The Gate 15 Podcast Channel Gate 15
-
- Government
-
The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.
-
Weekly Security Sprint EP 57. Terrorism threats, IoT labeling, Exploitation threats, and more.
In this week's Security Sprint, Dave and Andy talked about the following topics:
Warm Start:
Growing need to address cybersecurity challenges across US healthcare sector for improved resilience
Health-ISAC Supports Health Industry Cybersecurity Strategic Plan; Joint effort gives measurable objectives toward resilience within 5 years
Terrorism & Extremism
Gaza War could spark radicalization for years to come: https://theintercept.com/2024/03/14/fbi-gaza-war-domestic-radicalization-hamas/
U.S. Senate Select Committee on Intelligence: Worldwide Threats
C-SPAN: Intelligence Officials Testify on Global Threats Before Senate Cmte.
2024 Annual Threat Assessment of the U.S. Intelligence Community
Top threats to watch in Intel’s worldwide forecast
Four things we learned when US spy chiefs testified to Congress
FBI director warns of 'dangerous individuals' coming across southern border
US Intelligence Chiefs Deliver Grim Warning on Ukraine
U.S. intelligence officials warn of global security threats during Senate hearing
The Terrorist: How a devout Christian kid became a radicalized mass murderer
A New Terror Threat Is Emerging in Europe Linked to Iran, Gaza War
Illegal migrant from Lebanon caught at border admitted he’s a Hezbollah terrorist hoping ‘to make a bomb’ — and was headed for NY
FB-ISAO: March 2024 Threat Level Statement Update
PSA - Extortion:
On popular online platforms, predatory groups coerce children into self-harm. Using flattery and guile, he persuaded the 14-year-old girl to send a nude photo. It instantly became leverage. Over the following two weeks in April 2021, he and other online predators threatened to send the image to the girl’s classmates in Oklahoma unless she live-streamed degrading and violent acts, the girl’s mother told The Washington Post. They coerced her into carving their screen names deep into her thigh, drinking from a toilet bowl and beheading a pet hamster — all as they watched in a video chatroom on the social media platform Discord. The pressure escalated until she faced one final demand: to kill herself on camera. Related: There Are Dark Corners of the Internet. Then There's 764.
What to Know About the Proposed TikTok Legislation
IoT: https://www.nextgov.com/cybersecurity/2024/03/fcc-approves-cyber-labeling-program-iot-devices/394946/
Quick Hits:
Earth just had its warmest February on record
European Environment Agency: Europe is not prepared for rapidly growing climate risks
Ransomware:
Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption
Malwarebytes: Ransomware review: March 2024
GRIT Ransomware Report: February 2024
Haiti:
Haitian PM tenders resignation after Jamaica talks
Haitian gangs abduct churchgoers amid escalating violence: 'Kidnappings everywhere'
Haiti security mission in limbo as urgency grows
Rush to deploy multinational force sets conditions on Haiti
Plan to install new leaders in Haiti appears to crumble after political parties reject it
American missionaries trapped in Haiti seek prayers and help
Undersea cable failures cause Internet disruptions for multiple African countries
Info Ops:
Blinken Warns of Disinformation Threat to Democracies.
South Korea hosted summit warns of AI risks to democracy
How a Foul Ball From 2014 Became Part of a Russian Disinformation Campaign
White House’s Efforts to Combat Misinformation Face Supreme Court Test
Exclusive: Trump launched CIA covert influence operation against China
US is still chasing down pieces of Chinese hacking operation, NSA official says
UK NCSC: Cloud-hosted supervisory control and data acquisition (SCADA)
US GAO - Science & Tech Spotlight: Combating Deepfakes
HHS Office for Civil Rights Issues Letter and Opens Investigation of Change Healthcare Cyberattack
The water industry wants to write its own cybersecurity rules. Will Biden and Congress go for it?
CISA: Secure Cloud Business App -
Weekly Security Sprint EP 56. IC3 Report, Information Ops, Religious Holidays, Domestic Threats
In the latest episode of the Security Sprint, Dave and Andy covered the following topics.
Warm Start
Healthcare: Health-ISAC: Facing a major incident? Don't navigate it alone. Here's how Health-ISAC's community stepped up during the recent Change Healthcare event.
Opinion: Conflicting government cyber mandates risk undermining US security. “Our nation faces a complex range of cyber threats
Quote of the week: Risky Biz News: The aftermath of Microsoft's SVR hack is rearing its ugly head. In an update on the same incident posted late Friday afternoon—as is the practice of every respectable corporate company—Microsoft says it found new evidence over the past weeks that the Russian hackers were now weaponizing the stolen information.
Main Topics
FBI IC3 2023 Internet Crime Report
FBI: Critical infrastructure suffers spike in ransomware attacks
Americans lost a record $12.5 billion to online fraud last year
Info Ops: Spate of Mock News Sites With Russian Ties Pop Up in U.S
Proliferating 'news' sites spew AI-generated fake stories
TAG Bulletin: Q1 2024
AI Tools Are Still Generating Misleading Election Images
Fake U.S. local news network exposed as Russia-linked propaganda front: report
ElevenLabs Block on Cloning Biden's Voice Easily Bypassed
Russian influence operations against Baltic states and Poland having ‘significant impact’ on society
A New Playbook for Addressing Health Misinformation
AI will likely increase energy use and accelerate climate misinformation – report
Upcoming Holiday Security Awareness
Domestic Threats
Inspired Terror: In Video Uploaded To Internet, Teenage Stabber Of Jew In Zürich Swears Allegiance To Islamic State (ISIS), Calls On Muslims To Target Jews And Christians Everywhere
Insider Threats: Air Force Employee Indicted for Unlawful Disclosure of Classified National Defense Information.
Air National Guardsman Agrees to Plead Guilty to Unlawfully Disclosing Classified National Defense Information.
Chinese National Residing in California Arrested for Theft of Artificial Intelligence-Related Trade Secrets from Google
Quick Hits
4 tabletop exercises every security team should run.
European Environment Agency: Europe is not prepared for rapidly growing climate risks
EXECUTIVE SUMMARY European climate risk assessment TH-AL-24-001-EN-N.pdf
Ransomware tracker: The latest figures [March 2024]
Learning Lessons from The Cyber-Attack: British Library cyber incident review, March 2024
The Week in Ransomware - March 8th 2024 - Waiting for the BlackCat rebrand
The clowns and fools behind ransomware attacks
BlackCat ransomware shuts down in exit scam, blames the "feds"
No security issues as Super Tuesday draws to a close, CISA official says
Canadian Centre for Cyber Security Security tips for organizations with remote workers - ITSAP.10.016
UK NPSA: Insider Events - Communications Guidance
CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices
European court favors strong encryption, calling it key to privacy rights
Update to national cybersecurity strategy implementation plan coming before the end of summer
JetBrains TeamCity under attack by ransomware thugs after disclosure mess
CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog
International:
As gangs attack a critical port, ‘Haiti will go hungry soon’
Tabletop exercise hosted by Europol to disrupt terrorist content online
Tesla Berlin Gigafactory to be without power for another week following eco-terrorist attack
Germany: Sabotage case launched against Tesla protesters
German police carry out raids against people suspected of posting misogynistic hate speech online
Sweden officially joins NATO, ending decades of post-World War II neutrality
Sweden police arrest suspected Islamists believed to prepare attack
U.S. Embassy & Consulates in Russia Security Alert: -
Venue Security, The IAVM Podcast Series EP 3: Stella Salyer on Leadership, First Aid and Emergency Response: (way) better safe than sorry.
In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Stella Salyer, Assistant General Manager, Sales & Services, Virginia Beach Convention Center. Stella is a Nationally Registered Advanced Emergency Technician and volunteers every weekend in Virginia Beach’s 911 system. She holds certifications in Mass Casualty and Tactical Emergency Critical Care, Stop the Bleed instructor, and is a Proctor for Virginia Beach EMS’s Advanced EMT Academy. Read more at her complete LinkedIn profile. Contact Stella by email: ssalyer@vbgov.com.In the discussion we address:
Stella’s background.
First Aid and Emergency Response.
Leadership during incidents.
What’s on Stella’s mind.
With a shoutout to Farrow Bouton, New Orleans Director of Event Services, for his and Smoothie King Center’s kind support to IAVM and AVSS 2024.
Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community. -
Weekly Security Sprint EP 55. MDM, hostile events, health, and ransomware
On this week's Security Sprint, Dave and Andy discussed the following topics:
Opening
TribalHub hosts online Tribal Cybersecurity Summit March 7. Gate 15 is grateful to contribute to Tribal-ISAC and to facilitate the Opening Welcome and Keynote: Cybersecurity Organizational Structures and Best Practices Based Upon Tribe Size and Cyber Maturity Level!
Health-ISAC Workshop: Enhancing Threat Awareness and Preparedness for Active Shooter/Hostile Event Response (ASHER) Attacks in Health Services Facilities
Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC
PCAST Releases Report on Strategy for Cyber-Physical Resilience
Main Topics
Info Ops – Dave BP article
Content Farms. https://www.bleepingcomputer.com/news/security/content-farm-impersonates-60-plus-major-news-outlets-like-bbc-cnn-cnbc/
AI Chatbots Provide False Information About November Elections
2024 Elections Misinformation Tracking Center
Pennsylvania creates fact-checking website ahead of 2024 election
Media Habits and Misinformation Susceptibility of Adults Aged 55 Years and Older: Findings from a RAND American Life Panel Survey
Germany accuses Moscow of ‘disinformation attack’ in leaking senior officers’ call
Man Pleads Guilty to Firebombing Planned Parenthood Clinic and Plotting to Attack Electrical Substation
CDC: Immunization and Respiratory Diseases Bulletin.
Wenstrup Announces Hearing on White House’s Role in Pandemic Preparedness and Response
Ransomware Updates: Proofpoint: 2024 State of the Phish
69% of Organizations Infected by Ransomware in 2023.
Trend Micro: LockBit Attempts to Stay Afloat With a New Version
Top 10 Issues General Counsel Need to Know About Ransomware in 2024
CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware
Fulton County, Georgia, refuses to pay ransom, again
The Mysterious Case of the Missing Trump Trial Ransomware Leak
A large US health care tech company was hacked. It’s leading to billing delays and security concerns
Health-care hack spreads pain across hospitals and doctors nationwide
Quick Hits
CORRECTED: SAVE THE DATE! CISA Hosts CISA Live! – Open Source Software Security on Thursday, March 7 at 1:00 PM EST!
The White House Warns Cars Made in China Could Unleash Chaos on US Highways
Statement from President Biden on Addressing National Security Risks to the U.S. Auto Industry
FACT SHEET: Biden-Harris Administration Takes Action to Address Risks of Autos from China and Other Countries of Concern
US to probe if Chinese cars pose national data security risks
U.S. launches investigation of Chinese vehicles, citing security risks
Senator asks FTC to investigate automakers’ data privacy practices
CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities
FACT SHEET: President Biden Issues Executive Order to Protect Americans’ Sensitive Personal Data
AI & Tech
As House task force work begins, Rep. Bonamici is ‘very worried’ about AI — ‘and we all should be’
Google working to fix Gemini AI as CEO calls some responses "unacceptable"
US tech giants refuse to work with Britain’s top secret military censorship board
How AI Will Help the World's Top Hospital CEOs Transform Health Care
OpenAI claims the Times cheated to get ChatGPT to regurgitate articles
Tumblr and WordPress to Sell Users’ Data to Train AI Tools
Apple to disclose AI plans later this year, CEO Tim Cook says
Denmark closes probe into Nord Stream blasts saying there’s not enough grounds for a criminal case
NIST Cybersecurity Framework 2.0 Officially Released.
PRESS RELEASE: Future Software Should Be Memory Safe
Joint Statement Endorsing Principles for 6G: Secure, Open, and Resilient by Design
Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Sca -
Weekly Security Sprint EP 54. Board talks, AI, event preparedness, ransomware and more
Dave and Andy discussed the following topics:
NCSC / Boards. https://www.ncsc.gov.uk/blog-post/cyber-security-governance-the-role-of-the-board
AI.
Air Canada Has to Honor a Refund Policy Its Chatbot Made Up.
Gab’s Racist AI Chatbots Have Been Instructed to Deny the Holocaust
Bobbi Althoff deepfake spotlights X’s role as a top source of AI porn
AI-generated video is here to awe and mislead
From ChatGPT to Gemini: how AI is rewriting the internet
Google pauses AI-generated images of people after ethnicity criticism
Exclusive: Reddit in AI content licensing deal with Google
FCC advisory committee to focus on how AI can defend against unwanted calls
Ransomware
U.S. and U.K. Disrupt LockBit Ransomware Variant
Ransomware Operation LockBit Reestablishes Dark Web Leak Site
Trend Micro: LockBit Attempts to Stay Afloat With a New Version
US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say
Change Healthcare Cyberattack: Network Connectivity Issues, Indicators of Compromise
Health-ISAC: Change Healthcare / Optum Network Connectivity and Additional Recommendations
Venue Consideration. https://www.stuff.co.nz/culture/350189027/spark-arena-gives-training-security-staff-after-seat-stealers-ruin-50-cent
Quick Hits
SAVE THE DATE! CISA Hosts CISA Live! – K-12 School Safety on Thursday, February 29 at 12:30. On Thursday, February 29, we will mark the 4th year of SchoolSafety.gov on our next CISA Live!.
Weather. https://www.cnn.com/2024/02/26/weather/thunderstorms-midwest-heat-weather-climate/index.html
Health. https://www.cidrap.umn.edu/influenza-general/us-flu-levels-stubbornly-high-covid-declines-further
Resources
Canadian Centre for Cyber Security Best practices for passphrases and passwords (ITSAP.30.032).
Cybersecurity Emotions
Canadian Centre for Cyber Security Digital footprint (ITSAP.00.133)
Canadian Centre for Cyber Security Secure your accounts and devices with multi-factor authentication (ITSAP.30.030)
UK NCSC: Private Branch Exchange (PBX) best practice
Updated: Top Cyber Actions for Securing Water Systems
AT&T. $5! AT&T to Reimburse Customers Struck by Outage
AT&T is mocked by customers after network outage downed 70,000 phones and triggered fears of 'Leave the World Behind' apocalypse
Russia
Biden announces 500 new sanctions targeting Russia over war on Ukraine, Navalny death
US and EU pile new sanctions on Russia for the Ukraine war’s 2nd anniversary and Navalny’s death
Statement from President Joe Biden Ahead of the Two-Year Anniversary of Russia’s Brutal Assault Against Ukraine
Senate Majority Leader Chuck Schumer is in Ukraine to meet Zelenskyy as US aid hangs in the balance
President Biden to hit Russia with 'major sanctions' in response to death of Navalny
Other.
New Biden order would stem flow of Americans’ sensitive data to China
CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure
Brussels spyware bombshell: Surveillance software found on officials’ phones
East coast cable issues hit operators
Israeli daily claims Yemeni attacks harmed telecom lines in Red Sea
Damage causes outage for Africa's first subsea cable
-
The Gate 15 Interview with Kirk Cerny EP 43. Security, old wagons, leadership integrity, Wyoming, and… the afterlife?
In this episode of The Gate 15 Interview, Andy Jabbour welcomes Kirk Cerny, Chief Operating Officer at Haystax. Kirk is a security and counterintelligence professional with 20 years of leadership experience in public & private C-suites. Kirk specializes in threat prevention and mitigation, compliance, and more!
Kirk on LinkedIn.
Kirk’s Background
Haystax
School and Facility Security
Public Safety & First Responders
The new Dragon Pipeline
What’s on Kirk’s mind
We play Three Questions and talk old wagons, great states, and magic eight balls.
Plus: Leadership, values, Gary Fisher, and lots more!
Haystax
Haystax School Safety in Action: Houston UASI Threat Response
CISA Reflecting on the Parkland tragedy, its lasting impacts, and work still to be done, 14 February 2024
In the discussion we address:A few references mentioned in or relevant to our discussion include: