The Gate 15 Podcast Channel Gate 15

In this week's Security Sprint, Dave and Andy discussed the following topics:
Warm Start

 Palo Alto Command Injection Vulnerability in PAN-OS GlobalProtect
'Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)
Volexity on GitHub Adding content for Palo Alto Networks GlobalProtect post
Palo Alto Networks Security Advisories CVE-2024-3400 CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect
Palo Alto: Applying Vulnerability Protection to GlobalProtect Interfaces
Compromise of Sisense Customer Data
Brian Krebs: Why CISA is Warning CISOs About a Breach at Sisense
Sisense customers told to reset credentials amid supply chain attack fears
Risky Biz News: Sisense breach has CISA and everyone else panicking

 
Main Topics:
Israeli war cabinet to meet again to consider response to Iran’s attack
o   Iran Issues Fresh Threat to U.S.
o   US will not take part in any Israeli retaliatory action against Iran
o   The Latest | World leaders urge Israel not to retaliate for the Iranian drone and missile attack
o   U.S. details Pentagon’s role in defending Israel from Iranian attack
o   Analysis: Israel Repelled Iran’s Huge Attack. But Only With Help From U.S. and Arab Partners.
 
Idaho Man Arrested for Attempting to Provide Material Support to ISIS

Idaho teen arrested for allegedly plotting to attack church in name of ISIS


What we know about Clenard Parker, the man accused of driving into a Brenham DPS office
'Obvious' Sydney killer targeted women - Australian police.
Man who confronted attacker with bollard and other bystanders praised for heroic acts during Bondi stabbings.
Stabbing rampage at Sydney mall leaves at least 7 dead, including attacker
Sydney stabbing: Police say no ideological motivation
English Tutor Identified as Mall Stabbing Attacker Left Behind Disturbing Facebook Post
Sydney knife attacker Joel Cauchi 'had worked as male escort' before Bondi shopping centre stabbing
False claims started spreading about the Bondi Junction stabbing attack as soon as it happened


Posture Statement of General Timothy D. Haugh 2024. “ Beijing, Moscow, and Tehran increasingly use social media and state-sponsored disinformation sites, both overt and covert, to shape narratives and sow confusion..."


Chinese nationalist trolls pretend to be Trump supporters ahead of US elections

 
Quick Hits:

UK NPSA: Personal Safety and Security for High-Risk Individuals
Delaware Woman Arrested for International Sextortion and Money Laundering Scheme
LastPass: Hackers targeted employee in failed deepfake CEO call
UNSW: World-first Cybercrime Index ranks countries by cybercrime threat level
Google Insider Threat: https://www.justice.gov/opa/pr/chinese-national-residing-california-arrested-theft-artificial-intelligence-related-trade
Director Wray's Remarks to the ABA Standing Committee on Law and National Security
Russia thwarts planned terrorist attack on Moscow Synagogue
Change Healthcare breach data may be in hands of new ransomware group
Politico: Grassley knocks agencies slacking on cyber
CISA & FBI: Transitioning to .Gov: Helping Mitigate Election Office Cybersecurity and Impersonation Risks
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat / CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System. 
CDC Data Modernization Efforts Accelerate Nation’s Ability to Detect and Rapidly Respond to Health Threats
The Black Market That Delivers Elon Musk’s Starlinks to U.S. Foes
China's attacks on U.S. infrastructure aren't going anywhere
Police Scour LockBit Ransomware Evidence, Turning Up 200 Leads
TLP:CLEAR | FB-ISAO Newsletter
Man on terror watchlist

Warm Start:
·       GridEx VII Report Highlights Further Action to Enhance Grid Resilience
·       US electric grid growing more vulnerable to cyberattacks, regulator says
·       CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan
 
Main Topics:
·       US Environmental Protection Agency hack exposes data of 8.5 million users.
·       Sophos - Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector.  
·       Bomb threats follow Libs of TikTok's campaign against Planet Fitness
o   Bomb threats reported at Planet Fitness locations in Northern Va. amid transgender controversy
o   No threat found after several Planet Fitness locations in Jacksonville received bomb threats
o   Alabama Planet Fitness locations receive bomb threats, evacuated by FBI
o   Planet Fitness bomb threats in Connecticut spark concerns
o   Police: Planet Fitness locations evacuated after bomb threats
o   Planet Fitness locations in Daphne, Fairhope, and Mobile receive bomb threats
 
·       Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden.
 
·       Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023. The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion.
o   Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf
o   Cyber board says Chinese hack of US officials was 'preventable'
o   Microsoft faulted for ‘cascade’ of failures in Chinese hack
 
·       CSU: Forecast for 2024 Hurricane Activity. “We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.” 
 
Info Ops: 
o   Russian trolls target U.S. support for Ukraine, Kremlin documents show
o   New effort to "inoculate" U.S. voters against AI misinformation
o   AI-generated story that Iran had fired missiles at Tel Aviv were amplified by X's own systems
o   Microsoft: China tests US voter fault lines and ramps AI content to boost its geopolitical interests
 
Quick Hits:
·       CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities.  
·       DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource.
·       FTC Announces Impersonation Rule Goes into Effect Today (01 Apr)
·       FBI Atlanta gate crash: Man tries to breach security by tailing employees
·       Suspect arrested after vehicle crashes into gate at Atlanta FBI field office
·       The Surprising Intelligence Community Outreach to Russia
·       Why Russian intelligence dismissed US warnings of terror threat
·       Germany announces military overhaul with eye on cyber threats
·       “All your base are belong to us” – A probe into Chinese-connected devices in US networks
·       Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
·       Risky Biz News: Backdoor found in 92k D-Link NAS devices
·       Omni Hotels experiencing nationwide IT outage since Friday
·       A Quantitative Analysis of the Security Ratings of the S&P 500
·       How a steel ball protected Taiwan’s tallest skyscraper in an earthquake
·       Rotterdam teen arrested for plotting a terror attack, prosecutors say
·       ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data
·       The Unification Church Infiltrated Japan’s Government. Now Its Sights Are Set on the U.S.
·       India rescues 250 citizens enslaved by Cambodian cybercrime gang
·       Targeted Phishing Linked to 'Th

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Christopher Post, Assistant General Manager, Amarillo Civic Center Complex. Christopher graduated from West Texas A&M University with a Bachelor of Business Administration. He has been in venue management for 18 years and prior to that, was a professional musician for a little over 20 years (yes, he started very young!). As Assistant General Manager, his duties have included serving as the Emergency Coordinator and First-Aid Response Trainer for the Amarillo Civic Center since 2009. He is a graduate of IAVM’s AVSS and VMS. Read more at his complete LinkedIn profile.


Amarillo Civic Center Complex® - Meet. Play. Celebrate.


Christopher’s background.
Clear, consistent, collaborative, communications.
Throwing EAP’s in the trash a few times.
The 10-80-10 rule.
The value of full-scale exercises.
Name dropping some champions from the community.
More!

“It has to be muscle memory, it has to be automatic.”In the discussion we address:

The following topics were discussed on the latest Security Sprint:

Warm Start

Major companies put U.S. cyber defenses to the test in simulated attack
The Auto-ISAC Launches Automotive Threat Matrix (ATM) Tool to Enhance Vehicle Cybersecurity Governance
Change Healthcare Wake-Up Call: Is Sector Too Codependent? Denise Anderson and Errol Weiss of Health-ISAC Discuss Critical Cyber Issues. 
Signing of MOU between CI-ISAC Australia and Health ISAC

 
Main Topics
 
Russia, Terrorism

ISIS issues horrifying warning as 'lone wolves' ordered to target Christians and Jews. ISIS spokesperson Abu Hudhaifa al-Ansari told "lone wolves" to mobilise and target Christians and Jewish people in the US, Europe and Israel.
ISIS calls for Ramadan massacre of Christians and Jews by lone wolves across US, Europe and Israel
Reuters: Iran alerted Russia to security threat before Moscow attack
Egyptian suspect, 62, to face trial after police foil alleged ISIS terror attack on Notre Dame Cathedral
ISIS Issues Fresh Threat To Putin: Reports
No evidence so far of Ukraine's involvement in Moscow terrorist attack: Putin
What is ISIS-K, the terror group claiming responsibility for the Moscow concert hall attack?
Russian intel heads allege Western support for Moscow attack
Rocked by Deadly Terror Attack, Kremlin Amps Up Disinformation Machine
“Israel is ISIS” and other lies about the Crocus City Hall terror attack
Improving the Security of Soft Targets and Crowded Places: A Landscape Assessment
Keeping Soft Targets and Crowded Places Safe from Mass-Casualty Attacks: Insights from a Landscape Assessment

 
Explosive Atlantic hurricane season predicted for 2024, AccuWeather experts warn;

April Fools! Atlantic hurricanes to be given both first and last names

 
Health and Broader Preparedness: 

Future State of Smallpox Medical Countermeasures
National Academies report says US not ready for intentional, accidental smallpox outbreak
Gate 15: Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 Apr 2020
Gate 15: Pandemic Preparedness: Start Your After-Action Report & Improvement Planning (NOW), 26 Mar 2020)

 
Quick Hits

CISA Seeks Input on CIRCIA Notice of Proposed Rulemaking.
CISA releases draft rule for cyber incident reporting
Thompson, Clarke Release Statement on CISA Cyber Incident Reporting Proposed Rule
WSJ: U.S. Publishes Draft Federal Rules for Cyber Incident Reporting
CISA publishes 447-page draft of cyber incident reporting rule
CISA’s cyber incident reporting rules will apply to 316K entities
CISA's proposed framework for cyber incident reporting rules includes subpoena power

 
CISA: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

Red Hat: Urgent security alert for Fedora 41 and Rawhide users.


FBI PSA: Child Sexual Abuse Material Created by Generative AI and Similar Online Tools is Illegal
Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians
The Audacious MGM Hack That Brought Chaos to Las Vegas
IRS kicks off annual Dirty Dozen with warning about phishing and smishing scams


Ivanti-linked breach of CISA potentially affected more than 100,000 individuals
AT&T notifies users of data breach and resets millions of passcodes


How the Baltimore bridge collapse spawned a torrent of instant conspiracy theories
Misinformation Milestone of More than 100 Israel-Hamas War False Claims
Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign
Readout from state convening to discuss cybersecurity and the water sector
FS-ISAC: New Cyber Threats To Challenge Financial Services Sector In 2024


Rewards for Justice – Reward Offer for Information on ALPHV BlackCat-linked Cyber Actors Targeting U.S. Critical Infrastructure

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Mayya Saab, Executive Director, Faith-Based Information Sharing & Analysis Organization (FB-ISAO), Susan Schneider, presently detailed as Associate Director, Non-governmental Engagements, with the DHS Office of Partnership and Engagement, and Daniel Avondoglio, with the Office of Security Programs at CISA.

Mayya on LinkedIn.
Susan on LinkedIn.
Daniel on LinkedIn.
Those who want to engage with the DHS Office of Partnership and Engagement may email ngoengagement@hq.dhs.gov.


This discussion is not limited in only being relevant to the faith-based community but addresses considerations and ideas relevant to the broader community.
During the podcast, when discussing 2023 Threat Data, Andy noted that it is possible that mosques came under attack more frequently than the data suggested. Out of a total of 1027 incidents, mosques were targeted 5% of the time. That percentage, 5%, accounts for the overall number of mosques in the United States and correctly reflects the percentage of mosques that were targeted in 2023.


What is FB-ISAO and what DHS is doing for the faith-based community.
The general threat environment and how current geopolitical events are impacting that.
Private-Public Partnership.
Mitigating Risk.
Resources!
Connecting. Planning. Training.
We play Three Questions and talk summer, food and music!
And more!


FB-ISAO
CISA
You can find more information about what the FBSAC is here Faith-Based Security Advisory Council | Homeland Security (dhs.gov) and what they are working on here: Taskings to FBSAC from DHS Secretary | Homeland Security
Protecting Houses of Worship | Cybersecurity and Infrastructure Security Agency CISA
Resources for Leaders of Faith-Based Communities, Organizations, and Institutions | Homeland Security (dhs.gov) This website provides leaders of faith-based communities, organizations, and institutions resources across DHS to prepare for and respond to a range of public safety challenges.
FB-ISAO: The 2023 Threat Data in Review, 12 Feb
FB-ISAO: What We Learned About Ransomware Resilience, 20 Feb
Within this website is a fact sheet with resources on training, services, and grants. Resources for Community Organizations and Service Providers | Homeland Security (dhs.gov)
The DHS Center for Faith-Based and Neighborhood Partnerships recently conducted a Spring Religious Observances Threat Briefing, here is a link to news and events of the center for additional information and past webinars: News and Events from the DHS Center for Faith-Based and Neighborhood Partnerships | FEMA.gov
Secure Our World Tip Sheets (Punjabi) | CISA recently translated cyber products into Punjabi.
National Critical Functions
Several recent Gate 15 podcasts addressed the Lakewood Church shooting, including:


Special Podcast. Lakewood Church Shooting with Faith-Based ISAO
Nerd Out EP 45. Venue security, extremist news, and what to look for in 2024.
Weekly Security Sprint EP 53. A Super Bowl amount of information – Church shooting, AI (good and bad), and much more.
The Gate 15 Interview with Kirk Cerny: Security, old wagons, leadership integrity, Wyoming, and… the afterlife?

“We are fundamentally an Agency of partnerships”“there’s no such thing as a small act of hate”-       two quotes shared in the podcast, both attributed to Secretary of Homeland Security, Alejandro Mayorkas.Two notes.In the discussion we address:The QR code and associated web address below are for CISA’a “Active Assailant Security” list-serve, managed by CISA’s Active Assailant Security Branch, through the GovDelivery platform. We encourage those interested in the topic of “active assailant security” to scan the QR code or go to this web site and subscribe to receive relevant products and announcements as they become available.A few references mentioned in or relevant to our discussion

In this week's Security Sprint, Dave and Andy covered the following topics:

Opening 

Guest Blog Posts – Another Great Way to Contribute to FB-ISAO’s Mission
Biden-Harris Administration engages states on safeguarding water sector infrastructure against cyber threats
Health-ISAC Publishes 2023 Annual Report

 
Main Topics:
 
Moscow Attack & Terrorism

Russia says 60 dead, 145 injured in concert hall raid; Islamic State group claims responsibility
Maps and Diagrams of the Moscow Concert Hall Attack. 
U.S. Warned Russia Before Moscow Attack That Killed at Least 60
Islamic State releases Moscow attack video as death toll rises to 137
How the deadliest attack on Russian soil in years unfolded over the weekend
What We Know About ISIS-K, the Group That Has Been Linked to the Moscow Attack
State Department: The Islamic State Five Years Later: Persistent Threats, U.S. Options, 21 March
CISA: Complex Coordinated Attacks Security Awareness for Soft Targets and Crowded Places
Macron Says Islamic State Branch Behind Russia Attack, Also Targeted France
Germany arrests suspected ISIS supporters accused of planning terror attack on Swedish parliament (19 Mar)

 
Weather. Spring Outlook: Warmer for most of U.S., wetter in the Southeast; Low flood potential likely, as drought worsens for parts of the Plains
 
Chinese Cyber Threats

Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians
BBC LIVE - UK to accuse China of major hack as Beijing warns against 'smears.'
China targets group of MPs and peers with string of cyber-attacks

 
Insider Threats & Espionage

Airman Accused of Sharing Classified Info With Boogaloo Buddies
Owners of China-Based Company Charged with Conspiracy to Send Trade Secrets Belonging to Leading U.S.-Based Electric Vehicle Company
U.S. Accuses Two Men of Stealing Tesla Trade Secrets

 
Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign. Over the past few months, Pajanor and staffers at Catholic Charities across the country, a decentralized, 113-year-old faith-based non-profit, have become the targets of right-leaning media personalities, conspiracy theorists and even members of Congress.
 
Quick Hits

UK NCSC: Responding to a cyber incident – a guide for CEOs
UN adopts first global artificial intelligence resolution
Imposing Sanctions on Actors Supporting Kremlin-Directed Disinformation Efforts
CDC: US life expectancy rises after 2-year dip
Lessons Learned from the COVID Pandemic: ‘There Needs to Be an Honest Discussion’
New report blasts government's COVID response, warns of repeating same mistakes
In a pandemic milestone, the NIH ends guidance on COVID treatment
Launch of Foreign Ministry Channel for Global Health Security
Baltimore Key Bridge collapse live updates: 2 rescued, several others believed in water
Attorney General Merrick B. Garland Statement on FBI Quarterly Uniform Crime Report.
National Guard ready to assist states with cyber response, say officials
Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds
Unsaflok flaw can let hackers unlock millions of hotel doors
Kremlin Uses Word 'War' For Ukraine Invasion For First Time
CISA: Nothing Scares the PRC More Than a Russian Defeat in Ukraine
Justice Department Sues Apple for Monopolizing Smartphone Markets
Understanding and Responding to Distributed Denial-Of-Service Attacks
Repository for Software Attestation and Artifacts Now Live
Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software
CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity
Google, Meta and others face tough questions in Australia over cyber extremism threats