Weekly Security Sprint EP 25. National Cybersecurity Strategy, Mass Killings Report, and more cybersecurity news, plus quick hits!

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify for Podcasters, Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

In this week’s Security Sprint, Dave and Andy talked about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN.

[ctct form=”3911″ show_title=”false”]

Main Topics.

• Biden-⁠Harris Administration Publishes the National Cybersecurity Strategy Implementation Plan (PDF). With notable references to ISACs & ISAOs, some emphasis on SBOMs, and more.
  • National Cyber Director unveils ‘roadmap’ for cyber strategy goals
• Mass Shootings.
  • (USA Today) Mass killing database: Revealing trends, details and anguish of every US event since 2006
  • Six months. 28 mass killings in the US. That’s the worst yet, and all but one case involved guns
  • Gate 15’s Hostile Events/Active Shooter Resilience Security Summer Sale!

• Water Cybersecurity Plan on Pause. Biden administration water cybersecurity plan temporarily blocked
  • THE CYBERSECURITY 202: Court temporarily dunks water cybersecurity initiative
• Ransomware.
  • Assessing the Political Motivations Behind Ransomware Attacks (PDF)
  • Gate 15’s Ransomware Resilience Security Summer Sale!

Quick Hits.

• Chinese threat actors hacking Microsoft and through that other organizations including The Dept. of State. Analysis of Storm-0558 techniques for unauthorized email access. ‘On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation into this incident and deploy defense in depth measures to harden all systems involved, we’re providing this deeper analysis of the observed actor techniques for obtaining unauthorized access to email data, tools, and unique infrastructure characteristics.’
  • Chinese hacking operation puts Microsoft in the crosshairs over security failures; Security deficiencies and business practices have researchers and officials furious at Microsoft for enabling an espionage operation.
  • Chinese hackers breach U.S. government email through Microsoft cloud
  • Chinese Hackers Breached Email of Commerce Secretary Raimondo, State Department Officials
  • Targeting of State Department, Others in Microsoft Hack ‘Intentional’  
  • THE CYBERSECURITY 202 – What we know (and don’t know) about the government email breach
  • Microsoft Email Hack Shows Greater Sophistication, Skill of China’s Cyberspies
• Bicameral, Bipartisan Leaders Introduce Legislation To Strengthen Federal Cybersecurity
• Director Wray Champions FBI Before House Judiciary Committee
  • Christopher Wray’s Congress Testimony—Five Key Moments
• The FTC is investigating whether ChatGPT harms consumers; The agency’s demand for OpenAI’s documents about AI risks mark the company’s greatest U.S. regulatory threat to date
• Ordering the Selected Reserve and Certain Members of the Individual Ready Reserve of the Armed Forces to Active Duty
  • What Is Operation Atlantic Resolve? Biden’s Plan for U.S. Troops in Europe
• Growing reliance on satellites requires new approach to cybersecurity in space, expert says
• OT Cybersecurity Breach Disrupts Operations at the Port of Nagoya, Japan
• CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online. 

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment. 
• The Risk Roundtable is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: [email protected].