The Gate 15 Podcast Channel

Gate 15

The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.

  1. Weekly Security Sprint EP 163. Security reviews, scams, and more!

    Jun 23

    Weekly Security Sprint EP 163. Security reviews, scams, and more!

    In this week's Security Sprint, Dave and Andy covered the following topics: Main Topics: UFC 250 Attack Plot: • FBI Arrests Two More Men in Washington and Missouri in Connection with Planned Attack on Government Officials at White House UFC event • Five Men Arrested and Charged in Plot to Attack and Kill Government Officials and Others Attending the Ultimate Fighting Championship at White House Ransomware & Data Breaches: A Small Southeastern Hospital Had Effective Cybersecurity Controls To Prevent, Detect, and Respond To Cyberattacks — HHS Office of Inspector General — 12 Jun 2026. HHS OIG found that a small southeastern hospital had effective cybersecurity controls to prevent, detect, and respond to simulated cyberattacks. The hospital used controls that included a custom system to block unusual or suspicious activity and detected OIG testing as suspicious. • Killing me Gently: Inside GentleMans EDR killer framework — WeLiveSecurity by ESET • Risky Bulletin: Klue breach impacts security firms — Risky Business • eCrime weekly report tracks ransomware victim claims — eCrime.ch • Prinz Eugen ransomware: a deep dive into a new Go-based encryptor • Cato CTRL™ Threat Actor Profile: ShinyHunters – The Brand That Outlasts the Takedowns FBI & FTC Alerts • Scammers Use Couriers to Collect Cash in Cryptocurrency Investment Scams • Protect Your Property from Illegal Sales Through Parcel Owner Impersonation • Cyber Criminals Redirecting Users to Fraudulent Websites with Malicious Traffic Distribution Systems • FTC Data Show People Reported Losing $3.5 Billion to Imposter Scams in 2025 • Take9: 9 Seconds for a Safer World. Scammers are getting smarter, but you can stay ahead of them. How? Count before you click! Count von Count is here to help you take a 9 second pause and think before you click, download, or share. And Take9 will join Andy for the July Gate 15 Interview! Terrorism & Extremism: ISIS Editorial Calls For Lone Actor Attacks On FIFA World Cup Matches In U.S. Cities — HSToday — 19 Jun 2026. HSToday reports on a MEMRI assessment of an ISIS editorial in Al-Naba’ calling for lone actor attacks against FIFA World Cup matches in U.S. host cities. • Terrorist Use of AI to Facilitate Fraud Requires Adaptability — National Counterterrorism Center • Counter-terrorism operation disrupted Islamic State Khorasan Province activities — Europol • FGCU student arrested after allegedly making violent threats on Discord — Gulf Coast News • Person detained after bomb squad searches suspicious vehicle near Islamic Center of San Diego • Blackout: Inside Germany’s far-left war on infrastructure — Politico Europe • How State-Sponsored Hybrid Threats Are Reshaping Executive Protection in a Post-Epic Fury World Quick Hits: • Temperatures exceed 40C in European heatwave, three die in France • Tropical Rainstorm Arthur makes landfall in Texas, raising flood risk across southern US

    21 min
  2. Jun 23

    The Gate 15 Interview EP 71: ONE-ISAC Returns! Security, sauces and streaking, with Scott Moore and Angela Haun

    In this episode of The Gate 15 Interview, Andy Jabbour welcomes back ONE-ISAC Executive Director, Angela Haun, and this time with Scott Moore, ONE-ISAC Board Member and who also leads the Digital Security group for Devon Energy, a Fortune 500 oil and natural gas exploration and production company with operations focused onshore in the United States. • Scott on LinkedIn • Angela on LinkedIn • ONE-ISAC • About ONE-ISAC, including Angela, Scott, and the rest of the Board • Devon Energy • The Gate 15 Interview – Angela Haun, ONE-ISAC, good intentions, and Rick Springfield, 23 Nov 2024 • The Gate 15 Special Edition: Iran, ISACs, & insomnia: What’s happening, and not happening, in information sharing, 06 Mar 2026 Anna Mentzer-Hernández, Cyber Threat Intelligence Senior Analyst, ONE-ISAC “trust is bidirectional” – Scott Moore In the podcast, the group discusses: • Angela & Scott’s backgrounds and current roles. • ONE-ISAC, cyber threats, geopolitics, SOCs and TICs and some team shoutouts • The convergence of IT and OT, ransomware and the broader potential impacts to operations, as well as nation-state threats, hacktivism, and insider threats. • AI and how ONE-ISAC is addressing this emerging technology. • Public-Private Partnerships & doing the work up front. • Exercises, resilience and having the uncomfortable conversations with senior executives on security and resilience. • We play Three Questions and talk Ted Lasso, the 90s, Saucy, Spicy, Scott, streaking and more!

    45 min
  3. Weekly Security Sprint EP 162. All hazards recap - election risks, geopolitics, weather, AI and more.

    Jun 16

    Weekly Security Sprint EP 162. All hazards recap - election risks, geopolitics, weather, AI and more.

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin – Q2 2026⁠ — WaterISAC • The New Threat Environment; Why geopolitics matters to your water system — NRWA • Registration is open for WaterISAC’s H2OEx – Camden — Association of Metropolitan Water Agencies • EPA Advisory: Protecting Sensitive Operational Information in Water and Wastewater Systems — EPA Main Topics: Election Security and Cascading Risks: An explosion of AI deepfakes is redefining American elections — Axios — 16 Jun 2026. • FBI foils alleged plot to attack White House UFC event, Patel says • Man pleads guilty to killing a top Minnesota Democrat and her husband in politically motivated attack • Man Charged with Sending Antisemitic Threats to Kill Governor of Hawaii and His Family — U.S. DOJ • Threats Against Politicians Skyrocketed After Meta Changed Its Speech Rules & Violent Threats Against Members of Congress Quadrupled After Meta Rolled Back Moderation Policies — Center for Countering Digital Hate Operation Epic Fury & Continued Threats: • ThreatBeat reports Iranian-linked hackers claimed California water system breaches after Iran water facility strike & Iranian Cyber Group Handala Claims Cal Water Hack • Iran and US reach an initial deal to end the war and open the Strait of Hormuz but challenges remain • U.S. and Iran Shape the Optics of an Agreement • Domestic: Iran-linked group claims hack of FBI drones, threatens World Cup, monitor says • Swedish Crime Group Foxtrot Adds Fuel to Iran's Proxy War in Europe Anthropic, AI & Patching… N-days. Anthropic reported that frontier models can significantly accelerate development of exploits for N-day vulnerabilities, which are publicly disclosed flaws that remain unpatched on many systems. • Exclusive: Anthropic's Mythos can exploit new flaws in hours — Axios • Statement on the US government directive to suspend access to Fable 5 and Mythos 5 • Anthropic Says It’s Taking Claude Fable 5 Offline to Comply With US Government Order • “They screwed us”: Personality clashes sent Anthropic's models offline • Anthropic Releases Claude Fable 5, a Limited-Release AI Model • CISA orders feds to patch actively exploited Ivanti flaw by Sunday & CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability • Oracle Security Alert for CVE-2026-35273 & Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations Quick Hits: • Wildfire Threats: National Interagency Coordination Center: 7-Day Significant Fire Potential • Weekly ransomware & data leak landscape — eCrime.ch — 15 Jun 2026. eCrime.ch reported 210 observed ransomware and data leak events for the 09 Jun to 15 Jun 2026 reporting window. The report identified 96 public data leak indicators, 38 active actors, and DeadLock as the highest-volume actor with 73 observed events. • Ransomware Evolution Report — Halcyon • Ransomware-as-a-Service: LockBit Alumni Launch Competing Programs as Ecosystem Consolidates in Q1 2026 • Ransomware Cybersecurity Framework Community Profile — NCCoE • National Security Presidential Memorandum/NSPM-12: National Policy for the Cybersecurity of National Security Systems — The White House • CISA sees leadership shakeup after infrastructure security chief moves to ONCD • MS-ISAC enters uncertain new era after losing federal funding and thousands of members

    22 min
  4. Weekly Security Sprint EP 161. Job site risks, patching, and much more

    Jun 9

    Weekly Security Sprint EP 161. Job site risks, patching, and much more

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • A Review of the Fiscal Year 2027 Budget Request for DHS — House Homeland Security Committee • DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels — CyberScoop • DHS chief signals efforts to reshape CISA — The Record • CISA and Partners Release Fact Sheet on Securing Automatic Tank Gauge Systems • Industry Collaboration and Resilience is a Team Sport — Cyber Threat Alliance — 02 Jun 2026. This article is authored by the Executive Director of IT-ISAC and emphasizes the importance of collaboration across industry, government, and nonprofit organizations to improve cyber resilience. Main Topics: Safeguarding OUR SECRETS — IC3 — 03 Jun 2026. Five Eyes agencies warned that Chinese military intelligence services are using Western online job platforms and professional networking sites to recruit people with access to classified, privileged, or sensitive information. • Applicant Beware - Who Is Recruiting You? — NPSA — 03 Jun 2026 “Patch Now!” Most organizations that miss 24-hour patch window report breaches. Gate 15 note: We’ve been discussing this a lot in recent exercises and meetings. The time to safely address Known Exploited Vulnerabilities is limited and decreasing. Attackers’ speed is accelerating; exploited vulnerabilities are a major point of attack. CISA KEV & Other Threat Updates: AI! Promoting Advanced Artificial Intelligence Innovation and Security — The White House — 02 Jun 2026 • Opinion from Jen Easterly: The Government Is Finally Taking A.I. Risk Seriously • Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator — Anthropic • What we learned mapping a year’s worth of AI-enabled cyber threats — Anthropic Quick Hits: • Ransomware Group Claims Cyberattack on Buffalo Convention Center — Skift Meetings — 01 Jun 2026. Skift Meetings reports that the Akira ransomware group claimed it stole 46 gigabytes of data from the Buffalo Convention Center, including employee records, contracts, financial information, and personal data tied to approximately 180,000 individuals. • Knicks Watch Party at Garden Is Canceled, as Game 3 Security Ramps Up — The New York Times • FIFA World Cup 2026 Scams Are Already Here: Fake Tickets, Phishing Sites, and Crypto Cons Exposed • Hackers are hoping to score at the World Cup • At least 12 wounded near Ohio festival as police hunt multiple gunmen • Hurricane Season! • Software supply chain attacks: check your dependencies — NCSC

    19 min
  5. Weekly Security Sprint EP 160. Merch alert, plus new vulnerabilities, the evolving threat landscape, and the World Cup

    Jun 2

    Weekly Security Sprint EP 160. Merch alert, plus new vulnerabilities, the evolving threat landscape, and the World Cup

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • 27th Annual TribalNet Conference & Tradeshow, 20 – 24 Sep, Dallas, TX • 02 Jun! WaterISAC H2OSecCon (Virtual Conference) Main Topics: Exploitation! and the KEV! • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-9082 Drupal Core SQL Injection Vulnerability • Drupal security advisory (AV26-492) - Update 2 - Canadian Centre for Cyber Security • CISA orders feds to patch actively exploited Drupal vulnerability - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability • CISA gives feds 4 days to patch actively exploited cPanel plugin flaw - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability • Palo Alto Networks Security Advisory AV26-462 — Canadian Centre for Cyber Security • ETR: Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability CVE-2026-0257 — Rapid7 Ransomware & Data Breaches: • The Cyber Extortion Economy - Palo Alto Networks Unit 42 - 28 May 2026 “As recently noted by our Chief Security Intelligence Officer, Wendi Whitmore, it only took 39 seconds for threat actors to move from initial access to data exfiltration in one case.” • Stay Ahead of Ransomware: What 2026 Threat Reports Are Telling Us — SANS Institute — 01 Jun 2026 • Charter Communications Data Breach Could Impact Nearly 5 Million • How St. Paul, Minn., Recovered From a Ransomware Attack • FBI FLASH - Silent Ransom Group Impersonating IT Personnel through Social Engineering - FBI IC3 & FBI warns of in-person data theft attacks from extortion gang • Charter confirms data breach after ShinyHunters extortion threat • The Gentlemen ransomware: Dissecting a self-propagating Go encryptor • The Gentlemen Ransomware Group Is Scaling Faster Than Any Other Group on Record • The Gentlemen (Ransomware) in Disguise: Defense Evasion and other TTPs World Cup: • FBI PSA - Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup - FBI IC3 • FAA Establishes No Drone Zones for FIFA World Cup 2026 Stadiums, Fan Events and Base Camps — FAA • Column: Empower Emergency Managers for Major Events • Ebola concerns grow ahead of World Cup — The Hill Quick Hits: • The Future of AI Risk: Predictions for 2027 and Beyond - Gate 15 - 26 May 2026 • Top 10 Artificial Intelligence Security Actions Primer — Canadian Centre for Cyber Security • Mythos Exposes a Bigger Problem in Critical Infrastructure Cyber Defense - HSToday • NSA Launches Zero Trust Implementation Guidelines Resource Webpage — National Security Agency • Designing secure access with ZTNA - National Cyber Security Centre • The 2026 U.S. Midterms Have a Cyber Problem, But It’s Not at the Ballot Box — Check Point & Hackers are already laying groundwork to disrupt 2026 midterms, research says — Nextgov • 'Holding our breath': Hurricane season is here, and FEMA is shorthanded — Politico

    19 min
  6. Weekly Security Sprint EP 159. Verizon DBIR, San Diego update, and all hazards updates

    May 26

    Weekly Security Sprint EP 159. Verizon DBIR, San Diego update, and all hazards updates

    On this week's Security Sprint, Dave and Andy covered the following topics: Opening: • Misinformation, Deepfakes, and AI’s Unwelcome Companions. This blog is part of Gate 15’s blog series “Riding the Tiger: AI Threats and Opportunities”, highlighting the essential considerations for organizational leaders and security professionals. • Researchers warn of coordinated influence accounts amplifying synthetic AI-generated geopolitical narratives across social platforms • Bluesky Says Kremlin Is Hacking Its Platform to Spread Propaganda • Trump’s AI executive order postponed. Here’s why. & Trump’s AI order sacks tech experts and sidelines safety testing • Pope Leo warns AI boom can give Big Tech and the people who run it too much power • Health-ISAC: Healthcare is scaling AI without the infrastructure to manage it • AT&T joins Cybersecurity Manufacturing Innovation Institute’s C2-ISAC initiative - AT&T, and see Who’s whispering in Trump’s ear on Iran for more on C2-ISAC (“New ISAC in Town”) and lots of other articles sharing this announcement. • GAO: Critical Infrastructure Protection: EPA Needs to Ensure Water Systems Address Risks from Cybersecurity Threats • Ranking Member Lofgren’s Opening Statement at Water Cybersecurity Hearing & Ranking Member Amos’ Opening Statement at Water Cybersecurity Hearing • Tip of the Week – May 21, 2026 - WaterISAC Main Topics: 2026 Data Breach Investigations Report - Verizon - 19 May 2026 • 2026 Verizon Data Breach Investigations Report finds third-party risk and credential abuse accelerating • Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector • What the 2026 Verizon DBIR Signals About Internet Intelligence and External Visibility • Verizon 2026 DBIR: 10 Takeaways You Should Know • Verizon DBIR finds vulnerability exploitation overtakes stolen credentials as top breach entry point for critical infrastructure • Patches take weeks. Exploits take hours. The 2026 DBIR makes the math brutal. San Diego Mosque Shooting and Extremism • San Diego Shooter So Alarmed Police in 2025, They Seized Father's Guns • CSIS: The San Diego Mosque Shooting Marks a Deadly First in the United States • ‘It’s the Jews’: San Diego mosque shooters decried ‘the universal enemy’ in hate-filled manifesto • San Diego mosque shooter Caleb Vazquez’s family breaks silence on terror attack, say autistic son was brainwashed online • Several people watched San Diego attack live on video calls, recordings show • Violent Neo-Nazi Ideology at the Heart of San Diego Attack • San Diego Mosque Shooting Another Symptom Of The “Great Replacement” Conspiracy Theory • San Diego Mosque Shooters’ Apparent Manifestos Reveal Anti-Muslim Extremism • San Diego shooting suspects had manifesto, weapons cache: FBI • Father-of-eight killed in San Diego mosque shooting hailed as a hero • Imam blames anti-Muslim rhetoric for San Diego attack: ‘This is what we get’ Quick Hits: • NOAA predicts below-normal 2026 Atlantic hurricane season – NOAA • Nine Practical Ideas to Strengthen Preparedness This Hurricane Season • Ebola: Worldwide Caution - U.S. Department of State • World Cup’s Ebola factor • There is no Ebola vaccine for this outbreak. There won’t be one soon. Here’s why. • WHO chief says Ebola outbreak in Congo is ‘spreading rapidly’ and upgrades risk assessment • Threat Actors Impersonate IC3 Employees to Defraud Victims - FBI IC3 • “First VPN Service” Used by Ransomware Actors to Compromise Systems - FBI IC3

    21 min

Ratings & Reviews

5
out of 5
4 Ratings

About

The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.