Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify for Podcasters, Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.
Gate 15 is on Threads! Give us a follow and join us: @gate_15_resilience
In this week’s Security Sprint, Dave and Andy talk about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].
Main Topics
Increasing acceptance of threats of violence:
- MAGA Commentator Wants People to Shoot Charity Workers Assisting Migrants
- ‘Be looking over your shoulder’: MAGA man arrested for threats against Fani Willis
- Threats to U.S. senator amid spike in anti-Jewish, anti-Muslim activity; U.S. officials say they are responding to a rise in threats against Arab, Jewish and Muslim communities as Gaza war intensifies
- DOJ: Nevada Man Arrested And Charged For Making Threats To United States Senator
CISA Launches Critical Infrastructure Security and Resilience Month 2023. The Cybersecurity and Infrastructure Security Agency (CISA) announced the kickoff of Critical Infrastructure Security and Resilience Month. Yesterday, the White House issued a Presidential Proclamation to commemorate November as Critical Infrastructure Security and Resilience Month and called on Americans to recognize the importance of this month to enhance our collective national security and resilience… This November, CISA is asking everyone to Resolve to be Resilient by preparing and investing in resilience today, so that, as a nation, we can recover quickly in the event of an incident tomorrow. We are highlighting practices critical infrastructure organizations can implement to recover rapidly in the aftermath of any significant disruption:
- Assess Your Risk. Organizations should identify their most critical functions and assets, define dependencies that enable the continuity of these functions, and consider the full range of threats that could undermine functional continuity.
- Make a Plan and Exercise It. Organizations should perform dedicated resilience planning, determine the maximum downtime acceptable for customers, develop recovery plans to regain functional capabilities within the maximum downtime, and test those plans under real-life conditions to ensure the ability to operate through disruption.
- Continuously Improve and Adapt. Organizations should be prepared to regularly adapt to changing conditions and threats. This starts with fostering a culture of continuous improvement, based on lessons learned from exercises and real-world incidents, and evolving cross-sector risks.
Quick Hits.
- Maine gunman’s family contacted police months before massacre, sheriff says
- US Senate Hearing: Threats to the Homeland
- NIJ: Five Things About Protecting Against Mass Attacks
- FACT SHEET: Biden-Harris Administration Convenes Third Global Gathering to Counter Ransomware
- 2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard with reference to our good friends at eCrime – the single best source for ransomware information.
- U.S. officials hold their breath for Iranian cyberattacks
- Man Armed with Weapons Found Dead at Colorado Amusement Park, Investigation Underway; Authorities said that the 22-year-old suspect wore body armor and had with him a semi-automatic rifle and IEDs
- FIRST has officially published the latest version of the Common Vulnerability Scoring System (CVSS v4.0)
- FBI Tech Tuesday: Beware of Scams on Popular Peer-to-Peer Payment Apps
- SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures
- Citrix Bleed: Two ransomware groups now exploiting bug for initial access
- “This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard; By some estimates, 20,000 devices have already been hacked.
- Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey
- GCA Launches a User-friendly Cybersecurity Tools Wiki
- NZ NCSC: The NCSC announces record-high financially motivated cyber activity
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads, LinkedIn, via email at: [email protected], and also on X, the platform formerly known as Twitter.