Part 2 Oct 14, 2020

Shay Trembley, Information Security Manager of South Blount Utility District, and I finish up the remaining 4 "P's of Basic Cybersecurity" - a timely topic in recognition of National Cybersecurity Awareness Month (NCSAM). We address passwords, privacy, patching, and protection, and include several of our personal favorite resources for cybersecurity awareness for everyone. Shay's final tip: she encourages everyone to speak up and share information. The more everyone shares information about the cyber threats and risks, or even suspected threats and risks, the better we will all be informed and #BeCyberSmart.

In recognition of NCSAM, we individually listed a ton of resources to help businesses and individuals to #BeCyberSmart:

https://staysafeonline.org/, including National Cybersecurity Awareness Month and other NCSA resources

https://www.sba.gov/

https://www.cisa.gov/

https://www.cisa.gov/information-sharing-and-awareness(for more on Information Sharing and Analysis Centers)

https://krebsonsecurity.com/

https://paper.li/gate15#/

https://www.sans.org/security-awareness-training/ouch-newsletter

https://cybercrimesupport.org/

https://fraudsupport.org/

https://cyberreadinessinstitute.org/

https://www.idtheftcenter.org/

https://haveibeenpwned.com/

https://www.ic3.gov/

https://stopthinkconnect.org/

The Risk Roundtable: EP 12. Bring Your Own Topic. Oct 06, 2020

Andy, Jen, Jorhena and Dave go through a plethora of security topics as they introduce the "Opening Shot", before digging deep into some trends they have noted across industries to include the ever present cyber threats (hello ransomware), and social media threats, as well as touching on the upcoming elections. Then the team gets personal and talks about some of the things that have kept them busy over the past couple of months to include Jorhena's upcoming publication! Some references that were dropped during the pod:

National Cybersecurity Awareness Month (NCSAM): https://www.cisa.gov/national-cyber-security-awareness-month

https://staysafeonline.org/cybersecurity-awareness-month/

https://staysafeonline.org/cybersecurity-awareness-month/champions/view-all/

https://www.cisa.gov/national-cyber-security-awareness-month

https://www.shodan.io/

Black Hills Information Security: Backdoors and Breaches Incident Response Game: https://www.blackhillsinfosec.com/projects/backdoorsandbreaches/

FBI Social Media Threat Movie - The Nevernight Connection: https://www.fbi.gov/investigate/counterintelligence/the-china-threat/clearance-holders-targeted-on-social-media-nevernight-connection

The Gate 15 Interview: EP4. A look at Ransomware. Sep 28, 2020

In this episode of The Gate 15 Interview, Andy Jabbour talks with Jeremy Kennelly, a manager and principal analyst on FireEye’s Mandiant Intelligence team focused on the analysis of financially-motivated cyber threat activity. In the discussion we address: • The history of ransomware; • Ransomware’s evolution from WannaCry to present; • The current threat environment and best practices; • Where ransomware could be going into the future and the idea of blended threats.

Nerd Out! Security Panel Discussion: EP 5. Discussing Venues Sep 22, 2020

On this month's Nerd Out! Security Panel Discussion, Dave Pounder hosts Joe Levy, Bridget Johnson and Travis Moran to talk about venue security and what it means in the coming months with the upcoming election and various outdoor events. The group also talks about drones, wildfires, and touches on National Insider Threat Awareness Month (https://www.cdse.edu/itawareness/index.html#0). Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Travis Moran is the Vice President of Operations at Welund North America. Twitter: @dronin_on Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Cybersecurity Evangelist: EP3 - "Am I Doing Enough?" Part 1 Sep 18, 2020

I am joined by Shay Trembley on the third episode of The Cybersecurity Evangelist (TCE). Shay and I discuss practical tips to the question “Am I doing enough?” We begin our chat with a very real-world incident that nearly cost a small-town water utility $3.2M in fraudulent wire transfers. Then we make a quick nod to two very “human-oriented” awareness initiatives before wading in to what I am calling on this episode, “the 5 P’s of basic cybersecurity” to help make sure you ARE doing enough!

Resources discussed on this episode:

KnowBe4

Mac Help for Mom (the content has not been updated in awhile, but is still useful for “mom” ;-) )

National Insider Threat Awareness Month

National Cyber Security Awareness Month

Sun Tzu’s The Art of War

- For more discussion on The Art of War and cybersecurity, you might enjoy this post, Sun Tzu’s ‘The Art of War’ for Cybersecurity

The Risk Roundtable: EP 11. Protests and Security Awareness Months Sep 01, 2020

In the latest episode of the Risk Roundtable, Andy leads Jen, Jorhena and Dave through a myriad of topics including the latest protest activity and what it means for organizations, as well as doing their part in promoting the latest Insider Threat Awareness Month, National Preparedness Month and the upcoming Cybersecurity Awareness Month. Protest activities can take on a life of their own and create challenges for organizations and their respective security teams. The team digs into how awareness and understanding can help them address these challenges that don't fit into the one-size-fits-all model of past protests. Resources: Insider Threat Awareness Month Scenario Cards: https://www.cdse.edu/documents/toolkits-insider/it-scenario-cards.pdf Insider Threat Awareness Month: https://www.cdse.edu/itawareness/index.html National Preparedness Month: https://www.ready.gov/september Cybersecurity Awareness Month: https://staysafeonline.org/cybersecurity-awareness-month/ What’s Your Plan? James DeMeo: https://jamesademeo.com Tesla Insider Threat Department Of Justice Announcement: https://www.justice.gov/opa/pr/russian-national-arrested-conspiracy-introduce-malware-nevada-companys-computer-network Cisco Insider Threat Incident: https://www.bankinfosecurity.com/ex-cisco-engineer-pleads-guilty-in-insider-threat-case-a-14917

The Gate 15 Interview: EP 3. Disinformation, Misinformation… Too Much Information!?! Aug 24, 2020

In this episode of The Gate 15 Interview, Andy Jabbour talks with Michael Klein, a K-12 IT Director and a leader for CTI League’s Disinformation Team, and Lee Foster, Senior Manager, Information Operations Analysis, with FireEye Intelligence. The group discusses: What we mean by the terms “misinformation” and “disinformation;” Information operations with regard to the COVID-19 pandemic; Geopolitical and domestic political interests and issue manipulation; Election disinformation, past, present and future; Ideas on deepfakes and the use of Synthetic Media; And Andy manages to work in another musical reference.

Nerd Out! Security Panel Discussion: EP 4. Aug 18, 2020

Join Dave, Bridget Johnson, Travis Moran, and Jon Crosson as they talk about the latest security matters. Following up on the last episode, the panel discussed the cancellations of NCAA conference fall sports seasons including the increasingly popular College Football schedule. That was a smooth transition into the innovative ways networks have covered sports and if there was any type of innovation to the security sector. Could organizations replicate security "fans" or "crowd noise" - is that even a thing? And then we looked at the challenges within the healthcare sector and talked about how mental health and a future vaccine could impact security or fuel conspiracy theories. Jon Crosson works at the Health-Information Sharing and Analysis Center (H-ISAC). Their website (h-isac.org) includes a paper on information sharing best practices. Travis Moran is the Vice President of Operations at Welund North America. Twitter: @dronin_on Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ

The Cybersecurity Evangelist - Demystifying Cybersecurity Myths - Part 2 Aug 11, 2020

This month we are airing part two of the inaugural episode of The Cybersecurity Evangelist where Travis Farral and I finish demystifying cybersecurity myth #2 and #1.

Listen to find out where the term “hacking” came from, and more about different types of “hackers”…including the good ones. Travis and I also give a quick nod to our inner geek. We wrap up the discussion with how we are ALL targets of opportunity - even if we don’t have an online presence - and why it is important to overcome the “it won’t happen to me mindset.” Finally, Travis leaves us with his final thought: spend a few minutes trying to educate yourself on ways you can protect your family.

The Risk Roundtable: EP 10 - Geopolitics, Partnerships and Information Sharing Aug 04, 2020

On the latest Risk Roundtable, the Gate 15 team discusses geopolitics and the impacts they have had on businesses around the world. Listen to Andy, Jorhena, Jen and Dave then get into partnerships and the need to rely on trusted relationships and information sharing. But they couldn't escape COVID and they weighted in on the impact it has had on sports leagues while hearing Andy's hope for his favorite football team.

The Gate 15 Interview: EP 2 Jul 27, 2020

In the newest episode of The Gate 15 Interview, Andy Jabbour talks with Errol Weiss, Chief Security Officer with the Health Information Sharing & Analysis Center (Health-ISAC). In their discussion Errol and Andy discuss the evolving cyber threat landscape - from those aimed at the healthcare community, the development of blended threats, ransomware, some of the cybersecurity challenges relating to COVID-19, and more. They also talk about the the benefits and challenges of information sharing and collaboration, and what it takes to make it successful.

Nerd Out! Security Panel Discussion: EP 3 Jul 22, 2020

In the latest episode, Dave is joined by Bridget Johnson, Travis Moran and Chuck Eglic to talk over the latest security matters. Teeing up with sports in the world of COVID, the group then "nerds out" about drones of the suicide variety, extremism and disinformation. Some references mentioned in the pod: Bridget's article on conspiracy theories: https://www.hstoday.us/subject-matter-areas/counterterrorism/conspiracy-theory-extremism-when-viral-claims-turn-dangerous/ START Report: https://mailchi.mp/start/new-radicalization-data-358122?e=b787119265 Drones: https://www.thedrive.com/the-war-zone/34414/we-talk-killer-drones-and-the-future-of-unmanned-warfare-with-aerovironments-steve-gitlin

The Cybersecurity Evangelist: EP 1 - Demystifying Cybersecurity Myths Jul 21, 2020

Welcome to the inaugural episode of The Cybersecurity Evangelist - a cybersecurity podcast for everyone. On the last Gate 15 Risk Roundtable (Ep 9), I eluded to following up on the topic of ransomware for this first episode. But after some deliberation, I thought a better place to start a new podcast on cybersecurity and how it is relevant to everyone, was to myth bust some commonly held beliefs. This episode is part 1 of 2, where I phish for answers by demystifying some myths with help from Travis Farral, including how cybersecurity is more than just a technology/computer problem, how increasing your cyber hygiene and security posture does not have to cost a lot of money, and how easy it is to buy a kit or an application if you are looking to launch your miscreant career! Some great resources mentioned in today's episode to help you understand more about the cyber threats that we all face everyday and to help you increase your cyber hygiene include:

Verizon's Data Breach Investigation Report (DBIR)

Center for Internet Security (CIS) Critical Security Controls

The Risk Roundtable: EP 9 Jul 07, 2020

The people have spoken! The Gate 15 Pod has now become the Risk Roundtable. In this episode the gang is back at it again. Andy, Jorhena, Jen and Dave talk about extremism going mainstream, the continuously evolving threat of ransomware (double extortion, cartels, and encryption), as well as issues with reopenings around the world and the possible security implications. So much to get into that you may miss Jen pushing her new podcast - The Cybersecurity Evangelist (out next week!). Plus Jorhena giving a shout out to a co-worker.

The Gate 15 Interview: EP 1 Jun 25, 2020

In this inaugural Gate 15 interview podcast, Andy Jabbour talks with Jorhena Thomas on her recent post “Intel Community, Our Turn is Coming,” as they discuss informed, inclusive analysis as well as related thoughts on current racial tensions, protests, biases, the threat environment, and how we, as individuals and as a community, can strive towards being our best.

Nerd Out! Security Panel Discussion: EP 2 Jun 09, 2020

Nerd Out is stepping out on its own. Dave Pounder is taking his band of merry men and women to discuss various security topics and show their true “nerd” related to security matters. In this episode Dave is again joined by Andy Jabbour and Travis Moran and they welcome in Tamara Herold to discuss the latest protests, what some of the takeaways are related to impacts on organizations and where protests in general go from here. Our Panelists: Tamara D. Herold, Ph.D., Associate Professor, Graduate Director, University of Nevada, Las Vegas (UNLV) Director, Crowd Management Research Council Department of Criminal Justice Travis Moran, Welund North America Vice President of Operations Email travis.moran@welund.com | Website www.welund.com | twitter: @dronin_on Andy Jabbour, The Gate 15 Company Managing Director / Founder twitter: @gate_15_analyst David Pounder, The Gate 15 Company twitter: @dpounder

The Risk Roundtable: EP 8 Jun 01, 2020

In this episode Andy, Jen and Dave welcome Jorhena Thomas to the pod to discuss protests, disinformation, reopening and what impacts they may mean for organizations. The team also banters about naming the pod as well as share a little “inside baseball” hurricane poll even though Andy doesn’t care much for baseball.

Nerd Out! Security Panel Discussion: EP 1 May 18, 2020

In this new episode we bring the Gate 15 Pod crew together to discuss security concerns around the re-opening of many business around the world on the physical security and cyber security side.

The Gate 15 Pod: EP 7 May 05, 2020

In this episode Andy, Dave and Jen discuss Ramadan, the infodemic, as well as the impacts of the re-opening / re-entry of businesses across around the world. The team then wraps it up with a couple thoughts to hurricanes and National Hurricane Preparedness Week.

The Gate 15 Pod: EP 6. Pandemic Preparedness After Action Reports Webinar Apr 27, 2020

In this episode Gate 15 shares a webinar led by Casey Ateah, Gate 15’s Director of Preparedness, Andy Jabbour, Gate 15 Managing Director and including David Pounder, Gate 15 Director of Threat and Risk Analysis. In this webinar, the Gate 15 team discusses why often, many organizations don’t do a great job of completing a deliberate after-action review process or developing effective after-action reports (AARs) after incidents, from small-scale events to significant threats, such as the current COVID-19 pandemic. The webinar covers topics such as how to get started on an AAR process by identifying the needed resources and getting those resources to conduct the necessary analysis in order to draft an After-Action Report and Improvement Plan. Andy also shares some thoughts on the importance of preparedness and imagination when working towards personal, organizational and national resilience.

The Gate 15 Pod: EP 5 Apr 15, 2020

This will be the first in a new podcast offering from The Gate 15 Company. In this episode we welcome security experts Bridget Johnson and Travis Moran as well as Gate 15 Managing Director Andy Jabbour to talk about terrorism, extremism, drones and surveillance measures in the COVID world. Bridget: Homeland Security Today - Twitter: @bridgetcj. HS Today is hosting a webinar on 23 April on domestic extremist motivations, targets and tactics. Travis: Vice President of Operations, Welund North American, travis.moran@welund.com - Twitter: @dronin_on

The Gate 15 Pod: EP 4 Mar 30, 2020

There is a lot of information out there related to COVID. Aside from initial reactions, the team looks ahead to what’s next and how do we start preparing to handle incidents in a COVID world.

The Gate 15 Pod: EP 3 Mar 05, 2020

So much can change in a month. Last month we touched on COVID-19, and this episode we dig more into questions about preparedness and the resulting cyber scams associated with it. Then we transition to other cyber issues, specifically Business Email Compromise and phishing.

The Gate 15 Pod: EP 2 Feb 03, 2020

Episode 2. Today we talk nCoV. What do you need to know, and should you be concerned. Also talk about how events like nCoV could lead to scams. Finally we hit building security and the latest terrorist / extremist activity.

The Gate 15 Pod: EP 1 Jan 09, 2020

Episode 1. Looking back at the security challenges in 2019 and ahead to what we may expect in 2020. Join Andy Jabbour, Jennifer Lyn Walker and David Pounder.

Our TOPPODCAST Picks

Follow Us

Stay Connected

The Gate 15 Podcast Channel

Related Podcasts

Links

Stay Connected