The Gate 15 Podcast Channel

Gate 15

The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.

  1. Weekly Security Sprint EP 161. Job site risks, patching, and much more

    13h ago

    Weekly Security Sprint EP 161. Job site risks, patching, and much more

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • A Review of the Fiscal Year 2027 Budget Request for DHS — House Homeland Security Committee • DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels — CyberScoop • DHS chief signals efforts to reshape CISA — The Record • CISA and Partners Release Fact Sheet on Securing Automatic Tank Gauge Systems • Industry Collaboration and Resilience is a Team Sport — Cyber Threat Alliance — 02 Jun 2026. This article is authored by the Executive Director of IT-ISAC and emphasizes the importance of collaboration across industry, government, and nonprofit organizations to improve cyber resilience. Main Topics: Safeguarding OUR SECRETS — IC3 — 03 Jun 2026. Five Eyes agencies warned that Chinese military intelligence services are using Western online job platforms and professional networking sites to recruit people with access to classified, privileged, or sensitive information. • Applicant Beware - Who Is Recruiting You? — NPSA — 03 Jun 2026 “Patch Now!” Most organizations that miss 24-hour patch window report breaches. Gate 15 note: We’ve been discussing this a lot in recent exercises and meetings. The time to safely address Known Exploited Vulnerabilities is limited and decreasing. Attackers’ speed is accelerating; exploited vulnerabilities are a major point of attack. CISA KEV & Other Threat Updates: AI! Promoting Advanced Artificial Intelligence Innovation and Security — The White House — 02 Jun 2026 • Opinion from Jen Easterly: The Government Is Finally Taking A.I. Risk Seriously • Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator — Anthropic • What we learned mapping a year’s worth of AI-enabled cyber threats — Anthropic Quick Hits: • Ransomware Group Claims Cyberattack on Buffalo Convention Center — Skift Meetings — 01 Jun 2026. Skift Meetings reports that the Akira ransomware group claimed it stole 46 gigabytes of data from the Buffalo Convention Center, including employee records, contracts, financial information, and personal data tied to approximately 180,000 individuals. • Knicks Watch Party at Garden Is Canceled, as Game 3 Security Ramps Up — The New York Times • FIFA World Cup 2026 Scams Are Already Here: Fake Tickets, Phishing Sites, and Crypto Cons Exposed • Hackers are hoping to score at the World Cup • At least 12 wounded near Ohio festival as police hunt multiple gunmen • Hurricane Season! • Software supply chain attacks: check your dependencies — NCSC

    19 min
  2. Weekly Security Sprint EP 160. Merch alert, plus new vulnerabilities, the evolving threat landscape, and the World Cup

    Jun 2

    Weekly Security Sprint EP 160. Merch alert, plus new vulnerabilities, the evolving threat landscape, and the World Cup

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • 27th Annual TribalNet Conference & Tradeshow, 20 – 24 Sep, Dallas, TX • 02 Jun! WaterISAC H2OSecCon (Virtual Conference) Main Topics: Exploitation! and the KEV! • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-9082 Drupal Core SQL Injection Vulnerability • Drupal security advisory (AV26-492) - Update 2 - Canadian Centre for Cyber Security • CISA orders feds to patch actively exploited Drupal vulnerability - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability • CISA gives feds 4 days to patch actively exploited cPanel plugin flaw - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability • Palo Alto Networks Security Advisory AV26-462 — Canadian Centre for Cyber Security • ETR: Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability CVE-2026-0257 — Rapid7 Ransomware & Data Breaches: • The Cyber Extortion Economy - Palo Alto Networks Unit 42 - 28 May 2026 “As recently noted by our Chief Security Intelligence Officer, Wendi Whitmore, it only took 39 seconds for threat actors to move from initial access to data exfiltration in one case.” • Stay Ahead of Ransomware: What 2026 Threat Reports Are Telling Us — SANS Institute — 01 Jun 2026 • Charter Communications Data Breach Could Impact Nearly 5 Million • How St. Paul, Minn., Recovered From a Ransomware Attack • FBI FLASH - Silent Ransom Group Impersonating IT Personnel through Social Engineering - FBI IC3 & FBI warns of in-person data theft attacks from extortion gang • Charter confirms data breach after ShinyHunters extortion threat • The Gentlemen ransomware: Dissecting a self-propagating Go encryptor • The Gentlemen Ransomware Group Is Scaling Faster Than Any Other Group on Record • The Gentlemen (Ransomware) in Disguise: Defense Evasion and other TTPs World Cup: • FBI PSA - Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup - FBI IC3 • FAA Establishes No Drone Zones for FIFA World Cup 2026 Stadiums, Fan Events and Base Camps — FAA • Column: Empower Emergency Managers for Major Events • Ebola concerns grow ahead of World Cup — The Hill Quick Hits: • The Future of AI Risk: Predictions for 2027 and Beyond - Gate 15 - 26 May 2026 • Top 10 Artificial Intelligence Security Actions Primer — Canadian Centre for Cyber Security • Mythos Exposes a Bigger Problem in Critical Infrastructure Cyber Defense - HSToday • NSA Launches Zero Trust Implementation Guidelines Resource Webpage — National Security Agency • Designing secure access with ZTNA - National Cyber Security Centre • The 2026 U.S. Midterms Have a Cyber Problem, But It’s Not at the Ballot Box — Check Point & Hackers are already laying groundwork to disrupt 2026 midterms, research says — Nextgov • 'Holding our breath': Hurricane season is here, and FEMA is shorthanded — Politico

    19 min

  3. May 27

    Nerd Out EP 70. San Diego, lying in wait, World Cup, and movie / TV reviews

    On the latest episode of Nerd Out, Dave and Alec covered the following topics: The San Diego mosque attack.Recent arrest indicating potential risk to the U.S.World Cup considerations.Mandalorian, Daredevil, and Punisher reviews (SPOILER WARNING)References to what was discussed on the pod: San Diego Mosque Shooters' Apparent Manifestos Reveal Anti-Muslim Extremism, Antisemitism, and Broader Extremist Ideology https://www.adl.org/resources/article/san-diego-mosque-shooters-apparent-manifestos-reveal-anti-muslim-extremismhttps://abc7news.com/post/san-diego-mosque-shooting-alleged-islamic-center-shooter-caleb-vazquezs-behavior-led-guns-seized-2025/19162644/ Kata’ib Hizballah Commander with Ties to Iran Arrested for Terror Campaign https://smallwarsjournal.com/2026/05/20/kataib-hizballah-commander-with-ties-to-iran-arrested-for-terror-campaign/https://www.justice.gov/opa/pr/iraqi-national-arrested-and-charged-providing-material-support-iranian-backed-terrorist World Cup Security https://www.theguardian.com/football/2026/may/10/fifa-world-cup-terrorism-risk-iran-warhttps://mailchi.mp/factal/benchmarker-conus-drone-threats-securingwatch-parties-data-center-threats-analyst-operator-merger

    48 min
  4. Weekly Security Sprint EP 159. Verizon DBIR, San Diego update, and all hazards updates

    May 26

    Weekly Security Sprint EP 159. Verizon DBIR, San Diego update, and all hazards updates

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • Misinformation, Deepfakes, and AI’s Unwelcome Companions. This blog is part of Gate 15’s blog series “Riding the Tiger: AI Threats and Opportunities”, highlighting the essential considerations for organizational leaders and security professionals. • Researchers warn of coordinated influence accounts amplifying synthetic AI-generated geopolitical narratives across social platforms • Bluesky Says Kremlin Is Hacking Its Platform to Spread Propaganda • Trump’s AI executive order postponed. Here’s why. & Trump’s AI order sacks tech experts and sidelines safety testing • Pope Leo warns AI boom can give Big Tech and the people who run it too much power • Health-ISAC: Healthcare is scaling AI without the infrastructure to manage it • AT&T joins Cybersecurity Manufacturing Innovation Institute’s C2-ISAC initiative - AT&T, and see Who’s whispering in Trump’s ear on Iran for more on C2-ISAC (“New ISAC in Town”) and lots of other articles sharing this announcement. • GAO: Critical Infrastructure Protection: EPA Needs to Ensure Water Systems Address Risks from Cybersecurity Threats • Ranking Member Lofgren’s Opening Statement at Water Cybersecurity Hearing & Ranking Member Amos’ Opening Statement at Water Cybersecurity Hearing • Tip of the Week – May 21, 2026 - WaterISAC Main Topics: 2026 Data Breach Investigations Report - Verizon - 19 May 2026 • 2026 Verizon Data Breach Investigations Report finds third-party risk and credential abuse accelerating • Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector • What the 2026 Verizon DBIR Signals About Internet Intelligence and External Visibility • Verizon 2026 DBIR: 10 Takeaways You Should Know • Verizon DBIR finds vulnerability exploitation overtakes stolen credentials as top breach entry point for critical infrastructure • Patches take weeks. Exploits take hours. The 2026 DBIR makes the math brutal. San Diego Mosque Shooting and Extremism • San Diego Shooter So Alarmed Police in 2025, They Seized Father's Guns • CSIS: The San Diego Mosque Shooting Marks a Deadly First in the United States • ‘It’s the Jews’: San Diego mosque shooters decried ‘the universal enemy’ in hate-filled manifesto • San Diego mosque shooter Caleb Vazquez’s family breaks silence on terror attack, say autistic son was brainwashed online • Several people watched San Diego attack live on video calls, recordings show • Violent Neo-Nazi Ideology at the Heart of San Diego Attack • San Diego Mosque Shooting Another Symptom Of The “Great Replacement” Conspiracy Theory • San Diego Mosque Shooters’ Apparent Manifestos Reveal Anti-Muslim Extremism • San Diego shooting suspects had manifesto, weapons cache: FBI • Father-of-eight killed in San Diego mosque shooting hailed as a hero • Imam blames anti-Muslim rhetoric for San Diego attack: ‘This is what we get’ Quick Hits: • NOAA predicts below-normal 2026 Atlantic hurricane season – NOAA • Nine Practical Ideas to Strengthen Preparedness This Hurricane Season • Ebola: Worldwide Caution - U.S. Department of State • World Cup’s Ebola factor • There is no Ebola vaccine for this outbreak. There won’t be one soon. Here’s why. • WHO chief says Ebola outbreak in Congo is ‘spreading rapidly’ and upgrades risk assessment • Threat Actors Impersonate IC3 Employees to Defraud Victims - FBI IC3 • “First VPN Service” Used by Ransomware Actors to Compromise Systems - FBI IC3

    21 min
  5. Weekly Security Sprint EP 158. New swag, hurricane prep, and new physical and cyber threats with our special guest

    May 19

    Weekly Security Sprint EP 158. New swag, hurricane prep, and new physical and cyber threats with our special guest

    In this week's Security Sprint, Dave and Andy are joined by Anna Mentzer-Hernandez to talk about the following topics: Opening: • AI Governance: Aligning Corporate Structures with Emerging Tech - Gate 15 o CISA & G7 Partners Release Joint Guidance on the Minimum Elements of a Software Bill of Materials for Artificial Intelligence o Thinking carefully before adopting agentic AI - NCSC • Non-Human Identities (NHIs) Are Growing Faster Than Most Security Programs - RSAC Conference - 13 May 2026 Gate 15’s Sadie-Anne Jones wrote that non-human identities are expanding rapidly across cloud, automation, AI, API, SaaS, and CI/CD environments, often outpacing the governance programs meant to control them. • PERSPECTIVE: Stabilizing the Cybersecurity and Infrastructure Security Agency Starts With These Critical Steps - HSToday - 13 May 2026 Scott Algeier, Executive Director of the Information Technology Information Sharing and Analysis Center and Executive Director of the Food and Agriculture Information Sharing and Analysis Center, argues that stabilizing CISA requires renewed public-private partnership, legal protections for information sharing, and practical reforms that strengthen trust with industry. Main Topics: Hurricane Season & (TLP:GREEN) GATE 15 TARGET Hurricane Preparedness, 18 May 2026 San Diego shooting: 5 dead in mosque attack; anti-Islam writings found - Los Angeles Times - 18 May 2026 The Los Angeles Times reported live updates on the San Diego mosque attack, including that five people were dead and anti-Islam writings were found as investigators examined motive. The reporting described a large law enforcement response and continued investigation into whether the attack was driven by bias or extremist intent. The incident has elevated concern around religiously motivated targeted violence and the protection of schools or community spaces co-located with houses of worship. Target is faith-based organizations, Muslim communities, school administrators, and emergency managers with Dig highlighting the intersection of hate-driven violence, mass casualty response, and community security preparedness. Iranian hackers target gas stations and internet-connected systems amid regional tensions – CNN – 15 May 2026 Iranian-linked cyber actors are reportedly targeting internet-connected systems and fuel distribution infrastructure amid heightened geopolitical tensions involving Iran and Western governments. Analysts assess the activity as part of a broader pattern of retaliatory cyber signaling intended to demonstrate disruptive capability without crossing into full-scale destructive cyber conflict. The incidents reinforce ongoing concerns regarding the exposure of operational technology and public-facing infrastructure systems vulnerable to politically motivated cyber operations. Target is fuel distribution systems and internet-connected infrastructure environments with Dig highlighting how geopolitical escalation continues to increase cyber risk to civilian operational systems. • ISACs! ONE-ISAC, Tribal-ISAC, RH-ISAC • Iraqi National Arrested and Charged with Providing Material Support to Iranian-Backed Terrorist Organizations and Directing Attacks Targeting U.S. Citizens and Interests Quick Hits: • Fine of nearly £1m issued against South Staffordshire Plc and South Staffordshire Water Plc • UK water company allowed hackers to lurk undetected for nearly two years, regulator finds • W.H.O. Declares Ebola Outbreak a Global Health Emergency

    22 min

  6. May 13

    The Gate 15 Interview EP 70: Allan Liska Returns! Ransomware, Comic Books and Empathy

    In this episode of The Gate 15 Interview, Andy Jabbour speaks with Allan Liska. Allan Liska, threat intelligence analyst at Recorded Future, has more than 15 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program”, “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.”, and "Ransomware: Understand. Prevent. Recover." Allan on LinkedInAllan on BlueskyAllan on Substack (Ransomware)Green Archer Comics Allan Liska’s cybersecurity books on Amazon! The Gate 15 Interview EP 55. Allan Liska, Ransomware Sommelier. Threats, mental health, comic books and Diet Dr. Pepper. (18 Feb 2025)“I think we’re in a rough time right now… we need to be more empathetic and more compassionate” – Allan Liska In the podcast, Allan and Andy discuss: Ransomware, Recorded Future, cybersecurity, and comics!Anti-Ransomware Day, 3rd party ransomware risk, and the expanding ransomware ecosystemIABs, scams, BEC, and other threatsThoughts on AI and LLMsThe value of networking!Green Archer Comics! and where you can meet Allan: Comic Logic (17 May), Big Lick Comic Con NOVA (30-31 May) Sleuthcon (05 Jun)We play Three Questions! and talk, Green Arrow, The White Desert, and some rapid-fire comic word associationAnd more!

    43 min
  7. Weekly Security Sprint EP 157. Anti-Ransomware Day, AI enabled attacks and strategies that lack

    May 12

    Weekly Security Sprint EP 157. Anti-Ransomware Day, AI enabled attacks and strategies that lack

    In this week's Security Sprint, Dave and Andy covered the following topics: Opening: • Summary Playbook: AI Risk Management Checklist for Leaders - Gate 15 • Ripple teams up with Crypto ISAC to stop North Korean hackers • Designation: Restrict the Operation of Unmanned Aircraft in Close Proximity to a Fixed Site Facility ; An unpublished Proposed Rule by the Federal Aviation Administration on 05/06/2026 - FAA • Trump admin will push for ‘long-term’ reauthorization of key cyber data-sharing law • FEMA Review Council Releases Final Report - DHS • Ranking Member Thompson Statement on FEMA Review Council Report - House Homeland Security Committee Democrats Main Topics: Ransomware! International Anti-Ransomware Day 2026: Kaspersky shares insights into ransomware trends and tactics - Kaspersky - 12 May 2026. • Weekly ransomware & data leak landscape - eCrime.ch • Q1 2026 Ransomware Report: Fewer Groups, Higher Impact - Check Point Research • Ransomware roundup: April 2026 - Comparitech • Arete’s 2025 Annual Crimeware Report Operationalizes Cyber Intelligence and Incident Response Data • Global ransomware statistics 2026: the data behind the rising threat • Gentlemen ransomware reportedly hit by… ransomware CI Fortify: Strengthening Resilience Across Critical Infrastructure - CISA - 05 May 2026 This initiative outlines CISA efforts to strengthen resilience across critical infrastructure sectors through targeted guidance tools and collaborative programs. America’s Most Critical Lifeline- Water! AI-Assisted ICS Attack on Water Utility - Dragos - 07 May 2026 Dragos reports that threat actors used artificial intelligence tools during an intrusion involving a water utility environment to support reconnaissance, scripting, and operational targeting activity. • WaterISAC H2OSecCon!! 02 June 2026 • WaterISAC: TLP:GREEN Physical Security Case Study: Water Treatment Plant Insider Threat Incident • Polish intelligence warns hackers attacked water treatment facility United States Counterterrorism Strategy - The White House - 06 May 2026 The White House released its 2026 counterterrorism strategy, outlining priorities focused on homeland protection, cartel and transnational gang threats, jihadist organizations, violent secular political groups, state sponsors, and weapons of mass destruction risks. o Perspective: Selective Threats — A Counterterrorism Strategy Built on Politics - HSToday - 11 May 2026 - Analysis/Commentary. HSToday argues that political considerations are shaping counterterrorism priorities in ways that can distort threat assessment and operational focus. o Trump counterterrorism strategy targets ‘violent left-wing extremists’ with ‘transgender ideology’ o Trump Releases New 'Counterterrorism Strategy' With Fresh Focus on Cartels and Antifa o Trump’s counterterrorism strategy puts focus on left-wing ‘violent secular groups’ o Trump signs new counterterrorism strategy that focuses on hemispheric threats o US says migration has made Europe an ‘incubator’ for terrorism in new counter-terrorism strategy o Ranking Member Thompson Statement on Trump Administration’s Counterterrorism "Strategy" Quick Hits: • One in Eight Workers Has Sold Their Corporate Logins • El Niño to fuel Pacific hurricane season, increase risks for California, Hawaii, Mexico • ClickFix! Clipboard to Encryption: The Critical Role of ClickFix in Ransomware Campaigns • ClickFix! ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure • ClickFix! ClickFix campaign uses fake macOS utilities lures to deliver infostealers • Between Intent and Capability: Assessing the Lack of Iranian Attacks on the U.S. Homeland • The Canvas Hack Is Disrupting Schools and Universities Across the Country • OT Cybersecurity Lessons Learned from the Frontlines • English Language Video Attributed to Al-Qaeda in the Arabian Peninsula Calls for Lone Wolf Attacks in the West

    21 min
  8. Weekly Security Sprint EP 156. Scams, cyber reports, and hurricane preparedness

    May 5

    Weekly Security Sprint EP 156. Scams, cyber reports, and hurricane preparedness

    In this week's Security Sprint Dave and Andy covered the following topics: Opening • Homeland Security Funding Bill Passed, Includes Money for CISA • Browser Extensions and Shadow AI: Unmanaged Threats to Privacy — Gate 15 • Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS’s SRMA Role for the Communications and IT Sectors — House Committee on Homeland Security • New Cybersecurity Guide Targets Rising Threats to Food and Agriculture SMBs • Maine Law Requires Hospitals to Enact Cybersecurity Plans Main Topics New FTC Data Show People Have Lost Billions to Social Media Scams - Federal Trade Commission - 23 Apr 2026 The Federal Trade Commission reported that consumers have lost billions of dollars to scams originating on social media platforms, with fraudsters leveraging impersonation, investment schemes, and romance scams to exploit user trust. Take9! 9 Seconds For A Safer World. Cyber threats are everywhere. And getting sneakier. What can you do to protect yourself, your community and our nation? New 2026 ‘IOCTA’ highlights sophisticated tactics and emerging challenges in the digital landscape – Europol unveils comprehensive analysis of evolving cybercrime threats - Europol - 28 Apr 2026 Europol released its 2026 Internet Organised Crime Threat Assessment, warning that encryption, proxies, artificial intelligence, dark web marketplaces, cryptocurrencies, fraud ecosystems, ransomware, and child sexual exploitation are expanding the cybercrime landscape. Global Encryption Coalition (GEC). The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. Gate 15 is a proud member of the GEC. Ransomware! Weekly ransomware & data leak landscape; A seven-day view of claim activity, leak escalation, actor concentration, sector shifts, and supporting news context from eCrime.ch. — eCrime.ch — 26 Apr 2026. The eCrime weekly report provides a seven-day analysis of ransomware claim activity, data leak site postings, actor concentration, and sector targeting trends. • NCC Group Monthly Threat Pulse - Review of March 2026 • Ransomware and Cyber Extortion in Q1 2026 - ReliaQuest Presidential Message on National Hurricane Preparedness Week - The White House - 03 May 2026 This message encourages Americans in hurricane-prone areas to prepare before the season by protecting property, building emergency plans, assembling supplies, and monitoring forecasts and evacuation routes. It emphasizes local and state frontline roles while describing federal support for response and recovery. • Hurricane Preparedness - NOAA • Summer forecast 2026: Heat, severe storms to shape the season as El Niño develops, strengthens - AccuWeather • 2026 Hurricane Awareness Webinars - NOAA Quick Hits • Email threat landscape: Q1 2026 trends and insights — Microsoft Security Blog • Tycoon2FA disruption impact • QR code phishing attacks • CAPTCHA tactics • Malicious payloads • Business email compromise • Defending against email threats • Microsoft Defender detections • Alert - AL26-008 - Vulnerability affecting cPanel and WebHost Manager (WHM) - CVE-2026-41940 - Canadian Centre for Cyber Security • Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks • To recover your files kindly send 0.1 BTC to… ransom note appears on websites • The cPanel Situation Is… - • cPanel authentication bypass vulnerability CVE-2026-41940 exploited • Over 40,000 Servers Compromised in Ongoing cPanel Exploitation • Cole Allen’s journey from Caltech grad to accused gunman in D.C. attack • Footage shows White House correspondents' dinner suspect 'casing' hotel: US attorney • Washington Hilton says it was using Secret Service protocols on night of attack

    21 min
See All (376)

Ratings & Reviews

5
out of 5
4 Ratings

About

The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.

Information