In the latest epsiode of the Weekly Security Sprint, Dave and Andy talked about the following topics:
Announcement! Venue Security, The IAVM Podcast Series! A new monthly podcast starting in 2024. Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
SHIELDS READY. The Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) launched the new Shields Ready campaign to encourage the critical infrastructure community to focus on strengthening resilience. Resilience is the ability to prepare for, adapt to, withstand, and rapidly recover from disruptions caused by changing conditions.
CISA Launches Critical Infrastructure Security and Resilience Month 2023
Scams. ‘with sales come scams’. https://www.ncsc.gov.uk/news/black-friday-bargain-hunters-warned-of-enhanced-online-scams-after-millions-lost-last-year
MDM
The Truth Crisis | The Rising Threat of Online Misinformation and Disinformation
The Gate 15 Interview: Malicious Info Operations & MDM, the Space Sector, supply chain resilience, the City of Light, and nudging the world in a better direction.
Nerd Out: EP 41. Dave Clark joins to talk about MDM and other nerd topics.
Ransomware.
Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools.
CYBERSECURITY ADVISORY - #StopRansomware: Royal Ransomware, November 13, 2023 update
Security Affairs: DOLLY.COM PAYS RANSOM, ATTACKERS RELEASE DATA ANYWAY
Brazen ransomware attack on US unit of Chinese banking giant has financial sector on alert
Risky Biz News: Clop is coming after your SysAid servers
Basically all of Maine had data stolen by a ransomware gang; Maine's state agencies are the latest victims in the far-reaching MOVEit file transfer tool hack.
Boeing data published by Lockbit hacking gang
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
Same threats, different ransomware; A threat cluster's switch from Vice Society to Rhysida
Hive Ransomware's Offspring: Hunters International Takes the Stage
Ransomed[.]vc Sunsets Operations, Auctions Off Infrastructure
Critical Vulnerability: SysAid CVE2023-47246
Quick Hits
Critical infrastructure Updates: Major Australian Ports Affected By Cyber Incident
Operations at DP World Australia resume, though ‘doesn’t mean the incident has concluded’
Washington state transportation services partially restored after cyberattack
The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
International Terrorism: Five right-wing terrorists arrested throughout Europe with the support of Eurojust and Europol
Israel: Mossad foils Hezbollah terror plot against Jews in Brazil
FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents
Faith-Based and Israel-Gaza Related Updates: OpenAI blames DDoS attack for ongoing ChatGPT outage. In a series of Telegram messages seen by TechCrunch, hacktivist group Anonymous Sudan took credit for the alleged attack. In the messages, Anonymous Sudan said the reason it targeted OpenAI is due to the company’s “general biasness towards Israel and against Palestine”.
Earthquake Preparedness. FEMA’s Earthquake & Wind Programs Branch, along with the National Earthquake and Hazard Reduction Program (NEHRP), is excited to announce the updated Earthquake Safety Checklist (FEMA B-526).
CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain
FEMA’s National Business Emergency Operations Center (NBEOC) - YouTube