
139 episodes

The Gate 15 Podcast Channel Gate 15
-
- Government
-
-
5.0 • 4 Ratings
-
The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.
-
Weekly Security Sprint EP 11. Cyber reports, hate based behaviors and Peacemaker is making waves into security?
On the latest episode of the Security Sprint, Andy bails Dave out on some technology issues and they work through it to cover the following topics.
FBI IC3 Report:
FBI Internet Crime Report 2022 (PDF) & Report Statistics
Risky Biz News: BEC loses top spot in FBI Internet Crime report, 12 Mar
Physical Security: NJ [.] com:
Man yelled ‘white lives matter,’ threw smoke bombs at N.J. church’s anti-racism concert, 06 Mar
Michigan Man Arrested and Charged For Illegally Possessing Firearms While Making Threats to Kill Government Officials, 10 Mar
Florida neo-Nazis who projected a swastika on a downtown building say the hysteria over drag queens is helping them recruit people, 10 Mar
ODNI Annual Threat Assessment:
'ODNI Releases 2023 Annual Threat Assessment of the U.S. Intelligence Community and see here, PDF report, and U.S. Senate Hearing 08 Mar
Risky Biz News: ODNI report highlights China as the US’ biggest cyber threat, 09 Mar
SVB:
Statement from President Joe Biden on Actions to Strengthen Confidence in the Banking System
READOUT: Financial Stability Oversight Council Meeting on March Federal Reserve Board - Federal Reserve Board announces it will make available additional funding to eligible depository institutions to help assure …
Federal Reserve Board - Joint Statement by Treasury, Federal Reserve, and FDIC
Silicon Valley Bank: why did it collapse and is this the start of a banking crisis?
In historic last-minute deal, HSBC acquires Silicon Valley Bank UK, says all depositors’ money is safe
Silicon Valley’s surreal weekend
SVB’s ventures are taken apart in China, UK after US bank’s collapse
Other Cybersecurity Updates:
Cyber Incident Reporting Framework: Global Edition (PDF)
NBC: Data breach hits ‘hundreds’ of lawmakers and staff on Capitol Hill, 08 Mar
CNN: Hundreds of US lawmakers and staff affected by data breach, 08 Mar
WaterISAC: Threat Awareness – Keep Our Eyes on Emotet, 09 Mar
Cofense: Emotet Sending Malicious Emails After Three-Month Hiatus, 07 Mar
WIRED: The Era of Faked CCTV Has Truly Arrived, 07 Mar
Washington Post: Cyberattacks Are Just One Part of Hybrid Warfare, 07 Mar
Ransomware:
WIRED: Ransomware Attacks Have Entered a ‘Heinous’ New Phase, 13 Mar
Security Scorecard: ESXi Ransomware - A case study of Royal Ransomware Prepared by: Vlad Pasca, Senior Malware & Threat Analyst
Sentinel Labs: IceFire Ransomware Returns; Now Targeting Linux Enterprise Networks, 09 Mar
John Cena: Cybersecurity Enthusiast (?): @CenaOnSecurity
Gate 15's upcoming Blue Jeans Workshop: Addressing MDM Threats While Protecting Free Speech -
The Risk Roundtable EP 39: Special Guests, the latest scams, the National Cybersecurity Strategy and more!
In the latest episode of the Risk Roundtable, Andy and Dave welcome in Tracy Maleef as they went through the latest security news. Tracy kicked things off by looking at a new scam reported on by the Better Business Bureau involving craft fairs (is there no place that's safe). Then the roundtable took turns looking at the recently released National Cybersecurity Strategy and what it means for individuals and organizations, especially around training and information sharing. Andy used the release to also discuss corresponding actions that the EPA is taking to improve the resiliency of the water system. Tracy then transitioned back to other types of scams and how Artificial Intelligence is even getting into the scam business targeting individuals pretending to be loved ones and how safe words could be an effective mitigating factor. Dave wrapped things up with a quick hit on venue security to which the group discussed how this is not strictly a physical security problem, but in fact a blended threat. Andy put the finishing touches on the pod with his three questions (no comment on the new CISA website redesign).
National Cybersecurity Strategy:
White House: FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy, 02 Mar
Gizmodo: I Read the Biden Administration’s New Cyber Policy So You Don’t Have To, 04 Mar
US House Committee on Homeland Security: Green, Garbarino Statement on the Release of the National Cybersecurity Strategy, 02 Mar
Risky Biz News: White House unveils National Cybersecurity Strategy, 02 Mar
HS Today: COLUMN: A Shared Accountability Approach to Cyber Defense, by Bob Kolasky, 02 Mar
CISA Readout: Director Easterly Visits Carnegie Mellon University, Calls for “Radical Change” for Technology Product Safety in Major Address, 27 Feb
Industrial Cyber: National Cybersecurity Strategy sets its eyes on improving security, resilience across critical infrastructure, 03 Mar
WSJ: Cisco Chief Says Tech Products Must Be Made More Secure, 02 Mar
Water Cybersecurity:
EPA: EPA Takes Action to Improve Cybersecurity Resilience for Public Water Systems, 03 Mar
Risky Biz News: EPA releases cybersecurity guidance for US public water sector, 05 Mar
CNN: US introduces new rules to protect water systems from hackers, 03 Mar
CyberScoop: EPA issues water cybersecurity mandates, concerning industry and experts, 03 Mar
SC Media: EPA memo pushes states to include cybersecurity in water safety reviews, 03 Mar
Industrial Cyber: EPA issues memorandum to address PWS cybersecurity using sanitary surveys, improve resilience, 06 Mar
Venue Security:
AP: 1 dead, 9 hurt in stampede at GloRilla concert in New York, 06 Mar
Dr. G K Still on Twitter, ‘Teaching crowd safety/risk analysis around the world. Consulting and expert witness experience help develop better teaching and training courses.’ International Association of Venue Managers’ (IAVM) Academy of Venue Safety and Security (AVSS)
Scams: BBB Scam Alert:
Think twice before filling out craft fair applications, 03 Mar
Washington Post: They thought loved ones were calling for help. It was an AI scam., 05 Mar -
Weekly Security Sprint EP 10. Happy Birthday to DHS, protests, cyber threats, and more.
In this week's Security Sprint, Dave and Andy talked about the following topics:
National Cybersecurity Strategy:
White House: FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy, 02 Mar
Gizmodo: I Read the Biden Administration’s New Cyber Policy So You Don’t Have To, 04 Mar
US House Committee on Homeland Security: Green, Garbarino Statement on the Release of the National Cybersecurity Strategy, 02 Mar
Risky Biz News: White House unveils National Cybersecurity Strategy, 02 Mar
CISA Readout: Director Easterly Visits Carnegie Mellon University, Calls for “Radical Change” for Technology Product Safety in Major Address, 27 Feb
Industrial Cyber: National Cybersecurity Strategy sets its eyes on improving security, resilience across critical infrastructure, 03 Mar
WSJ: Cisco Chief Says Tech Products Must Be Made More Secure, 02 Mar
Water Cybersecurity:
EPA: EPA Takes Action to Improve Cybersecurity Resilience for Public Water Systems, 03 Mar
Risky Biz News: EPA releases cybersecurity guidance for US public water sector, 05 Mar
CNN: US introduces new rules to protect water systems from hackers, 03 Mar
CyberScoop: EPA issues water cybersecurity mandates, concerning industry and experts, 03 Mar
SC Media: EPA memo pushes states to include cybersecurity in water safety reviews, 03 Mar
Industrial Cyber: EPA issues memorandum to address PWS cybersecurity using sanitary surveys, improve resilience, 06 Mar
Homeland Security:
Greek Protests: https://www.bbc.com/news/world-europe-64820085
South Korean Protests: https://www.bbc.com/news/world-asia-64858944
HS Today: DHS at 20: Mission Poised ‘to Grow Even More Complex’ as New Threats May Pose ‘Even Greater Potential for Harm,’ 01 Mar
Politico: Documents: DHS has a domestic-intelligence program, 06 Mar
NIJ: Assessing Risk of Terrorist Acts by Looking at Location Data and Demographic and Social Characteristics, 27 Feb
HS Today: National Institute of Justice Examines Link Between Location of Terrorists and Risk of Terrorism, 27 Feb
Cybersecurity & Ransomware:
VulnCheck: The VulnCheck 2022 Exploited Vulnerability Report - A Year Long Review of the CISA KEV Catalog, 02 Mar
Recorded Future: 2022 Annual Report, 02 Mar
HS Today: Cyber Threat Trends to Watch This Year as Forecast by MS-ISAC, 02 Mar
Bleeping Computer: Play ransomware claims disruptive attack on City of Oakland, 03 Mar
CBS Bay Area: Ransomware hackers release some stolen Oakland data, 04 Mar
Other: Gizmodo: Yikes, the U.S. Is Now Using Facial Recognition Rigged Drones for Special Ops, 27 Feb -
Weekly Security Sprint EP 9. ADL Report, Ransomware, Measles, Mis/Dis/Mal-information, and more.
In the latest Security Sprint Dave and Andy cover the following topics:
Extremism:
ADL: Murder and Extremism in the United States in 2022, 22 Feb
Bridget Johnson in HS Today: Jewish Community, Law Enforcement Respond with Preparedness, Unity to Extremists’ ‘National Day of Hate,’ 24 Feb
ABC 6 Action News: Philadelphia mosque vandalized with paint; suspect wanted, 27 Feb
Blended Threats:
CNN: Cyberattack on food giant Dole temporarily shuts down North America production, company memo says, 22 Feb
Gate 15: Blended Threats to Hospitals: A Growing Concern, 21 Feb
Newsweek: Russian Media Hack Hits During Putin Speech, 21 Feb
Information Operations:
Graphika: How to Lose Influence and Alienate People, 23 Feb
Meta: Meta’s Ongoing Efforts Regarding Russia’s Invasion of Ukraine, 22 Feb 2022
Others:
The Record at Recorded Future: Oakland says 311, business license systems still down, but National Guard is helping, 24 Feb
Cybersecurity 202: Federal panel says agencies need to focus on harmonizing cyber regulations, 22 Feb
Malwarebytes: Royal Mail schools LockBit in leaked negotiation, 23 Feb -
The Gate 15 Interview EP 32: Getting Weird with Rachel Tobac - Hacking, Twitter, MFA, Being Politely Paranoid and…Time Travel?
In this episode of The Gate 15 Interview, Andy Jabbour visits with Rachel Tobac, (She/Her), CEO, SocialProof Security, Friendly Hacker. Rachel is a hacker and the CEO of SocialProof Security where she helps people and companies keep their data safe by training and pentesting them on social engineering risks. Rachel was also 2nd place winner of DEF CON’s wild spectator sport, the Social Engineering Capture the Flag contest, 3 years in a row. Rachel has shared her real life social engineering stories with NPR, Last Week Tonight with John Oliver, The New York Times, Business Insider, CNN, NBC Nightly News with Lester Holt, Forbes and many more. In her remaining spare time, Rachel is the Chair of the Board for the nonprofit Women in Security and Privacy (WISP) where she works to advance women to lead in the fields.
On Twitter: @RachelTobac and see @SocialProofSec & @WISPorg
On Mastodon: http://infosec.exchange/@racheltobac
In the discussion we address:
Rachels’ superhero origin story and her company, SocialProof Security
Women in Security and Privacy (WISP)
Hacking. Hacking. Hacking.
Twitter and Baking Security In
And a little on horror, time travel and Twin Peaks!
A few references mentioned in or relevant to our discussion include:
SocialProof Security
Women in Security and Privacy (WISP) - Advancing Women To Lead The Future Of Privacy And Security.
CNN: We asked a hacker to try and steal a CNN tech reporter’s data. Here’s what happened, 18 Oct 2019
CNN, three years later (2022): 'Don't use the same password': Watch how easy it was to hack this CNN reporter
Aura: Hacking A Billionaire, with Rachel Tobac
Yubico: Uber Hack Reenactment Video, with Rachel Tobac
Twitter: An update on two-factor authentication using SMS on Twitter, 15 Feb 2023
Rachel’s Twitter Thread regarding the announcement
CISA Director Jen Easterly’s Twitter Thread regarding the announcement
The Hill on Which Rachel will die, on Twitter
And check out SocialProof Security merch on Etsy; Gear for The Politely Paranoid (the stickers are awesome and on Andy’s laptop…) -
Nerd Out Security Panel Discussion: EP 34. Hostile events, venue security and upcoming religious holiday preparedness.
In the latest episode of Nerd Out, Dave is joined by Bridget Johnson and Joe Levy as they talked about some of the hostile events to date in 2023 and looked ahead to the coming faith-based holidays and celebrations in the coming months. Bridget talked about the California shootings and the power of copy cats, while Joe focused attention on the various ways that organizations can deploy security protocols to reduce risk. The nerds then took a look ahead at the upcoming religious holidays and what that might mean for accelerationists and other hate-based groups. Joe then wrapped up talking about the upcoming AVSS event that is coming up in Pittsburg. Registration Information can be found here: https://iavm.org/events/avss/
Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: vssc@iavm.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/
Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ