Please enjoy our latest podcast, the weekly Security Sprint, on Spotify, Apple, as well as other locations accessible via the Spotify for Podcasters link or wherever you listen to your favorite podcasts.
During this week’s Security Sprint, Dave and Andy discussed the following topics.
Opening
- Summary Playbook: AI Risk Management Checklist for Leaders – Gate 15
- Ripple teams up with Crypto ISAC to stop North Korean hackers
- Designation: Restrict the Operation of Unmanned Aircraft in Close Proximity to a Fixed Site Facility ; An unpublished Proposed Rule by the Federal Aviation Administration on 05/06/2026 – FAA
- Trump admin will push for ‘long-term’ reauthorization of key cyber data-sharing law
- FEMA Review Council Releases Final Report – DHS
- Ranking Member Thompson Statement on FEMA Review Council Report – House Homeland Security Committee Democrats
Main Topics
Ransomware! International Anti-Ransomware Day 2026: Kaspersky shares insights into ransomware trends and tactics – Kaspersky – 12 May 2026. Kaspersky released new analysis for International Anti-Ransomware Day highlighting shifts in ransomware targeting, extortion tactics, and operational methods used by threat actors. The company reported that ransomware groups continue to prioritize double extortion, exploit public-facing services, abuse legitimate remote administration tools, and target organizations with weak segmentation or unpatched systems. The report also notes increased focus on data theft and operational disruption rather than only encryption-based attacks. Target is enterprise defenders, incident response teams, and critical infrastructure operators with Dig highlighting continued ransomware adaptation toward stealthier intrusion methods and data-centric extortion.
- Weekly ransomware & data leak landscape – eCrime.ch
- Q1 2026 Ransomware Report: Fewer Groups, Higher Impact – Check Point Research
- Ransomware roundup: April 2026 – Comparitech
- Arete’s 2025 Annual Crimeware Report Operationalizes Cyber Intelligence and Incident Response Data
- Global ransomware statistics 2026: the data behind the rising threat
- Gentlemen ransomware reportedly hit by… ransomware
CI Fortify: Strengthening Resilience Across Critical Infrastructure – CISA – 05 May 2026 This initiative outlines CISA efforts to strengthen resilience across critical infrastructure sectors through targeted guidance tools and collaborative programs. It emphasizes improving cybersecurity and operational resilience for industrial control systems and essential services. The effort highlights risk reduction strategies including asset visibility segmentation and coordinated defense practices. Target is critical infrastructure operators and security leaders with Dig highlighting the need for integrated cyber and physical resilience across essential systems.
America’s Most Critical Lifeline- Water! AI-Assisted ICS Attack on Water Utility – Dragos – 07 May 2026 Dragos reports that threat actors used artificial intelligence tools during an intrusion involving a water utility environment to support reconnaissance, scripting, and operational targeting activity. Researchers observed AI-generated assistance used to identify OT-relevant assets, refine tooling, and accelerate attacker workflows inside the compromised network environment. The report notes that while AI did not independently conduct the attack, it materially improved attacker efficiency and visibility into industrial systems. Target is water utilities, OT security teams, industrial operators, and critical infrastructure defenders with Dig highlighting how AI-enabled workflows are lowering barriers for adversaries conducting reconnaissance and intrusion activity against operational technology environments.
- WaterISAC H2OSecCon!! 02 June 2026
- WaterISAC: TLP:GREEN Physical Security Case Study: Water Treatment Plant Insider Threat Incident
- Polish intelligence warns hackers attacked water treatment facility
United States Counterterrorism Strategy – The White House – 06 May 2026 The White House released its 2026 counterterrorism strategy, outlining priorities focused on homeland protection, cartel and transnational gang threats, jihadist organizations, violent secular political groups, state sponsors, and weapons of mass destruction risks. The strategy emphasizes identification, disruption, and destruction of terrorist actors and plots before they can affect Americans or U.S. interests. It also signals expanded use of diplomatic, financial, cyber, covert, intelligence, and law enforcement tools across domestic and international threat environments. Target is federal, state, local, tribal, territorial, and private-sector security stakeholders with Dig highlighting a broadened counterterrorism posture that links border security, cartel activity, domestic extremism, and overseas terrorist networks into one operational framework.
- Perspective: Selective Threats — A Counterterrorism Strategy Built on Politics – HSToday – 11 May 2026 – Analysis/Commentary. HSToday argues that political considerations are shaping counterterrorism priorities in ways that can distort threat assessment and operational focus. The commentary discusses how selective framing of threats may undermine comprehensive security approaches and create blind spots across ideological categories. The article calls for threat assessments grounded in evidence and operational realities rather than partisan narratives. Target is homeland security leaders, policymakers, and counterterrorism professionals with Dig highlighting concerns that politicized threat prioritization can weaken national preparedness.
- Trump counterterrorism strategy targets ‘violent left-wing extremists’ with ‘transgender ideology’
- Trump Releases New ‘Counterterrorism Strategy’ With Fresh Focus on Cartels and Antifa
- Trump’s counterterrorism strategy puts focus on left-wing ‘violent secular groups’
- Trump signs new counterterrorism strategy that focuses on hemispheric threats
- US says migration has made Europe an ‘incubator’ for terrorism in new counter-terrorism strategy
- Ranking Member Thompson Statement on Trump Administration’s Counterterrorism “Strategy”
Quick Hits
- One in Eight Workers Has Sold Their Corporate Logins
- El Niño to fuel Pacific hurricane season, increase risks for California, Hawaii, Mexico
- ClickFix! Clipboard to Encryption: The Critical Role of ClickFix in Ransomware Campaigns
- ClickFix! ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure
- ClickFix! ClickFix campaign uses fake macOS utilities lures to deliver infostealers
- Between Intent and Capability: Assessing the Lack of Iranian Attacks on the U.S. Homeland
- The Canvas Hack Is Disrupting Schools and Universities Across the Country
- OT Cybersecurity Lessons Learned from the Frontlines
- English Language Video Attributed to Al-Qaeda in the Arabian Peninsula Calls for Lone Wolf Attacks in the West
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- Venue Security, The IAVM Podcast Series was a 2024 limited series podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosted a series of short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Bluesky, LinkedIn, via email at Gate15@gate15.global.