Weekly Security Sprint EP 116. Iranian threats, Cyber resilience data, and hostile events

Please enjoy our newest podcast, the weekly Security Sprint, on Spotify, Apple, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

• The GRIP is one year old and to celebrate, we’re running an anniversary sale!!
• Join the GRIP in July and use promo code HOTJULY2025 to receive a 20% discount!

Gate 15 is excited to offer a new low-cost ransomware resilience exercise for executives designed to be budget-friendly especially for small and medium sized organizations and non-profits! Contact us today for more information on this great opportunity!

In this week’s Security Sprint, Dave and Andy covered the following topics:

• (TLP:CLEAR) Hostile Nation States Employing Non-State Actors
• Surge in MOVEit Transfer Scanning Could Signal Emerging Threat Activity
• ‘Suspended animation’: US government upheaval has frayed partnerships with critical infrastructure
• Short-term extension of expiring cyber information-sharing law could be on the table

Main Topics:

• Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. CISA, the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors. Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk.  At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. However, CISA urges owners and operators of critical infrastructure organizations and other potentially targeted entities to review this fact sheet to learn more about the Iranian state-backed cyber threat and actionable mitigations to harden cyber defenses. For an overview of the Iranian threat, refer to CISA’s Iran Threat Overview and Advisories and the FBI’s The Iran Threat webpages. PDF:Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest
• Beazley Report: U.S. Executives Misjudge Their Cyber Preparedness. U.S.-based executives feel more prepared to counter cyber threats, potentially indicating a false sense of security because many companies lack the ability to be adequately preparedness, according to a new report from specialist insurer Beazley. According to the report, Spotlight on Tech Transformation & Cyber Risk 2025, the perception of cyber resilience rose to 81% from 73% a year ago. More executives may feel prepared, however concern over cyber risk has also risen, with 31% of executives citing the risk as their greatest threat, up from 22% in 2024, the report shows.
• Hostile Events:
  • A violent ambush in Idaho leaves 2 firefighters dead and 1 injured. What to know about the attack
  • Suspect Identified in Deadly Ambush of Idaho Firefighters
  • Chilling ‘coincidence’ of Idaho shooting sends internet sleuths into overdrive
  • Gunman started Idaho blaze and then fatally shot 2 firefighters in ambush attack, officials say
  • Here’s a timeline of how the Canfield Mountain ambush shooting unfolded
  • Multiple firefighters reportedly shot while responding to fire near Coeur d’Alene
  • Europol: New report – major developments and trends on terrorism in Europe in 2024

Quick Hits:

• Canadian Centre for Cyber Security – Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway – CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543
• Over 1,200 Citrix servers unpatched against critical auth bypass flaw
• The State of Ransomware 2025
• Scattered Spider hackers shift focus to aviation, transportation firms
• Scattered Spider’s Calculated Path from CFO to Compromise
• M&S fashion rivals ‘benefited from its pause on online orders after cyber-attack’
• Ransomware attack contributed to patient’s death
• Canada orders Chinese CCTV biz Hikvision to quit the country ASAP
• FBI PSA – Criminals Posing as Legitimate Health Insurers and Fraud Investigators to Commit Health Care Fraud
• 50 Customers of French Bank Hit by Insider SIM Swap Scam; An intern at Société Générale is believed to have facilitated the theft of more than EUR1mn (USD1.15mn) from the bank’s customers.
• State of CPS Security 2025: Building Management System Exposures
• H1 2025 Crypto Hacks and Exploits: A New Record Amid Evolving Threats

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• Venue Security, The IAVM Podcast Series was a 2024 limited series podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosted a series of short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at Gate15@gate15.global.