The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.
Nerd Out Security Panel Discussion: EP 21. Quarantine and Colleyville Attack
In the latest episode of Nerd Out, Dave starts off by talking about his recent quarantine experience in Costa Rica (21 days!) before welcoming in a panel to discuss the Colleyville, Texas synagogue attack. Bringing in Mayya Saab, Seth Ozer, and Ed Heyman the panel went through the hostile event and looked at initial reactions, what can be learned from this situation, and some of the key takeaways. The team then stressed the importance of training in this situation, but also discussed several low cost options and ways to make their location more secure. Mayya Saab is the Executive Director of the Faith-Based Information Sharing and Analysis Organization (FB-ISAO); Seth Ozer is Senior Consultant with Woodstone Consulting, LLC; Ed Heyman is the co-chair of the FB-ISAO Organizational Residence Group
The Gate 15 Interview EP 19. Ronnie Tokazowski, Principal Threat Advisor at Cofense on Business Email Compromise (BEC), 419 scams, Indian food, and so much more!
Please enjoy this episode of The Gate 15 Interview podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts.
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Ronnie Tokazowski, Principal Threat Advisor at Cofense. Ronnie is a recognized expert cybersecurity researcher with success in reverse engineering both crimeware and Advanced Persistent Threat malware, including creation of decoders and indicators for detecting malicious attacks. When he’s not frustrating bad guys, Ronnie is an accidental YouTuber, likes cooking, spicy food, and memes. Ronnie on Twitter, @iHeartMalware. Ronnie’s YouTube channel: Ronnie Rants.
In the discussion we address:
Ronnie’s background and the work he’s doing at Cofense
Business Email Compromise (BEC)
Voodoo (no, seriously…)
“(at Cofense), we try to go back to the human…” – Ronnie Tokazowski, during our discussion, 10 Jan 2022
A few references mentioned in or relevant to our discussion include:
What 6 Years of Success in a Global Takedown Operation Looks Like, and How You Can Do It, Too, a Medium post by Ronnie, 02 Jan
Faith-Based Information Sharing and Analysis Organization (FB-ISAO)
FBI on Business Email Compromise (numerous links to BEC related information from the FBI)
FBI 2020 IC3 Annual Report & 2020 State Reports
G4 Boyz x G4Choppa "Scam Likely" (Official Video)
G4 Boyz feat. G4Choppa - SBA Job (Official Music Video)
G4Choppa & G4 Boyz - “In Scam We Trust” (Official Music Video - WSHH Exclusive)
Here’s Ronnie providing some commentary: Fun with Fraudsters - Reacting to SBA Job by G4 Boyz
Cofense Wins AI-Based Cybersecurity Solution of the Year in 2021 CyberSecurity Breakthrough Awards, 05 Oct 2021
Cofense Joins Microsoft Intelligent Security Association (MISA), 26 Oct 2021
Channel Insider: Best Email Security Providers & Services 2022, 23 Dec 2021
Traffic Light Protocol (TLP) Definitions And Usage, via CISA
In our discussion, Ronnie mentions Brian Krebs’ Krebs on Security blog (and on Twitter, @briankrebs). Some links to his BEC-related posts can be accessed here.
The Cybersecurity Evangelist: Ep 15 - Happy New Cyber Habits 2022!
This first TCE episode of 2022 (and first video - on Spotify) includes a few gentle and some not-so-gentle reminders on cybersecurity best practices and practices for better cyber hygiene. I start with a few cybersecurity controls for businesses to buckle down on this year, including identifying assets, vetting vulnerabilities, and pursuing more potent password policies. Then, I actually persist on the password point with some pontification about our predilection for problematic passwords and propose pointers for a more polished password posture.
While there’s probably nothing new in this episode, I hope it serves as a gentle nudge to promote better cyber hygiene habits – not just resolutions for 2022, but positive habits to develop for all-time toward a more cyber secure you! I also evangelize for a new CISA resource - the Known Exploited Vulnerabilities Catalog.
Other resource mentioned in this episode: https://www.consumer.ftc.gov/articles/password-checklist
The Gate 15 Interview EP 18. RILA Perspective on Organized Retail Crime, plus Mama’s Meatballs, Country Music and Jersey Rock n’ Roll
The Gate 15 Interview: RILA Perspective on Organized Retail Crime, plus Mama’s Meatballs, Country Music and Jersey Rock n’ RollIn this episode of The Gate 15 Interview, Andy Jabbour speaks with two leaders from the Retail Industry Leaders Association (RILA), Ms. Lisa LaBruno, RILA’s Senior Executive Vice President of Retail Operations, and Mr. Michael Hanson, RILA’s Senior Executive Vice President of Public Affairs. The RILA “is the U.S. trade association for leading retailers. RILA partners with leading retailers to meet the challenges of a dynamic economy. Through collaboration and thought leadership, we advance ideas that foster free markets, competition, economic growth, and sustainability.” RILA on Twitter, @RILATweeets.In the discussion we address:
The enduring threat of Organized Retail Crime (ORC)
Private sector activity relating to ORC
Private-public partnership and legislative action on ORC
RILA’s focus for 2022
Country music, meatballs, Springsteen, and more!
A few references mentioned in or relevant to our discussion include:
RILA website - https://www.rila.org
Real Estate Information Sharing and Analysis Center (RE-ISAC)
RILA: CEOS Call on Congress to Address Surge of Retail Crime, 09 Dec 2021
The Buy Safe America Coalition
Impact of Organized Retail Crime and Product Theft, Buy Safe America
The INFORM Consumers Act of 2020, Buy Safe America
Retailers Press Amazon to Back INFORM Consumers Act, Buy Safe America, 27 Aug 2020
Durbin, Cassidy, Grassley, Hirono, Coons, Tillis Introduce Bill to Ensure Greater Transparency for Third-Party Sellers of Consumer Products Online (The Integrity, Notification, and Fairness in Online Retail Marketplaces for Consumers [INFORM Consumers] Act), 23 Mar 2021
Amazon: INFORM Act punishes small businesses and favors one particular business model, 28 Apr 2021
Buy Safe release announcing the study: Retail Theft Balloons to over $68 Billion, Buy Safe America
Homeland Security Express Concern on Retail Crime, Buy Safe America
‘What is organized retail crime? Organized retail crime (ORC) refers to professional shoplifting or other theft occurring in retail stores. These criminals are increasingly turning to online marketplaces to quickly and discretely move mass quantities of stolen merchandise. Unfortunately, these criminal rings are growing more brazen and violent, putting the safety of customers and store employees in jeopardy. Organized rings are often involved in other crimes within the community, including narcotics, money laundering and human trafficking.’ – Buy Safe America, https://www.buysafeamerica.org/myth-vs-facts
Lisa LaBruno is RILA’s Senior Executive Vice President of Retail Operations. In this role, LaBruno leads RILA’s efforts in the association’s key retail disciplines including asset protection, store operations, supply chain and e-commerce. She directs all research initiatives, educational programming for the annual LINK and Retail Asset Protection conferences, and executive networking to promote operational excellence within the industry. She has 30 years of relevant experience in both the public and private sector, including as an assistant prosecutor (Hudson County, NJ), in-house attorney at the Archdiocese of Newark and in-house attorney at The Home Depot and serves on the Board of Directors of the Loss Prevention Foundation.
Michael Hanson is RILA’s Senior Executive Vice President of Public Affairs, overseeing the Association’s government affairs and communications arms. Hanson is responsible for identifying the industry’s top public policy challenges and working with both leading retailers and key stakeholders to elevate the industry in Washington, DC and across the country. Hanson most recently served as chief public policy officer at Sabre, a leading travel technology company, where he led legi
Nerd Out Security Panel Discussion: EP 20. Retail crime and the year it was!
The last Nerd Out episode of the season comes out strong talking about retail crime as Bridget shared stories of her busting out shoplifting trends, and then talking about the larger security issues at play (specifically overwhelming security) with the latest smash and grab incidents during the holidays. Joe then talked about the ways that these type of issues could spread to other sectors and encouraged organizations to evaluate their processes and training. The nerds then turned the clock back to look at some of the takeaways from 2021 while looking ahead to 2022 to see what organizations can do to start planning for. And for all the areas that were covered, there were so many more highlighting the continued challenge that organizations face.
Wrapping up the year on a fun note, the merry band of nerds talked about their favorite holiday movie. Can you guess them all? It's been quite a year for the Nerd Out podcast and we want to wish you all a safe holidays, and we are looking forward to a great 2022!
Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: email@example.com; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/
Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ
The Risk Roundtable: EP 25. Holiday scams, reporting and year end fun!
In the latest episode of the Risk Roundtable, Andy leads the team through a review of the latest risks facing individuals and organizations. Jen decked the halls talking about the latest holiday scams that continue to bring coal to good boys and girls. Then Dave talked about the latest school shooting in Michigan and tried not to be a Scrooge by talking about some positive take-aways while highlighting important lessons still to be learned in Christmas future. Then, while Dave danced to spinning the wheel in his head, the roundtable talked about their favorite moments from across the Gate 15 Podcast Channel, after all, we are living in a physical world (Jen). The podcast wrapped up with some holiday cheer talking about favorite television or movies for the season. From all of us at Gate 15, to all of the security teams and organizations around the world, here is hoping for a happy holidays and a wonderful 2022! Companies Linked to Russian Ransomware Hide in Plain Sight. Cybersecurity experts tracing money paid by American businesses to Russian ransomware gangs found it led to one of Moscow’s most prestigious addresses. https://www.nytimes.com/2021/12/06/world/europe/ransomware-russia-bitcoin.html Gate 15 Releases a White Paper with an Update to the Hostile Event Attack Cycle. https://gate15.global/gate-15-releases-a-white-paper-with-an-update-to-the-hostile-event-attack-cycle/ Known Exploited Vulnerabilities Catalog | CISA. https://www.cisa.gov/known-exploited-vulnerabilities-catalog Advanced threat predictions for 2022. Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. https://securelist.com/advanced-threat-predictions-for-2022/104870/