The Gate 15 Podcast Channel

In this week's Security Sprint, Dave and Andy covered the following topics:

Election 2024:

• Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of the efforts posed by foreign threat actors to spread disinformation in the lead up to, and likely in the days following, the 2024 U.S. general election. Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle

CISA:

• A Message to Election Officials from CISA Director Jen Easterly
• ISIS-K behind foiled Election Day terrorism plot, U.S. officials say
• ‘You are next’: online posts show Islamic State interest in attacks on US ahead of election
• New cases of political violence roil US ahead of contentious election

DOJ:

• Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World.
• U.S. charges Sudanese men with running powerful cyberattack-for-hire gang
• Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious
• Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals
• U.S. Indicts 2 Linked to Oct. 7 Cyberattack on Israeli Warning System

USGS: (Some) Assembly Required. How to sign your organization up for the Great ShakeOut.

Quick Hits

• Germany: police arrest man over Israeli Embassy attack plot
• Digging into Salt Typhoon
• Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach
• Check Point: A Closer Look at Q3 2024: 75% Surge in Cyber Attacks Worldwide

In this week's Security Sprint, Dave covered the following topics.

Warm Start - the importance of taking time off.

Topics.

1. Election Security.

• Trump campaign event arrest.
• Arrest for an election day attack. https://www.voanews.com/a/afghan-charged-in-election-day-terror-plot-passed-multiple-screenings/7818235.html
• CISA is ready. https://www.unomaha.edu/ncite/news/2024/10/cisa-at-ncite.php

2. Ransomware.

• Ransomware in 2024: Latest Trends, Mounting Threats, and the Government Response. https://www.trmlabs.com/post/ransomware-in-2024-latest-trends-mounting-threats-and-the-government-response

3. Conspiracy Theories.

• Suspect arrested after reports of threats toward FEMA operations in North Carolina. https://www.cnn.com/2024/10/14/us/fema-helene-north-carolina-reported-threats/index.html
• ‘It’s mindblowing’: US meteorologists face death threats as hurricane conspiracies surge. https://www.theguardian.com/us-news/2024/oct/11/meteorologists-death-threats-hurricane-conspiracies-misinformation

In the latest episode of Nerd Out, Dave welcomed back a friend of the pod, Bridget Johnson! Bridget caught everyone up on her latest work and new ventures before the two talked about the upcoming election and potential for violence. They transitioned to global terrorism and the potential risks associated with the continued conflict in the Middle East.

Bridget is a part of the McCrary Institute. You can sign up for their products at:

• Newsletter signup - https://lp.constantcontactpages.com/sl/fS5OMD4/mccrarysignup
• Pods - https://www.youtube.com/@McCraryInstitute

In the latest episode of the Security Sprint, Dave goes solo and talks about the following topics.

Warm Start - the importance of exercises.

October 7th Anniversary PSA.

• IC3 PSA: Anniversary of October 7, 2023, Hamas Attacks May Motivate Individuals to Violence in the United States
• The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) are issuing this Public Service Announcement to highlight potential threats in the United States from a variety of actors in response to the one-year anniversary of the HAMAS attacks on Israel on October 7, 2023, and consistent calls by foreign terrorist organizations (FTOs) to their supporters seeking to provoke violence in the West.

Hurricane Milton Preparedness and looking ahead.

MDM and Disaster Scams. NWS: Hurricane Milton Approaching Florida. Milton continues to intensify in the Gulf of Mexico today. Heavy rainfall ahead of Milton continues today with localized flooding concerns. This hurricane will approach the west coast of Florida during the middle of the week. Significant impacts are likely with a large and powerful hurricane at landfall in Florida, with life-threatening hazards along portions of the coastline. 

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Open

Water, Water, Everywhere!

§  WaterISAC – EPA: National Security Information Sharing Bulletin

§  WaterISAC - Cybersecurity Fundamentals for Water and Wastewater Utilities

§  WaterISAC: Incident Awareness – Ransomware Attackers Target Kansas Water Treatment Facility

§  Kansas water plant cyberattack forces switch to manual operations

§  WaterISAC: EPA’s Hazard Mitigation for Natural Disasters: A Starter Guide for Water and Wastewater Utilities

§  Fears of Weakness in Water Cybersecurity Grow After Kansas Attack

§  WaterISAC: Potential Supply Chain Impacts from East Coast and Gulf Coast Labor Negotiations (Updated September 26, 2024)

§  Deluge of Threats to Water Utilities: Securing Operational Technology Against Cyberattacks

INC Ransomware had a very active weekend! GRIP subscribers saw some of that in the SUN, and see more in this week’s Ransomware and Data Breach Digest and a special Bricklayer AI-informed TARGET Report on INC Ransomware.

Main Topics

Severe Weather, Hurricane Helene, and Resilience Planning.

Crime

• FBI Releases 2023 Crime in the Nation Statistics.
• ADL: New FBI Data Reflects Record-High Number of Anti-Jewish Hate Crimes
• FBI Releases 2024 Quarterly Crime Report and Use-of-Force Data Update.

CSAM. A Proclamation on Cybersecurity Awareness Month, 2024.

• T-Mobile Required to Change Business Practices After Data Breaches.
• Derek Johnson. T-Mobile reaches $31.5 million settlement with FCC over past data breaches.

Quick Hits

• JCAT First Responders Toolbox: Enhancing Bystander Reporting to Prevent Terrorism
• UK NCSC: Multi-factor authentication for your corporate online services
• NZ NCSC - Joint Guidance: Detecting and mitigating Active Directory compromises
• CISA Warns of Hurricane-Related Scams. 
• Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity, 
• Consumer Financial Protection Bureau's Frauds and scams, and 
• CISA’s Phishing Guidance, Stopping the Attack Cycle at Phase One to help organizations reduce likelihood and impact of successful phishing attacks. 
• Wifi suspended at big UK train stations after ‘cybersecurity incident.’
• Israel issues warnings, guidelines for travel abroad ahead of Jewish holidays
• Indictment Alleges the Activity Was a More Recent Phase of a Wide-Ranging Hacking Conspiracy in Support of IRGC Targeting of Current and Former U.S. Officials
• Iranian hackers indicted Friday allegedly sought to impersonate Ginni Thomas as they targeted Trump campaign
• Treasury Sanctions Iranian Regime Agents Attempting to Interfere in U.S. Elections
• Rewards for Justice: Election interference Individual - IRGC Hackers, up to $10 Million
• Election Security Update as of Mid-September 2024: 45 Days Until Election 2024. 
• Staying a Step Ahead: Mitigating the DPRK IT Worker Threat
• Iran was behind thousands of text messages calling for revenge over Quran burnings, Sweden says
• Maryland Woman Sentenced for Conspiring to Destroy the Baltimore Region Power Grid
• Patch for Critical CUPS vulnerability: Don't Panic
• Neo-Nazis are using AI to rebrand Hitler for a new generation
• Axios Vibes: Americans blame politicians for misinformation
• Neo-Nazi Telegram Users Panic Amid Crackdown and Arrest of Alleged Leaders of Online Extremist Group
• Man threw explosive device inside California courthouse on day of arraignment
• Republican Homeland Security Committee bill set to combat CCP cyber threats, boost cyber resilience

In this episode of The Gate 15 Interview, we’re mixing things up! Andy Jabbour recorded this session onsite at TribalNet 2024 with TribalHub’s Senior Marketing & Communications Manager, Michelle Bouschor, who took over as moderator. They were joined by Adam Gruscynski, IT Director, Potawatomi Casino Hotel and Tribal-ISAC Steering Committee member and Drew Ludwick, Director of IT Operations, Muckleshoot Casino Resort, to discuss ideas around cybersecurity and organizational culture.In the discussion the group discusses:

• Organizational culture and what makes a cyber strong organizational culture.
• Tribal-ISAC! What it is, how it’s like other ISACs, what makes it special.
• How to build a strong organizational culture and the importance of leadership buy-in and taking things in “chewable bites.”
• Why we love TribalNet!
• Some of our favorite concert experiences – some we shared as we talked from Linkin Park to Snoop.
• And more, of course!

Selected Links:

• TribalNet Conference 2024
• Tribal-ISAC

Michelle Bouschor. With 15 years of experience in tribal casino marketing, tribal government public relations, media, and community relations, I’ve honed my skills in navigating the unique landscape of indigenous communities. For the past 5 years, I’ve proudly contributed to TribalHub, leveraging my expertise to empower tribal entities through innovative solutions and strategic partnerships. Passionate about fostering collaboration and growth within tribal communities, I’m dedicated to driving positive change and sustainable development.
·      Michelle on LinkedIn

Adam Gruscynski. Responsible for the day-to-day operations of the IT Department for Potawatomi Casino Hotel while ensuring all of the technology needs, whether current or future, of the organization are met. Adam joined Potawatomi Casino Hotel in 2008. During his time at PCH, Adam has gained an abundance of experience by taking on various roles including IT Security Manager, Senior Cybersecurity Engineer, Lead Network Administrator, Network Administrator, and Application Administrator. Prior to PCH, Adam was Network Engineer at the Milwaukee Journal Sentinel where he began his career as Help Desk Intern.
·      Adam on LinkedIn

Drew Ludwick. A seasoned IT executive with over 25 years of progressive leadership experience in technology management, specializing in cybersecurity, strategic planning, and technology governance. Known for shaping and executing technology strategies aligned with business goals, leading diverse technology teams, and fostering innovation.
·      Drew on LinkedIn

In the latest episode of Nerd Out, Dave and Alec covered the following areas when Dave wasn't having technical issues.

• The second assassination attempt and what it means for DVEs and venue security.
• Recent Terrorgram arrests.
• Planning for outdoor events in the fall and winter.
• Israel's pager attack and the impact for third party protection.
• Nerd news talking Marvel, Star Wars, and why we haven't watched Rings of Power.

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

• TribalNet!
• TLP:CLEAR | FB-ISAO Newsletter. The September 2024 Newsletter has been directly distributed to members and may be accessed here.

Main Topics:

Assassiination / Election Security: 

• FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of attempts to undermine public confidence in the security of U.S. election infrastructure through the spread of disinformation falsely claiming that cyberattacks compromised U.S. voter registration databases. PDF.
• CISA: Physical Security Checklist for Election Offices and Election Infrastructure Cybersecurity Readiness and Resilience Checklists
• 2025 Counting and Certification of Electoral Votes Designated a National Special Security Event

BEC.  Business Email Compromise: The $55 Billion Scam. The BEC scam continues to target small local businesses to larger corporations, and personal transactions while evolving in their techniques to access those business or personal accounts. Between December 2022 and December 2023, there was a 9% increase in identified global exposed losses. In 2023, the IC3 saw a growth in BEC reporting where funds were sent directly to a financial institution housing custodial accounts held by third-party payment processors, or peer-to-peer payment processors, and cryptocurrency exchanges which directly contributed to the increase in global exposed losses. IC3 data shows the BEC scam has been reported in all 50 states and 186 countries, with over 140 countries receiving fraudulent transfers. Based on the financial data reported to the IC3 for 2023, international banks located in the United Kingdom and Hong Kong often acted as an intermediary stop for funds, followed by China, Mexico, and the UAE. The following BEC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between October 2013 and December 2023:

o   Domestic and international incidents: 305,033 

o   Domestic and international exposed dollar loss: $55,499,915,582

o   Total U.S. victims: 158,436 

o   Total U.S. exposed dollar loss: $20,089,561,364 

o   Total non-U.S. victims: 6,546 

o   Total non-U.S. exposed dollar loss: $1,638,490,375

All-Hazards. The disaster no major U.S. city is prepared for. Experts warn this type of catastrophe — a combined power outage with a heat wave — is a scenario that cities and states are unprepared for. “I don’t think it’s likely — I think it’s an absolute certainty,” said Brian Stone, a professor and director of the Urban Climate Lab at the Georgia Institute of Technology. “I think it’s an absolute certainty that we will have an extreme heat wave and an extended blackout in the United States.”

Quick Hits: 

• FBI Publishes 2023 Cryptocurrency Fraud Report
• Hacker tricks ChatGPT into giving out detailed instructions for making homemade bombs
• Recorded Future: H1 2024: Malware and Vulnerability Trends Report
• Kentucky I-75 shooting suspect vowed over text to ‘kill a lot of people,’ arrest warrant says

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

 Press Release! Gate 15 Partners with Cyware to Enhance Cybersecurity and Homeland Security Resilience. Gate 15's Resilience and Intelligence Portal (GRIP) now leverages the robust capabilities available in Cyware's Collaborate platform to provide the homeland security community with all-hazards technology-enhanced, human-driven analysis products.

Main Topics:

Physical Threats, Notable Dates:

·       Pakistani National Charged for Plotting Terrorist Attack in New York City in Support of ISIS

·       Man Plotted to Kill Jews in New York on Oct. 7 Anniversary, U.S. Says

·       Man Arrested For Making Threats To Elected Officials

·       U.S. charges Hamas leaders with terrorism, citing Oct. 7 attack

Terrorgram Arrests

·       Leaders of Transnational Terrorist Group Charged with Soliciting Hate Crimes, Soliciting the Murder of Federal Officials, and Conspiring to Provide Material Support to Terrorists

·       Feds say white supremacist leaders of "Terrorgram" group plotted assassinations, inspired attacks

Influence Ops

·       Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere.

·       Info Ops: ODNI - Election Security Update as of Early September. Foreign actors are increasing their election influence activities as we approach November.

·       US seeks to reassure voters that presidential election will be safe.

·       Russia focusing on US social media stars to covertly influence voters

·       Treasury Takes Action as Part of a U.S. Government Response to Russia’s Foreign Malign Influence Operations

·       AP: Right-wing influencers were duped to work for covert Russian influence operation, US says

·       Conservative Podcasters Respond to Russian Influence Allegations

·       The Record: US indicts two RT employees for alleged Russian disinformation effort

·       TV Presenter Who Worked for Channel One Russia Charged with Violating U.S. Sanctions Imposed on Russia

·       2024's triple threats on election disinformation

·       TikTok: Continuing to protect the integrity of TikTok through the US elections

·       Chinese State-Linked Influence Operation Spamouflage Masquerades as U.S. Voters to Push Divisive Online Narratives Ahead of 2024 Election

·       Activists Charged With Pushing Russian Propaganda Go on Trial in Florida

·       AI-Fakes Detection Is Failing Voters in the Global South

·       Activists Charged With Pushing Russian Propaganda Go on Trial in Florida

Quick Hits:

More Russia:

o   FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure

o   Exclusive: US sees increasing risk of Russian ‘sabotage’ of key undersea cables by secretive military unit

Georgia: Apalachee High School Shooting:

o   14-Year-Old School Shooter Kills Four and Wounds Nine

o   At least nine people were injured. Here’s what else to know.

o   What we know about the Georgia high school shooting

o   Georgia High School Received Threat Warning Of Shooting Before Gunman Opened Fire: Report

o   Father of Teen Suspect Charged in Georgia School Shooting

o   Georgia school-shooting suspect struggled with mental health, aunt says

o   ASIS: Apalachee High School Shooting: What We Know

o   Georgia Gunman Colt Gray Was ‘Ridiculed’ and Called Gay by Bullies at School

o   Mother of Georgia suspect is said to have called school before shooting, warning of ‘emergency’

Sextortion

o   Sextortion Scams Now Include Photos of Your Home. 

o   Sextortion scam now use your "cheating" spouse’s name as a lure

o   Nigerian Brothers Sentenced in Sextortion Scheme that Resulted in Death of Teen

o   Nigerian brothers jailed in US for sextortion scam targeting teenagers

o   Four Delaware Men Charged with International “Sextortion” and Money Laundering Scheme

In this week's Security Sprint, Dave and Andy covered the following topics:

National Insider Threat Awareness Month!

·       Insider Threat! Employee arrested for locking Windows admins out of 254 servers in extortion plot

·       Insider Threat: Pa. church member accused of stealing $225K from congregation

·       GRIP: Insider Threat Awareness -Don't Let Errors Cost You, 28 August 2024

·       Palo Alto: Deepfake report: https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/

National Preparedness Month!

• Ready.gov: National Preparedness Month, “Start a Conversation.”
• A Proclamation on National Preparedness Month, 2024
• September is National Preparedness Month; FEMA Releases the National Resilience Guidance + Other Upcoming Events & Climate Week NYC: Communicating Disaster Preparedness, Sep 23, 2024 02:30 PM. 
• Do you have an emergency and recovery plan? Get started or update it this National Preparedness Month

• Addressing OT cyber risk management threats and attacks with risk registers and tabletop exercises

Election Security:

·       Man Charged with Threatening Election Officials, State Judge, and Federal Law Enforcement Agents

Donald Trump Assassination Updates:

o   Opening Statement to Media on Updates to the Butler, Pennsylvania, Assassination Attempt Investigation

o   FBI Pittsburgh Special Agent in Charge's Remarks to Media on Updates to the Butler, Pennsylvania, Assassination Attempt Investigation

o   Would-be Trump assassin saw ex-president as 'target of opportunity.'  

o   FBI releases photos of the gun used in Trump assassination attempt

·       DOD Will Provide Homeland With Support During Presidential Campaigns

·       US voters targeted in phishing campaign

·       When Get-Out-The-Vote Efforts Look Like Phishing

·       Intel officials say they anticipate more hacking attempts as US election nears

·       Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024

Quick Hits:

·       Two Foreign Nationals Charged in Swatting Conspiracy Targeting Lawmakers, Private Victims, Houses of Worship, and Businesses

·       European terror attacks alarm US intelligence, NYPD briefing shows

·       CIA official: Suspects in foiled plot to attack Taylor Swift shows aimed to kill ‘tens of thousands.’

·       Solingen Stabbing Ignites Fears of Resurgent Jihadism Targeting Germany

·       CISA - Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

·       Halliburton cyberattack linked to RansomHub ransomware gang

o   FBI: RansomHub ransomware breached 210 victims since February

o   US agencies warn against ransomware group behind hundreds of attacks in recent months

·       KnowBe4 Report Reveals Critical Infrastructure Under Siege with Cyber Attacks Increasing 30 Percent in One Year

·       Chinese government hackers penetrate U.S. internet providers to spy

o   Lumen: Taking The Crossroads: The Versa Director Zero-Day Exploitation

o   Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say

o   China’s Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs

·       Microsoft: Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

·       Cybercrime and sabotage cost German firms $300 bln in past year

·       France formally charges Telegram founder, Pavel Durov, over organized crime on messaging app

·       Worldwide Trends in COVID-19-Related Attacks Against Healthcare: A Review of the Safeguarding Health in Conflict Coalition Database

·       Kasada’s Releases 2024 State of Bot Mitigation Report

·       CISA Launches New Portal to Improve Cyber Reporting

·       Hate Group’s Anti-Muslim Rhetoric Reflects Anti-LGBTQ+ Conspiracy Theories

·       Recorded Future: H1 2024 Check Fraud Report: Geographic Trends and Threat Actor Patterns

In this final episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Byron K. Johnson II, Director of Public Safety and Security, with the Raleigh Convention and Performing Arts Complex, which includes several venues in lovely Raleigh, North Carolina. Raleigh Convention & Performing Arts Complex: “The City is proud to own and manage several marquee venues in the area. Whether you want to see a concert, host a convention, or catch a ballet, we’ve got you covered:

• Red Hat Amphitheater
• Martin Marietta Center for the Performing Arts
• Coastal Credit Union Music Park
• Raleigh Convention Center
• Byron on LinkedIn

In the discussion Byron and Andy address the concept of a venue, its diverse range of facilities, common and specific risks, and the evolving nature of the industry. They also delved into the aspects of risk management, the importance of understanding unique risks associated with different types of events and facilities, and the role of technology in venue management. In closing, they emphasized the value of diverse perspectives in risk assessment and decision-making, the significance of leadership, and the importance of a strong reputation in the community. Plus:

• Byron’s background.
• The IAVM Academy for Venue Safety and Security (AVSS) with some name dropping!
• Leadership, being open minded, and open to sharing.
• The value of risk assessments and bringing in diverse perspectives.
• The importance of building relationships with the DHS Protective Security Advisors!
• With a kind Byron shoutout to our Gate 15 podcasts and more.

Venue Security, The IAVM Podcast Series has been a collaboration between Gate 15 and the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) as Andy Jabbour speaks with special guests from the IAVM community. This episode is our last in this limited run series.

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

CISA: Shaping the legacy of partnership between government and private sector globally: JCDC

Main Topics:

International Security Incidents:

• Solingen: Main suspect behind deadly attack in custody
• Three dead after stabbing attack at festival in western Germany
• German police arrest boy accused of knowing about knife attack in advance
• French police arrest synagogue blast suspect
• Explosions Outside a France Synagogue Were a Terrorist Attack, Prosecutors Say
• Suspect Caught On CCTV In French Synagogue Attack Held Palestinian Flag: Source Close To Probe
• US ‘kinetic strike’ takes out senior leader of terrorist group aligned with al Qaeda in Syria
• Iran says 14 Daesh suspects arrested planning attacks
• Four Islamic State Terrorists ‘Liquidated’ By Russian Snipers After Taking Prison Guards Hostage: REPORT
• NATO airbase in Germany raises security level due to 'potential threat.'
• Hamas said to decide to target Israelis abroad in bid to avenge Haniyeh killing

Forgotten radios and missed warnings: New details emerge about communication failures before Trump rally shooting. The day before the attempted assassination of Donald Trump, a tactical team of local police officers set aside radios for their Secret Service partners so the two agencies could communicate during the former president’s July 13 campaign rally. But those radios were never picked up.

Invest in Resilience! Cyber Resilience Overestimation Leads to Business Continuity Issues, Ransom Payments

• Corvus: Q2 Cyber Threat Report: Ransomware Season Arrives Early
• Kroll: Q2 2024 Threat Landscape Report: Threat Actors Do Their Homework, Ransomware and Cloud Risks Accelerate
• Rapid7: Selling Ransomware Breaches: 4 Trends Spotted on the RAMP Forum
• Malwarebytes / ThreatDown: Why you need to know about ransomware
• NCC Group Monthly Threat Pulse – Review of July 2024
• WithSecure: Ransomware Landscape H1/2024

Quick Hits:

From cybercrime to terrorism, FBI director says America faces many elevated threats 'all at once'

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection

Alabama Man Pleads Guilty to Detonating an Explosive Device Outside of the Alabama Attorney General’s Office

VFC: Bomb Threats at Jewish Institutions

Bomb threats reported at more than 100 Canadian Jewish institutions

Oregon Man Charged in Swatting and Bomb Threats Scheme That Targeted Jewish Hospitals in New York City and Long Island

Arizona man in custody amid investigation into alleged threats to kill former President Donald Trump

Iran Tries To 'Storm' U.S. Election With Russian-Style Disinformation Campaign

Meta: Taking Action Against Malicious Accounts in Iran

How Russian Trolls Are Trying to Go Viral on X

Trump attorney was targeted by hackers, sources say

‘Several opportunities’ to prevent Maine mass shooting were missed, commission finds

International report confirms record-high global temperatures, greenhouse gases in 2023

In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Start:

• Faith-Based and Israel-Gaza Related Updates: FB-ISAO Newsletter, August 2024.
• FB-ISAO: Best Practices for Securing Your Donation Sites
• WaterISAC 2023 Year-In-Review
  

Three Main Topics.

Extremism and Physical Security:

• “Dead society”: Tracing the Online Dimension of a Militant Accelerationist-Inspired Attack in
  Turkey
• Man Arrested for Explosives Threats and Attack on Energy Facility
  

Sabotage:

• UK Sabotage. Countering the Threat of Sabotage Operations to UK Interests and National Security
• Germany investigates suspected intrusion, sabotage at military base
• Germany investigates possible sabotage of water supply at military base
• Poland Says Received German Request To Arrest Suspect In Nord Stream Probe
  

Cyber Resilience:

• Carbon black supplier Orion loses $60 million in business email compromise scam
• Attorney General James Secures $4.5 Million from Biotech Company for Failing to Protect
  New Yorkers’ Health Data
• Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware
  disaster

Quick Hits:

• Recorded Future: Malign Influence Threats Mount Ahead of US 2024 Elections
• NCRI - The CCP’s Digital Charm Offensive
• OpenAI: Disrupting a covert Iranian influence operation
• X Ran Ads On Five Accounts Pushing Lies and Hate During UK Riots
• Far-right influencers turn against Trump campaign
• Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to
  distinguish who is real online (PDF).
• Department of Defense Civilian Employee Charged with Taking Classified Documents
• Hackers may have stolen the Social Security numbers of every American. Here’s how to
  protect yourself
• Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy
  Amid Lawsuit
• Brian Krebs: NationalPublicData.com Hack Exposes a Nation’s Data
• National Public Data reports highly publicized breach affected a total 1.3 million
  people
• The Slow-Burn Nightmare of the National Public Data Breach
• Google: Iranian backed group steps up phishing campaigns against Israel, U.S.
• A Single Iranian Hacker Group Targeted Both Presidential Campaigns, Google Says
• Arizona Man Pleads Guilty for Making Online Threats Against Public Servants Including
  Federal Officials
• Suspect identified in break-in at Trump campaign office in Virginia: Sheriff's office
• Threat of US Civil Unrest Is Low But Rising, Analysis Finds oOne in five voters and a third of Republicans believe the FBI was behind the
  assassination attempt on Donald Trump
• Trump's Shooting Rattled QAnon Believers. Then They Doubled Down
• Comer Seeks Information from Google and Meta on Potential Censorship of President
  Trump Assassination Attempt
• Meta warns of troll networks from Russia, Iran ahead of US elections
• Fake accounts on Meta pushed conservatives to run for office as independents
• HHS: United States Government’s Response to the Clade I Mpox Outbreak in the Democratic
  Republic of the Congo and Other Countries in the Region
• WHO: WHO Director-General declares mpox outbreak a public health emergency of
  international concern.
• Earth just had its warmest July on record; July was the globe’s 14th month in a row of
  record warmth
  

In this episode of The Gate 15 Interview, Andy Jabbour talks with Adam Vincent. Adam Vincent is the Founder & CEO at Bricklayer AI. Bricklayer AI is the first generative AI solution that brings autonomous AI agents and human experts into a single collaborative and effective security team. Bricklayer AI’s security-trained, generative AI agents execute critical security roles, operations, and procedures, empowering organizations to enhance the scale, speed, and sophistication of their security operations, investigate incidents faster and more thoroughly, enrich and analyze threat intelligence more completely, and enforce compliance standards continuously. Additionally, Adam has a long history of delivering leadership to early-stage companies to drive the development and launch of innovative products, create strategic GTM plans to capture explosive growth, enable sales and marketing, accelerate revenues, and increase profitability. Among his notable achievements, Adam:

• Founded and built a cybersecurity SaaS firm from $0 to $30M ARR
• Achieved 30% revenue CAGR over 5 years from 2016 to 2021
• Sold high margin $5M+ revenue government business unit
• Achieved an 86% CEO approval score on Glassdoor

Bricklayer AI is the first AI cybersecurity solution that enables autonomous AI specialists to work alongside human experts, to run a smarter, faster, and more effective security operations team. With Bricklayer AI, multiple independent AIs collaborate and use AI tools to accomplish complex cybersecurity procedures, all controlled using natural language. AI Security Analysts, AI Threat Intelligence Analysts, and AI Incident Responders add speed, augment and accelerate security teams’ capabilities in order to stay ahead of today’s most sophisticated AI-enabled threats. Learn more at bricklayer.ai.

In the discussion Adam and Andy discuss:

• Adam’s Background
• Bricklayer Basics: What is Bricklayer AI?
• AI 101.
• Bricklayer vs. Common LLMs.
• BlackHat 2024.
• What’s next for future of Bricklayer AI and artificial intelligence.
• Three Questions!
• Star Trek, a heart for service, boating, and more.

Selected links:

In this week's Security Sprint, Dave and Andy covered to following topics: 

Taylor Swift Terrorism Threat:

·       Two held in Vienna over Taylor Swift concert threat

·       Taylor Swift concerts in Vienna canceled after Austrian police say foiled terrorist plot targeted shows

·       Officials say suspects in foiled plot at Taylor Swift shows hoped to kill as many people as possible

·       Taylor Swift ISIS suspects ‘hired as guards’ wanted ‘to bomb gig & mow down fans’ before terror plot foiled by US spies

·       Taylor Swift concert terror suspect, 17, began working at venue days before foiled plot, say police

·       Alleged Taylor Swift terror plot fits a worrying trend as ISIS targets teens online

·       Suspect in Taylor Swift Vienna concert plot confessed to planning suicide attack, officials say

·       Taylor Swift ISIS bombing suspect pictured holding dual knives as chilling details of terrorist plot revealed

·       After Vienna threat: Music venues as terrorist targets

·       Taylor Swift concert terror plot suspect sought to kill self and 'as many people as possible,' officials say

·       Iraqi teen held in Vienna after Taylor Swift attack plot foiled

·       Officials say suspects in foiled plot at Taylor Swift shows hoped to kill as many people as possible

Hurricanes & Severe Weather. 

·       CSU's 2024 Atlantic seasonal hurricane forecast was released on 4 April and updated on 6 August

·       NOAA: Highly active hurricane season likely to continue in the Atlantic

·       Debby finally moves out of the US, some flooding risk and power outages remain

·       NOAA: Nation hit with record heat, wildfires and Hurricane Beryl in July

Election Security & Broader Considerations

·       Microsoft: Iran Targeting 2024 US Election. 

·       Iran uses fake news sites to interfere in U.S. election, Microsoft says

·       We received internal Trump documents from ‘Robert.’ Then the campaign confirmed it was hacked

·       Trump campaign says it is victim of foreign hack after leak of Vance report

·       The Hacking of Presidential Campaigns Begins, With the Usual Fog of Motives

·       DOJ: Pakistani National with Ties to Iran Charged in Connection with Foiled Plot to Assassinate a Politician or U.S. Government Officials

o   Pakistani national with ties to Iran charged in connection to a foiled assassination plot potentially targeting Trump

·       Winchester Man Arrested for Making Threats Against Vice President

·       Virginia man charged with threatening to kill Vice President Kamala Harris

·       CAIR Welcomes Charges Against Man Who Allegedly Made Death Threats Targeting VP Harris, Previously Threatened Muslims

Quick Hits:

·       CrowdStrike: Channel File 291 Incident: Root Cause Analysis is Available. Read the findings, mitigations and technical details of the Channel File 291 incident.

·       Ransomware & Data Breaches: 

o   Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication.

o   Rapid7: Rapid7’s Ransomware Radar Report Shows Threat Actors are Evolving …Fast.

·       Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory

·       Justice Department Disrupts North Korean Remote IT Worker Fraud Schemes Through Charges and Arrest of Nashville Facilitator

·       Research Report: Internet-Connected Industrial Control Systems (Part One)

·       White House working on cyber insurance policy proposal for ‘catastrophic’ incidents

·       Hackers leak 2.7 billion data records with Social Security numbers

·       On the Adoption of the UN Convention Against Cybercrime

·       DOJ: Assault of Congregants Outside a Washington D.C. Synagogue Charged as a Federal Hate Crime

·       U.S.: SEC ends probe into MOVEit attacks impacting 95 million people

·       Critical Infrastructure: Rewards for Justice: CyberAv3ngers.

·       White House cyber czar touts regulatory harmonization bill advancing through Congress

In the latest episode of Nerd Out, Dave and Alec looked at some recent security concerns related to venues including the cancellation of Taylor Swift concerts in Austria, and sabotage surround the Olympics. Then they moved to the 2/3 of the year awards - congratulations to our winners!

1. MVP. Secure by Design. https://www.cisa.gov/securebydesign
2. The Cobra (Sly Stallone) Award (you're the disease, and I'm the cure). Gate 15 GRIP (no shameless plugs).
3. The Dennis Green (they are who we thought they are). Politically motivated threat actors.
4. The Aldus Snow (don't forget about me). Ransomware - as if there was another.
5. Dumpster Fire award - CrowdStrike - despite their up front stance and taking accountability, this is still a big deal.
6. Scotty Doesn’t Know award (the threat that is lurking within). AI powered BEC. https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html
7. Avengers Team Up award. Co-winners. Companies helping rural healthcare (https://www.healthcareitnews.com/news/microsoft-and-google-white-house-offers-cybersecurity-tools-rural-hospitals) and the Loudon County Sherrif’s office for helping faith-based organizations.
8. Heath Ledger Joker award. Accelerationist - they just want to watch the world burn.

Then the nerds go all in on the season and the finale's of the Acolyte and House of the Dragon.

Some of the references from the above topics include:

T Swift Plot

• https://apnews.com/article/austria-taylor-swift-concerts-canceled-extremism-arrests 17b494f1a164b205128d7faeb607e731
  
• 
  https://www.bbc.com/news/articles/c1k37dm9e0eo
  
• 
  https://thesoufancenter.org/intelbrief-2024-august-9/
  

French Infrastructure Attacks

• https://www.cnn.com/2024/07/26/europe/france-rail-network-disruption-paris-olympics-intl-hnk/index.html
  
• 
  https://www.bbc.com/news/articles/c28eyr3y18yo
  
• 
  https://www.newsweek.com/cables-sabotaged-france-paris-olympics-2024-phones-1931370
  
• 
  https://www.cbsnews.com/news/paris-olympics-trains-sabotage-arrest-far-left-activist-phone-lines-telecommunications/
  
• 
  https://www.axios.com/2024/07/29/france-fiber-optic-olympic-attack

In this week's Security Sprint, Dave covered the following topics:

Warm Start. Sheriff's Office hosts summit focusing on safety at houses of worship

Main Topics.

• French coordinated infrastructure sabotage
• Middle East tensions and possibility of escalation with implications for the homeland
• Writing Paper Checks Is Not Safe: Cyber Security Goes Well Beyond Your Computer or Phone - National Cybersecurity Center
• Extreme heat, bone-dry vegetation and human misconduct prompting intense wildfire season
• Deadly Tropical Storm Debby begins its Southeast deluge

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Ross Girouard, Assistant General Manager, Credit Union of Texas Event Center, an over 6,000 fixed-seat multi-purpose indoor arena located in Allen, Texas, north of Dallas, and Michael McDermott, City of Allen, Texas.

• Credit Union of Texas Event Center Facebook & X/Twitter
• CUTXEventCenter.com

• Phishing and common Concerns
• Venue-specific cybersecurity considerations
• Cyber Resilience!

• Network Segmentation!
• Phishing Simulation!
• Contingency Planning!
• Relationships & the Human Factor!
• Understanding risk, risk prioritization and risk management!
• Balancing convenience and security

• Arena football war stories
• The criticality of communications
• More!

‘If you have a busy IT guy during the event, you’ve got a problem…’-Michael‘Cybersecurity has to be part of your everyday team’-RossIn the discussion we address:

In this week's Security Sprint, Dave and Andy covered the following topics.

North Korea Cyber Threats to U.S. Businesses:

• FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity.  
• North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.
• DOJ: North Korean Government Hacker Charged for Involvement in Ransomware Attacks Targeting U.S. Hospitals and Health Care Providers
• Microsoft: Onyx Sleet uses array of malware to gather intelligence for North Korea
• Google: APT45: North Korea’s Digital Military Machine. 
• North Korean hacking group targeted weapons blueprints, nuclear facilities in cyber campaigns
• KnowBe4: How a North Korean Fake IT Worker Tried to Infiltrate Us

CISA: Resources for Onboarding and Employment Screening Fact Sheet. Resource Materials: Resources for Onboarding and Employment Screening Fact Sheet

Physical Incidents:

• Understand the Hostile Events Attack Cycle!
• Two children killed and nine injured in knife attack at dance class in northern England
• DOJ: Man Pleads Guilty to Making Threats to Arizona Election Office
• Michigan man kills himself after running over 80-year-old Trump supporter
• Defendants with Ties to White Supremacy Sentenced in Connection with Plot to Destroy Energy Facilities
• Army review finds ‘series of failures' in lead-up to mass shooting in Lewiston, Maine

Quick Hits

• 7 people killed in stampede at a music concert in Congo's capital, authorities report
• NCTC: First Responders Toolbox - Emerging Technologies and Possible Malign Uses by Terrorists

Olympics: 

• Man arrested over suspected French railway vandalism
• French rail lines disrupted by ‘coordinated sabotage’ ahead of Paris Olympics opening ceremony
• Russian chef arrested in Paris over alleged ‘large scale’ Olympic Games plot
• ISIS? Russian sabotage? The biggest security threats at these Olympics.
• ISIS-K’s online recruitment poses security threat to West ahead of Olympic Games
• Terrorism, Drone Use Among the Security Risks at 2024 Paris Olympics
• France launches large-scale operation to fight cyber spying ahead of Olympics

CrowdStrike: Remediation And Guidance Hub:
Falcon Content Update For Windows Hosts,  

• House Homeland Security aims for CrowdStrike hearing in September
• Preliminary Post Incident Review (PIR): Content Configuration Update Impacting the Falcon Sensor and the Windows Operating System (BSOD)
• CrowdStrike: Remediation and Guidance Hub: Falcon Content Update for Windows Hosts
• CrowdStrike says bug in quality control process led to botched update
• Inside the 78 minutes that took down millions of Windows machines
• How IT Departments Scrambled to Address the CrowdStrike Chaos
• Microsoft says EU rules made CrowdStrike outage possible
• Threat Actor Distributes Python-Based Information Stealer Using a Fake Falcon Sensor Update Lure
• Cyberattacks may follow CrowdStrike outage, warns MS-ISAC

Donald Trump Assassination Attempt: Takeaways from FBI testimony: Trump shooter searched details of JFK assassination and flew drone near rally site

• FBI: Would-be assassin was fixated on Trump, studied earlier high-profile killing
• Trump Shooter Used Drone Like a ‘Rearview Mirror’ Before Assassination Attempt

Other items that may be of interest:

• TikTok Collected U.S. Users’ Views on Gun Control, Abortion and Religion, U.S. Says
• Dragos: Intelligence Brief: Impact of FrostyGoop ICS Malware on Connected OT Systems
• Hackers shut down heating in Ukrainian city with malware, researchers say
• Novel ICS Malware Sabotaged Water-Heating Services in Ukraine
• Senators to FTC: Car companies’ data privacy practices must be investigated
• Russian ransomware gangs account for 69% of all ransom proceeds
• Phishing Landscape 2024: An Annual Study of the Scope and Distribution of Phishing

In this episode of The Gate 15 Interview, Andy Jabbour talks with Reason Magazine’s Elizabeth Nolan Brown and Jessica Dickinson Goodman in part two of our two-part series on encryption. Jessica and Gate 15 are members of the Global Encryption Coalition.

Elizabeth Nolan Brown. Senior Editor, Reason; President, Feminists for Liberty. Elizabeth Nolan Brown is a senior editor at Reason and the author of Reason’s biweekly Sex & Tech newsletter, which covers issues surrounding sex, technology, bodily autonomy, law, and online culture. She is also co-founder of the libertarian feminist group Feminists for Liberty, and a professional affiliate of the journalism program at the University of Cincinnati. Brown has covered a broad range of political and cultural topics since starting at Reason in 2014, with special emphasis on the politics, policy, and legal issues surrounding sex, speech, tech, justice, reproductive freedom, and women’s rights. She lives in Cincinnati, Ohio, with her husband, sons, and two cats. Andy is a big fan of her cat and family pictures. Read here complete bio at Reason.

• LinkedIn
• You can find her on most popular social media sites as ENBrown.

Jessica Dickinson Goodman. Jessica Dickinson Goodman is the current chair of the Chapter Seeding Committee of the San Francisco Bay Area ISOC Chapter and past-President, serving in that role for three years. As Board President, encryption protection and education played a major role in her agenda. She ran a monthly tactical tech support webinar series for community members in how to use encryption tools to protect personal privacy in a post-Dobbs world, wrote and published Encryption for Babies, is featured on the front page of the Global Encryption Coalition’s YouTube channel talking about encryption.

• LinkedIn
• Jessica & Global Encryption Coalition, on YouTube

In the discussion Liz, Jessica, and Andy discuss:

• Liz and Jessica’s backgrounds.
• Encryption 101 and why is it important.
• What led you to join the Global Encryption Coalition.
• Liz’s journalistic background covering sex, tech, privacy and related matters at Reason.
• Are we too paranoid?
• Law enforcement & legislation & breaking encryption.
• STOP CSAM, the EARN IT Act and Section 230.
• Protecting children vs. protecting privacy or protecting children and protecting privacy.
• Recommendations for law enforcement and legislators.
• Three Questions!
• And more.

Selected Links:

• Global Encryption Coalition. The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. Its mission is to promote and defend encryption in key countries and multilateral fora where it is under threat. The GEC also supports efforts by companies to offer encrypted services to their users.
• GEC members
• Elizabeth Nolan Brown, selected writings:

• The Bipartisan Antitrust Crusade Against Big Tech
• Childproofing the Internet
• Judge Blocks Biden Administration's Strict Asylum Restrictions
• The New Campaign for a Sex-Free Internet
• The EARN IT Act Is Back. Here's What People Are Saying.

• Senator proposes new encryption provision in bill against online child exploitation
• Hawley, Durbin unite to push STOP CSAM Act forward
• Reps. Sylvia Garcia and Barry Moore, Sen. Durbin Introduce the Strengthening Transparency and Obligations to Protect Children Suffering from Abuse and Mistreatment Act
• CDT: The STOP CSAM Act Threatens Free Expression and Privacy Rights of Children and Adults
• EFF: The STOP CSAM Act: Improved But Still Problematic
• Wikipedia: EARN IT Act
• Tuta: How Germany was key to stop chat control - and how the name helped with that.
• Tuta: Another privacy win for NOYB: Your data is up for grasps? Not so in the EU – not even for Meta’s AI!
  

In this week's Security Sprint, Dave and Andy covered the following topics:   DHS Announces $18.2 Million In First-Ever Tribal Cybersecurity Grant Program Awards. “For far too long, Tribal Nations have faced digital and cybersecurity threats without the resources necessary to build resilience,” said Secretary of Homeland Security Alejandro N. Mayorkas.    Main Topics:   Beryl!! & Hurricane Preparedness. Port of Corpus Christi announcement. https://portofcc.com/hurricane-beryl-impact-to-the-port-fully-transitioned-to-post-storm-recovery/ Airline impacts. https://www.cbsnews.com/news/hurricane-beryl-houston-texas-travel-flights-airlines/   Ransomware Ransomware Attack Demands Reach a Staggering $5.2m in 2024 Risky Biz News: Ransomware attacks increase hospital mortality rates Risky Biz News: A ransomware attack is putting lives at risk across South Africa Halcyon Whitepaper: What CFOs Should Know about Ransomware   FBI Helps Public to Recognize Signs of Concerning Behavior  https://www.fbi.gov/news/stories/behavioral-analysis-unit-asks-public-to-talk-to-someone-you-trust-if-you-notice-concerning-behaviors    Microsoft: Combatting AI Deepfakes: Our Participation in the 2024 Political Conventions   CDC Reports Fourth Human Case of H5 Bird Flu Tied to Dairy Cow Outbreak   Quick Hits: Another far right group marches through downtown Nashville Pa. Capitol evacuated over emailed bomb threat 'Local Residents' Terrorizing City Council Meetings Were Actually Overseas, Feds Allege Europol: Taking action against antisemitism – close to 2 000 pieces of content flagged for removal Fifty violent attacks shock France ahead of crunch vote A Hacker Stole OpenAI Secrets, Raising Fears That China Could, Too Europol coordinates global action against criminal abuse of Cobalt Strike CISA: Guide to Operational Security for Election Officials

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Brendan Farley, Vice President of Operations & General Manager, San Diego Theaters.In the discussion we address:

• Brendan’s background.
• What Crowd Management is.
• Crowd Management training, sharing, learning, exercising.
• Managing the dynamic and complexities of the social media environment.
• Understanding protests and the importance of de-escalation.
• Tom Cruise, Top Gun and throwing down the gauntlet!
• Collaboration, collaboration, hyper-collaboration! Leveraging public sector resources.  
• What’s on Brendan’s mind?
• More!

• The Gate 15 Interview: Dr. G. Keith Still on crowd security, drinking whisky, smashing ashtrays in Saudi Arabia, the Land of Ice and Fire, and what not to ask a Scotsman. 24 Jul 2023.
• Nerd Out Security Panel Discussion: EP 19. Talking Crowd Control and the Holidays – in 2 Parts! Nov 2021.
• Protests, a Nerd Out! Security Panel Discussion, Mar 2021.

“Safety and security is definitely a team sport.” – Brendan Farley, during our podcastAs discussed in the pod, for additional discussion on this topic, see:
Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Eric Neill, Director of Theatre Operations at the Boch Center in Boston. Eric as worked in Performing Arts Venues for the past 25 years in Boston and NYC. He has over 25 years of security management experience specializing in event security and executive protection. Eric is the holder of many other security and life safety certificates including Executive Protection from LaSorsa & Associates and Emergency Trauma Response and is a certified instructor of the ALIVE Active Shooter. Eric holds memberships in American Society for Industrial Security (ASIS), National Fire Protection Association (NFPA) and International Association of Venuw Managers (IAVM) where is a graduate of the Academy of Venue Safety and Security and is currently the Chairman of Performing Arts Security & Safety Committee. Mr. Neill is honored to have received the National Defense Service Medal while serving in the United States Coast Guard and the Hero’s Among Us Award in 2012 where he was honored at the TD BankGarden and Boston’s City Hall.

In the discussion we address:
• Eric’s background.
• Security Protocols.
• Screening and search procedures.
• Managing VIP areas.
• Handling disruptive attendees.
• More!

In the latest episode of Nerd Out, Alec and Dave talked through a series of topics that include examining the recent arrest of an individual who was planning a hostile event, as well as others that were disrupted speaking to the importance reporting suspicious behaviors. Then they talked about nation-states and their ability to influence through a variety of actions and leading up to the election. They wrapped up the security portion of the pod on severe weather and the importance of preparedness. Finally, the ran through the upcoming slate of Marvel movies and television shows to determine if they are in or out.

Some of the materials discussed in the pod include:

Mass shootings

• https://www.nbcnews.com/news/us-news/new-jersey-marine-accused-threats-kill-white-people-mass-shooting-rcna152082
• https://www.cbsnews.com/philadelphia/news/delaware-county-linen-shooting-pennsylvania/
• https://www.nbcphiladelphia.com/news/local/chester-workplace-shooting-delaware-county-linen-deadly-disgruntled-employee-pennsylvania/3866970/
• https://projects.voanews.com/mass-shootings/english/locations/workplace.html
• https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf
• https://www.dhs.gov/nationwide-sar-initiative-nsi/online-sar-training
• https://www.dhs.gov/see-something-say-something
• https://www.cisa.gov/topics/physical-security/insider-threat-mitigation
• https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic

Foreign Influence

• https://www.reuters.com/world/uk/suspects-alleged-russia-linked-uk-arson-attack-face-trial-next-year-2024-05-10/#:~:text=United%20Kingdom-,Suspects%20in%20alleged%20Russia%2Dlinked%20UK%20arson,to%20face%20trial%20next%20year&text=LONDON%2C%20May%2010%20(Reuters),British%20court%20heard%20on%20Friday.
• https://www.nbcnews.com/news/investigations/russias-brazen-intensifying-sabotage-campaign-europe-rcna147178
• https://abcnews.go.com/International/wireStory/poland-arrests-sabotage-suspects-warns-potential-hostile-acts-110438127
• https://apnews.com/article/russia-estonia-baltics-sabotage-spying-kallas-62835b00fdb31f648ebe2259908ca2a1
• https://www.wsj.com/world/europe/europe-sees-signs-of-russian-sabotage-but-hesitates-to-blame-kremlin-72598d4b
• https://www.telegraph.co.uk/news/2024/05/11/russia-recruiting-far-right-extremists-attacks-west-putin/

Hurricanes

• https://www.noaa.gov/news-release/noaa-predicts-above-normal-2024-atlantic-hurricane-season
• https://tropical.colostate.edu/forecasting.html
• https://www.ready.gov/

In the latest episode of Nerd Out, Dave welcomes in Alec Davison as his partner in crime for the podcast. After they get through the excitement of the latest Taylor Swift album, they talked through the latest activity in the Middle East and what it could mean domestically. Then they looked at the latest news related to the U.S. election including the recent incident outside of the Trump trial and potential concerns that may play out over the course of the year especially related to mis/dis/mal-information. They wrap up the pod with some real nerd discussions on Star Wars and what the new series has to offer! Alec Davison is the Lead Analyst at the Water Information Sharing and Analysis Center (WaterISAC). In addition, he works as a Risk Analyst at Gate 15. He holds an M.A. in Security Policy Studies from George Washington University. Some of the resources discussed in the pod include: https://www.cisa.gov/resources-tools/resources/personal-security-considerations-action-guide https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic https://www.dni.gov/files/NCTC/documents/jcat/firstresponderstoolbox/89s_-_Violent[…]il_Unrest_and_Public_Assemblies_in_the_United_States-survey.pdf Mobilization/SARs https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf https://www.dhs.gov/nationwide-sar-initiative-nsi Info sharing communities https://www.dhs.gov/fusion-centers https://www.nationalisacs.org/

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Christopher Post, Assistant General Manager, Amarillo Civic Center Complex. Christopher graduated from West Texas A&M University with a Bachelor of Business Administration. He has been in venue management for 18 years and prior to that, was a professional musician for a little over 20 years (yes, he started very young!). As Assistant General Manager, his duties have included serving as the Emergency Coordinator and First-Aid Response Trainer for the Amarillo Civic Center since 2009. He is a graduate of IAVM’s AVSS and VMS. Read more at his complete LinkedIn profile.

• Amarillo Civic Center Complex® - Meet. Play. Celebrate.

• Christopher’s background.
• Clear, consistent, collaborative, communications.
• Throwing EAP’s in the trash a few times.
• The 10-80-10 rule.
• The value of full-scale exercises.
• Name dropping some champions from the community.
• More!

“It has to be muscle memory, it has to be automatic.”In the discussion we address:

In the latest episode of Nerd Out, Dave is solo and integrating his love for Ted Lasso into the security world. Challenging everyone to be curious, Dave evaluates the famous dart game in Ted Lasso (season 1) and calls out three points for individuals and organizations to be focused on as we evaluate threats. Whether it be the terrorist or extremist threat, or MDM, Dave reminds everyone to be mindful in their security preparedness planning.

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Stella Salyer, Assistant General Manager, Sales & Services, Virginia Beach Convention Center. Stella is a Nationally Registered Advanced Emergency Technician and volunteers every weekend in Virginia Beach’s 911 system. She holds certifications in Mass Casualty and Tactical Emergency Critical Care, Stop the Bleed instructor, and is a Proctor for Virginia Beach EMS’s Advanced EMT Academy. Read more at her complete LinkedIn profile. Contact Stella by email: [email protected].In the discussion we address:

• Stella’s background.
• First Aid and Emergency Response.
• Leadership during incidents.
• What’s on Stella’s mind.
• With a shoutout to Farrow Bouton, New Orleans Director of Event Services, for his and Smoothie King Center’s kind support to IAVM and AVSS 2024.

Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

In this special podcast, Andy welcomes in Dave and key members of the Faith-Based Information Sharing and Analysis Organization (FB-ISAO) to talk about the Lakewood church shooting. They looked at how the event unfolded, security processes, and lessons learned. Guests include: Mayya Saab, the Executive Director of FB-ISAO Ed Heyman, Co-Chair of the FB-ISAO ORG Phil Froehlich, Co-Chair of the FB-ISAO ORG

In this week's Security Sprint, Dave and Andy discussed the following topics: Warm Start:  Announcement! WaterISAC is excited to announce that this Spring, it will be hosting H2OSecCon as a one-day virtual event on Thursday, May 23 from 11 AM - 5 PM ET! T National Rural Water Association and WaterISAC Collaborate to Benefit Small Water Utilities Nationwide AMWA reiterates cybersecurity views to Homeland Security Subcommittee   Lakewood Church Shooting Shooting at Joel Osteen's Lakewood Church in Houston: Female shooter killed, 5-year-old child shot Joel Osteen statement in response to this incident, post to Threads Woman Opens Fire at Joel Osteen’s Texas Megachurch During Live TV Broadcast   Additional physical security items of note: Philadelphia Man Charged with Making Antisemitic and Islamophobic Threats Islamic State, Al-Qaeda Call for Violence Against Jewish Communities Following October 7 Attack Tennessee man who was working with militias planned to act as a sniper and attack Southern border, feds say.  U.S. Strike in Baghdad Kills Iranian-Backed Militia Commander Iraq Criticizes US Strikes After Baghdad Attack Killed Iran-Backed Militant Group Commander CISA Releases Violence Prevention through De-escalation Video.   AI. FCC Confirms that TCPA Applies to AI Technologies that Generate Human Voices AI-Generated Voices in Robocalls Are Now Illegal How a Biden AI robocall in New Hampshire allegedly links back to a Texas strip mall Taylor Swift deepfakes on X falsely depict her supporting Trump AI Deployed Nukes 'to Have Peace in the World' in Tense War Simulation  NYPD and WhatsApp. https://nypost.com/2024/02/05/business/nypd-tests-old-school-tactics-in-the-bronx-to-combat-shoplifting/   Info Ops:  Russia Is Boosting Calls for 'Civil War' Over Texas Border Crisis. Chinese Websites Posing as Local News Outlets Target Global Audiences with Pro-Beijing Content CISA Launches #Protect2024 Resources Webpage for State and Local Election Officials Quick Hits:   Severe Weather: Historic storm sends debris through LA’s Hollywood Hills and leaves 1.1 million without power 3 dead as storm pummels California, causing flooding and dozens of mudslides in L.A. area More than 120 people are dead and entire neighborhoods have been reduced to ashes in record-breaking Chile wildfires The growing inadequacy of an open-ended Saffir–Simpson hurricane wind scale in a warming world Hurricanes are getting so intense, scientists propose a Category 6 More on Scams & Fraud:  Think you know what the top scam of 2023 was? Take a guess As Nationwide Fraud Losses Top $10 Billion in 2023, FTC Steps Up Efforts to Protect the Public IRS warns tax professionals to be aware of EFIN scam email; special webinars offered next week   Ransom where? Everywhere.  Chainalysis: Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline Ransomware Payments Hit a Record $1.1 Billion in 2023 GRIT Ransomware Annual Report 2023 (Q1-Q4) The Record: Ransomware tracker: The latest figures [February 2024] Malwarebytes 2024 State of Malware: Known ransomware attacks up 68% in 2023   Nation States   Subcommittee Chairman Garbarino Statement On PRC Persistent Access To U.S. Critical Infrastructure. CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance NSA: Combatting Cyber Threat Actors Perpetrating Living Off the Land Intrusions.  NSA and Partners Spotlight People’s Republic of China Targeting of U.S. Critical Infrastructure More Cyber News.  Verizon insider data breach hits over 63,000 employees Ivanti: CVE-2024-22024 (XXE) for Ivanti Connect Secure and Ivanti Policy Secure Researchers say attackers are mass-exploiting new Ivanti VPN flaw UK NCSC: Vulnerability management Canadian Centre for Cyber Security How updates secure your device (ITSAP.10.096)

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Gil Fried, Professor and Assistant Dean of the College of Business at the University of West Florida and a member of the International Association of Venue Managers (IAVM) Venue Safety and Security Committee. In the discussion we address:

• Gil’s background.
• Training and Supervising Security Staff.
• Sports Facilities and the Law & Crowd Management Doctor (on YouTube).
• What’s on Gil’s mind, including raucous crowds.

Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

In this inaugural episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Mark Herrera, Director of Education for the International Association of Venue Managers (IAVM). In the discussion we address:

• Mark’s background.
• We introduce this new podcast series.
• Leadership & Team Engagement.
• Building Resilience.
• Building Partnerships.
• What’s on Mark’s mind.

Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour, hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Tom Stockmeyer, Cyware’s Director, Enterprise East, ISAC's and Federal. Cyber security leader with experience in helping threat sharing communities such as ISACs and ISAOs and their Member companies improve the fidelity of their intel and accelerate threat intel sharing amongst Members. Tom served in the Marine Corps from 1979 to 1983. He has an MBA from the Michael Coles School of Business, Kennesaw University. Tom has held several executive positions, has served on numerous technology Boards.

• Tom on LinkedIn. 

In the discussion we address:

• Tom’s background from the Marine Corps to technology, entrepreneurship, to Cyware.
• Information Sharing successes and challenges, ISACs, ISAOs and Cyware helping to secure organizations across the Fortune 1000 and more.
• Challenges to effective info sharing.
• A shoutout to the good work being done at Aviation ISAC.
• Cyware, continuous innovation and automated collective defense.
• Long weekends and holiday threats.
• We play Three Questions and talk microwave food, the Marines, classic rock, classic movies and more!

A few references mentioned in or relevant to our discussion include:

• Cyware
• Intelligence Sharing is Caring: Collective Defense for a Safer Nation, an article in HS Today by Cyware CEO Anuj Gul, 13 Dec 2023
• Cyware Intel Exchange (CTIX)
• Cyware Collaborate (CSAP)
• Cyware Solutions for ISACs, ISAOs, and CERTs
• The Gate 15 Interview: Jeff Troy, President, Aviation ISAC, on public service, cybersecurity, understanding threats (and… colonizing the ocean?)

In this week's Security Sprint, Dave and Andy talk about the following topics.

• TribalHub's Fall 2023 Magazine is Here!
• ZeroFox Unspoken Security Podcast: Build Diverse Teams...or Die! In this episode of Unspoken Security, AJ Nash and Errol Weiss - Chief Security Officer for the Health Information Sharing and Analysis Center (Health-ISAC) - talk about the importance of building diverse intelligence teams.  They share their insights on the evolution of program and team building over the last decade (or more) and focus on how the exponential growth of hybrid and remote work as a result of the COVID-19 pandemic has changed our world. 

Terrorism & Extremism

• Former U.S. Marine Pleads Guilty to Firebombing a Planned Parenthood Clinic. https://www.justice.gov/usao-cdca/pr/former-us-marine-pleads-guilty-firebombing-planned-parenthood-clinic-orange-county-and
• 19-Year-Old Charged with 13 Counts of Interstate Threats. https://www.justice.gov/usao-pr/pr/19-year-old-victoria-gabriela-rodriguez-morales-charged-13-counts-interstate-threats
• On the Release of the 2022 Country Reports on Terrorism
• US Department of State: Country Reports on Terrorism 2022
• German Police Arrest Islamist Teens Planning Attack on Christmas Market, Synagogue
• ‘Goal is at least 20 people’: Teen arrested for allegedly threatening to shoot up church in comments on YouTube videos about Pulse nightclub massacre
• Dozens of Troops Suspected of Advocating Overthrow of US Government, New Pentagon Extremism Report Says
• 'Can't wait for the innocent to die': Man arrested for terrifying bomb threats via 911 texts

Severe Weather

• Record Breaking Losses. https://www.wsj.com/articles/a-punishing-year-of-thunderstorms-has-led-to-record-breaking-losses-102bfb0d?mod=hp_minor_pos10
• 2023 Atlantic hurricane season ranks 4th for most-named storms in a year

Geopolitics & Cascading Effects

• Suspected terror attack in France; One dead, two injured, after attacker yells 'Allahu akbar' and attacks passersby near Eiffel Tower
• Knifeman kills German tourist, wounds others near France's Eiffel Tower
• Paris knife attacker 'swore allegiance to IS' terrorist group, suffered from mental issues
• Paris attack: Mother of suspect had 'reported concerns', prosecutor says
• Paris attack: How the terrorist's confusing profile fooled those monitoring him
• Paris attack: What we know about Armand Rajabpour-Miyandoab, who killed one and injured others near the Eiffel Tower
• Las Vegas police, FBI foil reported terror plot involving Islamic State
• 15 New York synagogues hit with false bomb threats on Friday
• FBI New York Warns of Charity Fraud During Israel-Hamas Conflict
• FBI Jacksonville Warns of Charity Fraud Amid Conflicts
• CISA: Threat Actors Targeting Unitronics Devices Used in Water Facilities
• CISA warns of attacks on Unitronics tool used by water utilities, wastewater systems
• Federal officials investigating after pro-Iran group allegedly hacked water authority in Pennsylvania

Quick Hits

• Thousands of fake Facebook accounts shut down by Meta were primed to polarize voters ahead of 2024
• Ransomware ‘catastrophe’ at Fidelity National Financial causes panic with homeowners and buyers
• Will ChatGPT write ransomware? Yes.
• IRS, Security Summit partners launch 2023 National Tax Security Awareness Week focusing on holiday scams, protecting personal information as tax season nears
• Justice Department Announces Charges in Connection with Foiled Plot to Assassinate U.S. Citizen in New York City
• CISA Announces Secure by Design Alert Series: How Vendor Decisions Can Reduce Harm at a Global Scale
• CISA - Unlocking Tomorrow’s Cybersecurity: A Sneak Peek into ReadySetCyber

In this week's Security Sprint, Dave and Andy talked about the following topics:

Maine Shootings

• Attorney General Merrick B. Garland Statement on the Suspect in the Lewiston, Maine, Mass Shooting
• Statement from FBI Boston Division Special Agent in Charge Jodi Cohen on the Lewiston, Maine, Mass Shooting
• Maine shootings: gunman suspected of killing 18 people found dead
• Maine Shooting Suspect’s Body Found in Trailer: Officials
• Maine police alerted about ‘veiled threats’ from Robert Card weeks before mass shooting
• Mystery note left behind by Maine mass shooting suspect revealed
• Robert Card legally bought rifle believed to be used in Maine massacre days before mental health treatment: report

FB-ISAO: October 2023 Threat Level Statement Update – Threat Levels Raised to ELEVATED.

• The Physical Threat Level is “ELEVATED.” ELEVATED means that FB-ISAO is unaware of any specific threats, but there is concern that an event is more likely than normal. We are also closely monitoring events and are considering an escalation to “SEVERE,” meaning that an event is highly likely, but decided to not escalate to that level at this time.
• The Cyber Threat Level is “ELEVATED.” ELEVATED means that FB-ISAO is unaware of any specific threats, but there is concern that an event is more likely than normal.

Scams

• FBI IC3 PSA - Scammers Solicit Fake Humanitarian Donations: “The FBI is warning the public that scammers are committing charity fraud by soliciting fake humanitarian donations during the Israel HAMAS conflict. Scammers quickly pivot to charity fraud when catastrophic events occur, such as a war, a natural disaster, or an epidemic.”
• Anonymous Sudan Claims KFC Cyberattack Amidst Geopolitical Tensions
• Shooting outside Upper Darby mosque under investigation: police
• Cops stop car showing anti-Israel slogans, swastikas; say loaded gun found inside. Driver reportedly aimed to 'educate the public' on Israel-Hamas war's 'true events.'
• Israel flag in front of Nash Co. church vandalized
• CAIR Video: Muslim Woman Targeted by Hateful Tirade in Maryland

AI. FACT SHEET: President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence.

Quick Hits

• Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous.
• Mass exploitation of CitrixBleed vulnerability, including a ransomware group.
• CVE-2023-4966: Critical security update now available for NetScaler ADC and NetScaler Gateway
• Neuberger: New global initiatives will include information sharing, ransomware payment tracking
• DDoS threat report for 2023 Q3
• CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
• Cisco IOS XE Software Web UI Command Injection Vulnerability
• CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2023-20273 Cisco IOS XE Web UI Unspecified Vulnerability
• Space ISAC Watch Center Prepares for Cyber Threats in Space
• Empowering Small and Medium-Sized Businesses; A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan
• Logging Made Easy. CISA’s newest tool is a free and open logging and protective monitoring solution serving all organizations. Secure your Windows-based equipment today with Logging Made Easy.  

In this episode of The Gate 15 Interview, Andy Jabbour talks with Robert (Bob) Kolasky, “Advancing National Security Risk Management through Technology, Innovation and Governance,” who is presently serving as Senior Vice President for Critical Infrastructure at Exiger, where he is focusing on developing cutting-edge risk management solutions for critical infrastructure companies and supporting government agencies. Leads market strategy for addressing third party and supply chain risk in critical infrastructure and delivering analysis to support enhanced business and government operations. He also serves in a number of other roles including:

• Nonresident Scholar, Technology and International Affairs Program, Carnegie Endowment for International Peace
• Senior Associate, Center for Strategic and International Studies (CSIS)
• Senior Fellow, McCrary Institute at Auburn University

• Bob on LinkedIn.
• Bob on Twitter, @BobKolasky.

• We talk on Information Sharing Operations including the grouping of Mis- Dis- and Mal- info and what those terms mean, free speech and private-public coordination, solutions, and a speed round!
• We revisit our discussion on space as critical infrastructure.
• We explore what’s on Bob’s mind, including protecting our supply chains and cloud security.
• Three (more!) Questions with Bob Kolasky as we talk about scooters, the City of Light/the City of Love, and nudging the world in a better direction.
• And more!

• Exiger website
• The DHS Risk Lexicon (PDF)
• COLUMN: Addressing the Homeland Security Threat from China, 18 Jan 2023
• COLUMN: Advancing Homeland Security Risk Governance, 22 Sep 2022
• COLUMN: The Country Can’t Afford a ‘Pause’ on Combating Disinformation and Violence, 15 Jul 2022
• Pro-China Disinformation Campaign Claims US Started Maui Fires in a ‘Weather Weapons’ Experiment, Falsely Citing the UK’s MI6
• 5th Circuit finds Biden White House, CDC likely violated First Amendment
• Bob’s Exiger profile
• The Gate 15 Interview: Bob Kolasky talks critical infrastructure, risk, Guns N’ Roses and pizza! (November 2021)

Previously, Bob served as Cybersecurity and Infrastructure Security Agency’s (CISA) Assistant Director, leading the National Risk Management Center (NRMC) and in a number of other critical homeland security roles and responsibilities.
In the discussion:
 
A few references mentioned in or relevant to our discussion include:

In this episode of The Gate 15 Interview, Andy Jabbour visits with Dr. G. Keith Still, Crowd Dynamic Expert, Visiting Professor of Crowd Science at University of Suffolk and Director, Crowd Risk Analysis Ltd. G. Keith Still BSc PhD FIMA FICPEM SFIIRSM FIPM FHEA MAE has a PhD in “Crowd Dynamics”. He combines risk analysis with crowd behavior in both crowd models and crowd simulations. He is a visiting Professor at University of Suffolk and teaches at Breda University of Applied Science (Holland). Keith has over 30 years of consulting experience across a range of international crowd safety and risk analysis environments and has advised on crowd behavior, crowd risks and crowd safety considerations for events of 500 people to 3,000,000 people. He has published two books on the subject of Crowd Safety and Crowd Risk Analysis “Introduction to Crowd Science” and “Applied Crowd Science.”His project/consulting work includes planning for the Royal Wedding (UK, 2011), Hajj projects, (Saudi Arabia, Jamarat 2000 - 2005, Makkah 2000 - 2013), Olympic Events (Sydney 2000, London 2014), New Year Events (London, Sydney, Dubai), Canada Day (Ottawa).

• Dr. Still on LinkedIn.
• By email: [email protected]

In the discussion we address:

• Keith’s background, teaching and current activities
• The International Association of Venue Managers (IAVM) and the Academy for Venue Safety and Security (AVSS)
• His visits to Saudi Arabia and experience securing the Hajj as well as smashing ashtrays and one of his favorite anecdotes
• The importance of risk registers and risk assessments
• The potential dangers of an attitude of “we’ve always done it this way, why should we change,” the psychology of behavior, and other ideas.
• And Keith plays Three Questions to discuss travel, food, kilts and more.

Some links from our discussion include:

• G K Still website
• Crowd Risk Analysis Ltd
• IAVM and AVSS (2023 info)
• NCS4

In this episode of The Gate 15 Interview, Andy Jabbour visits with Chris Anderson, Principal Advisor, National Security & Emergency Preparedness, Lumen Technologies. Chris Anderson is an incident management and infrastructure protection expert with three decades of government, military, and private sector experience. He is currently the Principal Advisor for National Security & Emergency Preparedness at Lumen. In addition to his role at Lumen, he is the 2023 Industry Chair of the Communications Sector Information Sharing and Analysis Center.Chris previously held a variety of emergency management and national security positions at the Federal Communications Commission and US Department of Homeland Security. He served as the FCC’s Chief of Operations and Emergency Management, leading the Commission’s incident management activities, operations centers, national security coordination, and Continuity of Operations programs. Prior to joining the Commission, Chris worked in critical infrastructure protection at the Department of Homeland Security, serving in a variety of leadership positions in the Office of Infrastructure Protection, including serving as Director of the National Infrastructure Coordinating Center. Chris began his career with a decade on active duty in the U.S. Navy as a helicopter pilot and retired from the Navy Reserve in 2016.Chris is a 2010 graduate of the National War College with a master’s degree in National Security Strategy; he holds a second master’s degree in Management Information Systems from Bowie State University and received his undergraduate degree from the University of Virginia.

• Chris’s background, in the Navy, at DHS, at the FCC and today with Lumen.
• The wild west days of DHS and what has become CISA
• ‘working hard, trying to make a difference’
• Incident response
• Working in the public and private sector.
• Chris’s thoughts on CISA and improving the private-public partnership
• Working with NATO.
• With shout outs to some great leaders and old friends including Bob Stephan, Linda Solheim, Bob Kolasky, Caitlin Durkovich, Steve Bieber, and others
• 4th of July celebrations, the glorious drink that is coffee, saving the world, and more!

After a month off, the Nerdies get back together to look at 2023. Dave welcomes back Bridget Johnson and Joe Levy to catch up on what has happened in 2023, and talk about what is surprising, and not so surprising in 2023, as well as look ahead for the rest of the year before getting into some fun summer questions. The topics included a look at the various hostile events, to include inspiration from previous threat actors, climate change and challenges addressing it, protests and demonstrations, as well as a reminder not to forget about international terror threats, how economic conditions can affect the workplace and other security challenges.

In the latest episode of the Risk Roundtable, Dave, Jen and Andy return to talk on very real and maybe somewhat less real threats across the all-hazards environment. Jen kicks things off sharing her thoughts on the recent FBI Advisory on jUIcE JaCKiNg!! Dave continues the focus on the FBI, sharing his heartfelt thoughts relating to the new Active Shooter report. Quick hits touch on Hurricane Preparedness, Patching (always patching!) and a new COVID report. The team then talks a little US-Russian history, and some musical history, as they dive into love it, hate it, or don’t care.

In the latest Weekly Security Sprint, Dave and Andy discussed the following topics.

DHS!

• Department of Homeland Security Issues QHSR Detailing Strategy to Stay Ahead of Evolving Threat Environment.
• 2023 State of Homeland Security Remarks: Tackling an Evolving Threat Landscape – Homeland Security in 2023
• Secretary Mayorkas Announces New Measures to Tackle A.I., PRC Challenges at First State of Homeland Security Address 
• State of Homeland Security: Mayorkas Launches Artificial Intelligence Task Force, ‘Sprint’ to Assess China’s ‘Especially Grave Threat’

See Something, Say Something – Possible Faith-Based Attack Averted & FB-ISAO Turns Five!

• Man Arrested at Church Service After Members Believe he was Testing Security of Church.
• Man fights officers in church; vehicle discovered stocked with weapons, ammo
• Man's behavior at Texarkana revival service leads to his arrest, seizure of guns, survival gear

FB-ISAO: Five Years Strong. “Happy Anniversary to the Faith-Based Information Sharing and Analysis Organization. 18 April 2023, marks five years of serving the community of faith with information, analysis, and capabilities to help reduce risk while enhancing preparedness, security, and resilience across all-faiths and all-hazards. Our members include Houses of Worship, Charities, Faith-Based Schools, and their affiliated organizations. We are five years strong!”

4-20! Cannabis ISAO Shares Cybersecurity Best Practices for the Cannabis Industry

• 4-20 2023! Cybersecurity Best Practices for the Cannabis Industry.

Quick Hits:

• Water-palooza! The Gate 15 Interview: April is Water-palooza! Chuck Egli and Jen Walker talk WaterISAC!
• Attorney General Brenna Bird Sues Biden Administration over New Cybersecurity Regulations for Public Water Systems 
• Save the Date for H2OSecCon 2023! 

Ransomware – March Was a Record Setting Month & Dragos Ransomware Report

• March 2023 broke ransomware attack records with 459 incidents.
• Ransomware is a major threat to smaller utilities, manufacturers and health care providers: report.
• Dragos Industrial Ransomware Attack Analysis: Q1 2023.

Blended Threats – Critical Infrastructure Space Asset Disruption Impacts Farming Operations 

• Farmers ‘crippled’ by satellite failure as GPS-guided tractors grind to a halt. T  

New FBI Elder Fraud Report

• Elder fraud costs Maine victims millions of dollars, report finds.

3CX – Attack x Within x Attack

• Mandiant: 3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible.
• Software Maker 3CX Was Compromised in First-of-its-Kind Threaded Supply-Chain Hack.
• The 3CX cyberattack was the result of two supply-chain hacks, Mandiant says

SBOM, SBOM, You’re my SBOM!

• CISA Releases Two SBOM Documents. On Friday, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM documents and Minimum Requirements for Vulnerability Exploitability eXchange (VEX). 
• Types of SBOM document 
• Minimum Requirements for VEX document 

Chinese Police Outposts

• US Brings Charges Over Secret Chinese Police Outpost.
• DOJ: Two Arrested for Operating Illegal Overseas Police Station of the Chinese Government.

In this week's Security Sprint, Dave and Andy talked about the following topics:

Insiders, hostile events, and data loss

• Louisville. AP: https://apnews.com/article/downtown-louisville-shooting-dc7b45a9c5d2b384a16d653864f8b735
• DoD Data Loss. USA Today: https://www.usatoday.com/story/news/politics/2023/04/13/dod-leaked-documents-pentagon-military-secrets/11648829002/

Ransomware

• Major cybersecurity flaws led to Suffolk County ransomware attack:
• The LockBit ransomware (kinda) comes for macOS; Analyzing an arm64 mach-O version of LockBit⁠ & ⁠LockBit ransomware gang appears to be targeting Macs for the first time
• Risky Biz News⁠: NCR gets ransomwared: NCR, the world’s largest banking and payments software maker, has ⁠confirmed⁠ that a recent data center outage was caused by a ransomware attack. And see ⁠NCR suffers Aloha POS outage after BlackCat ransomware attack
• Karakurt returns: Chinese security firm QiAnXin has a report on ⁠the return of Karakurt⁠, the data extortion division of the old Conti gang.
• Technical Analysis of Trigona Ransomware⁠ & ⁠Trigona Ransomware Attacking MS-SQL Servers⁠
• Vice Society ransomware uses new PowerShell data theft tool in attacks⁠
• Risky Biz News⁠: Kadavro ransomware: Fortinet has an ⁠analysis⁠ of the new Kadavro ransomware they’ve been seeing distributed in the wild disguised as a Tor Browser installer.
• Risky Biz News⁠: LockBit ransomware: French security firm Glimps has published a ⁠technical analysis⁠ of Lockbit’s new version, known as LockBit Green.
• Risky Biz News⁠: RTM Locker: Trellix researchers have discovered a new RaaS platform named Read The Manual, or ⁠RTM Locker⁠. 

Space as Critical Infrastructure:

• FDD: Time to Designate Space Systems as Critical Infrastructure & Opinion: Time to designate space systems as critical infrastructure, and reported here: Cyberspace Solarium Commission says space systems should be considered critical infrastructure

Others:

• Faith-Based Security: FB-ISAO Newsletter, v5, Issue 4. FB-ISAO is Five Years Strong, Mass Shooting at Covenant School, SPOTLIGHT: Resources, Upcoming Events.
• FB-ISAO: Faith-Based Organizations Continue to Be Targets of Hostile Events.
• A Proclamation on Days Of Remembrance Of Victims Of The Holocaust, 2023
• Statement from President Joe Biden on Orthodox Easter
• CSU released its first forecast for the 2023 Atlantic hurricane season on Thursday, April 13. We anticipate that the 2023 Atlantic basin hurricane season will have slightly below-average activity.

MDM:

• THE CYBERSECURITY 202: Russians boasted of undetected bots, leaked documents show.
• Risky Biz News: Misinformation superspreaders: A report found that Twitter Blue accounts are some of the platform’s biggest spreaders of misinformation.
• Unleash the Twitter Bots
• What it will look like if China launches cyberattacks in the U.S. “If Xi Jinping moves on Taiwan, we should assume he’ll launch cyberattacks against the United States as part of the operation,” Rep. Mike Gallagher (R-Wis.), chair of the House Select Committee on China, said in an emailed statement.
• Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not. ’But even if the event turns out not to be the work of an outside malicious hacker, the threat to water treatment facilities is still very real, said Jennifer Lyn Walker, director of infrastructure cyber defense at the Water Information Sharing and Analysis Center. Furthermore, she said, the incident helped give the attention needed to kickstart a larger conversation about securing the water and wastewater systems, particularly for smaller utilities.
• A cyber attack hit the water controllers for irrigating fields in the Jordan Valley; A cyber attack paralyzed the water controllers for irrigating fields in the Jordan Valley that are operated by the Galil Sewage Corporation.

In the latest episode of the Weekly Security Sprint, Dave and Andy covered the following topics:

Nashville School Shooting:

• CNN: https://www.cnn.com/us/live-news/nashville-shooting-covenant-school-03-27-23/index.html

Gate 15's Blue Jeans Worksho

• The Conversation: ⁠⁠Watermarking ChatGPT, DALL-E and other generative AIs could help protect against fraud and misinformation⁠⁠, 27 March, shared by BJW Panelist, Todd Helmus

Political Violence

• NBC: Trump warns of ‘potential death and destruction’ if he’s charged in hush money probe, 24 Mar
• Newsweek: Jim Jordan’s Response to Trump’s ‘Death & Destruction’ Post, 24 Mar
• CBS: “Significant increase” in threats online ahead of possible Trump indictment, 20 Mar
• Breaking 911: Bomb Threats Made Against Manhattan DA, Courts & NYPD HQ As Possible Trump Indictment Nears, 21 Mar
• NY Post: Envelope containing suspicious powder, death threat sent to DA Alvin Bragg’s NYC office, 24 Mar

Severe Weather:

• BBC: https://www.bbc.com/news/world-us-canada-65072195

Cybersecurity Regulations:

• CISA: CIRCIA at One Year: A Look Behind the Scenes, 24 Mar (Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA))

• CISA: JCDC Cultivates Pre-Ransomware Notification Capability, 23 Mar
• CISA: Getting Ahead of the Ransomware Epidemic: CISA’s Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs, 23 Mar

Ransomware:

• Palo Alto report: https://unit42.paloaltonetworks.com/multi-extortion-rise-ransomware-report/

• DataBreaches.net: Blended Threats! Cyberattack disrupts Spanish medicine distribution, 23 Mar
• Lawrence Abrams and Bleeping Computer: The Week in Ransomware - March 24th 2023 - Clop overload, 24 Mar

Others:

• Protests: @dave links?
• Washington Post’s Cybersecurity 202: Everything you need to know about Thursday’s four cyber hearings, 24 Mar
• CyberScoop: The pressing threat of Chinese-made drones flying above U.S. critical infrastructure, 23 Mar
• CyberScoop: Fact or fiction, hacktivists’ claims of industrial sabotage in Russia or Ukraine get attention online, 22 Mar and Mandiant: We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems, 22 Mar
• DoJ: Justice Department Announces Arrest of the Founder of One of the World’s Largest Hacker Forums and Disruption of Forum’s Operation, 24 Mar & CyberScoop: The FBI’s BreachForums bust is causing ‘chaos in the cybercrime underground,’ 24 Mar
• CISA: Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments, 23 Mar
  

In this week's Security Sprint, Dave and Andy talked about the following topics:

National Cybersecurity Strategy: 

• White House: FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy, 02 Mar 
• Gizmodo: I Read the Biden Administration’s New Cyber Policy So You Don’t Have To, 04 Mar 
• US House Committee on Homeland Security: Green, Garbarino Statement on the Release of the National Cybersecurity Strategy, 02 Mar 
• Risky Biz News: White House unveils National Cybersecurity Strategy, 02 Mar 
• CISA Readout: Director Easterly Visits Carnegie Mellon University, Calls for “Radical Change” for Technology Product Safety in Major Address, 27 Feb
• Industrial Cyber: National Cybersecurity Strategy sets its eyes on improving security, resilience across critical infrastructure, 03 Mar 
• WSJ: Cisco Chief Says Tech Products Must Be Made More Secure, 02 Mar 

Water Cybersecurity: 

• EPA: EPA Takes Action to Improve Cybersecurity Resilience for Public Water Systems, 03 Mar 
• Risky Biz News: EPA releases cybersecurity guidance for US public water sector, 05 Mar 
• CNN: US introduces new rules to protect water systems from hackers, 03 Mar 
• CyberScoop: EPA issues water cybersecurity mandates, concerning industry and experts, 03 Mar 
• SC Media: EPA memo pushes states to include cybersecurity in water safety reviews, 03 Mar 
• Industrial Cyber: EPA issues memorandum to address PWS cybersecurity using sanitary surveys, improve resilience, 06 Mar 

Homeland Security:

• Greek Protests: https://www.bbc.com/news/world-europe-64820085
• South Korean Protests: https://www.bbc.com/news/world-asia-64858944
• HS Today: DHS at 20: Mission Poised ‘to Grow Even More Complex’ as New Threats May Pose ‘Even Greater Potential for Harm,’ 01 Mar 
• Politico: Documents: DHS has a domestic-intelligence program, 06 Mar 
• NIJ: Assessing Risk of Terrorist Acts by Looking at Location Data and Demographic and Social Characteristics, 27 Feb 
• HS Today: National Institute of Justice Examines Link Between Location of Terrorists and Risk of Terrorism, 27 Feb 

Cybersecurity & Ransomware: 

• VulnCheck: The VulnCheck 2022 Exploited Vulnerability Report - A Year Long Review of the CISA KEV Catalog, 02 Mar 
• Recorded Future: 2022 Annual Report, 02 Mar 
• HS Today: Cyber Threat Trends to Watch This Year as Forecast by MS-ISAC, 02 Mar 
• Bleeping Computer: Play ransomware claims disruptive attack on City of Oakland, 03 Mar 
• CBS Bay Area: Ransomware hackers release some stolen Oakland data, 04 Mar 

Other: Gizmodo: Yikes, the U.S. Is Now Using Facial Recognition Rigged Drones for Special Ops, 27 Feb

In the latest episode of Nerd Out, Dave is joined by Bridget Johnson and Joe Levy as they talked about some of the hostile events to date in 2023 and looked ahead to the coming faith-based holidays and celebrations in the coming months. Bridget talked about the California shootings and the power of copy cats, while Joe focused attention on the various ways that organizations can deploy security protocols to reduce risk. The nerds then took a look ahead at the upcoming religious holidays and what that might mean for accelerationists and other hate-based groups. Joe then wrapped up talking about the upcoming AVSS event that is coming up in Pittsburg. Registration Information can be found here: https://iavm.org/events/avss/ 

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: [email protected]; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

In the latest episode of the Risk Roundtable, Andy does double duty, first welcoming Jen to get the latest on the ransomware threats, before bringing Dave in to talk about weather and natural disasters. Jen kicked things off talking about all things ransomware to include preparedness items, the recent Hive takedown, the importance of reporting, and ways to protect yourself. Dave then joined Andy to talk about the third-wheel in the all-hazards preparedness model - weather and natural disasters, especially in light of the recent earthquake in Turkey. The roundtable took a split approach to the end of pod questions talking about marathon's, some show dilemmas and the arc of Paul Rudd!

• US Secret Service: New Secret Service Research Examines for the First Time Five Years of Mass Violence Data, 25 Jan
• Washington Post: N. Carolina church says it lost nearly $800K in email scam, 28 Jan
• NWS: Hurricane Matthew in the Carolinas: October 8, 2016, page created: 29 Sep 2017, last updated: 26 Aug 2021

Ransomware and Cyber News:

• Bleeping Computer: VMware warns admins to patch ESXi servers, disable OpenSLP service, 06 Feb
• Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 03 Feb
• Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb
• CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb
• Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb
• Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb

In this week's Security Sprint, Dave and Andy talked about the following topics: 

Ransomware:  

• Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 3 Feb 
• Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb 
• CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb 
• Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb 
• Valentine’s Day 2023, :sparkling_heart: and 
• Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb 

DDoS: 

• Radware, Passion: A Russian Botnet, 31 Jan 
• Bleeping Computer, New DDoS-as-a-Service platform used in recent attacks on hospitals, 01 Feb 
• The Record: Customizable new DDoS service already appears to have fans among pro-Russia hacking groups, 03 Feb 

Faith-Based Security: 

• Fox 5, Las Vegas: Man threatened mass shooting at Las Vegas synagogue, police say, 31 Jan 
• ABC 7 News: SFPD arrest man suspected of firing blank rounds inside synagogue, bringing gun into theater, 05 Feb 
• Chinese Balloons: US DOD: Statement From Secretary of Defense Lloyd J. Austin III, 04 Feb 
• And see the Gate 15 SUN from Friday and Monday for numerous links. 

Baking in Cybersecurity: 

• Foreign Affairs: Stop Passing the Buck on Cybersecurity; Why Companies Must Build Safety Into Tech Products, 01 Feb 
• Washington Post Cybersecurity 202: How CISA plans to get tech firms to bake security into their products, 06 Feb 

Others: 

• FBI: Elicitation Techniques, 31 Jan 
• Voice of America, Russia Developing Weapons to Target Critical Subsea Cables, Pipelines, 02 Feb 
• Reuters: Huge earthquake kills 2,600 in Turkey and Syria, bad weather worsens plight, 06 Feb

On this week's Security Sprint, Dave and Andy provided insights and additional thoughts into the following incidents or security news items.

• DOJ: Evergreen Man Arrested for Making Threats of Violence to Law Enforcement Agencies and a Performing Arts Group, 17 Jan
• HS Today: Colorado Man Accused of Threatening Mass Shootings at FBI, DHS; Used FBI’s Online Tip Form, 17 Jan
• White House: Statement from President Joe Biden on the Shooting in Monterey Park, California, 22 Jan
• Chainanalysis: 2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking, 12 Jan
• Coveware: Improved Security and Backups Result in Record Low Number of Ransomware Payments, 20 Jan
• Gate 15: Blended Threats (update 1.1): Understanding an Evolving Threat Environment, 01 Mar 2018
• The Record: Samsung investigating claims of hack on South Korea systems, internal employee platform, 20 Jan
• WBRZ 2, ABC News: Cyber attack on clerk of court systems prompts sheriff’s sale cancellations, 17 Jan
• The Register: Punch-drunk Apple Watch called 15 cops to a boxing workout when it heard ‘shots’, 19 Jan
• CNN: High egg prices may tempt you to start your own backyard flock, but chickens carry some health risks
• FBI: Ten Most Wanted Fugitives FAQ — FBI

In the latest episode of the Risk Roundtable, Dave, Jen, and Andy wrap up their third year together and talk through recent events and talk about ways to fight off those seeking to ruin the holiday spirit. Dave and Andy kicked things off talking about the incident at the North Carolina power substation and what it could mean given recent events (Walmart shooting, Colorado Springs) and how to look at it from a preparedness standpoint. Jen dropped down the chimney and spread holiday cheer with a double shot of cybersecurity tips talking about holiday scams (in only the way Jen can do), and passwords (don't be like Dave). Then Dave then took the group back through some of the 2022 predictions to see if they were right, needed more time, or were off base before Andy put a bow on the podcast with a holiday themed question.

Some of the topics discussed on the pod:

• National Terrorism Advisory System & Bulletin 30 Nov 22
• HS Today: ’Targeted’ N.C. Substation Gun Attack Comes Amid Escalating Critical Infrastructure Threats, 04 Dec 22
• Washington Post: Walmart gunman showed troubling behavior before attack, ex-colleagues say, 04 Dec 22
• CNN: Gunman kills 5 at LGBTQ nightclub in Colorado Springs before patrons confront and stop him, police say, 21 Nov 22
• GridEx VII – November 14-15, 2023
• Congratulations, Troy & Charlotte Hunt! @troyhunt & @Charlotte_Hunt_
• And see Troy’s tweet: Happy birthday to @haveibeenpwned, born 9 years ago on 04 Dec
• Catalin Cimpanu on Mastadon: ‘The only infosec predictions that need to be taken seriously are the ones in a meme format’: https://mastodon.social/@campuscodi/109427978223448015
• Security Week: French Hospital Cancels Operations After Cyberattack, 05 Dec 22
• https://www.sentinelone.com/blog/5-cyber-scams-to-watch-out-for-this-holiday-season/
• https://www.bbb.org/article/news-releases/27843-bbb-study-update-reported-online-retail-fraud-losses-to-approach-$380m-in-2022
• https://www.helpnetsecurity.com/2022/11/29/most-common-passwords-2022/
• https://nordpass.com/most-common-passwords-list/
• https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/

In this episode of The Gate 15 Interview, Andy Jabbour visits with James A. DeMeo and Herb Ubbens on their work with Crowdguard, facility security and security best practices and more. 

James A. DeMeo, M.S. is a best-selling author, professional speaker, and event security expert. Mr. DeMeo brings vast experience to the public/private, non-profit, sports/entertainment, corporate, higher education & vendor management/contract analyst ecosystems. Mr. DeMeo serves as Vice President for Crowdguard US, a crowd safety solutions provider & CEO of Unified Sports and Entertainment Security Consulting, LLC., (USESC) based in Raleigh, NC. He was recognized by Security Magazine as The Most Influential People in Security 2017. Mr. DeMeo is also the author of the best-selling book, What’s Your Plan? A Step-By-Step Guide To Keep Your Family Safe During Emergency Situations. Mr. DeMeo holds professional memberships with both ASIS International and National Center for Spectator Sports Safety and Security-NCS4. He serves as a remote learning Adjunct Instructor with the following Universities: Tulane University’s School of Professional Advancement-SOPA, Jacksonville State University, Dept. of Kinesiology, Mercer University-Stetson School of Business where he teaches both graduate/undergraduate students about Event Security, Facilities and Risk Assessment. Mr. DeMeo is currently enrolled in an Online Higher Education Graduate Certificate Program at Appalachian State University-Cratis D. Williams School of Graduate Studies. 

• James on LinkedIn 
• James on Twitter: @JDeMeo007 

Herb Ubbens. Guiding organizations to increase their resiliency and emergency preparedness, reduce risk and provide safety and value to their clients and assets. Board Certified in Security Management (CPP) and Physical Security (PSP). SAFETY Act DHS Assessor in BPATS (Best Practices for Anti-Terrorism Security). OSHA general industry and construction trainer, safety expert and Project Manager. 

• Herb on LinkedIn 

In the discussion we address: 

• James’ and Herb’s backgrounds and the work they’re doing today to draw down risk and helping to secure mass gatherings and facilities. 
• Physical threats and reasonable ways to reduce risk 
• Best practices for organizations 
• James’ book, “What’s Your Plan?” 
• Thanksgiving, favorite drinks, and Gen X rock and hip hop! 

A few references mentioned in or relevant to our discussion include: 

• Crowdguard US website: https://crowdguardus.com
• Want to see the latest innovation in pedestrian protection within public spaces? Join us for Crowdguard US Demo Day December 8, 2022 at the North Carolina Museum of Art where we will display the 2019 Counter Terror award winning Surface Guard barrier system. Read more here! 
• Andy mentions Dr. Tamara Herold 
• Incident: Several Injured After Car Reportedly Drives Into Carnival in South Central 
• Incident: Investigation into fatal crash at Apple store in Hingham continues 
• International Association of Venue Managers (IAVM) 
• Academy for Venue Safety and Security (AVSS) 

It's never a good thing when Jen takes time and leaves Andy and Dave to their own devices. With Jen away, Andy tried to cover down for her and gave a shout out to all the cyber work being down by great security practitioners. Then the boys dug into hostile events and some of the challenges that individuals and organizations can face, even when they do the right thing. At the same time, there are also inherent responsibilities that we all have in identifying behaviors or contributing to a threat actor's pathway to violence by inaction (Michigan school shooting). Dave and Andy then talked about the upcoming election and all the work that is going to make safe and secure elections. However, there are also some potential risks that could occur in the aftermath. Finally, Dave and Andy have some fun talking about their top 5 (or 50) movies that they just can't turn off when they happen to see them on.

Some of the areas covered on the pod include:

• Gate 15 SUN: https://paper.li/gate15 
• Catalin Cimpanu: @campuscodi & the Risky Biz Newsletter, https://riskybiznews.substack.com 
• Lawrence Abrams: @LawrenceAbrams and Bleeping Computer @bleepincomputer, bleepingcomputer.com 
• Brian Krebs: @briankrebs, krebsonsecurity.com 
• Ransomware Data Leaks: @ecrime_ch, https://ecrime.ch 
• Gate 15: Education on Hostile Event Preparedness: Hostile Event Attack Cycle, 10 Nov 2022, 1:00-2:30pm ET 
• Access Gate 15 White Paper on The Hostile Event Attack Cycle (HEAC), 2021 Update: https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/
• Former DHS Assistant Secretary for Infrastructure Protection Brian Harrell Urges Community to Collaborate During Infrastructure Security Month, HS Today, 30 Oct 2022 (Brian Harrell on Twitter: @gridsecure) 
• Nerd Out Security Panel Discussion: EP 30. Dave going solo talking Elections and Manifesto Impacts, 20 Oct 2022 
• The Gate 15 Interview EP 28: Talking election security, tea and baseball, with Scott Algeier, 25 Oct 2022 
• CISA Director, Jen Easterly, @CISAJen, on Face the Nation, @FaceTheNation, speaking to election security. 
• @DarthPutinKGB on Twitter and the Darth Web Shop: ‘Do not believe *anything* until The Kremlin denies it’ 
• Prosecutors seek to introduce evidence Michigan school shooter's parents created a pathway to violence | CNN 
• FBI background check blocked gun sale to St. Louis school shooter 
• The USCP, FBI & San Francisco Police Joint Threat Investigation Conspiracy-Addled Intruder Allegedly Tried to Tie Up Paul Pelosi, Asked ‘Where’s Nancy?’
• Pelosi attack stokes Congress' fears: "Somebody is going to die" 
• Paul Pelosi recovering as attack renews focus on toxic politics Lawmakers reveal — and dispute — FBI conclusion about 2017 baseball field shooting 
• Rand Paul attacker sentenced to additional prison time over yard assault 
• Capitol Police data indicates threats to lawmakers have surged since 2017 
• Domestic violent extremism investigations doubled from 2020 to 2021: FBI, DHS 
• An Assessment of the Second U.S. Government Domestic Terrorism Assessment 
• Analysis | For cyber experts, disinformation overshadows cyberthreats in midterms 
• Feds warn that domestic violent extremists pose heightened threat to midterm elections 'Complex threat environment' ahead of midterm elections, top cybersecurity official says 
• How ‘mule watchers’ evolved from a Truth Social meme into a ballot drop box patrol FBI investigating after Conservation Voters of NM gets letter with threats and ‘substance’ 
• Experts fear rising global ‘incel’ culture could provoke terrorism

In the latest episode of Nerd Out, Dave went without the panel and talked about two topics - Election preparedness and the impacts of a recent attack, specifically analyzing the manfesto from the threat actor in the recent Bratislava attack. Tackling the upcoming U.S. midterm elections, Dave talks through some of the key considerations for individuals and organizations and about the various risks not just leading up to the election, but after as well. Then Dave transitioned to talking about the recent attack against a LGBTQ business in Bratislava and the information that was gleamed from the manifesto. Particularly interesting was the inspiration that was gained from the Buffalo attacker in May. Referencing work by Nerd Out alumni Bridget Johnson, Dave talked through the importance of this analysis and then how it could be used by another threat actor in the future. Dave then wrapped up the pod (technical difficulties aside) with some mailbag questions related to weather preparedness and gaining leadership buy-in.

Referenced in the pod: https://www.hstoday.us/featured/slovak-who-attacked-gay-bar-credits-buffalo-shooter-with-giving-him-final-nudge/

TCE talks Cybersecurity Awareness Month 2022 and Seeing Yourself in Cyber with Chris Foulon of the Breaking into Cybersecurity podcast.

Resources and Mentions (it’s a long list, but we love to share resources and other’s great work)

• Breaking into Cybersecurity Podcast: A conversation about what you did before, why did you pivot into cyber, what was the process you went through Breaking Into Cybersecurity
  • Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUI by Gary Hayslip, Christophe Foulon, Renee Small
• Hack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career https://www.amazon.com/dp/1801816638/ by Ken Underhill, Christophe Foulon, Tia Hopkins
• The Whole Cyber Human Initiative https://www.wholecyberhumaninitiative.org/Creating Workforce Development to fix the talent gaps today
• @chris_foulon
• @BreakintoCyber
• Whole Cyber Human Initiative
• Valorr Cybersecurity
• NIST National Initiative for Cybersecurity Education (NICE)
• @InfoSecSherpa(Tracy Z. Maleeff)
• Cybersecurity Awareness Month https://staysafeonline.org/
• @LisaPlaggemier
• The Gate 15 Interview: Cybersecurity Awareness Month 2022 with the National Cybersecurity Alliance, Auto-ISAC and FS-ISAC! Plus, background! shout-outs!! favorite movies, tigers, and more!!!

Not mentioned in this podcast, but a couple of relevant (CS)²AI podcasts hosted by @Derek_Harp that I came across after – I hope they don’t mind the mentions!

• (CS)2AI Podcast 53: Career Advice for Women Pursuing Cybersecurity Positions with Danielle Jablanski (Nozomi Networks) @CyberSnark
• (CS)2AI Podcast 52: Cybersecurity Careers, Educational Requirements and Resume Advice with Ron Brash Ron Brash (aDolus) @ron_brash

On the latest episode of the Risk Roundtable, Andy leads Dave and Jen through a discussion of the various awareness campaigns and how these efforts do a great job of providing resources and materials for all organizations, big and small. Focusing first on Cybersecurity Awareness Month that is ongoing in the month of October, Jen talked through the messaging, the themes (See Yourself in Cyber) and the importance of each of us doing our part. Later in the podcast, Dave shared his thoughts on National Insider Threat Awareness Month that concluded in September and the theme of Critical Thinking for Digital Space and how everyone can do their part. The team also talked about security preparedness for the upcoming holidays. Andy capitalized on the discussion to talk about security awareness and mindfulness to appreciate, regardless of who you are and what your beliefs are. To cap off the episode, Andy took the roundtable through his three questions to include the always spicy debates on pumpkin pie and pumpkin flavored drinks.

Microsoft Exchange links:

• https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/
• https://www.helpnetsecurity.com/2022/10/03/ms-exchange-cve-2022-41040-cve-2022-41082/
• https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41082-proxyshell-variant-exploited-in-the-wild
• https://isc.sans.edu/forums/diary/Exchange+Server+0Day+Actively+Exploited/29106

Additional links include:

• Rob Joyce Cybersecurity Awareness Month Tweet: https://twitter.com/nsa_csdirector/status/1576879730006974464?s=21&t=i5SFfoTH_fMVxFbhMl1I2A
• Catalin Cimpanu Cybersecurity Awareness Month Tweet: https://twitter.com/campuscodi/status/1573485751278379018?s=21&t=i5SFfoTH_fMVxFbhMl1I2A
• Podcast link – https://gate15.global/the-gate-15-interview-cybersecurity-awareness-month-2022-with[…]ac-plus-background-shout-outs-favorite-movies-tigers-and-more/
• Be A Cybersecurity Awareness Month Champion- https://staysafeonline.org/programs/cybersecurity-champion/
• NCTC indicators – https://www.dni.gov/index.php/nctc-newsroom/nctc-resources/item/2272-u-s-violent-extremist-mobilization-indicators-2021
• G15 resources IT - https://gate15.global/resources/insider-threat/
• Jen Lyn Walker Tweet - https://twitter.com/gate15_jen/status/1576978983064780804?s=21&t=i5SFfoTH_fMVxFbhMl1I2A
• Major in the United States Army and a Maryland Doctor Facing Federal Indictment for Allegedly Providing Confidential Health Information to a Purported Russian Representative to Assist Russia Related to the Conflict In Ukraine https://www.justice.gov/usao-md/pr/major-united-states-army-and-maryland-doctor-facing-federal-indictment-allegedly
• Honolulu Man Pleads Guilty to Sabotaging Former Employer’s Computer Network - https://www.justice.gov/usao-hi/pr/honolulu-man-pleads-guilty-sabotaging-former-employer-s-computer-network

In the latest episode of Nerd Out, Dave, Bridget, and Joe are together again and catch up on all the summer happenings to include an update on Bridget's ever-exciting news. The Nerd Out crew then turns to another list and talk about the significance and importance of the Homeland Security Today Hottest 50 list. Bridget gives some of the background on the list and some of the criteria that brought the list together while Dave and Joe were left to wonder if they might be on the list next year. Next, the gang talked about venue security and how the big summer season went relatively smoothly and what that could mean for the fall season and the upcoming significant events and holidays.

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: [email protected]; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

TCE is back with another travel-related PSA. In episode 21, it’s another monologue and travel-related public service announcement – this time on the risk of automatic out-of-office notifications.

In the latest of Nerd Out, Bridget and Dave talk about all things extremism with the most recent publication of "The Hard Reset" as well as the latest accelerationist document "Make it Count". Specifically they discussed: 

• the contents of the documents,
• the wide ranging themes,
• the targets mentioned tactics and techniques,  
• how this information could be used,
• what organizations can do 
• the recent joint product with contributors from multiple ISAC / ISAO, partners, and agencies

Then Dave and Bridget talked through the Uvalde school shooting and the recent lessons learned report from the Texas House of Representatives and how organizations can use the report to review their own security as well as avoid some of the issues identified. Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

After a drawn out thank you for the success of episode 19 (and 18), The Cybersecurity Evangelist is back to chatting about the human side of cyber in this summer PSA on travel-related scams.

Resources mentioned in this episode:

• Threat Actors Prepare Travel-Themed Phishing Lures for Summer Holidays
• Avoid Scams When You Travel
• ReportFraud.ftc.gov

It started off with sweaty shirts and Jen's big announcement and ended with Dave wondering about green tea. But in-between the latest episode of the risk roundtable saw Andy, Jen and Dave talk about familiar topics - namely persistent threats. Unfortunately for all the times we have talked about them, these threats hang around and continue to strike at individuals and organizations. Whether they are cyber or physical related, threat actor continue to go to the proverbial well again and again because they work. The gang talked about the latest cyber threats and recounted the latest string of hostile events ranging from Buffalo, to Texas, to California, and all the others in-between. Equally important to this discussion was the release of the latest National Terrorism Advisory System (NTAS) bulletin that addressed the latest threats and extremist risks (https://www.dhs.gov/ntas/advisory/national-terrorism-advisory-system-bulletin-june-7-2022). After going through the roulette round, Andy led Jen and a partially paying attention Dave through some fun yes or no questions. Items referenced in the Pod include: @Shadowserver https://twitter.com/Shadowserver - https://www.shadowserver.org Dave post on Active Shooter Incidents https://gate15.global/highlights-fbi-update-on-active-shooter-incidents-in-the-united-states/ Rob Yandow's paper on Physiological Response. https://gate15.global/the-brain-and-the-body-the-physiological-response-that-occurs-when-we-experience-fear-stress-trauma-and-critical-incidents/ HEAC White Paper https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/ KEV: https://www.cisa.gov/known-exploited-vulnerabilities MFA page (new) https://www.cisa.gov/mfa CISA Jen: https://twitter.com/cisajen/status/1534055424600641537?s=21&t=S54nhjh7Vjp_q7Co9wk0fg Water ISAC and Dragos. https://www.waterisac.org/portal/waterisac-partners-new-dragos-ot-cert-help-underserved-water-and-wastewater-systems @RobertMLee Dawn’s active on LinkedIn (Dawn Cappelli, CISSP) https://www.cisa.gov/uscert/ncas/alerts https://www.cisa.gov/uscert/ncas/current-activity Plus many more - listen in

This month, Jen tries to put the “evangelize” in The Cybersecurity Evangelist by spreading the word on some great work in the ICS cybersecurity community.

Resources evangelized in this episode:

• @BEERISAC OT/ICS Security Podcast Playlist https://podcasts.apple.com/us/podcast/beerisac-ot-ics-security-podcast-playlist/id1459741251
• Consequence-driven Cyber-informed Engineering (CCE) https://inl.gov/cce/
• ICS4ICS https://gca.isa.org/ics4ics
• Top 20 Secure PLC Coding Practices https://www.plc-security.com/index.html

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Ben Taylor, Executive Director for the Cannabis ISAO. Ben Taylor is the Executive Director of the Cannabis-ISAO. Ben also serves as a Risk Analyst to several Information Sharing & Analysis Centers and has previous security and operations experience as an Army Officer as well as working through the Department of Homeland Security’s (then) Office of Infrastructure Protection (now part of the Cybersecurity and Infrastructure Security Agency [CISA]). Ben has also spent several years in marketing and partner development roles within the tourism industry, to include working to promote Cannabis tourism in Oakland, California. To learn more about Cannabis ISAO, visit the Cannabis ISAO website, or on Twitter: @CannabisISAO and LinkedIn. 

In the discussion we address: 

• Ben’s background and the work he’s doing with Cannabis-ISAO today 
• Some background on the development of Information Sharing and Analysis Centers (ISACs) and Organizations (ISAOs) 
• Physical security challenges for the Cannabis Industry 
• Cybersecurity threats and issues facing the sector Scams, and other threats facing the community 
• Among other topics, Ben plays three questions with Andy to discuss dogs, favorite books, and more!

A few references mentioned in or relevant to our discussion include: 

• Cannabis ISAO website https://cannabisisao.org
• Cannabis ISAO Security Town Hall https://cannabisisao.org/2022/03/cannabis-security-town-hall/
• Cannabis ISAO blog and Director’s Cut posts https://cannabisisao.org/home/blog/
• Cannabis ISAO Director’s Cut: December 03, addressing a ransomware incident in the Cannabis Industry https://cannabisisao.org/home/report-incident/
• Report an Incident - Cannabis ISAO https://cannabisisao.org/home/report-incident/
• Get Involved - Cannabis ISAO https://cannabisisao.org/home/get-involved/
• Executive Order -- Promoting Private Sector Cybersecurity Information Sharing (13 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-shari
• Executive Order -- Improving Critical Infrastructure Cybersecurity (12 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity
• Presidential Policy Directive -- Critical Infrastructure Security and Resilience (12 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil
• PDD-63 - Critical Infrastructure Protection (20 May 1998) https://clinton.presidentiallibraries.us/items/show/12762
• Nerd Out Security Panel Discussion: EP 13. Cannabis ISAO! (18 May 2021) https://gate15.global/nerd-out-security-panel-discussion-ep-13-cannabis-isao/
• The Cybersecurity Evangelist: EP 8 – The ISAC Series, Part 4 – Faith-Based ISAO (10 Mar 2021) https://gate15.global/the-cybersecurity-evangelist-ep-8-the-isac-series-part-4-faith-based-isao/
• Blog Post: So why a Cannabis ISAO? (02 Apr 2021) https://cannabisisao.org/2021/04/blog-founder/
• Tucky Blunt Twitter https://twitter.com/BluntTucky
• Uncle Ike’s https://ikes.com/locations/white-center/

A chat with Erin Miller, Executive Director of Space ISAC, from the 37th Space Symposium

Have you ever thought about just how much reliance there is on space systems and how satellites – tons of them – are actually flying computers with IP addresses? In an episode that is out of this world, the Gate 15 Podcast Channel welcomes back a very special guest – Erin Miller, Executive Director of Space ISAC on the 18th episode of The Cybersecurity Evangelist – to talk about all that and more from the 37th Space Symposium at The Broadmoor in Colorado Springs. From an event that Erin called, “bigger than Disneyland,” we talked about the importance of securing space systems, the pivotal role that Space ISAC is playing to increase the cybersecurity posture for the global space community, and the general passion for cybersecurity among attendees and speakers at the symposium.

Resources mentioned in this episode:

• Space ISAC
• 37th Space Symposium
• Dr. Stacey Dixon (LinkedIn) – Principal Deputy Director of National Intelligence, ODNI
• CISA Director, Jen Easterly (Twitter)
• Women in Cybersecurity (WiCyS)
• Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers
• Purdue University
• University of Colorado Colorado Springs
• Colorado Springs Chamber & EDC
• United States Space Force
• United States Space Command
• United States Air Force Academy
• The Gate 15 Interview Ep. 16: Erin Miller, Executive Director, Space ISAC. Securing Space Infrastructure (and terrestrial critical infrastructure too!)

The gang is back together as Bridget Johnson and Joe Levy join Dave on the podcast to catch up on what they've missed while turning their attention to Ukraine and outdoor events. Within Ukraine, the nerdites talked about the effects of the current conflict, TikTok and the evolving information wars to include disinformation and misinformation campaigns on all sides, and what some outcomes may be long term. The gang then turned to thoughts of warmer weather and the upcoming outdoor events and activities. Looking at it through a security lens the Bridget, Joe and Dave looked at some important considerations while also keeping focus on those other events leading up to the 2022 election season. Before wrapping up with some pointed security plugs, the team talked about hurricane predictions and outdoor events to look forward to.

Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: [email protected]; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/   

Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Gary Warner, Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB) and the Director of Threat Intelligence for DarkTower. From his LinkedIn bio, “Gary is the ‘Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB). In this role, which brings together the Computer Science and Criminal Justice departments, he is concentrating on research that will help law enforcement and other security professionals to identify, apprehend, prosecute and convict those who are committing cybercrime, and spread information to victims and potential victims about cybercrime issues. 90 analysts and programmers work in the UAB Computer Forensics Lab building tools and providing intelligence for a variety of clients around Cybercrime, Fraud, and Terrorism, as well as the Social Media aspects of more traditional crimes, including Gang Activity and Transnational Drug Networks. In addition to his duties at UAB, Warner serves as the Director of Threat Intelligence for DarkTower, a subsidiary of Queen Associates in Charlotte, North Carolina. Gary Warner was the founding president of the Birmingham InfraGard chapter, and has served as secretary and member of the board of the InfraGard National Members Alliance, among other roles. 

Read more on LinkedIn. Gary on Twitter: @GarWarner. Gary’s blog: CyberCrime & Doing Time; A Blog about Cyber Crime and related Justice issues. “Malware analysis is a team sport” – Gary Warner, on information sharing, during our podcast recording In the discussion we address: 

• Gary’s backstory and the work he’s doing today 

• Information sharing and the value of plugging into information sharing communities 

• The great work being done by the FBI and CISA 

• The importance of knowing your competition, China, Russia, and ongoing threats 

• Some of Gary’s go-to resources 

• Gary talks about haikus, Talking Heads, GarBot, birdwatching, and more! “CISA, it's a new era of info sharing in the government” before giving some shout outs to CISA’s first Director, Chris Krebs, and current Director, Jen Easterly 

A few references mentioned in or relevant to our discussion include: 

• CISA’s Known Exploited Vulnerabilities Catalog (KEVC), something Gate 15’s Jen Walker raves about often, including in our recent Risk Roundtable: The Risk Roundtable EP 27: Don’t let bias guide your preparedness (07 Mar 22). https://www.cisa.gov/known-exploited-vulnerabilities-catalog

• Gary discussed this event: Justice Department Announces Court-Authorized Effort to Disrupt Exploitation of Microsoft Exchange Server Vulnerabilities (13 Apr 21) https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-effort-disrupt-exploitation-microsoft-exchange

• BITNET https://bit.net

• FBI SENTINEL System https://www.fbi.gov/services/information-management/foipa/privacy-impact-assessments/sentinel

• Intellipedia https://en.wikipedia.org/wiki/Intellipedia

• REN-ISAC https://www.ren-isac.net

• Gary’s four CISA “must watch” sites from the CISA cyber landing page: 

o Current activity: https://www.cisa.gov/uscert/ncas/current-activity 

o Alerts: https://www.cisa.gov/uscert/ncas/alerts 

o Bulletins: https://www.cisa.gov/uscert/ncas/bulletins 

o Analysis: https://www.cisa.gov/uscert/ncas/analysis-reports 

• Gary strongly encouraged listeners to check CISA Director Jen Easterly’s “about” section in her LinkedIn profile to understand why she is so excellently qualified to be the woman leading CISA today (something Chris Krebs, her predecessor at CISA agrees with)

This month, The Cybersecurity Evangelist chats with a couple of budding podcasters. For the third appearance on the Gate 15 Podcast Channel, the Health Information Sharing and Analysis Center (H-ISAC) joins me for episode 17.

I got to put my ISAC analyst hat on and talk with the heart of Health-ISAC – the dynamic duo of Zach Nelson (Threat Operations Center Manager) and Joshua Justice (Senior Cyber Threat Intelligence Analyst) from the Threat Operations Center about what drives Health-ISAC and the goals of the Threat Operations Center – the privacy and security of our protected health information (PHI) and why threat actors want that information – yours and mine! We also talked a little about cross-sector collaboration, especially between the ISACs, and rounded it out with a general reminder for all to be #BeCyberSmart about phishing themes leveraging the Russia-Ukraine conflict.

Resources mentioned in this episode

• Health-ISAC
• H-ISAC Events
• The Gate 15 Interview: A Conversation with Errol Weiss, Chief Security Officer, Health-ISAC (27 July 2020)
• Nerd Out Security Panel Discussion: EP 15. Let’s talk about Health! (July 2021)
• Current and Emerging Healthcare Cyber Threat Landscape (watch for the TLP:WHITE version of this report)
• What To Know About Medical Identity Theft (FTC)

In the latest Risk Roundtable, Andy, Jen, and Dave talk about the war in Ukraine and what it means for preparedness. Sometimes you just have to call a spade a spade and not allow personal, political or other bias to affect your organization’s analysis or preparedness. While Andy and Dave throw flags on their previous predictions, Jen brings us back to reality and talks about being aware, being prepared, and reminds “don’t panic.” Andy then drills down on bias and how it can have an impact on organizations.

During the Roulette Round, Jen talked about CISA’s Known Exploited Vulnerabilities Catalog, vulnerabilities, and patching (while Dave ensured it wasn’t his Windows 2000 computer exposure that Jen was referring to…), then Dave brought up the importance of disaster preparedness in light of spring and summer severe weather events. Andy wrapped things up with a quick talk about the “People’s Convoy” and the battle of the Washington, D.C. Beltway! The pod wraps up with three questions – from COVID predictions, to Andy’s confusion about when seasons start, to Batman.

Link mentioned in the pod include: CISA’s Shields Up webpage: https://www.cisa.gov/shields-up CISA: Russia Cyber Threat Overview and Advisories. https://www.cisa.gov/uscert/russia#russian And our post on the Gate 15 blog from 03 March, Russian Cybersecurity Threats: 5 Asks from the FBI: https://gate15.global/russian-cybersecurity-threats-5-asks-from-the-fbi/ Bridget Johnson on Twitter, and at Homeland Security Today (HS Today) CISA Adds 95 Known Exploited Vulnerabilities to Catalog (03 Mar 22): https://www.cisa.gov/uscert/ncas/current-activity/2022/03/03/cisa-adds-95-known-exploited-vulnerabilities-catalog WaterISAC: Update (March 3, 2021) – 95 Added to CISA’s Known Exploited Vulnerabilities Catalog (03 Mar 22): https://www.waterisac.org/portal/cisa’s-known-exploited-vulnerabilities-catalog Microsoft: Customer Guidance for WannaCrypt attacks (12 May 17): https://msrc-blog.microsoft.com/2017/05/12/customer-guidance-for-wannacrypt-attacks/ ZDNet Ransomware attack: Hospitals still struggling in aftermath of WannaCrypt's rampage (15 May 17): https://www.zdnet.com/article/ransomware-attack-hospitals-still-struggling-in-aftermath-of-wannacrypts-rampage/

Why Scammers Love Love Too! On Episode 16, The Cybersecurity Evangelist talks about love! Well, more specifically romance scams. I talked about the social engineering component of romance scams, a few fraud reports and financial losses due to romance scams, red flags that could indicate someone you know is caught in a romance scam, some common and practical steps to defeating romance and other types of social engineering based scams, and the importance of reporting romance scams. No matter how painful, falling for a romance scam is nothing to be ashamed of. Romance scams can happen to anyone at any age.

Resources mentioned in this episode:

• The Gate 15 SUN https://paper.li/gate15#/ (subscribe!!)
• FTC https://www.consumer.ftc.gov/ & ReportFraud.FTC https://reportfraud.ftc.gov/#/
• Stop. Think. Connect. https://stopthinkconnect.org/
• Stay Safe Online (National Cybersecurity Alliance) https://staysafeonline.org/
• Cybercrime Support Network (CSN) https://cybercrimesupport.org/
• Fight Cybercrime https://fightcybercrime.org/
• Identity Theft Resource Center (ITRC) https://www.idtheftcenter.org/

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Joseph Marks, Washington Post reporter for The Cybersecurity 202. From his Washington Post bio, “Joe Marks writes The Cybersecurity 202 newsletter focused on the policy and politics of cybersecurity. Before joining The Washington Post, Marks covered cybersecurity for Politico and Nextgov, a news site focused on government technology and security. He also covered patent and copyright trends for Bloomberg BNA and federal litigation for Law360. Marks began his career at Midwestern newspapers covering city and county governments, crime, fires and features. He spent two years at the Grand Forks Herald in North Dakota and is originally from Iowa City. Joe on Twitter, @Joseph_Marks_. Joe on LinkedIn. Subscribe to The Cybersecurity 202.

In the discussion we address:

• Joe’s background and the work he’s doing today at the Washington Post
• Joe’s perspective on “insider the beltway” cybersecurity
• The Cybersecurity and Infrastructure Security Agency (CISA)
• Cybersecurity and geopolitical threats
• Joe plays three questions
• and more!

A few references mentioned in or relevant to our discussion include:

• Subscribe to The Cybersecurity 202 https://www.washingtonpost.com/newsletters/the-cybersecurity-202/ 
• The Cybersecurity 202: The cyber fight in Ukraine is getting more serious, 16 Feb https://www.washingtonpost.com/politics/2022/02/16/cyber-fight-ukraine-is-getting-more-serious/
• The Cybersecurity 202: Cyber’s role in the Ukraine-Russia crisis remains unclear, 15 Feb https://www.washingtonpost.com/politics/2022/02/15/cybers-role-ukraine-russia-crisis-remains-unclear/ 
• Jen Easterly's Keynote at the Munich Cybersecurity Conference - Just one word: Culture! On YouTube. https://www.youtube.com/watch?v=Hgr4h8ufxVU
• Deputy Attorney General Lisa O. Monaco Delivers Remarks at Annual Munich Cyber Security Conference https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-delivers-remarks-annual-munich-cyber-security
• An interesting thread on Twitter from Doug Madory (@DougMadory), Director of Internet Analysis at Kentik (@kentikinc), on the assertion that Russia had cut a subsea cable when it annexed Crimea, mentioned without detail in the podcast. https://twitter.com/dougmadory/status/1488608548099612674?s=21
• Our recent Gate 15 Risk Roundtable where Dave, Jen and I talk Ukraine and Jen shares some thoughts on preparedness: The Risk Roundtable EP 26: Making the Quantum Leap!
• CISA: Shields Up https://www.cisa.gov/shields-up
• CISA: Russian State-Sponsored Actors Target Cleared Defense Contractor Networks, 16 Feb https://www.cisa.gov/uscert/ncas/current-activity/2022/02/16/russian-state-sponsored-actors-target-cleared-defense-contractor
• CISA: Alert (AA22-047A) - Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology, 16 Feb https://www.cisa.gov/uscert/ncas/alerts/aa22-047a
• CISA: Russia Cyber Threat Overview and Advisories https://www.cisa.gov/uscert/russia

In the latest episode of Nerd Out, Dave starts off by talking about his recent quarantine experience in Costa Rica (21 days!) before welcoming in a panel to discuss the Colleyville, Texas synagogue attack. Bringing in Mayya Saab, Seth Ozer, and Ed Heyman the panel went through the hostile event and looked at initial reactions, what can be learned from this situation, and some of the key takeaways. The team then stressed the importance of training in this situation, but also discussed several low cost options and ways to make their location more secure. Mayya Saab is the Executive Director of the Faith-Based Information Sharing and Analysis Organization (FB-ISAO); Seth Ozer is Senior Consultant with Woodstone Consulting, LLC; Ed Heyman is the co-chair of the FB-ISAO Organizational Residence Group