The Gate 15 Podcast Channel Gate 15

Jennifer Lyn Walker returns to the Security Sprint and partners with Dave on the following topics.
Protests.

CNN: https://www.cnn.com/business/live-news/university-protests-palestine-04-29-24/h_5c66b0505df54a3db5b57e3949161257


AP: https://apnews.com/article/israel-palestinian-campus-student-protests-war-8b0d3a0cedb17f5e892c6ca43bbdf628?taid=6630becafd4f33000168594c&utm_campaign=TrueAnthem&utm_medium=AP&utm_source=Twitter


National Small Business Week, Take Steps to Secure Your Business

During National Small Business Week, Take Steps to Secure Your Business https://www.cisa.gov/news-events/news/during-national-small-business-week-take-steps-secure-your-business
Secure Your Business https://www.cisa.gov/secure-our-world/secure-your-business


Severe Weather.

Tornados. NBC: ⁠https://www.nbcnews.com/news/weather/overnight-tornadoes-storms-leave-heavy-destruction-nebraska-iowa-rcna149658⁠
https://apnews.com/video/oklahoma-tornadoes-natural-disasters-ef4b5e6696bf47d69a869102f5b7a441
Hurricanes. https://engr.source.colostate.edu/researchers-predicting-well-above-average-2024-atlantic-hurricane-season/


Lots of Water…

DHS asked to consider potentially 'devastating’ impact of hacks on rural water systems https://therecord.media/water-utility-cyberattacks-lawmakers-letter-to-dhs
Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats https://www.fbi.gov/news/speeches/director-wrays-remarks-at-the-vanderbilt-summit-on-modern-conflict-and-emerging-threats


Quick Hits.

https://www.thebaltimorebanner.com/education/k-12-schools/eric-eiswert-ai-audio-baltimore-county-YBJNJAS6OZEE5OQVF5LFOFYN6M/
Vulnerabilities – PAN OS & Siemens RUGGEDCOM; Cisco


Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability https://www.securityweek.com/siemens-industrial-product-impacted-by-exploited-palo-alto-firewall-vulnerability/
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack https://thehackernews.com/2024/04/palo-alto-networks-outlines-remediation.html
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/
 
Scams
Japanese police create fake support scam payment cards to warn victims https://www.bleepingcomputer.com/news/security/japanese-police-create-fake-support-scam-payment-cards-to-warn-victims/
FBI warns of massive wave of road E-Z Pass - toll SMS phishing attacks https://www.bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/
Researchers find dozens of fake E-ZPass toll websites after FBI warning https://therecord.media/researchers-find-dozens-of-ezpass-spoofs
 
AI
6 security items that should be in every AI acceptable use policy https://www.csoonline.com/article/2093806/6-security-items-that-should-be-in-every-ai-acceptable-use-policy.html
 
Misc (didn’t get to, but providing for bonus)
Top 10 physical security considerations for CISOs https://www.csoonline.com/article/566635/what-is-physical-security-how-to-keep-your-facilities-and-devices-safe-from-on-site-attackers.html

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Curtis E. Tilley, Branch Chief, Training, Office for Bombing Prevention (OBP), Cybersecurity and Infrastructure Security Agency (CISA).
· Curtis on https://www.linkedin.com/in/curt-tilley-0089b6b2/.
- Those who want to engage with the DHS Office of Bombing Prevention may email at mailto:obp@cisa.dhs.gov.

In the discussion we address:
- OBP’s background.
- Some bomb threat and IED history.
- The enduring threat and challenge of the IED threat.
- Preparedness and resources.
- How to contact OBP.
- We talk about what’s on Curt’s mind.
- We play Three Questions and talk Macho Man Randy Savage, being the big man on campus, serving our communities and more!

A few references mentioned in or relevant to our discussion include:
- https://www.hstoday.us/subject-matter-areas/emergency-preparedness/profiles-in-excellence-curtis-tilley-branch-chief-office-for-bombing-prevention-cisa/ (13 Mar 2023)
- Watch the discussion noted above https://youtu.be/NhWHpE2kEs8
- http://www.cisa.gov/obp
- https://www.youtube.com/watch?v=xUgLIIduLWY
- https://www.cisa.gov/
- https://www.dni.gov/nctc/timeline.html

In the latest episode of the Security Sprint, Dave and Andy talked about the following topics.

Warm Start
·       CISA Announces 9th Cyber Storm National Exercise. The Cybersecurity and Infrastructure Security Agency (CISA) is hosting its ninth iteration of the Cyber Storm (CS IX) Cyber Exercise. It’s the nation’s largest cyber exercise designed to improve the cybersecurity posture of our nation’s critical infrastructure. Through extensive planning, this exercise strengthened cybersecurity preparedness and response capabilities through exercising policies, processes, and procedures for identifying and responding to a multi-sector significant cyber incident impacting critical infrastructure. For more information and resources, visit Cyber Storm IX: National Cyber Exercise | CISA & Cyber Storm IX: National Cyber Exercise | CISA

FB-ISAO: Best Practices for Securing Your Router / Wi-Fi
'NCSC Cyber Series' podcast now available on Spotify

 
Main Topics: 
US 911 emergency call line outage resolved in some areas

The PRC has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist…

Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats


FBI says Chinese hackers preparing to attack US infrastructure
Gallagher’s ominous farewell
Chinese Government Poses 'Broad and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says


UK: Government cracks down on ‘deepfakes’ creation

“Proactive De-escalation”
 
Quick Hits
·       Russian US election interference targets support for Ukraine after slow start
·       Microsoft: Nation-states engage in US-focused influence operations ahead of US presidential election
·       Information operations will be ‘foundational’ to future DOD efforts, Cybercom chief says
·       How A.I. Tools Could Change India’s Elections
·       Google: Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
·       Secret Russian foreign policy document urges action to weaken the U.S.
·       RAND: Generative Artificial Intelligence Threats to Information Integrity and Potential Policy Responses
·       Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations
·       Montgomery Co. student charged with threats of mass violence after police discover disturbing ‘manifesto.’
·       CISA and Partners Release Advisory on Akira Ransomware
·       FBI: Akira ransomware raked in $42 million from 250+ victims
·       Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities
·       FACT SHEET: Biden-⁠Harris Administration Releases Strategy to Strengthen Global Health Security
·       U.S. Government Global Health Security Strategy 2024 (PDF)
·       Undersea ‘hybrid warfare’ threatens security of 1bn, Nato commander warns
·       Joint Guidance on Deploying AI Systems Securely
·       UK NPSA: Personal Safety and Security for High-Risk Individuals
·       840-bed hospital in France postpones procedures after cyberattack
·       Cloudflare: DDoS threat report for 2024 Q1
·       Hearing - Held for Ransom: How Ransomware Endangers Our Financial System. See the full hearing video on YouTube.
·       Ex-White House cyber official says ransomware payment ban is a ways off
·       Top officials again push back on ransomware payment ban
·       Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse
·       UnitedHealth Group reports that the Change Healthcare ransomware attack has had an $872 million financial hit on its business so far
·    

In the latest episode of Nerd Out, Dave welcomes in Alec Davison as his partner in crime for the podcast. After they get through the excitement of the latest Taylor Swift album, they talked through the latest activity in the Middle East and what it could mean domestically. Then they looked at the latest news related to the U.S. election including the recent incident outside of the Trump trial and potential concerns that may play out over the course of the year especially related to mis/dis/mal-information.

They wrap up the pod with some real nerd discussions on Star Wars and what the new series has to offer!

Alec Davison is the Lead Analyst at the Water Information Sharing and Analysis Center (WaterISAC). In addition, he works as a Risk Analyst at Gate 15. He holds an M.A. in Security Policy Studies from George Washington University.

Some of the resources discussed in the pod include:

https://www.cisa.gov/resources-tools/resources/personal-security-considerations-action-guide
https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic
https://www.dni.gov/files/NCTC/documents/jcat/firstresponderstoolbox/89s_-_Violent[…]il_Unrest_and_Public_Assemblies_in_the_United_States-survey.pdf

Mobilization/SARs

https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf
https://www.dhs.gov/nationwide-sar-initiative-nsi

Info sharing communities

https://www.dhs.gov/fusion-centers
https://www.nationalisacs.org/

In this week's Security Sprint, Dave and Andy discussed the following topics:
Warm Start

 Palo Alto Command Injection Vulnerability in PAN-OS GlobalProtect
'Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
Volexity on GitHub Adding content for Palo Alto Networks GlobalProtect post
Palo Alto Networks Security Advisories CVE-2024-3400 CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect
Palo Alto: Applying Vulnerability Protection to GlobalProtect Interfaces
Compromise of Sisense Customer Data
Brian Krebs: Why CISA is Warning CISOs About a Breach at Sisense
Sisense customers told to reset credentials amid supply chain attack fears
Risky Biz News: Sisense breach has CISA and everyone else panicking

 
Main Topics:
Israeli war cabinet to meet again to consider response to Iran’s attack
o   Iran Issues Fresh Threat to U.S.
o   US will not take part in any Israeli retaliatory action against Iran
o   The Latest | World leaders urge Israel not to retaliate for the Iranian drone and missile attack
o   U.S. details Pentagon’s role in defending Israel from Iranian attack
o   Analysis: Israel Repelled Iran’s Huge Attack. But Only With Help From U.S. and Arab Partners.
 
Idaho Man Arrested for Attempting to Provide Material Support to ISIS

Idaho teen arrested for allegedly plotting to attack church in name of ISIS


What we know about Clenard Parker, the man accused of driving into a Brenham DPS office
'Obvious' Sydney killer targeted women - Australian police.
Man who confronted attacker with bollard and other bystanders praised for heroic acts during Bondi stabbings.
Stabbing rampage at Sydney mall leaves at least 7 dead, including attacker
Sydney stabbing: Police say no ideological motivation
English Tutor Identified as Mall Stabbing Attacker Left Behind Disturbing Facebook Post
Sydney knife attacker Joel Cauchi 'had worked as male escort' before Bondi shopping centre stabbing
False claims started spreading about the Bondi Junction stabbing attack as soon as it happened


Posture Statement of General Timothy D. Haugh 2024. “ Beijing, Moscow, and Tehran increasingly use social media and state-sponsored disinformation sites, both overt and covert, to shape narratives and sow confusion..."


Chinese nationalist trolls pretend to be Trump supporters ahead of US elections

 
Quick Hits:

UK NPSA: Personal Safety and Security for High-Risk Individuals
Delaware Woman Arrested for International Sextortion and Money Laundering Scheme
LastPass: Hackers targeted employee in failed deepfake CEO call
UNSW: World-first Cybercrime Index ranks countries by cybercrime threat level
Google Insider Threat: https://www.justice.gov/opa/pr/chinese-national-residing-california-arrested-theft-artificial-intelligence-related-trade
Director Wray's Remarks to the ABA Standing Committee on Law and National Security
Russia thwarts planned terrorist attack on Moscow Synagogue
Change Healthcare breach data may be in hands of new ransomware group
Politico: Grassley knocks agencies slacking on cyber
CISA & FBI: Transitioning to .Gov: Helping Mitigate Election Office Cybersecurity and Impersonation Risks
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat / CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System. 
CDC Data Modernization Efforts Accelerate Nation’s Ability to Detect and Rapidly Respond to Health Threats
The Black Market That Delivers Elon Musk’s Starlinks to U.S. Foes
China's attacks on U.S. infrastructure aren't going anywhere
Police Scour LockBit Ransomware Evidence, Turning Up 200 Leads
TLP:CLEAR | FB-ISAO Newsletter
Man on terror watchlist

Warm Start:
·       GridEx VII Report Highlights Further Action to Enhance Grid Resilience
·       US electric grid growing more vulnerable to cyberattacks, regulator says
·       CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan
 
Main Topics:
·       US Environmental Protection Agency hack exposes data of 8.5 million users.
·       Sophos - Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector.  
·       Bomb threats follow Libs of TikTok's campaign against Planet Fitness
o   Bomb threats reported at Planet Fitness locations in Northern Va. amid transgender controversy
o   No threat found after several Planet Fitness locations in Jacksonville received bomb threats
o   Alabama Planet Fitness locations receive bomb threats, evacuated by FBI
o   Planet Fitness bomb threats in Connecticut spark concerns
o   Police: Planet Fitness locations evacuated after bomb threats
o   Planet Fitness locations in Daphne, Fairhope, and Mobile receive bomb threats
 
·       Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden.
 
·       Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023. The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion.
o   Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf
o   Cyber board says Chinese hack of US officials was 'preventable'
o   Microsoft faulted for ‘cascade’ of failures in Chinese hack
 
·       CSU: Forecast for 2024 Hurricane Activity. “We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.” 
 
Info Ops: 
o   Russian trolls target U.S. support for Ukraine, Kremlin documents show
o   New effort to "inoculate" U.S. voters against AI misinformation
o   AI-generated story that Iran had fired missiles at Tel Aviv were amplified by X's own systems
o   Microsoft: China tests US voter fault lines and ramps AI content to boost its geopolitical interests
 
Quick Hits:
·       CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities.  
·       DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource.
·       FTC Announces Impersonation Rule Goes into Effect Today (01 Apr)
·       FBI Atlanta gate crash: Man tries to breach security by tailing employees
·       Suspect arrested after vehicle crashes into gate at Atlanta FBI field office
·       The Surprising Intelligence Community Outreach to Russia
·       Why Russian intelligence dismissed US warnings of terror threat
·       Germany announces military overhaul with eye on cyber threats
·       “All your base are belong to us” – A probe into Chinese-connected devices in US networks
·       Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
·       Risky Biz News: Backdoor found in 92k D-Link NAS devices
·       Omni Hotels experiencing nationwide IT outage since Friday
·       A Quantitative Analysis of the Security Ratings of the S&P 500
·       How a steel ball protected Taiwan’s tallest skyscraper in an earthquake
·       Rotterdam teen arrested for plotting a terror attack, prosecutors say
·       ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data
·       The Unification Church Infiltrated Japan’s Government. Now Its Sights Are Set on the U.S.
·       India rescues 250 citizens enslaved by Cambodian cybercrime gang
·       Targeted Phishing Linked to 'Th