The Gate 15 Podcast Channel

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Start:·      The Gate 15 Interview EP 58 – Cathy Lanier: Leading NFL Security with Attitude, Effort, Crabs and Beer·      Gate 15: Test, Don't Guess: Exercising Your Response Plan·      WaterISAC's H2OEx: Click Below to Register for a Location Near You! o  Daytona, FL- July 28 o  Los Angeles, CA- Sept 11 o  Arlington, TX- Nov 6·      26th Annual TribalNet Conference & Tradeshow Main Topics: Boulder:·      DOJ: Justice Department Files Federal Charges Against Alleged Perpetrator of Anti-Semitic Terror Attack in Colorado. The Justice Department has filed federal charges against illegal alien Mohammed Sabry Soliman, the alleged perpetrator of yesterday's anti-Semitic terrorist attack in Colorado… Soliman is being charged with a federal hate crime in addition to facing state charges for attempted murder in Colorado. Read the federal complaint HERE·      Updates: Colorado Attack That Injured 12 Was Planned for a Year, Officials Say. The F.B.I. said in a court filing that thesuspect, an Egyptian citizen who had sought asylum in the U.S., brought more than a dozen incendiary devices to a march in support of hostages in Gaza.·      Colorado suspect, now charged with federal hate crime, planned antisemitic attack for a year, FBI says·      12 burned in Boulder attack; suspect charged with federal hate crime:·      Boulder terror attack suspect planned mass shooting but was stopped from buying gun due to immigration status, as he faces 624 years in prison·      What We Know About the Boulder, Colorado Attack·      After Several Attacks, Heightened Anxiety Among American Jews Pride Month: Trans community most targeted in anti-LGBTQ+ incidents, GLAAD data shows. Transgender and gender-nonconforming people were the target of over half of allanti-LGBTQ+ incidents tracked by GLAAD over the last year in a new report… GLAAD counted more than 930 anti-LGBTQ+ incidents from May 2024 through April 2025, 52% of which targeted transgender and gender nonconforming people, across 49 states and Washington, D.C. Insider Threat:o  U.S. Government Employee Arrested for Attempting to Provide ClassifiedInformation to Foreign Government. ·      Intelligence agency employee accused of attempting to leak classified documents out of frustration with Trump.  Ransomware! ·      Gate 15: Test, Don't Guess: Exercising Your Response Plan·      Q1 '25 Travelers' Cyber Threat Report: Record Attack Activity·      Delinea - 2025 State of Ransomware Report - Adapting with agility to a fast-changing threat landscape·      FBI PIN - Silent Ransom Group Targeting Law Firms·      Firm in Baltimore Archdiocese bankruptcy case says stolen data wasdeleted after cyber breach·      Akira Ransomware: When Paying Isn't Enough to Stay Anonymous·      The State of State-Sponsored Hacktivist Attacks Quick Hits·      Ukraine launches massive drone strike on air bases deep inside Russia ·      Crypto Hacks in May 2025 Hit $244M, But $157M Frozen in Swift Recovery Efforts·      FBI FLASH: Infrastructure Used to Manage Domains Related to Cryptocurrency Investment Fraud Scams between October 2023 and April 2025 ·      US DIA 2025 Threat Assessment warns of growing complexity in global threats, national security·      DIA Releases 2025 Worldwide Threat Assessment: Cyber, Cartels, and Global Military Buildup Dominate Outlook·      Get ready for several years of killer heat,top weather forecasters warn·      America's summers keep getting warmer·      North Korea Infiltrates U.S. Remote Jobs—With the Help of Everyday Americans·      Tornado season 2025: active through April, andMay is keeping pace·      Treasury Takes Action Against Major Cyber Scam Facilitator

In the latest episode of Nerd Out, Dave and Alec ran through some of the incidents over the past week to talk about what happened, what impact it has on organizations, and what strategies organizations can take. The events included discussions on:Severe weather to include NOAA's latest hurricane forecast.Sabatoge in France.Geopolitical events hitting the homeland.The second season of Andor.Extreme Weather PreparednessNOAA predicts above-normal 2025 Atlantic hurricane season - https://www.noaa.gov/news-release/noaa-predicts-above-normal-2025-atlantic-hurricane-seasonWeather-related Power Outages Rising - https://www.climatecentral.org/climate-matters/weather-related-power-outages-risingAnti-government group threatens crucial weather radars, NOAA warns - https://www.washingtonpost.com/nation/2025/05/07/anti-government-weather-radar-conspiracy/How to Prepare for a Hurricane - https://www.fema.gov/blog/how-prepare-hurricaneFrance Sabotage AttacksFrance blames sabotage for second Riviera blackout, boosts security - https://www.france24.com/en/europe/20250526-france-sabotage-power-blackout-cannes-nice-rivieraHeightened Political Violence and Nihilistic Violent ExtremismWhy White Supremacists Are Trying to Attack Energy Grids - https://www.nytimes.com/2024/08/08/us/white-supremacist-power-grid-attacks.htmlJewish Museum killings show how hard it is to stop radicalized lone wolf attacks - https://www.nbcnews.com/news/amp/rcna208656The Escalating Attacks on Tesla Facilities - https://www.csis.org/analysis/escalating-attacks-tesla-facilitiesHow Burning Teslas and Killing Billionaires Became a Meme Aesthetic for Political Violence - https://networkcontagion.us/wp-content/uploads/NCRI-Assassination-Culture-Brief.pdf‘Welcome Spring, Burn a Tesla': The Insurrectionary Anarchist Campaign Against Tesla - https://gnet-research.org/2025/05/21/welcome-spring-burn-a-tesla-the-insurrectionary-anarchist-campaign-against-tesla/Nihilistic Violent Extremism: A Valuable Stride Forward in American Counterterrorism - https://www.justsecurity.org/113463/nihilistic-violent-extremism-american-counterterrorism/

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Cathy Lanier, Senior Vice President and Chief of Security at the National Football League. Prior to serving in her current role as Senior Vice President and Chief of Security at the National Football League, Lanier held the position of Chief of Police with the Washington, D.C. Metropolitan Police Department (MPD) from 2007 to 2016. From 1990, Cathy rose through the ranks of the MPD to earn various commendable honors including becoming the first female police chief of the nation's capital, the first commanding officer of Homeland Security and Counter-Terrorism for D.C. Police, one of a small number of female chiefs in the nation at the time, and the longest serving chief on the D.C. force. Now, as the Chief of Security for the National Football League, Lanier safeguards the security of all 32 NFL teams and their venues, liaises and collaborates with federal, state and local law enforcement, and ensures security for League events like the Super Bowl. Learn more about Cathy on LinkedIn.“We can do everything right and bad things can still happen” – Cathy Lanier, Senior Vice President and Chief of Security at the National Football League.In the discussion Cathy and Andy cover:Cathy's Background.The 2013 Washington Navy Yard Shooting and Hostile EventsThe importance of exercises, challenging our assumptions, and after-action reports.Her two biggest lessons learnedThe ever-growing mission of securing the NFLCybersecurity, socio-political divisiveness and radicalizationGetting leadership buy-inPrivate-public partnershipThe Human Factor: Getting immersed and getting intelligenceHaving empathy and understanding the other sideDealing with adversityWe play 3 Questions!Lots more!Selected links:NFL Videos:Cathy Lanier explains her role as the NFL's Chief Security Officer. Cathy Lanier, the NFL's Chief Security Officer, describes her transition from protecting the President of the United Sates as the first female police chief in Washington D.C. to providing the same security for the largest sporting event.NFL 360 | THE CHIEF. NFL senior vice president of security Cathy Lanier faces extraordinary crises and challenges on a daily basis, in one of the most high-profile pressure cooker positions in the sports world.MPD Navy Yard After Action ReportGuard Killed In Holocaust Museum Shooting

In this week's Security Sprint, Dave and Andy talked about the following topics:Warm Opening:• Gate 15 - Blueprints Before Breaches: Planning for Ransomware Resilience. This blog is part of Gate 15's Summer of Security: Ransomware Resilience Series, highlighting the essential considerations for organizational leaders and cybersecurity professionals. Planning for a ransomware attack is a vital component of any organization's cybersecurity strategy. Having a ransomware plan is important because it helps organizations prepare for, respond to, and recover from ransomware attacks effectively.• H2OSecConPalm Springs Bombingo FBI links California fertility clinic bombing to anti-natalist ideologyo Online manifesto threatened clinic attack; FBI probes Palm Springs bomb suspect's motiveo 25-year-old suspect in fertility clinic bombing left behind ‘anti-pro-life' writings, officials sayo What we know about the Palm Springs bombero Palm Springs IVF clinic bomber ID'd as Guy Edward Bartkus, a ‘pro-mortalist' who opposed people being born ‘without their consent'o Palm Springs Bombing Suspect Burned Down Family Home Aged 9, Father Says• Hate Amplified: Online Posts About U.S. Judges Take Increasingly Violent Turn• Michigan Man Arrested and Charged with Attempting to Attack Military Base on Behalf of ISIS• The Delirious, Violent, Impossible True Story of the Zizians• The world's largest incel forum reacts to Netflix's Adolescence with hate and conspiracies• First Responders Toolbox: Large Public Gatherings Attractive Targets for Violent ExtremistsCoinbase & Insider Threat• Protecting Our Customers - Standing Up to Extortionists • Coinbase Global, Inc. & 8-K filed on 2025-05-15• Coinbase flips $20M extortion demand into bounty for info on attackers; The largest cryptocurrency exchange in the U.S. said cybercriminals bribed insiders to steal data on customers, some of whom were duped into handing over crypto assets.• Coinbase says customers' personal information stolen in data breach• Insider Bribes Behind Coinbase Hack Exposing Customer Data• Coinbase responds to USD 400 million insider threat attack | Cyber Intelligence Briefing: 16 May 2025Weather. 28 dead, half a million without power as deadly storms, tornadoes sweep across central, eastern US. At least 28 people have died and dozens more were injured after a devastating wave of severe weather swept across the central United States late Friday into Saturday, leaving a trail of catastrophic destruction. Large tornadoes have been reported in Missouri, Kentucky, Illinois and Indiana with hard-hit southeastern Kentucky reporting a majority of the fatalities. According to Kentucky Governor Andy Beshear, there were 18 confirmed deaths in the state connected to the severe weather. The fatalities include 17 people in Laurel County and one in Pulaski County. Quick Hits: • FBI PSA: Senior US Officials Impersonated in Malicious Messaging Campaign• FBI PSA: Impersonation Scheme Targeting Middle Eastern Students in the United States• Update to How CISA Shares Cyber-Related Alerts and Notifications• Securing Critical Infrastructure: GitGuardian Partners with ONE-ISAC to Protect Oil & Natural Energy Operations• AMWA throws support behind CISA reauthorization• Major Crypto Firms Spending Millions on Personal Security• Crypto elite increasingly worried about their personal safety• France Launches Crypto Security Measures After Targeted Kidnapping Surge• The US hasn't seen a human bird flu case in 3 months

On this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• ICYMI: REGISTER NOW! WaterISAC's 2025 H2OSecCon! (20 May) From cybersecurity to climate resilience, operational continuity to public trust, we must collaborate across sectors to build smarter, stronger, and more adaptive systems. That's why we're inviting leaders like you to join the WaterISAC's 2025 H2OSecCon. Connect with peers and leaders committed to enhancing the resilience of our nation's critical systems.Main Topics:Ransomware & Data Breaches: • Monday was Anti-Ransomware Day 2025! What a great time to invest in ransomware resilience! Contact Gate 15 today to get to work building your Cyber Incident Response Plan and ransomware procedures, to start planning your next ransomware workshop or tabletop exercise, to plan for post-incident analysis or to take advantage of our new very price-friendly ransomware exercise for executives – designed especially for small and medium businesses! • Explore the latest cyber risks and claims trends from Coalition. LockBit ransomware gang hacked, victim negotiations exposed• Reminder! Criminals lie and NEVER DELETE YOUR DATA! School boards hit with ransom demands linked to PowerSchool cyberattack• M&S 'had no plan' for cyber attacks, insider claims, with 'staff left sleeping in the office amid paranoia and chaos' • The Very Real Costs of Ransomware: IT warning after hackers close 160-year-old firm. Extremism:• Ohio Man Charged with Threatening State Public Officials • Texas Man Convicted of Making Threats to Kill Nashville District Attorney Glenn Funk • FBI has opened 250 investigations tied to violent online network '764' that preys on teens, top official says• Teenage Terrorists Are a Growing Threat to Europe's SecurityUSG Transitions• Trump's 2026 budget proposes $163 billion cut to non-defense spending, slashes CISA and FEMA funding• White House Proposes $500 Million Cut to CISA• Hegseth orders Pentagon to cut number of senior generals by 20%• Lawmakers question Noem over cuts to CISA, FEMA, TSA• Lawmakers grill Noem over CISA funding cuts, demand Trump cyber plan• NSA to cut up to 2,000 civilian roles as part of intel community downsizing• NIST loses key cyber experts in standards and researchIndia strikes Pakistan over tourist killings, Pakistan says it will retaliate• Kashmir crisis live: Pakistan PM authorises armed forces to undertake ‘corresponding action' after India strikes kill 26• Pakistan vows to respond after India launches strikes in wake of Kashmir massacre• Pakistan claims to have downed Indian warplanes, vows response to strikes• China urges restraint as India-Pakistan tensions escalate with military strikes• A Timeline of Tensions Between India and Pakistan Over Kashmir• India, Pakistan accuse each other of attacks as hostilities rise• AlQaeda Statement On Indian Strikes In PakistanQuick Hits:• Crypto millionaires targeted in brutal kidnappings across France and Europe; Attackers' modus operandi: cutting off victims' fingers to pressure payments. • The father of a cryptocurrency entrepreneur was kidnapped in Paris and found held captive with his finger severed. (article in French)• Assessing the U.S. Climate in April 2025Assessing the U.S. Climate in April 2025• FBI PSA - Cyber Criminal Proxy Services Exploiting End of Life Routers• FBI FLASH: Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities (PDF)• Risky Bulletin: France says Russian influence operations are getting better, achieving results• Unsophisticated Cyber Actor(s) Targeting Operational Technology • Primary Mitigations to Reduce Cyber Threats to Operational Technology• US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations• Primary Mitigations to Reduce Cyber Threats to Operational Technology• UK NCSC: UK pioneering global move away from passwords• Classic Rock - Hunting A Botnet That Preys On The Old

In the latest Security Sprint, Dave and Andy covered the following topics:Warm Open:• (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin - Q2 2025• REGISTER NOW! WaterISAC's 2025 H2OSecCon! Happening virtually Tuesday May 20th from 11am-5pm ET. Learn more and register here! • Crypto ISAC Expands Leadership Team to Support Next Phase of Industry Collaboration and Operational Scale & Crypto Hacks and Scams Hit $364M in April, Says CertiK• Continuity Planning: Conducting Tabletop Exercises; Facilities teams need to participate in Tabletop exercises to prepare for emergency events and situations. Main Topics:Physical Security• Brazil police thwart bomb attack on Lady Gaga concerto Two Arrested in Plot to Bomb Lady Gaga's Rio Concert• Florida Man Arrested in Foiled Mass Shooting Plot – Church Listed Among Targetso Arrest in Florida reveals love link, conspiracy between man and Wisconsin school shootero Loxahatchee man linked to WI school shooter accused of 7 mass shooting threats• Eight arrests in connection with two separate terrorism investigations o UK Met: Five arrested as part of Counter Terrorism Policing operationo UK Met: Three people arrested as part of Counter Terrorism Policing operationo ‘Iranian terror attack' foiled with hours to spare; Authorities feared attack on ‘specific premises' was imminent as seven arrested• Teen Arrested In German Synagogue Attack PlotSevere Weather• NOAA: Hurricane Prep: social media (English). The Hurricane Preparedness Week Social Media Plan.• Monster quake could sink swath of California.o Tsunami Warning Issued After Huge Earthquake Off Argentinao Earthquake of magnitude 5.83 strikes La Rioja Province, Argentina, GFZ saysCybersecurity• Q1 Ransomware Report: The organizational structure of ransomware threat actor groups is evolving before our eyes.• Surefire Cyber: Ransomware Threat Evolution Q1 2025• Retail Ransomware Attacks Claimed by DragonForce:o Incidents impacting retailers – recommendations from the NCSCo Co-op cyber attack affects customer data, firm admits, after hackers contact BBCo Co-op confirms data theft after DragonForce ransomware claims attacko DragonForce Ransomware Gang | From Hacktivists to High Street Extortionistso DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front dooro Marks & Spencer breach linked to Scattered Spider ransomware attacko NCSC statement: Incident impacting retailerso Luxury store Harrods is latest retail victim of cyber attackers o Harrods is latest British retailer to be hit by cyber attacko UK Retailers Co-op, Harrods and M&S Struggle With Cyberattackso Harrods the next UK retailer targeted in a cyberattackQuick Hits:• Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis • FBI PSA: Threat Actors Use "Swatting" to Target Victims Nationwide, April 29, 2025• TLP CLEAR FBI FLASH Phishing Domains Associated with LabHost PhaaS Platform Users (PDF)• With Love, From North Korea…

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• CISA gets a deputy director as it braces for major layoffs• FB-ISAO's Collaboration With Those Who are Lone Defenders• Crypto/Blockchain: o A Record-Breaking Year for Cybercrime: Key Findings from the FBI's 2024 IC3 Reporto Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookieo XRP supply chain attack: Official NPM package infected with crypto stealing backdooro Risky Biz News - R0AR crypto-heisto Crypto ISAC: Ensuring The Security, Efficiency, and Resiliency Of Cryptoo The Gate 15 Interview EP 57 – Adriana Villasenor on info sharing, resilience, and racingMain Topics:Big 3! Risky Bulletin: FBI IC3, Verizon DBIR, Google M-Trends reports are out—here's the conclusions!• Verizon 2025 Data Breach Investigations Report• M-Trends 2025: Data, Insights, and Recommendations From the Frontlines• FBI Releases Annual Internet Crime ReportCasino hackers say they've got maps to slot machine vault and server room. A ransomware gang claims that it's holding hostage the blueprints to a $700 million casino. If true, they may know more about the vaults, server rooms, and security cameras than the people building it. Hackers target Catawba Two Kings Casino, threaten to release blueprintsVancouver Vehicle Ramming; 11 killed - Suspect charged with murder over Vancouver Filipino festival car ramming, police say victims were aged five to 65• A man is charged with murder after SUV rams a crowd in Vancouver's 'darkest day'• Vancouver ramming attack: Police determine attack was 'deliberate' but not 'terrorism' - 'Shocking'• A look at some recent deadly attacks involving vehicle rammings• 4 Killed When a Car Crashes Through an Illinois After-School Center; The victims' ages ranged from 7 to 18, the police said. Several others were injured.Quick Hits:• May Day Protests: o Workers in 600+ US Cities to Protest 'Billionaire Takeover' on May Dayo 50501 events• ‘No longer welcome to be alive': Man threatened Trump, Elon Musk and Tesla owners in ‘Declaration Of War' emails that claimed ‘newsworthy killings' were coming, DOJ says• Spanish distributor says restoring power after huge outage could take 6-10 hours. Portugal also hit• New U.S. Secret Service Research Highlights Connection Between Domestic Violence and Mass Attacks • FBI PSA - FBI Seeking Tips about PRC-Targeting of US Telecommunications & The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices• Countries shore up their digital defenses as global tensions raise the threat of cyberwarfare• Scams & Fraud: o FBI PSA - Cyber Criminals Impersonating Employee Self-Service Websites to Steal Victim Information and Funds o Foreign intel job scams target current, former DoD employeeso Think that text message is from USPS? It could be a scamo FBI Surges Resources to Nigeria to Combat Financially Motivated Sextortion• Russian Propaganda Campaign Targets France with Al-Fabricated Scandals, Drawing 55 Million Views on Social Media • Alleged former members of neo-Nazi group claim its leader is Russian spy• NSA Publishes Recommendations for Smart Controller Security Controls and Technical Requirements for OT Environments• Scientists Find Measles Likely to Become Endemic in the US Over Next 20 Years

On the latest episode of Nerd Out, Dave and Alec reference the following articles related to drones. They talked about drone usages, the way threat actors exploit them from a cyber and physical security perspective as well as mitigation strategies.Drone ThreatDroning On: The Response to Use of Drones by Domestic Violent ExtremistsProtecting Critical Infrastructure From Weaponized DronesDrones are Transforming the Battlefield in Ukraine But in an Evolutionary FashionDrone attack warning: Illinois terrorism experts issue risk assessment for potential drone attacksAre Domestic Drone Shoot-Downs Lawful?Quick HitsHow India's Threat to Block Rivers Could Devastate PakistanThe Contentious U.S.-China Trade RelationshipWhat to know about the tensions between Iran and the US before their third round of talks

In the latest Security Sprint Dave and Andy covered the following topics:Warm Open:• Health-ISAC: European Hobby Exercise 2024 After Action Report• Peters and Rounds Introduce Bipartisan Bill to Extend Information Sharing Provisions That Help Address Cybersecurity Threatso Bill extends cyber threat info-sharing between public, private sectoro Exclusive: Peters, Rounds tee up bill to renew expiring cyber threat information sharing lawo CRS: The Cybersecurity Information Sharing Act of 2015: Expiring Provisions, 08 Apr 2025Main Topics:Scams:• FBI PSA: FBI Warns of Scammers Impersonating the IC3• Foreign intel job scams target current, former DoD employees• Take9JCAT First Responders Toolbox. Third-Party Security Critical to Safeguarding Public Gatherings From Terrorist Threats UK: Law firm fined £60,000 following cyber attack. “enabled cyber hackers to gain access to DPP's network, via an infrequently used administrator account which lacked multi-factor authentication (MFA)”BakerHostetler: Ready and Resilient in the Data-Driven Age. Half Measures ≠ Effective Prep. Your organization finally prepared an IRP and a BCP. That's great! But have you actually implemented and then tested these plans? (At Gate 15, we're a bit partial to this finding. Need to exercise and test those plans? Contact our team today to schedule your next workshop, tabletop, drill or other exercise!)The Weather Channel - 2025 Hurricane Season Outlook: Not Quite 2024, But Above-Average US Landfall Threat. The 2025 Atlantic hurricane season may not be as active as last year, but the threat of U.S. landfalls remains higher than average, according to a just-released outlook issued by The Weather Company and Atmospheric G2. • Colorado State University's tropical forecast team.• Tornado-producing storm deals deadly weather to Oklahoma and Texas• FEMA Isn't Ready for Disaster Season, Workers SayQuick Hits:• Abusing Data in the Middle: Surveillance Risks in China's State-Owned Mobile Ecosystem & 35 countries use Chinese networks for transporting mobile user traffic, posing cyber risks• Florida State shooting: 2 dead, sheriff's deputy's son in custody & How a security gap at FSU heightened students' fears even with the speedy police response• Bot Traffic Surpasses Humans Online—Driven by AI and Criminal Innovation• CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise • Canadian Centre for Cyber Security Resources:o Security guidance for dark web leaks (ITSAP.00.115)o Search engine optimization poisoning (ITSAP.00.013)

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Adriana Villasenor. Adriana is a Senior Director in FTI Consulting, based in New York. She has more than 20 years of experience managing tech, crisis, cyber, and litigation communications for publicly traded and privately held organizations, from global financial technology firms to billion-dollar consumer brands. Prior to joining FTI Consulting, she was the Chief Marketing and Communications Officer at the Financial Services Information Sharing and Analysis Center (FS-ISAC), where she led the financial services industry's media response during large-scale cyber threats and incidents facing the sector. During her tenure, Adriana helped launch member-facing platforms, created new products in response to emerging risks, and enabled the firm's international expansion. Learn more about Adriana on LinkedIn.In the discussion Adriana and Andy cover:Adriana's Background.Info Sharing.ISACs today, ISACs tomorrow.Crypto ISAC!Resilience.We play 3 Questions!Lots more!Selected links:Why I'm Bullish on ISACsIs Cyber Resilience on Your Board's Agenda?

In this week's Security Sprint Andy and Hunter talk about the following topics:Warm Open:• How Healthcare Facilities Can Be Truly Disaster-Resilient. Healthcare Facilities Today spoke with Jon Crosson, director of health sector resilience at Health-ISAC, on what makes a solid resiliency program for healthcare facilities, the importance of real-time information sharing and how healthcare facility managers can use partnerships to improve response and recovery efforts. • Healthcare cybersecurity needs a total overhaul, by Errol Weiss, Chief Security Officer, Health-ISAC• Addressing Risks from Chris Krebs and Government Censorshipo Fact Sheet: President Donald J. Trump Addresses Risks from Chris Krebs and Government Censorshipo Trump Revenge Tour Targets Cyber Leaders, Electionso Gate 15: Cybersecurity & Infrastructure Security: Time to Make This Happen, December 15, 2017 Following the House of Representatives, the US Senate needs to approve the re-designation of DHS's National Protection and Programs Directorate (NPPD) to become the Cybersecurity and Infrastructure Security Agency (CISA); The President should nominate, and the Senate should confirm, Christopher Krebs as Under Secretary for NPPD and then as the first Director of National Cybersecurity and Infrastructure Security.Main Topics: Hacktivism & Nation-State Influence• CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide• IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities• Top 10 Advanced Persistent Threat (APT) Groups That Dominated 2024• The rising tide: A 2024 retrospective of hacktivismPolitical Violence, Executive Protection• ‘Save the white race': Teen who gunned down his parents was plotting a ‘political revolution' that included ‘getting rid of' President Trump, police say• Pennsylvania Man Charged with Making Threats to Assault and Murder President Donald J. Trump, Other U.S. Officials, and Immigration and Customs Enforcement Agents & ‘Going to assassinate him myself': Man ‘buying 1 gun a month since the election' threatened to kill Trump in multiple YouTube comments under name ‘Mr Satan,' FBI says• Suspect in custody after overnight arson at Pennsylvania Gov. Josh Shapiro's residenceo Was Cody Balmer 'Upset' With Gov Josh Shapiro Over Property Seizure? o Harrisburg man to be charged with attempted murder of Gov. Josh Shapiro for setting fire to official residenceo Suspect in arson at Pennsylvania Gov. Josh Shapiro's residence planned to beat him, documents sayo Suspected arsonist Cody Balmer accused of firebombing Gov. Shapiro's home shared disturbing photos onlineo Cody Balmer's Social Media Reveals Anti-Joe Biden Posts• Protect Democracy: How does Gen Z really feel about democracy? 11% believe that it political violence is sometimes necessary to achieve progress.• Arrest made at UnitedHealthcare headquarters after reports of an intruder Quick Hits:• Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit• 8 April 2025 NCSC, FBI, DCSA bulletin – Online Targeting of Current & Former U.S. Government Employees. • FAA Drone Detection Testing. The FAA will conduct drone-detection testing in Cape May, New Jersey, between April 14-25. • Top homeland security lawmaker calls for cautious cuts to CISA• CISA cuts: ‘Open season' for US? • Senator puts hold on Trump's nominee for CISA director, citing telco security ‘cover up' • OCC Notifies Congress of Incident Involving Email Systemo Treasury bureau notifies Congress that email hack was a ‘major' cybersecurity incidento Hackers lurked in Treasury OCC's systems since June 2023 breach• US Cyber Command: Posture Statement of Lieutenant General William J. Hartman

In the latest episode of the Security Sprint, Dave and special co-host Alec Davison talked about the following topics:Insider Risk ConcernsWhat impact will the current political and economic environment have on stressors and grievances.At the end of last month, a former water utility employee pleaded guilty in federal court for tampering with the drinking water supply at his former workplace. https://www.justice.gov/usao-ma/pr/former-stoughton-water-department-employee-pleads-guilty-tampering-drinking-water Nation State's Using Non-state actors for violence and to further geopolitical interestsHybrid warfare is a new normal – we're experiencing a breakdown of the traditional perception of the binary notion of war and peace.US neo-Nazi group with Russia-based leader calls for targeted Ukraine attacks – https://www.theguardian.com/us-news/2025/apr/05/the-base-neo-nazi-russia-ukraine Iran recruited Swedish minors for attacks on Israeli targets https://www.cnn.com/interactive/2025/world/iran-israel-swedish-teenagers-shadow-war-intl-invs Quick HitsTwo men suspected of plotting an attack arrested in Paris in support of the Islamic State – https://www.lemonde.fr/en/france/article/2025/04/07/two-men-suspected-of-plotting-an-attack-arrested-in-paris_6739914_7.html Man who hates big pharmacies allegedly guns down Walgreens worker: Policehttps://abcnews.go.com/US/man-hates-big-pharmacies-allegedly-guns-walgreens-worker/story?id=120408357 Death toll rises from weekend storms in US – severe weather in US - https://www.bbc.com/news/articles/crrzd0lge28o Ivanti Connect Secure appliances are susceptible to attacks exploiting a recently disclosed vulnerability, which Chinese threat actors are actively exploiting - https://www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk/

In the latest Security Sprint, Dave and Andy covered the following topics:Warm Start:·      Sen. Markey, Rep. Schakowsky Introduce Legislation To Protect Clean Water And Wastewater Utilities·      AMWA endorses legislation to encourage WaterISAC participation·      FS-ISAC Releases Guidance On The Future State Of Generative AI In Financial Services·      Senate Intelligence Committee: 03/25/2025 - 10:00am, Open Hearing: Worldwide Threats (complete hearing available here)·      2025 Annual Threat Assessment of the U.S. Intelligence Community·      ODNI: 2025 Annual Threat Assessment Of The U.S. Intelligence Community & Download the report. Main Topics: Severe Weather·      AccuWeather - Dynamic hurricane season predicted for Atlantic in 2025·      Noem says she plans to ‘eliminate FEMA' ·      Ranking Members Thompson & Kennedy:Trump Administration Continuing to Call for Elimination of FEMA and PlayPolitics with its Workforce Will Cost Lives·      US GAO - Disaster Assistance: Improving the FederalApproach·      Sessions Announces Hearing on FEMAReform Opportunities, Recovery Efforts in North Carolina. March 26, 2025, 10:00 a.m. ET·      Powerful earthquake rocks Myanmar andThailand, killing at least 3 in Bangkok high-rise collapse·      Deaths from devastating earthquake inMyanmar climb past 1,700 Vehicle Ramming & Terrorism·      Into the Crowd: The Evolution ofVehicular Attacks and Prevention Efforts·      UK NPSA: Considerations for Temporary Vehicle Security Barriers; Last Updated 20 March 2025·      CSIS: Global Terrorism Threat Assessment 2025 North Korean Worker Threats·      How To Proactively Mitigate The DPRK ITWorker Employment Scam·      The North Korea worker problem is biggerthan you think Quick Hits:·      Oracle customers confirm data stolen in alleged cloud breach is valid·      Oracle Health breach compromises patient data at US hospitals·      Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service·      Oracle has reportedly suffered 2 separate breaches exposing thousands of customers‘ PII·      Scammers Entice U.S. Taxpayers With FundRecovery Services on Facebook, TikTok·      No MFA? Expect Hefty Fines, UK's ICO Warns·      Exclusive: Secretive Chinese networktries to lure fired federal workers, research shows·      A sweeping cyber law's long road torenewal— The 2015 Cybersecurity Information Sharing Act is set to expire this September.  ·      IngressNightmare: 9.8 CriticalUnauthenticated Remote Code Execution Vulnerabilities in

In the latest episode of Nerd Out, Dave and Alec talked about the following topics.Quick thoughts on Signal-gate.Deep dive into radicalization including the latest trends, concerning behaviors and what individuals and organizations can do.Other all-hazard quick hits.Some of the references from the show include:Youth RadicalizationYoung people and violent extremism: a call for collective action - https://www.counterterrorism.police.uk/wp-content/uploads/2024/12/Unclassified-Five-Eyes-CT-minors-paper.pdfYoung guns: Understanding a new generation of extremist radicalization in the United States - https://www.isdglobal.org/wp-content/uploads/2023/08/Young-guns_Understandings-a-new-generation-of-extremist-radicalization-in-the-United-States.pdfTeenage Terrorists and the Digital Ecosystem of the Islamic State - https://ctc.westpoint.edu/teenage-terrorists-and-the-digital-ecosystem-of-the-islamic-state/Antioch, Tenn., Shooter Inspired by Broad Extremist Beliefs and Previous Mass Killers - https://www.adl.org/resources/article/antioch-tenn-shooter-inspired-broad-extremist-beliefs-and-previous-mass-killersEnhancing Bystander Reporting to Prevent Terrorism - https://www.dni.gov/index.php/nctc-how-we-work/joint-ct-assessment-team/first-responder-toolbox/terrorism-prevention/enhancing-bystander-reporting-to-prevent-terrorism#:~:text=The%20First%20Responder's%20Toolbox%20is,and%20responding%20to%20terrorist%20attacks.Quick hitsU.S. Military Targets Houthis in Yemen - https://apnews.com/article/yemen-houthi-us-airstrikes-israel-hamas-takeaways-0d080ffc7c01b423cb81ec27713cdbc7Israel Resume Combat Operations in Gaza - https://www.axios.com/2025/03/18/israel-gaza-war-resumes-airstrikes-hamasCENTCOM Forces Kill ISIS Chief of Global Operations Who Also Served as ISIS #2 - https://www.centcom.mil/MEDIA/PRESS-RELEASES/Press-Release-View/Article/4121311/cent[…]ll-isis-chief-of-global-operations-who-also-served-as-isis-2/Russia behind arson attack on Ikea store in Lithuanian capital, says prosecutor - https://www.theguardian.com/world/2025/mar/17/russia-behind-arson-attack-on-ikea-store-in-lithuania-capital-says-prosecutorDieNet Activity Escalates Against US Organizations - (hacktivists - geopolitical threat actors targeting wide variety of infrastructure) -  https://www.radware.com/security/threat-advisories-and-attack-reports/dienet-activity-escalates-against-us-organizations/Thailand - Myanmar earthquake - https://apnews.com/article/thailand-earthquake-bangkok-4fce87aced74b1fc0cf260fb5454d353

Warm Start:• That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident's toll• Perspective: 25 Years of Evolving Information Sharing Into Actionable Intelligence, new from IT-ISAC Director Scott Algeier.• The Gate 15 Interview EP 56. Information Sharing, Cybersecurity Politics, Threats, and More & New Podcast – Information Sharing, Cybersecurity Politics, Threats, and More! The Gate 15 Interview will be released on all the usual channels later today. Catch this month's special crossover episode now via the Cybersecurity Advisors Network post and on YouTube!• Crypto ISAC at WSJ Tech Live: Exploring the Future of Blockchain & CybersecurityMain Topics:• If it can happen to them, it can happen to you, part one. Managing Communications: The Trump Administration Accidentally Texted Me Its War Plans. Considerations for businesses. • If it can happen to them, it can happen to you, part two. Phishing: A Sneaky Phish Just Grabbed my Mailchimp Mailing List. • Some thoughts on punishment, consistency, standards, and compassion.• White House - Achieving Efficiency Through State and Local Preparednesso Fact Sheet: President Donald J. Trump Achieves Efficiency Through State and Local Preparednesso Trump prioritizes infrastructure resilience against cyber attacks, rolls out National Resilience StrategyQuick Hits:• New Dates Added: Live Virtual Presentations on Targeted Violence Prevention. Live Virtual Presentations on Targeted Violence Prevention. The U.S. Secret Service National Threat Assessment Center (NTAC) is pleased to offer new opportunities to attend live virtual presentations on preventing targeted violence. In these presentations, our expert researchers will share findings and implications from decades of research on targeted violence and offer strategies for preventing acts of violence impacting the places where we work, learn, worship, and otherwise live our daily lives. This list of available virtual training events is regularly updated, and presentation topics change from month to month. To learn more about this series of live virtual presentations, or to register for one or more of these events, please follow the link below. Register here.• FBI PSA - Individuals Target Tesla Vehicles and Dealerships Nationwide with Arson, Gunfire, and Vandalism• Man drives car into protesters outside a Tesla dealership, nobody hurt, sheriff says• Attorney General Bondi Statement on Violent Attacks Against Tesla Property• Violent attacks on Tesla dealerships spike as Musk takes prominent role in Trump White House• Multiple cars set on fire at Tesla service center in Las Vegas in 'targeted attack'• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin• FBI, healthcare agencies warn of credible threat against hospitals, after multi-city social media terror plot alert• Exclusive: FBI scales back staffing and tracking of domestic terrorism probes• This AP map shows sabotage across Europe that has been blamed on Russia and its proxies• Spring Outlook: Dry in the West, milder than average in the South and East; Drought to develop or persist for Rocky Mountains, Southwest and southern Plains• Halcyon - Last Year in Ransomware: Overview, Developments and Vulnerabilities• Chairmen Green, Garbarino, Brecheen Conduct Oversight Of The Federal Government's Response To China-Backed “Typhoon” Intrusions Under Previous Administration• The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants • Risky Bulletin: The looming epochalypse

In this episode of The Gate 15 Interview, Andy Jabbourspeaks with John Salomon. John is an information security executive and cybersecurity expert with 25 years of in-depth, cross-cultural, international experience across multiple critical industry sectors. Learn more about John on LinkedIn.  In this episode John and Andy discuss: ·      John's Background. ·      Information Sharing.·      ISACs, international partnership, and political transitions.·      Critical threats and challenges.·      John plays 3 Questions! ·      Lots more! Selected links:·      Watch the episode on YouTube! Information Sharing, Cybersecurity Politics, Threats, and More·      CyAN: New Podcast – Information Sharing, Cybersecurity Politics, Threats, and More. This post links to the YouTube and includes a timeline and links you may enjoy.·      John Salomon ·      Cybersecurity Advisors Network - Secure in Mind on YouTube·      CyAN's Position on Encryption Backdoor Legislation·      https://cybersecurityadvisors.network

In the latest episode of the Security Sprint, Dave and Andy covered the following topics:Opening:White House instructs agencies to avoid firing cybersecurity staff, email saysCISA Probationary ReinstatementsDOGE Staffer Broke Treasury Rules Transmitting Personal DataChina, Russia, Iran, and North Korea Intelligence SharingMain Topics:Severe Weather:40 dead as storms head east; fire risk remains in parts of U.S.‘I've seen nothing like this since I was a kid': At least 39 people have died across 7 states after powerful storm systemSevere weather disaster: 40 dead after destructive tornadoes, wildfires and dust storms, sweep across US;Europe's Winter Storms Will Get Worse as Emissions Rise, Study SaysReady.govScams & Fraud: New FTC Data Show a Big Jump in Reported Losses to Fraud to $12.5 Billion in 2024Top scams of 2024FBI Warns of Fraudulent Federal Warrants in WyomingTake9Quick Hits:Insider Threats:Texas man faces prison for activating ‘kill switch' on former employer's networkLawsuit Alleges $12 Billion "Unicorn" Deel Cultivated Spy, Orchestrated Long-Running Trade-Secret Theft & Corporate Espionage Against CompetitorFlexport accuses former employees of stealing its source code to create a rival startupRethinking Insider Risk in an AI-Driven WorkplaceCISA and Partners Release Cybersecurity Advisory on Medusa RansomwareCISA: Medusa ransomware hit over 300 critical infrastructure orgsIraqi PM says Islamic State leader for Iraq and Syria killedLawmakers seek DHS records in probe of US response to Chinese cyber campaignsEurope's telecoms sector under increased threat from cyber spies, warns DenmarkRisky Bulletin: GitHub supply chain attack prints everyone's secrets in build logsGitHub Actions Supply Chain Compromise: tj-actions/changed-files ActionCAIR's Civil Rights Report Shows Islamophobia Complaints at All-Time High, Viewpoint Discrimination Key FactorTrump administration weighs travel ban on dozens of countries, memo saysCanadian Centre for Cyber Security - Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577).Ransomware gang creates tool to automate VPN brute-force attacks

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Opening:TribalHub & Tribal ISAC!TribalHub Annual Cybersecurity Summit WrapupCybersecurity summit discusses challenges tribes face from hacksHealth ISAC!TLP White 2024 Health-ISAC Discussion Based Exercise Series After-Action ReportHow Hackers Using AI Tools Threaten the Health SectorBlockchain & Crypto: Risky Biz News - Bybit hack post-mortem1inch Hack Exposes $5M Flaw – Is It Time for Best Wallet Token?Feds Link $150M Cyberheist to 2022 LastPass HacksA $1.5 Billion Hack: How the Biggest Crypto Heist in History Went DownDue to the termination of funding by the Department of Homeland Security, the Center for Internet Security no longer supports the EI-ISACMain Items:Ransomware & Data Breaches: #NotRansomware: FBI Warns of Data Extortion Scam Targeting Corporate ExecutivesMail Scam Targeting Corporate Executives Claims Ties to RansomwareSnail Mail Fail: Fake Ransom Note Campaign Preys on FearBianLian Denies Involvement in Ransom Letters: “Not Our Doing,” Group Tells SuspectFile.comSuspectFile.com – What is your official position regarding the physical letters sent to corporate executives in the United States claiming to be from your group?BianLian – We never do that. That is scam.Sault Ste. Marie Tribe Says It Refused to Pay Cyberattackers' RansomQ4 Travelers' Cyber Threat Report: Ransomware Goes Full ScaleSault Tribe Chairman says tribe will not pay hacker's ransom request (video)Highway Robbery 2.0: How Attackers Are Exploiting Toll Systems in Phishing ScamsTerrorism:Press Release - Global Terrorism Index 2025: Terrorism Spreads as Lone Wolf Attacks Dominate the West & Terrorism Trends Fueled by Sahel Conflicts, Western Lone Actor AttacksSee Something, Say Something. 'Erratic' man at Kentucky church told police about plans to bomb major city, cops sayHouston teen indicted for conspiring to commit murder under new terrorism law Plan to attack Australia synagogue faked by organized crime: policeA boy with a loaded shotgun boarded a plane in Australia but was tackled by a former boxerA driver rams a car into crowd in Germany's Mannheim, leaving 2 dead and 11 injuredQuick Hits:'Five Eyes alliance' crumbling after UK, Australia, New Zealand and Canada give US cold shoulderFBI PSA: Beijing Leveraging Freelance Hackers and Information Security Companies to Compromise Computer Networks WorldwideCisco Talos exposes Lotus Blossom cyber espionage campaigns targeting governments, telecom, mediaChinese Nationals with Ties to the PRC Government and “APT27” Charged in a Computer Hacking Campaign for Profit, Targeting Numerous U.S. Companies, Institutions, and MunicipalitiesSelect Committee on the Chinese Communist Party Holds Hearing — " End the Typhoons: How to Deter Beijing's Cyber Actions and Enhance America's Lackluster Cyber Defenses”Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security & Former intelligence officials denounce job cuts to federal cyber roles.Treasury Suspends Rule Requiring Disclosure Of LLCs' True Owners & Dept. of Treasury Press Release: Treasury Department Announces Suspension of Enforcement of Corporate Transparency Act Against U.S. Citizens and Domestic Reporting CompaniesPolish space agency investigates cyberattack on its systemsCybersecurity Job Satisfaction Plummets, Women Hit HardestCisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Vulnerabilities

Andy goes solo this week, providing some initial updates relating to the ISAC community and last week's Security Sprint focus on government transition and related concerns, then diving into a quick rundown of enduring threats and issuessecurity leaders may want to think about as part of their broader security and resilience efforts. ·      Crypto ISAC! FBI PSA - North Korea Responsible for $1.5 Billion Bybit Hack·      Insider Threats: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say·      US – Russia Cyber Operations:·    CISA on X: “CISA's mission is to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia. There has been no change in our posture. Any reporting to the contrary is fake and undermines our national security.”·      Exclusive: Hegseth orders Cyber Command tostand down on Russia planning·      Trump administration retreats in fight against Russian cyber threats·      Risky Bulletin: Trump administration stops treating Russian hackers as a threat·      Ranking Member Thompson: Trump Weakens National Security and Puts Our Critical Infrastructure at Risk as He Capitulates to Russia Main Topics The Physical and Cyber Supply chain!Manmade Threats Terrorismo  Minneapolis Man Arrested for Attempting toProvide Material Support to ISISo  One dead after car drives into crowd in German city of Mannheimo  Tajik National Arrested in Brooklyn for Conspiring to Provide Material Support to ISISProtests, Anger, Targeted Threatso  Tesla Takedown and other political protestso  Police Investigate Shooting at InsuranceCEO's Oregon Home: Reportso  State Accident Insurance Fund CEO targeted interrifying attack by hooded gunman at his Oregon homeo  Chairmen Gimenez, Green Introduce Bill To Address Vehicular Terrorism As Threat Grows Weather, Climate & Environmento  Hurricane Season is coming, and the USG may be less prepared and less able to respondo  Wildfires scorch the Carolinas, SC Governor McMaster declares state of emergencyo  Wildfires Break Out in the Carolinas, Prompting Evacuationso  Carolina Fire Maps Show Where Blazes Burning in North, South Carolina Health preparednesso  Texas measles outbreak rises to 146 caseso  Texas Official Warns Against ‘MeaslesParties' Amid Growing Outbreako  RFK Jr. urges people to get vaccinated amiddeadly Texas outbreako  NewsGuard: Vaccines Falsely Blamed for Measles Outbreak Cyber Threats:o  BEC & ransomwareo  Blended Threats: Modat - Doors Wide Open: hundreds of thousands of employees exposed & related: Over 49,000 misconfigured building access systems exposed online.o  Critical dependencieso  Info Ops: Russian propaganda may be flooding AI models Quick Hits Take9!!! A Disney Worker Downloaded an AI Tool. It Ledto a Hack That Ruined His Life

In the 100th episode of the Security Sprint, Dave and Andy covered the following topics:Warm Open:·      H2OSecCon 2025 Call for Presentations Now Open Main Topic: DOGE, the Private Sector. Insider Threats & Info Sharing·      DOGE Now Has Access to the Top US Cybersecurity Agency·      DOGE employee Edward Coristine lands at CISAwith DHS email·      ISAC chief on CISA security rollbacks: ‘The sky isn't falling, yet.'·      The Gate 15 Interview EP 55. Allan Liska, Ransomware Sommelier. Threats, mental health, comic books and Diet Dr. Pepper·      Trump 2.0 Brings Cuts to Cyber, Consumer Protections·      DOGE will use AI to assess the responsesof federal workers who were told to justify their jobs via email·      PERSPECTIVE: Current U.S. GovernmentAdministration and the Risk of Increased Insider Threat·      Opinion: DOGE's US worker purge has created aspike in insider risk Quick Hits:·  Bybit Hack: Crypto exchange Bybit says it was hacked andlost around $1.4Bo  Risky Bulletin: North Korean hackers steal $1.5 billion from Bybito   Big Day for Crypto Goes South in a Hurry After a Giant Hacko  Ethereum Developer Counters Idea Of Blockchain Rollback Amid Bybit Hacko  Bybit's Phantom Hacker Becomes Ethereum's Shadow Whale by Fragmenting Fortune Across 54 Walletso  Bybit Hack Funds Funneled Through Meme Coins, Onchain Sleuth Reportso  Crisis Management in $1.4 Billion Hack Sets New Industry Standard, Bybit Officials Sayo  What the Bybit Hack Means for Crypto Security and the Future of Multisig Protection·      Stablecoin Bank Infini Earn Latest Hack Victim, Sees $49.5M USDC Flow Out to Attackers·      Apple is removing iCloud end-to-encryption features from the UK after government compelled it to add backdoors·      CISA and Partners Release Advisory on Ghost (Cring) Ransomware·      Risky Bulletin: BlackBasta implodes, internal chats leak online·      Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems·      Terror Thwarted: Man Threatening Violent Attacks On New York Shuls Arrested In Lincoln Tunnel On Friday Evening·      Early data show homicides dropped 16% in 2024

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Allan Liska. Allan Liska, threat intelligence analyst at Recorded Future, has more than 20 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organisations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program”, “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.“, and “Ransomware: Understand. Prevent. Recover.” Learn more about Allan on LinkedIn.In the discussion Allan and Andy discuss: Allan's Background. Evolving Threats, mission creep and STDs (wait, what?) The ever-evolving threat of Ransomware and the value of collaboration Resilience: mental health, taking care of your people Roy Rogers, comic books and that's before we play Three Questions! The enduring and expensive threat of scams (#Take9!) Lots more!“Your data isn't going to be deleted.”Selected links: Recorded Future Green Archer

In this week's Security Sprint, Dave and Andy covered the following topics.Warm Opening:Quantum Computing Resources: ⁠Canadian Centre for Cyber Security⁠ - ⁠Preparing your organization for the quantum threat to cryptography (ITSAP.00.017)⁠ ⁠Preparing your organization for the quantum threat to cryptography - ITSAP.00.017 (PDF, 335 KB)⁠ ⁠FS-ISAC Releases Guidance to Help the Payment Card Industry Mitigate Risks of Quantum Computing⁠ ⁠Joint Letter on the UK Government's use of Investigatory Powers Act to attack End-to-End Encryption⁠ ⁠U.K. demand for a back door to Apple data threatens Americans, lawmakers say⁠ Main Topics: China: ⁠Threat Snapshot: CCP Espionage, Repression On Us Soil Is Growing⁠; ⁠As USAID retreats, China pounces⁠  Recorded Future - ⁠The Risk of a Taiwan Invasion Is RisingFast⁠ Hate, Extremism & Terrorism: ⁠Afghan held after suspected rammingattack injures 28 in Germany⁠ ⁠Would-be Mooresville school shooter hadcollage of mass murderers, court docs reveal⁠ ⁠Indiana teen accused of plotting Valentine's Day school shooting was inspired by the Parkland massacre⁠ ⁠Singapore detains teenage ‘East Asiansupremacist' for planning attacks on Malays, Muslims⁠ ⁠Singapore detains teen who ‘aspired' tokill Muslims, mirroring New Zealand mosque attack⁠⁠The August 2024 Taylor Swift Vienna Concert Plot⁠.  Quick HitsCyber Reports: ⁠Storm-2372 conducts device code phishingcampaign⁠ ⁠The BadPilot campaign: Seashell Blizzardsubgroup conducts multiyear global access operation⁠ Google: ⁠Stand-Alone Cybercrime is a Threat toCountries' National Security⁠ ⁠January 2025's Most Wanted Malware: FakeUpdates Continues to Dominate⁠ ⁠Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks⁠ DOJ: ⁠Phobos Ransomware Affiliates Arrested inCoordinated International Disruption⁠ ⁠Dragos Industrial Ransomware Analysis:Q4 2024⁠ ⁠US cyber agency puts election securitystaffers who worked with the states on leave⁠ ⁠China's Salt Typhoon hackers continue tobreach telecom firms despite US sanctions⁠ Blended Threats! ⁠Addressing cyber risks of smartinfrastructure, preventing catastrophic fires⁠ ⁠Insider threats loom as Elon Musk's team gains swift government access⁠ SecurityScorecard- ⁠A Deep Peek at DeepSeek⁠. ⁠New York Bans DeepSeek Over Potential Data Risks⁠

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Opening:• In reversal, CISA workforce now permitted to take deferred resignation offer• FS-ISAC Releases Timely Data Governance And Generative AI Guidance & read More Opportunity, Less Risk: 8 Steps to Manage Financial Services Data with GenAI.Cyber Pipeline:o Chairman Rreen reintroduces “Cyber PIVOTT Act,” Senator Rounds to lead companion legislationo Lawmakers unite to push forward Cyber Forceo Gate 15's been arguing for this since 2018… It's Time for an FBI Cybercrime College Scholarship Program, October 14, 2018• Blended Threats! Gate 15's been talking about this since 2017… Unpacking the vicious cycle of climate change and digital security. Blended Threats you say…? Cyberattack on NHS causes hospitals to miss cancer care targetsMain Topics:CISA Releases Active Assailant Emergency Action Plan Template and Instructional Guideo Active Assailant Emergency Action Plan Templateo Instructional Guide to the CISA EAP TemplateRansomware & Data Breaches: Ransomware attackers turn to workers for data breach accesso Cyfirma: Tracking Ransomware: January 2025o 35% Year-over-Year Decrease in Ransomware Payments, Less than Half of Recorded Incidents Resulted in Victim Paymentso Coveware: Will Law Enforcement success against ransomware continue in 2025?o Halcyon Threat Insights 013: February 2025 Ransomware ReportScams!Take9! Hackers Hijack JFK File Release: Malware & Phishing Surgeo Take9: Gate 15 is proud to partner with Take9! 9 SECONDS FOR A SAFER WORLD. Cyber threats are everywhere. And getting sneakier. What can you do to protect yourself, your community and our nation? Take a 9 second pause and think before you click, download, share. A short pause goes a long way.o Threat actor claims to have breached Trump HotelsQuick Hits:• Trump's Gaza comments hand jihadist terrorists a 'rallying cry,' experts say• CSI: Security Considerations for Edge Devices: Executive Guidance• Canadian Centre for Cyber Security - Virtual private networks (ITSAP.80.101)• UK NCSC: Network security fundamentals; How to design, use, and maintain secure networks• National Security Presidential Memorandum/NSPM-2; Imposing Maximum Pressure on the Government of the Islamic Republic of Iran, Denying Iran All Paths to a Nuclear Weapon, and Countering Iran's Malign InfluenceGovernment Data Security Concerns:o A US Treasury Threat Intelligence Analysis Designates DOGE Staff as ‘Insider Threat'o Federal judge blocks Elon Musk's DOGE from accessing sensitive US Treasury Department materialo Government Security Professionals Grapple with Following Procedure Amid DOGE Demandso Teen on Musk's DOGE Team Graduated from ‘The Com'o As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts sayo Coalition of US states to file lawsuit after Musk's DOGE gains access to Americans' personal dataBreaking Encryption:o U.K. orders Apple to let it spy on users' encrypted accounts; Secret order requires blanket access to protected cloud backups around the world, which if implemented would undermine Apple's privacy pledge to its users.o UK's secret Apple iCloud backdoor order is a global emergency, say criticsDeepSeek:o Lawmakers Push to Ban DeepSeek App From U.S. Government Deviceso Researchers say China's DeepSeek chatbot is linked to state telecom, raising data privacy concerns• Internet-connected cameras made in China may be used to spy on US infrastructure: DHS• Exclusive - Chinese Spy Balloon Was Packed With American Tech; The balloon carried technology from at least five US firms.• Hackers exploiting bug in popular Trimble Cityworks tool used by local gov'ts & Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software

In this week's Security Sprint, Dave and Andy covered the following topics. Warm Start:   (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin - Q1 2025. WaterISAC and EPA just published the latest quarterly edition of the National Security Information Sharing Bulletin. The Information Sharing Bulletin (ISB) is intended for water and wastewater utility owners and operators to provide information on priority security and resilience topics, including cybersecurity, physical security, and natural disasters.   Main Topics: Ransomware & Data Breaches: NCC Group releases Annual Cyber Threat Monitor Report 2024. LockBit‘s empire crumbles in the great ransomware reshuffle of 2024. When ransomware kills: Attacks on healthcare facilities New York Blood Center Enterprises Ransomware Attack Update Halcyon - Arcus Media Ransomware Displays Novel Process Targeting, Selective Encryption and Recovery Disruption. LockBit - Persistent TTPs in the Larger Ecosystem;   DeepSeek:  Pentagon scrambles to block DeepSeek after employees connect to Chinese servers Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History.  Satellite images reveal China building war command center in Beijing. Meta's WhatsApp says Israeli spyware company Paragon targeted scores of users. Common Challenges in Cybercrime: 2024 Review by Eurojust and Europol. Cybercrime websites selling hacking tools to transnational organized crime groups seized. Europol: Law enforcement takes down two largest cybercrime forums in the world; The platforms combined had over 10 million users worldwide. Man Arrested On Capitol Hill Said He Wanted To Kill Trump Cabinet Officials, House Speaker: Police. Drones over NJ: Why didn't the FAA admit they authorized the flights? Here's what we know FBI Springfield Advises Caution in Online Relationships. MGM Agrees to Pay $45 Million to Settle Data-Breach Lawsuit.   Quick Hits: The ‘murder gang' of computer whizzkids linked to the killings of a Border Patrol agent and a landlord 3,000 miles apart. The Nashville Attack Displayed Several Hallmarks of Modern Terrorism  FBI PSA - Mail Theft-Related Check Fraud is on the Rise. The FBI and USPIS are warning that check fraud is on the rise, with a significant volume enabled through mail theft. X Phishing | Campaign Targeting High Profile Accounts Returns, Promoting Crypto Scams.  Risky Biz News - Twitter account hacks: Multiple high-profile accounts have been hacked over the past week to promote various memecoins. Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks. CISA employees told they are exempt from federal worker resignation program⁠. ⁠Alarmed by Chinese hacks, Republicans mute attacks on cybersecurity agency⁠ ⁠Top F.B.I. Agent in New York Vows to ‘Dig In' After Removals at Agency⁠ ⁠Wyden Demands Answers Following Report of Musk Personnel Seeking Access to Highly Sensitive U.S. Treasury Payments System⁠ ⁠Videos Show Massive Anti-ICE Protest Erupt As Demonstrators Take Over LA Highway⁠ ⁠Texas Man Admits to Making Violent Threats Against Sikh Nonprofit Organization⁠. ⁠Watch What You Say: SEC Enforcement Scrutinizes Cybersecurity Incident Disclosures⁠. ⁠Bird flu crisis enters new phase⁠.

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Brandon Dixon. Brandon has worn many hats, from security engineer to entrepreneur. Today, he serves at a Partner AI Strategist for Microsoft, Strategic Advisory and Partner with NinjaJobs, and is a tremendous athlete. Brandon has dedicated his career to information security, focusing on analysis, solution development, and process refinement. As the Security AI Strategist for Microsoft Research, he is advancing fully autonomous security outcomes. Previously, Brandon led the product release of Copilot for Security. He also served as VP of Strategy and Product at RiskIQ, a San Francisco startup acquired by Microsoft, where he helped integrate the business and launched Defender Threat Intelligence and Defender External Attack Surface Management. Brandon has developed several public solutions, including PassiveTotal (acquired by RiskIQ), NinjaJobs (acquired by Starfish Partners), PDF X-RAY, and Blockade.io. His research and development in various security topics have earned him accolades from major security vendors and industry peers. Learn more about Brandon on LinkedIn. In the discussion Brandon and Andy discuss: Brandon's Background. Three “Big Things” in AI Brandon's paying attention to in 2025. Entrepreneurship: “Make sure the idea is something you personally care about.” The value of falling short. Resilience. Roasting Coffee (see link below!) Balance. Fitness: from BMX to ultras. We play Three Questions! Whippets, Big Sky, and long runs. More! Selected links: Beans to Bots: Hacking My Coffee Machine with AI Security Chaos Engineering: Sustaining Resilience in Software and Systems 

In this week's Security Sprint, Dave and Andy covered the following topics: Main Topics:  House Homeland Releases Updated “Terror Threat Snapshot” Assessment In Wake Of New Year's Day ISIS-Inspired Terrorist Attack In New Orleans. PDF: “Terror Threat Snapshot.”  US lawmakers warn of 'emboldened' terror threat Nashville school shooter left behind 47-page manifesto detailing hate: report 'God I am ugly': Nashville school shooter's social media shows he embraced white supremacy Nashville School Shooter's Manifesto: Calls To Attack Mosques, Churches, Synagogues, Military Bases, Government Buildings, Power Grids, Schools Madison and Nashville School Shooters Appear to Have Crossed Paths in Online Extremist Communities Antioch, Tenn., Shooter Inspired by Broad Extremist Beliefs and Previous Mass Killers   FBI PSA: North Korean IT Workers Conducting Data Extortion. The Federal Bureau of Investigation (FBI) is providing an update to previously shared guidance regarding Democratic People's Republic of Korea (North Korea) Information Technology (IT) workers to raise public awareness of their increasingly malicious activity, which has recently included data extortion. China's Cyber Threat: Under Trump, US Cyberdefense Loses Its Head; Chinese hacks, rampant ransomware, and Donald Trump's budget cuts all threaten US security. In an exit interview with WIRED, former CISA head Jen Easterly argues for her agency's survival. “Everybody should assume that our adversaries, in particular China, are attempting to go after our critical infrastructure. The private sector, they are on the front lines of this fight, because they own and operate the vast majority of our critical infrastructure. It's why companies need to put collaboration over self-preservation.” “Time For Us To Get A Step Ahead Of The Typhoons”: Chairman Green Opens Hearing On Global Cyber Threats “Preparation Of The Battlefield”: Cybersecurity Experts Testify On Global Threats To The Homeland WaterISAC: House Committee Hearing – Unconstrained Actors: Assessing Global Cyber Threats to the Homeland. Witnesses also cited recent incidents at water utilities.   Quick Hits:   Insider Threats: Orlando Man Pleads Guilty To Conducting Series Of Cyber Intrusions Against Former Employer British Museum forced to partly close after alleged IT attack by former employee CISA and FBI Release Updated Guidance on Product Security Bad Practices Virus season roars back with "quad-demic" of illness Scammers Are Creating Fake News Videos to Blackmail Victims TikTok Threat Arrest: "[Trump] needs to be assassinated" USCP Arrests Man with Gun. Article: Capitol Police: Officer suspended for allowing man with concealed gun into building CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications Ransomware gang uses SSH tunnels for stealthy VMware ESXi access Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware Ransomware's Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025 Ongoing Campaign Targeting Amazon Web Services S3 Buckets

In this week's Security Sprint, Dave and Andy covered the following topics: Main Topics:   Executive Orders: Biden EO: Executive Order on Strengthening and Promoting Innovation in the Nation's Cybersecurity Ransomware sanctions, software security among key points in new Biden executive order A New Jam-Packed Biden Executive Order Tackles Cybersecurity, AI, and More Biden issues order to strengthen federal cyber defenses in the wake of hacks by the Chinese government. Trump EOs: President Trump repeals Biden's AI executive order. During his first day in office, President Donald Trump revoked a 2023 executive order signed by former President Joe Biden that sought to reduce the potential risks AI poses to consumers, workers, and national security. Application Of Protecting Americans From Foreign Adversary Controlled Applications Act To Tiktok Justice Department Statements on Supreme Court's Decision in TikTok, et al. v. Garland Declaring A National Emergency At The Southern Border Of The United States Designating Cartels And Other Organizations As Foreign Terrorist Organizations And Specially Designated Global Terrorists. Protecting The United States From Foreign Terrorists And Other National Security And Public Safety Threats Guaranteeing The States Protection Against Invasion Holding Former Government Officials Accountable For Election Interference And Improper Disclosure Of Sensitive Governmental Information Organization of the National Security Council and Subcommittees  FBI Releases Investigative Update in Bourbon Street Attack (14 Jan) FBI IC3 Alert Number: I-011325-PSA: Threat of Copycat Attacks after ISIS-Inspired Vehicle Attack in New Orleans FBI warns of potential ‘copycat or retaliatory' New Orleans attacks   Scams: FBI PSA - Beware of Charitable Fraud Related to Mass Casualty and Disaster Events Investor Alert: Be Vigilant for Possible Investment Scams Related to the California Wildfires Wild Claims About L.A. Wildfires Get Millions of Views; NewsGuard has identified and debunked 18 false claims related to the wildfires ‘A flood of disinformation': rumors and lies abound amid ongoing LA wildfires Disasters have long led to misinformation as people grasp for control, but the consequences can be life and death   Quick Hits: Fact Sheet: Safeguarding America from National Security Risks of Connected Vehicle Technology from China and Russia US govt launches cybersecurity safety label for smart devices UK NCSC - A guide to ransomware UK NCSC: New proposals to counter ransomware: Have your say Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics Unveiling the GRIT 2025 Ransomware and Cyber Threat Report Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches Terrorist Designations of The Terrorgram Collective and Three Leaders US designates extreme right-wing 'Terrorgram' network as terrorist group “Like Brenton”: Tennessee Man Arrested for Mass Shooting Plot at Mosque Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers. Operation 99: North Korea's Cyber Assault on Software Developers Treasury Targets IT Worker Network Generating Revenue for DPRK Weapons Programs

On the latest episode of Nerd Out, Alec Davison and Dave discussed recent terrorist activity and outlook for the future before looking at some of the propoganda that has been published to influence followers. They also looked at world events and the recent cease fire to assess what that may mean going forward before looking at all-hazards preparedness. Finally they wrapped up with some discussion about Skeleton Crew, and some future shows. Plus Alec makes a plea for Severance. Some references: Terrorism Threat Landscape https://www.axios.com/local/new-orleans/2025/01/06/timeline-new-orleans-terror-attack https://www.fbi.gov/contact-us/field-offices/neworleans/news/fbi-releases-investigative-update-in-bourbon-street-attack https://www.asisonline.org/security-management-magazine/latest-news/today-in-security/2024/december/EU-Terror-Incidents-Rose/ https://www.axios.com/local/new-orleans/2025/01/16/lone-actor-terrorism-machine-learning-ai https://www.memri.org/reports/islamic-state-isis-al-qaeda-iran-axis-supporters-rejoice-over-los-angeles-wildfires-promote https://www.counterextremism.com/press/extremist-content-online-isis-propaganda-allegedly-helped-inspire-new-orleans-attacker Terrorgram Designation https://www.state.gov/office-of-the-spokesperson/releases/2025/01/terrorist-designations-of-the-terrorgram-collective-and-three-leaders https://www.lawfaremedia.org/article/why-the-terrorgram-collective-designation-matters Israel-Hamas Hostage Deal & Ceasefire https://www.nbcnews.com/news/world/israel-hamas-ceasefire-gaza-rcna187913 https://www.memri.org/reports/senior-hamas-official-khalil-al-hayya-upon-signing-ceasefire-agreement-october-7-will LA Wildfires https://www.bu.edu/articles/2025/how-and-why-the-la-wildfires-grew-so-fast/ https://www.cnn.com/2025/01/10/us/california-la-fires-emergency-prep-invs/index.html https://theconversation.com/a-national-nonpartisan-study-of-the-los-angeles-fires-could-improve-planning-for-future-disasters-247198

In the latest Security Sprint, Dave and Andy covered the following topics: Warm Open: • Errol Weiss on LinkedIn: Cyber Threats Know No Borders • Perspective: Cybersecurity Priorities for the New Administration, by Scott Algeier, Executive Director, IT-ISAC. Main Topics: Los Angeles Fires: FEMA: Ready.gov Attorney General James Reminds New Yorkers to be Cautious in Charitable Giving for Los Angeles Wildfire Relief HHS Secretary Xavier Becerra Declares Public Health Emergency for California to Aid Health Care Response to Wildfires Vegas and New Orleans Follow Ups Las Vegas Cybertruck suspect used ChatGPT to plan blast, police say Las Vegas police release ChatGPT logs from the suspect in the Cybertruck explosion ChatGPT advised infamous neo-Nazi on how to attack U.S. electrical grid FBI IC3 Alert Number: I-011325-PSA: Threat of Copycat Attacks after ISIS-Inspired Vehicle Attack in New Orleans FBI warns of potential ‘copycat or retaliatory' New Orleans attacks How New Orleans failed to protect Bourbon Street from attack, block by block Ransomware: Comparitech - Ransomware roundup: 2024 end-of-year report Ransomware attacks on education declined in 2024, report shows Emsisoft: The State of Ransomware in the U.S.: Report and Statistics 2024 Health: CDC - First H5 Bird Flu Death Reported in United States. CDC has carefully studied the available information about the person who died in Louisiana and continues to assess that the risk to the general public remains low. CDC's Priorities for Response Readiness Director Wray 60 Minutes: FBI Director Wray on threats America faces, decision to step down as Trump returns to the White House Outgoing FBI director calls China and its cyber program the 'defining threat of our generation' FBI director explains why he's resigning, defends feds' raid of Trump's Mar-a-Lago Inauguration Workplace Considerations Quick Hits: • 2024 was the world's warmest year on record • White House Launches “U.S. Cyber Trust Mark”, Providing American Consumers an Easy Label to See if Connected Devices are Cybersecure • CISA Releases the Cybersecurity Performance Goals Adoption Report • FACT SHEET: Ensuring U.S. Security and Economic Strength in the Age of Artificial Intelligence • Prime Minister sets out blueprint to turbocharge AI • UK throws its hat into the AI fire

In the latest episode of the Security Sprint, Dave and Andy covered the following topics: Special Agent in Charge Joshua Jackson, ATF, Delivers Investigative Updates on the New Orleans Bourbon Street Attack FBI: 2 IEDs failed to detonate in New Orleans New Year's Day ramming attack FBI says New Orleans attacker surveyed area using Meta smart glasses Cybertruck driver left behind rant praising Trump and Musk, slamming Democrats ‘TIME TO WAKE UP': Las Vegas police share notes from Cybertruck explosion suspect Matthew Livelsberger Alleged Manifesto: Read Full Email Sent to Retired Soldier Vegas Cybertruck Bomber Who Called for ‘Purge' of Dems Deemed Not a ‘Risk' to Public After He Sought VA Mental Health Help   Additional Resources: CISA: Vehicle Ramming Mitigation Vehicle Incident Prevention and Mitigation Security Guide Vehicle Ramming Mitigation Resources Vehicle Ramming Self-Assessment Tool User Guide and Overview Protecting Patrons in Outdoor Eating Venues UK NPSA: Hostile Vehicle Mitigation (HVM) Gate 15: The Hostile Event Attack Cycle (HEAC) JCAT First Responder's Toolbox (selected items below) Vehicle-Borne Attacks: Tactics and Mitigation Considerations for Responding to an Improvised Explosive Device (IED) Attack Awareness of Violent Extremist Tactics To Defeat Physical Security Can Improve Response Evaluating and Responding to Violent Extremist Hoax Threats Enhancing Bystander Reporting to Prevent Terrorism

In the latest episode of Nerd Out, Dave brings back Andy Jabbour and Jennifer Lyn Walker to remember the early days of the pod, and talk about some 2024 predictions to see if they hit the mark, were a near miss or were out of left-field. Then they talked about some things organizations should remember heading into 2025 before getting into some holiday cheer. They talked about their favorite holiday drinks, traditions, and movies or television shows before extending their best security wishes for 2025. Andy Jabbour is the Managing Director, Gate 15 and host of the Gate 15 Interview podcast and co-host of the Security Security Sprint podcast. Jennifer Lyn Walker is a cybersecurity professional with 24+ years of experience supporting critical infrastructure and SLTT (state, local, tribal, and territorial) governments. Jennifer has provided subject matter expertise regarding cyber threats related to homeland security for multiple critical infrastructure and vital lifeline sectors utilizing her experience in malware analysis, threat assessments, threat intelligence, HIPAA compliance, cybersecurity awareness, insider threat protection, and industrial control systems cybersecurity and safety. Link for UnDisruptable27: https://securityandtechnology.org/undisruptable27/

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Jeri Rogish and Mitchell Freddura, both with the Cybersecurity and Infrastructure Security Agency (CISA) and CISA's Joint Cyber Defense Collaborative (JCDC). Jeri serves as Deputy Chief of JCDC's Product Development Section and Mitch serves in the Partnerships Office. Jeri on LinkedIn. Mitch on LinkedIn. For further information about participating, email cisa.jcdc@cisa.dhs.gov. Discussed in the podcast: Jeri & Mitch's Backgrounds. JCDC background. How the JCDC is “uniting the global cyber community.” Best practices to support a “coordinated defensive cyber posture.” “Implementing comprehensive, whole-of-nation cyber defense plans” to address risks, coordinate action, and build national resilience. Building a joint understanding of challenges and opportunities for our nation's cyber defense. Networks of networks & private-public partnership  The NCIRP Public Comment period coming soon! We play Three Questions and talk moments from high school, favorite foods, big hearts and sports teams no one wants to hear about… Selected links: Joint Cyber Defense Collaborative (JCDC) CISA Launches New Joint Cyber Defense Collaborative (05 Aug 2021) JCDC Success Stories | CISA JCDC Artificial Intelligence Cyber Tabletop Exercise Series Shaping the legacy of partnership between government and private sector globally: JCDC Cybersecurity Resources for High-Risk Communities JCDC Builds Foundation for Pipelines Cyber Defense Planning Effort Additional resources: 2024 JCDC Priorities Enhanced Visibility and Hardening Guidance for Communications Infrastructure PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure Living off the Land (LoTL) Guidance Cybersecurity Resources for High-Risk Communities | CISA Securing Open Source Software in Operational Technology | CISA Improving Security of Open Source Software in Operational Technology and Industrial Control Systems

In the latest episode of the Security Sprint, Dave and Andy covered the following topics: Warm Start: H2OEx - An Exercise for the Water Sector   Main Topics: UHC Assassination: ·      Health insurers step up security, scrub websites of leadership information ·      Luigi Mangione, suspect in fatal shooting of UnitedHealthcare CEO Brian Thompson, used ghost gun that may have been 3D-printed ·      Suspect in killing of health care CEO faces 5 charges including forgery and firearm without a license ·      Health care CEO shooting suspect was Ivy League graduate who appears to have written about Unabomber online ·      Suspect in fatal shooting of UnitedHealthcare CEO Brian Thompson ID'd as Luigi Mangione, an ex-Ivy League student ·      Luigi Mangione's sprawling family found success after patriarch's rise ·      Health insurers step up security, scrub websites of leadership information ·      UnitedHealth CEO says insurer will continue to prevent ‘unnecessary care' in leaked video as sick trolls warn, ‘Dude's next' ·      What Companies Should Be Asking Their Security Teams Right Now ·      A timeline of the fatal shooting of UnitedHealthcare CEO Brian Thompson and search for his killer ·      UnitedHealth CEO's killing unleashes social media rage against insurers ·      UnitedHealthcare CEO kept a low public profile. Then he was shot to death in New York ·      Bullets fired at healthcare CEO in fatal shooting had words carved on them ·      Message on bullets fired by healthcare CEO's assassin bear eerie link to book condemning insurance companies ·      Copycat, Contagion, and the Robin Hood Effect as Risk Enhancers in Targeted Violence   Faith-Based Threats ·      Terror attack on Bavarian Christmas market foiled by police ·      Man in van filled with explosives, guns intended to attack a North Texas church, report states ·      FeatherRiver School of Seventh-Day Adventists Shooting: o  2 kindergarteners wounded and gunman dead after shooting at California religious school ·      Five-Eyes security and law enforcement agencies release joint authored analysis of youth radicalization & PDF analysis.   Six password takeaways from the updated NIST cybersecurity framework. Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of more effective protections.    Quick Hits: ·      FBI IC3 PSA: Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud ·      Russian Woman Arrested In U.S. For Alleged Ties To Russian Intelligence ·      NGA: 2024 State Experts Roundtable On Protecting Energy Infrastructure From Physical Attacks ·      Manager of Chatham County Company Charged with Skimming Hundreds of Thousands of Dollars From Employer with Fake Invoices ·      The California tsunami danger is real. The 7.0 earthquake is wake-up call to prepare. o  'Swaying back and forth': Magnitude 7 earthquake, aftershocks rock California o  Tsunami warning canceled after strong California earthquake Salt Typhoon: o  White House says at least 8 US telecom firms, dozens of nations impacted by China hacking campaign o  FCC chair proposes cybersecurity rules in response to China's Salt Typhoon telecom hack   Health: o  What is mystery 'disease x' and why have dozens died in DR Congo? o  Unknown disease kills 143 in southwest Congo, local authorities say o  FINAL REPORT: COVID Select Concludes 2-Year Investigation, Issues 500+ Page Final Report on Lessons Learned and the Path Forward ·      Korea arrests CEO for adding DDoS feature to satellite receivers ·      Outraged? You're more likely to share misinformation, study finds ·      Romania hit by major election influence campaign and Russian cyber-attacks ·      EU orders TikTok to freeze Romanian elections data ·      Choosing secure and verifiable technologies ·      CISA Releases New Public Version of CDM Data Model Document

In this week's Security Sprint, Dave and Andy covered the following topics: Seasonal Scams! CISA: Shop Safely This Holiday Season FTC: Scammers are delivering phishing messages this holiday season ClouDSEK: Cyber Monday Scams: A Comprehensive Analysis of Threats and Mitigation Strategies   Ransomware & Resilience! UK NCSC: Cyber Security Toolkit for Boards: updated briefing pack released. New presentation includes voiceover and insights on ransomware attack on the British Library. Cannabis industry is apparent target of Everest Ransomware, security experts warn Cannabis-ISAO eCrime The costs of ransomware: Cyber attack prompts Stoli Group USA bankruptcy filing Risky Biz News - Hoboken ransomware attack Starbucks, Grocers Revert to Manual Processes After Ransomware Attack on Third-Party Software System Risky Biz News - Bologna FC ransomware attack The Evolution of BlackBasta Malware Dissemination Ransomware-driven data exfiltration: techniques and implications The ransomware attack that started it all. A North Korean hacker group's attack on Sony Pictures in 2014 was the precursor to today's global ransomware menace, according to US intelligence community's ransomware expert, Laura Galante. Ransomware Roundup - Interlock Key Considerations for Legal Compliance in Ransomware Recovery FBI-Wanted Hacker Behind Global Ransomware Attacks Arrested in Russia   Threats to Public Officials and associated risks Trump administration picks targeted with bomb threats and swatting FBI Statement Regarding Threats to Nominees and Appointees Most of Connecticut's delegation in Congress targeted by bomb threats Jeffries office: Bomb threats made against Dem lawmakers ‘unacceptable' Arizona Man Sentenced for Making Online Threats Against Public Servants Including Federal Officials   Quick Hits Live Virtual Presentations on Targeted Violence Prevention. The U.S. Secret Service National Threat Assessment Center (NTAC) is pleased to offer new opportunities to attend live virtual presentations on preventing targeted violence. In these presentations, our expert researchers will share findings and implications from decades of research on targeted violence and offer strategies for preventing acts of violence impacting the places where we work, learn, worship, and otherwise live our daily lives. This list of available virtual training events is regularly updated, and presentation topics change from month to month. Register Here HSI Investigation Leads to Seizure of $3.5 Million Dollars Stolen in Business Email Compromise Scam CISA: AI Red Teaming: Applying Software TEVV for AI Evaluations Biden tightens tech controls on China as clock ticks down Russian ‘spy ring plotted high-level espionage, including honey traps.'  

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Angela Haun. Angela is the Executive Director with the Oil and Natural Energy Information Sharing and Analysis Center (ONE-ISAC). Appointed as ONE-ISAC Executive Director in September 2018, Angela is a retired FBI Special Agent with extensive experience in cybersecurity and protecting critical assets. Since joining the ONE-ISAC, she has expanded the ONE-ISAC's membership with a Strategic Partnership Pilot Program, bringing new organizations, expertise, resources and funding to support the ISAC's efforts. In addition, Angela has been a subject matter expert speaker, organizer and participant in numerous energy-related conferences, briefings, exercises, meetings, webinars and other events. Ms. Haun is actively pursuing upgraded technologies and additional benefits for ONE-ISAC member analysts and executives. Prior to her work in support of ONE-ISAC, Angela served over twenty years at the FBI. Learn more about Angela on LinkedIn. “Potential gets me so excited!” In the discussion Angela and Andy discuss: Angela's Background. ONG-ISAC background. The new, ONE-ISAC. Private-public partnership. Good intentions, unintended consequences. An increasing appreciation of OT security. Destructive attacks. Building Resilience. We play Three Questions and discuss playing golf course, the U.S. Capitol, and Rick Springfield, Jessie's Girl! Selected links: ONE-ISAC. ONE-ISAC serves as a central point of coordination and communication to aid in the protection of exploration and production, transportation, refining, and delivery systems of the ONE industry, through the analysis and sharing of trusted and timely cyber threat information, including vulnerability and threat activity specific to ICS and SCADA systems. Critical Infrastructure Security and Resilience Month Critical Infrastructure Security and Resilience Month Toolkit The Gate 15 Interview: Jeff Troy, President, Aviation ISAC, on public service, cybersecurity, understanding threats (and... colonizing the ocean?), 23 Aug 2023

In this week's Security Sprint, Dave and Andy covered the following topics. Warm Start: • Auto-ISAC: Thomas Farmer Assumes Position as Director of Operations • News from the Auto-ISAC Cybersecurity 2024 Summit • Follow Up from last Sprint: FBI Statement Regarding Offensive Text Messages o Bigoted text messages after Trump victory also targeted Latinos, LGBTQ+ communities, FBI says o FBI investigates new wave of offensive messages targeting Hispanic, LGBTQ people • Groundbreaking Framework for the Safe and Secure Deployment of AI in Critical Infrastructure Unveiled by Department of Homeland Security • Media Advisory: Chairman Green Announces Worldwide Threats Hearing Featuring DHS Secretary Mayorkas, FBI Director Wray, NCTC Acting Director Holmgren: November 20, 2024, at 10:00 AM ET • Senate Judiciary Committee: Big Hacks & Big Tech: China's Cybersecurity Threat: November 20, 2024, at 2:00 PM ET Main Topics: Homeland Security Transitions. Rand Paul has plans to kneecap the nation's cyber agency. The incoming chair of the Senate Homeland Security Committee has pledged to severely cut the powers of the Cybersecurity and Infrastructure Security Agency or eliminate it entirely. • CISA Director Jen Easterly to depart on Inauguration Day • House Homeland Releases “Cyber Threat Snapshot” Highlighting Rising Threats to US Networks, Critical Infrastructure • Joint Statement from FBI and CISA on the People's Republic of China (PRC) Targeting of Commercial Telecommunications Infrastructure • Salt Typhoon: T-Mobile Hacked in Massive Chinese Breach of Telecom Networks • Salt Typhoon: Intelligence community briefed Congress on Chinese telecom intrusions • Volt Typhoon rebuilds malware botnet following FBI disruption • China's Hacker Army Outshines America Liability: Legal Report: A Michigan Agency Agrees to $13 Million Settlement Concerning Surprise Active Shooter Drill. Cyber Resilience: • NordPass: Top 200 Most Common Passwords. • 2023 Top Routinely Exploited Vulnerabilities. PDF: AA24-317A 2023 Top Routinely Exploited Vulnerabilities Quick Hits: • Palo Alto! Risky Biz News: Unpatched zero-day in Palo Alto Networks is in the wild. • CISA Adds Two Known Exploited Vulnerabilities to Catalog o CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability o CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability • EPA: Management Implication Report: Cybersecurity Concerns Related to Drinking Water Systems. o US EPA report cites cybersecurity flaws in drinking water systems, flags disruption risks and lack of incident reporting o Drinking water systems for 26M Americans face high cybersecurity risks • Moody's Cyber Heat Map flags extreme cyber risks for critical infrastructure, impacting telecommunications and airlines • 35 dead as driver hits crowd at sports center in southern Chinese city • ODNI - Potential Global Economic Consequences of a Use by Russia of Nuclear Weapons in Ukraine • Australia-Japan-United States Trilateral Defense Ministers' Meeting November 2024 Joint Statement • Justice Department Announces Murder-For-Hire and Related Charges Against IRGC Asset and Two Local Operatives • Iranian “Dream Job” Campaign 11.24 • Fans scuffle despite heavy security presence at France-Israel soccer match • Hate, Extremism & Terrorism: o Houston man charged with attempting to provide material support to ISIS o The FBI says it stopped a possible terrorist attack in Houston o California Teenager Pleads Guilty in Florida to Making Hundreds of ‘Swatting' Calls Across the United States o Nazi Group Marches Through Ohio Town o Germany: 17-year-old arrested over alleged terror plot o Teens accused of plotting to bomb pro-Israel rally on Parliament Hill o Man dead after explosions outside Brazil supreme court ahead of G20

In the latest episode of Nerd Out, Dave is joined by Bridget Johnson and Joe Levy to do their annual talk about holiday threats and ways to be ever vigilant. Then they talked about their favorite foods and things to watch. Joe Levy is the Assistant General Manager at the Barclays Center. Bridget Johnson is a terrorism and extremism expert who has decades worth of experience analyze threat activities.

In this week's Security Sprint, Dave and Andy covered the following topics. Warm Start: • US cybersecurity chief says disinformation surge hasn't impacted election • FBI Statement About Fabricated Videos and Statements Falsely Attributed to the FBI. • Food and Agriculture Sector Eyes Cybersecurity Threats • Food and Ag Sector 2024 Cyber Threat Report (PDF) Main Topics: Black people are receiving racist text messages about picking cotton 'at the nearest plantation.' The FBI and the FCC have weighed in on the messages that multiple Black people across the country received on Wednesday. • FBI Statement on Offensive and Racist Text Messages • FB-ISAO reports Antisemitic text messages • Louisiana attorney general reveals new findings on racist texts • Text service says it shut down accounts allegedly behind racist messages Be security curious amid enduring extremism & terrorism threats, mass gatherings: • Man Arrested and Charged with Attempting to Use a Weapon of Mass Destruction and to Destroy an Energy Facility in Nashville • Cholo Abdi Abdullah Convicted for Conspiring to Commit 9/11-Style Attack at the Direction of Al Shabaab • Florida Man Indicted for Posting Threats on the Internet FBI Cyber Threat Updates: • Easy Access to Information for Conducting Fraudulent Emergency Data Requests Impacts US-Based Companies and Law Enforcement Agencies. As of August 2024, FBI noted an uptick in criminal forum posts regarding conducting fraudulent emergency data requests and is releasing this notification for industry awareness. Cybercriminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes. • HSI and Partners Announce Return of $1.8 Million Stolen During Business Email Compromise Scam Quick Hits: • Israel to collect soccer fans from Amsterdam after apparent antisemitic attacks • Israeli soccer fans attacked in Amsterdam, in what Dutch authorities call antisemitic incidents • Dave's Severe Weather threat and preparedness reminders • China Hack Enabled Vast Spying on U.S. Officials, Likely Ensnaring Thousands of Contacts • U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack • Russia Suspected of Plotting to Send Incendiary Devices on U.S.-Bound Planes • Mystery fires were Russian 'test runs' to target cargo flights to US • Halliburton misses profit estimate, buyback target as cyber attack hurts. Halliburton missed Wall Street estimate on a previously disclosed cyber hack that forced the oilfield services provider to pause a share repurchase program, executives said on Thursday. • Unwrapping the emerging Interlock ransomware attack • NEWPARK RESOURCES INC. Newpark Resources, Inc. is a worldwide provider of value-added drilling fluids systems and composite matting systems used in oilfield and other commercial markets. NEWPARK's 8K. • Major Oilfield Supplier Hit by Ransomware Attack • 764 Terror Network Member Richard Densmore Sentenced to 30 Years in Prison

In the latest Security Sprint, Dave and Andy covered the following topics. Warm Start. • CISA: Critical Infrastructure Security and Resilience Month 2024. “Resilience means doing the work up front to prepare for a disruption, anticipating that it will in fact happen, and exercising not just for response but with a deliberate focus on continuity and recovery, improving the ability to operate in a degraded state, and significantly reducing downtime when an incident occurs.” o A Proclamation on Critical Infrastructure Security and Resilience Month, 2024 o Biden declares November as critical infrastructure security and resilience month, calls safeguarding these systems • FS-ISAC: Ransomware Essentials. A Guide for Financial Services Firm Defense (PDF) Main Topics: Election Week! • Joint ODNI, FBI, and CISA Statement. • US cybersecurity chief says disinformation surge hasn't impacted election • CISA: Election Security Rumor vs. Reality • Georgia Poll Worker Arrested for Making Bomb Threat to Election Workers • FBI PSA: Scammers Exploit 2024 US General Election to Perpetrate Multiple Fraud Schemes • Colorado accidentally put voting system passwords online, but officials say election is secure • Joint ODNI, FBI, and CISA Statement on Russian Election Influence Efforts (01 Nov). Liability: • Attorney General James Secures $2.25 Million from Capital Region Health Care Provider to Protect Patient Data • HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $500,000 • HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000 Insider Threats! Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information Quick Hits: • Wiz CEO says company was targeted with deepfake attack that used his voice • Ripple effect: the devastating impact of data breaches • Canadian Centre for Cyber Security - Cyber Security Readiness • Defendants with Ties to White Supremacy Sentenced in Connection with Plot to Destroy Energy Facilities • United States Welcomes the United Kingdom's Actions Against Known Purveyors of Kremlin Disinformation • Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives • Army of bots promotes petrostate hosting global climate talks • Reset Tech Investigation - Clickbait Cures: How Meta and Google Tolerate a Dubious Meds Market in the EU • Fitness app Strava gives away location of Biden, Trump and other leaders, French newspaper says • Meet Interlock — The new ransomware targeting FreeBSD servers • Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network • Spain floods disaster: death toll rises to 205 as extra troops mobilised • Biden Administration Announces Additional Security Assistance for Ukraine • Iran Tells Region ‘Strong and Complex' Attack Coming on Israel • Cybersecurity Advisory – Threats Posed by Remote Technology Workers with Ties to Democratic People's Republic of Korea • Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments • New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad • Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication • Canadian Centre for Cyber Security - National Cyber Threat Assessment 2025-2026 • Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats • Massive PSAUX ransomware attack targets 22,000 CyberPanel instances • Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

In this week's Security Sprint, Dave and Andy covered the following topics. Warm Start: Organizational Cyber Security Culture • The Gate 15 Interview – Rob Sherman on CISOs: “Focus on risk, focus on resilience.” Plus: A Salt and Pepper America, burnout, beta, and more! • TribalHub x Gate 15: Organizational Cyber Culture Meets Concert Moments & The Gate 15 Interview – TribalNet! Building a Cybersecurity Culture, Tribal-ISAC, and how we rock! Memorandum on Advancing the United States' Leadership in Artificial Intelligence; Harnessing Artificial Intelligence to Fulfill National Security Objectives; and Fostering the Safety, Security, and Trustworthiness of Artificial Intelligence • Statement from National Economic Advisor Lael Brainard on National Security Memorandum (NSM) on Artificial Intelligence (AI) • FACT SHEET: Biden-⁠Harris Administration Outlines Coordinated Approach to Harness Power of AI for U.S. National Security • Biden administration urges US agencies to ‘harness' AI systems for national security • White House will order Pentagon and intel agencies to increase use of AI • US to unveil AI national security memo to avoid China's ‘strategic surprise' Main Topics: Info Ops • Russian propaganda exploits US hurricane response to undermine FEMA and Ukraine support. 2024 Elections • Joint ODNI, FBI, and CISA Statement. • Pennsylvania officials rebut false voter fraud claims from home and abroad • U.S. officials say Russia smeared Tim Walz, might stoke post-vote violence • American creating deepfakes targeting Harris works with Russian intel, documents show • CISA Launches #PROTECT2024 Election Threat Updates Webpage • Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications • Chinese Hackers Are Said to Have Targeted Phones Used by Trump and Vance • Foreign threats to the US election are on the rise, and officials are moving faster to expose them • Election Security Update as of Late October 2024 • Foreign Threats to US Elections After Voting Ends in 2024 • Foreign influence operations will expand before election and linger afterward, US agencies say • Recorded Future: Operation Overload Impersonates Media to Influence 2024 US Election • Microsoft: As the U.S. election nears, Russia, Iran and China step up influence efforts • Justice Department Announces Four Cases Brought by Election Threats Task Force • Secretary of State's Office says they stopped cyberattack aimed at crashing voter website • Wisconsin sued over voting system's allegedly weak cyber protections • Philadelphia Resident Charged for Election-Related Threat to State Party Representative • Maine man made homemade bombs and dropped some from drones, officials say • Dr. Paul Requests Information On DHS & CISA's Participation At Election Day Cybersecurity Conference Quick Hits: Terrorism • Arizona grand jury indicts juvenile for planning attack at Phoenix Pride Festival • Maryland Man Charged With Attempting To Provide Material Support To ISIS • Suburban Chicago Man Sentenced to 18 Years in Prison for Trafficking Fentanyl and Attempting To Support ISIS Ransomware: • Black Basta ransomware poses as IT support on Microsoft Teams to breach networks • New Iranian-based Ransomware Group Charges $2000 for File Retrieval • Japanese Man Convicted of Making Virus Using AI; Likely 1st Person in Japan to be Convicted in Criminal Case for Abusing Generative AI • New Qilin.B Ransomware Variant Boasts Enhanced Encryption and Defense Evasion • Crystal Rans0m: Rust-Based Hybrid Ransomware • Avast Releases Free Decryptor for Mallox Ransomware • Decrypted: Mallox ransomware • Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action • Embargo ransomware: Rock'n'Rust • macOS NotLockBit | Evolving Ransomware Samples Suggest a Threat Actor Sharpening Its Tools • Akira Ransomware Evolution: A move towards cross-platform adaptability

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Rob Sherman. Rob is the Chief Information Security Officer (CISO) for American Tower Corporation, a global digital infrastructure provider. Among his role and responsibilities, he established the global information security program responsible for governance, risk, compliance and security operations for the company's corporate and line-of-business operations. Among his many hats, Rob is a CISO, attorney, cyber program builder, involved in incident response, with over 25+ years of it and infrastructure experience. Learn more about Rob: LinkedIn In the discussion Rob and Andy discuss: Rob's Background. Organizational Culture Leaning into resilience Ransomware What worries Rob Sherman Burnout in cybersecurity Three Questions - beta tapes, Top Gun, a Salt and Pepper America and more!

In this week's Security Sprint, Dave and Andy covered the following topics: Election 2024: Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of the efforts posed by foreign threat actors to spread disinformation in the lead up to, and likely in the days following, the 2024 U.S. general election. Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle CISA: A Message to Election Officials from CISA Director Jen Easterly ISIS-K behind foiled Election Day terrorism plot, U.S. officials say ‘You are next': online posts show Islamic State interest in attacks on US ahead of election New cases of political violence roil US ahead of contentious election   DOJ: Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World. U.S. charges Sudanese men with running powerful cyberattack-for-hire gang Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals U.S. Indicts 2 Linked to Oct. 7 Cyberattack on Israeli Warning System USGS: (Some) Assembly Required. How to sign your organization up for the Great ShakeOut.   Quick Hits Germany: police arrest man over Israeli Embassy attack plot Digging into Salt Typhoon Brazil Arrests ‘USDoD,' Hacker in FBI Infragard Breach Check Point: A Closer Look at Q3 2024: 75% Surge in Cyber Attacks Worldwide

In this week's Security Sprint, Dave covered the following topics. Warm Start - the importance of taking time off. Topics. 1. Election Security. Trump campaign event arrest. Arrest for an election day attack. https://www.voanews.com/a/afghan-charged-in-election-day-terror-plot-passed-multiple-screenings/7818235.html CISA is ready. https://www.unomaha.edu/ncite/news/2024/10/cisa-at-ncite.php 2. Ransomware. Ransomware in 2024: Latest Trends, Mounting Threats, and the Government Response. https://www.trmlabs.com/post/ransomware-in-2024-latest-trends-mounting-threats-and-the-government-response 3. Conspiracy Theories. Suspect arrested after reports of threats toward FEMA operations in North Carolina. https://www.cnn.com/2024/10/14/us/fema-helene-north-carolina-reported-threats/index.html ‘It's mindblowing': US meteorologists face death threats as hurricane conspiracies surge. https://www.theguardian.com/us-news/2024/oct/11/meteorologists-death-threats-hurricane-conspiracies-misinformation

In the latest episode of Nerd Out, Dave welcomed back a friend of the pod, Bridget Johnson! Bridget caught everyone up on her latest work and new ventures before the two talked about the upcoming election and potential for violence. They transitioned to global terrorism and the potential risks associated with the continued conflict in the Middle East. Bridget is a part of the McCrary Institute. You can sign up for their products at: Newsletter signup - https://lp.constantcontactpages.com/sl/fS5OMD4/mccrarysignup Pods - https://www.youtube.com/@McCraryInstitute

In the latest episode of the Security Sprint, Dave goes solo and talks about the following topics. Warm Start - the importance of exercises. October 7th Anniversary PSA. IC3 PSA: Anniversary of October 7, 2023, Hamas Attacks May Motivate Individuals to Violence in the United States The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) are issuing this Public Service Announcement to highlight potential threats in the United States from a variety of actors in response to the one-year anniversary of the HAMAS attacks on Israel on October 7, 2023, and consistent calls by foreign terrorist organizations (FTOs) to their supporters seeking to provoke violence in the West. Hurricane Milton Preparedness and looking ahead. MDM and Disaster Scams. NWS: Hurricane Milton Approaching Florida. Milton continues to intensify in the Gulf of Mexico today. Heavy rainfall ahead of Milton continues today with localized flooding concerns. This hurricane will approach the west coast of Florida during the middle of the week. Significant impacts are likely with a large and powerful hurricane at landfall in Florida, with life-threatening hazards along portions of the coastline. 

In this week's Security Sprint, Dave and Andy covered the following topics: Warm Open   Water, Water, Everywhere! §  WaterISAC – EPA: National Security Information Sharing Bulletin §  WaterISAC - Cybersecurity Fundamentals for Water and Wastewater Utilities §  WaterISAC: Incident Awareness – Ransomware Attackers Target Kansas Water Treatment Facility §  Kansas water plant cyberattack forces switch to manual operations §  WaterISAC: EPA's Hazard Mitigation for Natural Disasters: A Starter Guide for Water and Wastewater Utilities §  Fears of Weakness in Water Cybersecurity Grow After Kansas Attack §  WaterISAC: Potential Supply Chain Impacts from East Coast and Gulf Coast Labor Negotiations (Updated September 26, 2024) §  Deluge of Threats to Water Utilities: Securing Operational Technology Against Cyberattacks   INC Ransomware had a very active weekend! GRIP subscribers saw some of that in the SUN, and see more in this week's Ransomware and Data Breach Digest and a special Bricklayer AI-informed TARGET Report on INC Ransomware.   Main Topics   Severe Weather, Hurricane Helene, and Resilience Planning.   Crime FBI Releases 2023 Crime in the Nation Statistics. ADL: New FBI Data Reflects Record-High Number of Anti-Jewish Hate Crimes FBI Releases 2024 Quarterly Crime Report and Use-of-Force Data Update.   CSAM. A Proclamation on Cybersecurity Awareness Month, 2024. T-Mobile Required to Change Business Practices After Data Breaches. Derek Johnson. T-Mobile reaches $31.5 million settlement with FCC over past data breaches.   Quick Hits JCAT First Responders Toolbox: Enhancing Bystander Reporting to Prevent Terrorism UK NCSC: Multi-factor authentication for your corporate online services NZ NCSC - Joint Guidance: Detecting and mitigating Active Directory compromises CISA Warns of Hurricane-Related Scams.  Federal Trade Commission's Staying Alert to Disaster-related Scams and Before Giving to a Charity,  Consumer Financial Protection Bureau's Frauds and scams, and  CISA's Phishing Guidance, Stopping the Attack Cycle at Phase One to help organizations reduce likelihood and impact of successful phishing attacks.  Wifi suspended at big UK train stations after ‘cybersecurity incident.' Israel issues warnings, guidelines for travel abroad ahead of Jewish holidays Indictment Alleges the Activity Was a More Recent Phase of a Wide-Ranging Hacking Conspiracy in Support of IRGC Targeting of Current and Former U.S. Officials Iranian hackers indicted Friday allegedly sought to impersonate Ginni Thomas as they targeted Trump campaign Treasury Sanctions Iranian Regime Agents Attempting to Interfere in U.S. Elections Rewards for Justice: Election interference Individual - IRGC Hackers, up to $10 Million Election Security Update as of Mid-September 2024: 45 Days Until Election 2024.  Staying a Step Ahead: Mitigating the DPRK IT Worker Threat Iran was behind thousands of text messages calling for revenge over Quran burnings, Sweden says Maryland Woman Sentenced for Conspiring to Destroy the Baltimore Region Power Grid Patch for Critical CUPS vulnerability: Don't Panic Neo-Nazis are using AI to rebrand Hitler for a new generation Axios Vibes: Americans blame politicians for misinformation Neo-Nazi Telegram Users Panic Amid Crackdown and Arrest of Alleged Leaders of Online Extremist Group Man threw explosive device inside California courthouse on day of arraignment Republican Homeland Security Committee bill set to combat CCP cyber threats, boost cyber resilience

In this episode of The Gate 15 Interview, we're mixing things up! Andy Jabbour recorded this session onsite at TribalNet 2024 with TribalHub's Senior Marketing & Communications Manager, Michelle Bouschor, who took over as moderator. They were joined by Adam Gruscynski, IT Director, Potawatomi Casino Hotel and Tribal-ISAC Steering Committee member and Drew Ludwick, Director of IT Operations, Muckleshoot Casino Resort, to discuss ideas around cybersecurity and organizational culture.In the discussion the group discusses: Organizational culture and what makes a cyber strong organizational culture. Tribal-ISAC! What it is, how it's like other ISACs, what makes it special. How to build a strong organizational culture and the importance of leadership buy-in and taking things in “chewable bites.” Why we love TribalNet! Some of our favorite concert experiences – some we shared as we talked from Linkin Park to Snoop. And more, of course! Selected Links: TribalNet Conference 2024 Tribal-ISAC Michelle Bouschor. With 15 years of experience in tribal casino marketing, tribal government public relations, media, and community relations, I've honed my skills in navigating the unique landscape of indigenous communities. For the past 5 years, I've proudly contributed to TribalHub, leveraging my expertise to empower tribal entities through innovative solutions and strategic partnerships. Passionate about fostering collaboration and growth within tribal communities, I'm dedicated to driving positive change and sustainable development.·      Michelle on LinkedIn Adam Gruscynski. Responsible for the day-to-day operations of the IT Department for Potawatomi Casino Hotel while ensuring all of the technology needs, whether current or future, of the organization are met. Adam joined Potawatomi Casino Hotel in 2008. During his time at PCH, Adam has gained an abundance of experience by taking on various roles including IT Security Manager, Senior Cybersecurity Engineer, Lead Network Administrator, Network Administrator, and Application Administrator. Prior to PCH, Adam was Network Engineer at the Milwaukee Journal Sentinel where he began his career as Help Desk Intern.·      Adam on LinkedIn Drew Ludwick. A seasoned IT executive with over 25 years of progressive leadership experience in technology management, specializing in cybersecurity, strategic planning, and technology governance. Known for shaping and executing technology strategies aligned with business goals, leading diverse technology teams, and fostering innovation.·      Drew on LinkedIn

In the latest episode of Nerd Out, Dave and Alec covered the following areas when Dave wasn't having technical issues. The second assassination attempt and what it means for DVEs and venue security. Recent Terrorgram arrests. Planning for outdoor events in the fall and winter. Israel's pager attack and the impact for third party protection. Nerd news talking Marvel, Star Wars, and why we haven't watched Rings of Power.

In this week's Security Sprint, Dave and Andy covered the following topics: Warm Start: TribalNet! TLP:CLEAR | FB-ISAO Newsletter. The September 2024 Newsletter has been directly distributed to members and may be accessed here.   Main Topics:   Assassiination / Election Security:  FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of attempts to undermine public confidence in the security of U.S. election infrastructure through the spread of disinformation falsely claiming that cyberattacks compromised U.S. voter registration databases. PDF. CISA: Physical Security Checklist for Election Offices and Election Infrastructure Cybersecurity Readiness and Resilience Checklists 2025 Counting and Certification of Electoral Votes Designated a National Special Security Event   BEC.  Business Email Compromise: The $55 Billion Scam. The BEC scam continues to target small local businesses to larger corporations, and personal transactions while evolving in their techniques to access those business or personal accounts. Between December 2022 and December 2023, there was a 9% increase in identified global exposed losses. In 2023, the IC3 saw a growth in BEC reporting where funds were sent directly to a financial institution housing custodial accounts held by third-party payment processors, or peer-to-peer payment processors, and cryptocurrency exchanges which directly contributed to the increase in global exposed losses. IC3 data shows the BEC scam has been reported in all 50 states and 186 countries, with over 140 countries receiving fraudulent transfers. Based on the financial data reported to the IC3 for 2023, international banks located in the United Kingdom and Hong Kong often acted as an intermediary stop for funds, followed by China, Mexico, and the UAE. The following BEC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between October 2013 and December 2023: o   Domestic and international incidents: 305,033  o   Domestic and international exposed dollar loss: $55,499,915,582 o   Total U.S. victims: 158,436  o   Total U.S. exposed dollar loss: $20,089,561,364  o   Total non-U.S. victims: 6,546  o   Total non-U.S. exposed dollar loss: $1,638,490,375   All-Hazards. The disaster no major U.S. city is prepared for. Experts warn this type of catastrophe — a combined power outage with a heat wave — is a scenario that cities and states are unprepared for. “I don't think it's likely — I think it's an absolute certainty,” said Brian Stone, a professor and director of the Urban Climate Lab at the Georgia Institute of Technology. “I think it's an absolute certainty that we will have an extreme heat wave and an extended blackout in the United States.”   Quick Hits:  FBI Publishes 2023 Cryptocurrency Fraud Report Hacker tricks ChatGPT into giving out detailed instructions for making homemade bombs Recorded Future: H1 2024: Malware and Vulnerability Trends Report Kentucky I-75 shooting suspect vowed over text to ‘kill a lot of people,' arrest warrant says

In this week's Security Sprint, Dave and Andy covered the following topics: Warm Start:  Press Release! Gate 15 Partners with Cyware to Enhance Cybersecurity and Homeland Security Resilience. Gate 15's Resilience and Intelligence Portal (GRIP) now leverages the robust capabilities available in Cyware's Collaborate platform to provide the homeland security community with all-hazards technology-enhanced, human-driven analysis products.   Main Topics:   Physical Threats, Notable Dates: ·       Pakistani National Charged for Plotting Terrorist Attack in New York City in Support of ISIS ·       Man Plotted to Kill Jews in New York on Oct. 7 Anniversary, U.S. Says ·       Man Arrested For Making Threats To Elected Officials ·       U.S. charges Hamas leaders with terrorism, citing Oct. 7 attack   Terrorgram Arrests ·       Leaders of Transnational Terrorist Group Charged with Soliciting Hate Crimes, Soliciting the Murder of Federal Officials, and Conspiring to Provide Material Support to Terrorists ·       Feds say white supremacist leaders of "Terrorgram" group plotted assassinations, inspired attacks   Influence Ops ·       Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere. ·       Info Ops: ODNI - Election Security Update as of Early September. Foreign actors are increasing their election influence activities as we approach November. ·       US seeks to reassure voters that presidential election will be safe. ·       Russia focusing on US social media stars to covertly influence voters ·       Treasury Takes Action as Part of a U.S. Government Response to Russia's Foreign Malign Influence Operations ·       AP: Right-wing influencers were duped to work for covert Russian influence operation, US says ·       Conservative Podcasters Respond to Russian Influence Allegations ·       The Record: US indicts two RT employees for alleged Russian disinformation effort ·       TV Presenter Who Worked for Channel One Russia Charged with Violating U.S. Sanctions Imposed on Russia ·       2024's triple threats on election disinformation ·       TikTok: Continuing to protect the integrity of TikTok through the US elections ·       Chinese State-Linked Influence Operation Spamouflage Masquerades as U.S. Voters to Push Divisive Online Narratives Ahead of 2024 Election ·       Activists Charged With Pushing Russian Propaganda Go on Trial in Florida ·       AI-Fakes Detection Is Failing Voters in the Global South ·       Activists Charged With Pushing Russian Propaganda Go on Trial in Florida   Quick Hits:   More Russia: o   FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure o   Exclusive: US sees increasing risk of Russian ‘sabotage' of key undersea cables by secretive military unit Georgia: Apalachee High School Shooting: o   14-Year-Old School Shooter Kills Four and Wounds Nine o   At least nine people were injured. Here's what else to know. o   What we know about the Georgia high school shooting o   Georgia High School Received Threat Warning Of Shooting Before Gunman Opened Fire: Report o   Father of Teen Suspect Charged in Georgia School Shooting o   Georgia school-shooting suspect struggled with mental health, aunt says o   ASIS: Apalachee High School Shooting: What We Know o   Georgia Gunman Colt Gray Was ‘Ridiculed' and Called Gay by Bullies at School o   Mother of Georgia suspect is said to have called school before shooting, warning of ‘emergency' Sextortion o   Sextortion Scams Now Include Photos of Your Home.  o   Sextortion scam now use your "cheating" spouse's name as a lure o   Nigerian Brothers Sentenced in Sextortion Scheme that Resulted in Death of Teen o   Nigerian brothers jailed in US for sextortion scam targeting teenagers o   Four Delaware Men Charged with International “Sextortion” and Money Laundering Scheme

In this week's Security Sprint, Dave and Andy covered the following topics: National Insider Threat Awareness Month! ·       Insider Threat! Employee arrested for locking Windows admins out of 254 servers in extortion plot ·       Insider Threat: Pa. church member accused of stealing $225K from congregation ·       GRIP: Insider Threat Awareness -Don't Let Errors Cost You, 28 August 2024 ·       Palo Alto: Deepfake report: https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/   National Preparedness Month! Ready.gov: National Preparedness Month, “Start a Conversation.” A Proclamation on National Preparedness Month, 2024 September is National Preparedness Month; FEMA Releases the National Resilience Guidance + Other Upcoming Events & Climate Week NYC: Communicating Disaster Preparedness, Sep 23, 2024 02:30 PM.  Do you have an emergency and recovery plan? Get started or update it this National Preparedness Month Addressing OT cyber risk management threats and attacks with risk registers and tabletop exercises   Election Security: ·       Man Charged with Threatening Election Officials, State Judge, and Federal Law Enforcement Agents Donald Trump Assassination Updates: o   Opening Statement to Media on Updates to the Butler, Pennsylvania, Assassination Attempt Investigation o   FBI Pittsburgh Special Agent in Charge's Remarks to Media on Updates to the Butler, Pennsylvania, Assassination Attempt Investigation o   Would-be Trump assassin saw ex-president as 'target of opportunity.'   o   FBI releases photos of the gun used in Trump assassination attempt ·       DOD Will Provide Homeland With Support During Presidential Campaigns ·       US voters targeted in phishing campaign ·       When Get-Out-The-Vote Efforts Look Like Phishing ·       Intel officials say they anticipate more hacking attempts as US election nears ·       Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024   Quick Hits: ·       Two Foreign Nationals Charged in Swatting Conspiracy Targeting Lawmakers, Private Victims, Houses of Worship, and Businesses ·       European terror attacks alarm US intelligence, NYPD briefing shows ·       CIA official: Suspects in foiled plot to attack Taylor Swift shows aimed to kill ‘tens of thousands.' ·       Solingen Stabbing Ignites Fears of Resurgent Jihadism Targeting Germany ·       CISA - Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations ·       Halliburton cyberattack linked to RansomHub ransomware gang o   FBI: RansomHub ransomware breached 210 victims since February o   US agencies warn against ransomware group behind hundreds of attacks in recent months ·       KnowBe4 Report Reveals Critical Infrastructure Under Siege with Cyber Attacks Increasing 30 Percent in One Year ·       Chinese government hackers penetrate U.S. internet providers to spy o   Lumen: Taking The Crossroads: The Versa Director Zero-Day Exploitation o   Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say o   China's Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs   ·       Microsoft: Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations ·       Cybercrime and sabotage cost German firms $300 bln in past year ·       France formally charges Telegram founder, Pavel Durov, over organized crime on messaging app ·       Worldwide Trends in COVID-19-Related Attacks Against Healthcare: A Review of the Safeguarding Health in Conflict Coalition Database ·       Kasada's Releases 2024 State of Bot Mitigation Report ·       CISA Launches New Portal to Improve Cyber Reporting ·       Hate Group's Anti-Muslim Rhetoric Reflects Anti-LGBTQ+ Conspiracy Theories ·       Recorded Future: H1 2024 Check Fraud Report: Geographic Trends and Threat Actor Patterns