The Gate 15 Podcast Channel Gate 15

In the latest episode of the Security Sprint, Dave and Andy talked about the following topics.

Warm Start
·       CISA Announces 9th Cyber Storm National Exercise. The Cybersecurity and Infrastructure Security Agency (CISA) is hosting its ninth iteration of the Cyber Storm (CS IX) Cyber Exercise. It’s the nation’s largest cyber exercise designed to improve the cybersecurity posture of our nation’s critical infrastructure. Through extensive planning, this exercise strengthened cybersecurity preparedness and response capabilities through exercising policies, processes, and procedures for identifying and responding to a multi-sector significant cyber incident impacting critical infrastructure. For more information and resources, visit Cyber Storm IX: National Cyber Exercise | CISA & Cyber Storm IX: National Cyber Exercise | CISA

FB-ISAO: Best Practices for Securing Your Router / Wi-Fi
'NCSC Cyber Series' podcast now available on Spotify

 
Main Topics: 
US 911 emergency call line outage resolved in some areas

The PRC has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist…

Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats


FBI says Chinese hackers preparing to attack US infrastructure
Gallagher’s ominous farewell
Chinese Government Poses 'Broad and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says


UK: Government cracks down on ‘deepfakes’ creation

“Proactive De-escalation”
 
Quick Hits
·       Russian US election interference targets support for Ukraine after slow start
·       Microsoft: Nation-states engage in US-focused influence operations ahead of US presidential election
·       Information operations will be ‘foundational’ to future DOD efforts, Cybercom chief says
·       How A.I. Tools Could Change India’s Elections
·       Google: Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
·       Secret Russian foreign policy document urges action to weaken the U.S.
·       RAND: Generative Artificial Intelligence Threats to Information Integrity and Potential Policy Responses
·       Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations
·       Montgomery Co. student charged with threats of mass violence after police discover disturbing ‘manifesto.’
·       CISA and Partners Release Advisory on Akira Ransomware
·       FBI: Akira ransomware raked in $42 million from 250+ victims
·       Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities
·       FACT SHEET: Biden-⁠Harris Administration Releases Strategy to Strengthen Global Health Security
·       U.S. Government Global Health Security Strategy 2024 (PDF)
·       Undersea ‘hybrid warfare’ threatens security of 1bn, Nato commander warns
·       Joint Guidance on Deploying AI Systems Securely
·       UK NPSA: Personal Safety and Security for High-Risk Individuals
·       840-bed hospital in France postpones procedures after cyberattack
·       Cloudflare: DDoS threat report for 2024 Q1
·       Hearing - Held for Ransom: How Ransomware Endangers Our Financial System. See the full hearing video on YouTube.
·       Ex-White House cyber official says ransomware payment ban is a ways off
·       Top officials again push back on ransomware payment ban
·       Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse
·       UnitedHealth Group reports that the Change Healthcare ransomware attack has had an $872 million financial hit on its business so far
·    

In the latest episode of Nerd Out, Dave welcomes in Alec Davison as his partner in crime for the podcast. After they get through the excitement of the latest Taylor Swift album, they talked through the latest activity in the Middle East and what it could mean domestically. Then they looked at the latest news related to the U.S. election including the recent incident outside of the Trump trial and potential concerns that may play out over the course of the year especially related to mis/dis/mal-information.

They wrap up the pod with some real nerd discussions on Star Wars and what the new series has to offer!

Alec Davison is the Lead Analyst at the Water Information Sharing and Analysis Center (WaterISAC). In addition, he works as a Risk Analyst at Gate 15. He holds an M.A. in Security Policy Studies from George Washington University.

Some of the resources discussed in the pod include:

https://www.cisa.gov/resources-tools/resources/personal-security-considerations-action-guide
https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic
https://www.dni.gov/files/NCTC/documents/jcat/firstresponderstoolbox/89s_-_Violent[…]il_Unrest_and_Public_Assemblies_in_the_United_States-survey.pdf

Mobilization/SARs

https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf
https://www.dhs.gov/nationwide-sar-initiative-nsi

Info sharing communities

https://www.dhs.gov/fusion-centers
https://www.nationalisacs.org/

In this week's Security Sprint, Dave and Andy discussed the following topics:
Warm Start

 Palo Alto Command Injection Vulnerability in PAN-OS GlobalProtect
'Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
Volexity on GitHub Adding content for Palo Alto Networks GlobalProtect post
Palo Alto Networks Security Advisories CVE-2024-3400 CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect
Palo Alto: Applying Vulnerability Protection to GlobalProtect Interfaces
Compromise of Sisense Customer Data
Brian Krebs: Why CISA is Warning CISOs About a Breach at Sisense
Sisense customers told to reset credentials amid supply chain attack fears
Risky Biz News: Sisense breach has CISA and everyone else panicking

 
Main Topics:
Israeli war cabinet to meet again to consider response to Iran’s attack
o   Iran Issues Fresh Threat to U.S.
o   US will not take part in any Israeli retaliatory action against Iran
o   The Latest | World leaders urge Israel not to retaliate for the Iranian drone and missile attack
o   U.S. details Pentagon’s role in defending Israel from Iranian attack
o   Analysis: Israel Repelled Iran’s Huge Attack. But Only With Help From U.S. and Arab Partners.
 
Idaho Man Arrested for Attempting to Provide Material Support to ISIS

Idaho teen arrested for allegedly plotting to attack church in name of ISIS


What we know about Clenard Parker, the man accused of driving into a Brenham DPS office
'Obvious' Sydney killer targeted women - Australian police.
Man who confronted attacker with bollard and other bystanders praised for heroic acts during Bondi stabbings.
Stabbing rampage at Sydney mall leaves at least 7 dead, including attacker
Sydney stabbing: Police say no ideological motivation
English Tutor Identified as Mall Stabbing Attacker Left Behind Disturbing Facebook Post
Sydney knife attacker Joel Cauchi 'had worked as male escort' before Bondi shopping centre stabbing
False claims started spreading about the Bondi Junction stabbing attack as soon as it happened


Posture Statement of General Timothy D. Haugh 2024. “ Beijing, Moscow, and Tehran increasingly use social media and state-sponsored disinformation sites, both overt and covert, to shape narratives and sow confusion..."


Chinese nationalist trolls pretend to be Trump supporters ahead of US elections

 
Quick Hits:

UK NPSA: Personal Safety and Security for High-Risk Individuals
Delaware Woman Arrested for International Sextortion and Money Laundering Scheme
LastPass: Hackers targeted employee in failed deepfake CEO call
UNSW: World-first Cybercrime Index ranks countries by cybercrime threat level
Google Insider Threat: https://www.justice.gov/opa/pr/chinese-national-residing-california-arrested-theft-artificial-intelligence-related-trade
Director Wray's Remarks to the ABA Standing Committee on Law and National Security
Russia thwarts planned terrorist attack on Moscow Synagogue
Change Healthcare breach data may be in hands of new ransomware group
Politico: Grassley knocks agencies slacking on cyber
CISA & FBI: Transitioning to .Gov: Helping Mitigate Election Office Cybersecurity and Impersonation Risks
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat / CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System. 
CDC Data Modernization Efforts Accelerate Nation’s Ability to Detect and Rapidly Respond to Health Threats
The Black Market That Delivers Elon Musk’s Starlinks to U.S. Foes
China's attacks on U.S. infrastructure aren't going anywhere
Police Scour LockBit Ransomware Evidence, Turning Up 200 Leads
TLP:CLEAR | FB-ISAO Newsletter
Man on terror watchlist

Warm Start:
·       GridEx VII Report Highlights Further Action to Enhance Grid Resilience
·       US electric grid growing more vulnerable to cyberattacks, regulator says
·       CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan
 
Main Topics:
·       US Environmental Protection Agency hack exposes data of 8.5 million users.
·       Sophos - Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector.  
·       Bomb threats follow Libs of TikTok's campaign against Planet Fitness
o   Bomb threats reported at Planet Fitness locations in Northern Va. amid transgender controversy
o   No threat found after several Planet Fitness locations in Jacksonville received bomb threats
o   Alabama Planet Fitness locations receive bomb threats, evacuated by FBI
o   Planet Fitness bomb threats in Connecticut spark concerns
o   Police: Planet Fitness locations evacuated after bomb threats
o   Planet Fitness locations in Daphne, Fairhope, and Mobile receive bomb threats
 
·       Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden.
 
·       Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023. The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion.
o   Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf
o   Cyber board says Chinese hack of US officials was 'preventable'
o   Microsoft faulted for ‘cascade’ of failures in Chinese hack
 
·       CSU: Forecast for 2024 Hurricane Activity. “We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.” 
 
Info Ops: 
o   Russian trolls target U.S. support for Ukraine, Kremlin documents show
o   New effort to "inoculate" U.S. voters against AI misinformation
o   AI-generated story that Iran had fired missiles at Tel Aviv were amplified by X's own systems
o   Microsoft: China tests US voter fault lines and ramps AI content to boost its geopolitical interests
 
Quick Hits:
·       CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities.  
·       DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource.
·       FTC Announces Impersonation Rule Goes into Effect Today (01 Apr)
·       FBI Atlanta gate crash: Man tries to breach security by tailing employees
·       Suspect arrested after vehicle crashes into gate at Atlanta FBI field office
·       The Surprising Intelligence Community Outreach to Russia
·       Why Russian intelligence dismissed US warnings of terror threat
·       Germany announces military overhaul with eye on cyber threats
·       “All your base are belong to us” – A probe into Chinese-connected devices in US networks
·       Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
·       Risky Biz News: Backdoor found in 92k D-Link NAS devices
·       Omni Hotels experiencing nationwide IT outage since Friday
·       A Quantitative Analysis of the Security Ratings of the S&P 500
·       How a steel ball protected Taiwan’s tallest skyscraper in an earthquake
·       Rotterdam teen arrested for plotting a terror attack, prosecutors say
·       ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data
·       The Unification Church Infiltrated Japan’s Government. Now Its Sights Are Set on the U.S.
·       India rescues 250 citizens enslaved by Cambodian cybercrime gang
·       Targeted Phishing Linked to 'Th

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Christopher Post, Assistant General Manager, Amarillo Civic Center Complex. Christopher graduated from West Texas A&M University with a Bachelor of Business Administration. He has been in venue management for 18 years and prior to that, was a professional musician for a little over 20 years (yes, he started very young!). As Assistant General Manager, his duties have included serving as the Emergency Coordinator and First-Aid Response Trainer for the Amarillo Civic Center since 2009. He is a graduate of IAVM’s AVSS and VMS. Read more at his complete LinkedIn profile.


Amarillo Civic Center Complex® - Meet. Play. Celebrate.


Christopher’s background.
Clear, consistent, collaborative, communications.
Throwing EAP’s in the trash a few times.
The 10-80-10 rule.
The value of full-scale exercises.
Name dropping some champions from the community.
More!

“It has to be muscle memory, it has to be automatic.”In the discussion we address:

The following topics were discussed on the latest Security Sprint:

Warm Start

Major companies put U.S. cyber defenses to the test in simulated attack
The Auto-ISAC Launches Automotive Threat Matrix (ATM) Tool to Enhance Vehicle Cybersecurity Governance
Change Healthcare Wake-Up Call: Is Sector Too Codependent? Denise Anderson and Errol Weiss of Health-ISAC Discuss Critical Cyber Issues. 
Signing of MOU between CI-ISAC Australia and Health ISAC

 
Main Topics
 
Russia, Terrorism

ISIS issues horrifying warning as 'lone wolves' ordered to target Christians and Jews. ISIS spokesperson Abu Hudhaifa al-Ansari told "lone wolves" to mobilise and target Christians and Jewish people in the US, Europe and Israel.
ISIS calls for Ramadan massacre of Christians and Jews by lone wolves across US, Europe and Israel
Reuters: Iran alerted Russia to security threat before Moscow attack
Egyptian suspect, 62, to face trial after police foil alleged ISIS terror attack on Notre Dame Cathedral
ISIS Issues Fresh Threat To Putin: Reports
No evidence so far of Ukraine's involvement in Moscow terrorist attack: Putin
What is ISIS-K, the terror group claiming responsibility for the Moscow concert hall attack?
Russian intel heads allege Western support for Moscow attack
Rocked by Deadly Terror Attack, Kremlin Amps Up Disinformation Machine
“Israel is ISIS” and other lies about the Crocus City Hall terror attack
Improving the Security of Soft Targets and Crowded Places: A Landscape Assessment
Keeping Soft Targets and Crowded Places Safe from Mass-Casualty Attacks: Insights from a Landscape Assessment

 
Explosive Atlantic hurricane season predicted for 2024, AccuWeather experts warn;

April Fools! Atlantic hurricanes to be given both first and last names

 
Health and Broader Preparedness: 

Future State of Smallpox Medical Countermeasures
National Academies report says US not ready for intentional, accidental smallpox outbreak
Gate 15: Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 Apr 2020
Gate 15: Pandemic Preparedness: Start Your After-Action Report & Improvement Planning (NOW), 26 Mar 2020)

 
Quick Hits

CISA Seeks Input on CIRCIA Notice of Proposed Rulemaking.
CISA releases draft rule for cyber incident reporting
Thompson, Clarke Release Statement on CISA Cyber Incident Reporting Proposed Rule
WSJ: U.S. Publishes Draft Federal Rules for Cyber Incident Reporting
CISA publishes 447-page draft of cyber incident reporting rule
CISA’s cyber incident reporting rules will apply to 316K entities
CISA's proposed framework for cyber incident reporting rules includes subpoena power

 
CISA: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

Red Hat: Urgent security alert for Fedora 41 and Rawhide users.


FBI PSA: Child Sexual Abuse Material Created by Generative AI and Similar Online Tools is Illegal
Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians
The Audacious MGM Hack That Brought Chaos to Las Vegas
IRS kicks off annual Dirty Dozen with warning about phishing and smishing scams


Ivanti-linked breach of CISA potentially affected more than 100,000 individuals
AT&T notifies users of data breach and resets millions of passcodes


How the Baltimore bridge collapse spawned a torrent of instant conspiracy theories
Misinformation Milestone of More than 100 Israel-Hamas War False Claims
Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign
Readout from state convening to discuss cybersecurity and the water sector
FS-ISAC: New Cyber Threats To Challenge Financial Services Sector In 2024


Rewards for Justice – Reward Offer for Information on ALPHV BlackCat-linked Cyber Actors Targeting U.S. Critical Infrastructure