Weekly Security Sprint EP 88. Elections, Liability, and Off-boarding.

In the latest Security Sprint, Dave and Andy covered the following topics.

Warm Start.

• CISA: Critical Infrastructure Security and Resilience Month 2024. “Resilience means doing the work up front to prepare for a disruption, anticipating that it will in fact happen, and exercising not just for response but with a deliberate focus on continuity and recovery, improving the ability to operate in a degraded state, and significantly reducing downtime when an incident occurs.”

o A Proclamation on Critical Infrastructure Security and Resilience Month, 2024

o Biden declares November as critical infrastructure security and resilience month, calls safeguarding these systems

• FS-ISAC: Ransomware Essentials. A Guide for Financial Services Firm Defense (PDF)

Main Topics:

Election Week!

• Joint ODNI, FBI, and CISA Statement.

• US cybersecurity chief says disinformation surge hasn't impacted election

• CISA: Election Security Rumor vs. Reality

• Georgia Poll Worker Arrested for Making Bomb Threat to Election Workers

• FBI PSA: Scammers Exploit 2024 US General Election to Perpetrate Multiple Fraud Schemes

• Colorado accidentally put voting system passwords online, but officials say election is secure

• Joint ODNI, FBI, and CISA Statement on Russian Election Influence Efforts (01 Nov).

Liability:

• Attorney General James Secures $2.25 Million from Capital Region Health Care Provider to Protect Patient Data

• HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $500,000

• HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000

Insider Threats! Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information

Quick Hits:

• Wiz CEO says company was targeted with deepfake attack that used his voice

• Ripple effect: the devastating impact of data breaches

• Canadian Centre for Cyber Security - Cyber Security Readiness

• Defendants with Ties to White Supremacy Sentenced in Connection with Plot to Destroy Energy Facilities

• United States Welcomes the United Kingdom’s Actions Against Known Purveyors of Kremlin Disinformation

• Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives

• Army of bots promotes petrostate hosting global climate talks

• Reset Tech Investigation - Clickbait Cures: How Meta and Google Tolerate a Dubious Meds Market in the EU

• Fitness app Strava gives away location of Biden, Trump and other leaders, French newspaper says

• Meet Interlock — The new ransomware targeting FreeBSD servers

• Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

• Spain floods disaster: death toll rises to 205 as extra troops mobilised

• Biden Administration Announces Additional Security Assistance for Ukraine

• Iran Tells Region ‘Strong and Complex’ Attack Coming on Israel

• Cybersecurity Advisory – Threats Posed by Remote Technology Workers with Ties to Democratic People’s Republic of Korea

• Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments

• New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad

• Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication

• Canadian Centre for Cyber Security - National Cyber Threat Assessment 2025-2026

• Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats

• Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

• Midnight Bl