Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify for Podcasters, Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.
Gate 15 is on Threads! Give us a follow and join us: @gate_15_resilience
In this week’s Security Sprint, Dave and Andy talk about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email Gate15@Gate15.global.
- Attorney General Merrick B. Garland Statement on the Suspect in the Lewiston, Maine, Mass Shooting
- Statement from FBI Boston Division Special Agent in Charge Jodi Cohen on the Lewiston, Maine, Mass Shooting
- Maine shootings: gunman suspected of killing 18 people found dead
- Maine Shooting Suspect’s Body Found in Trailer: Officials
- Maine police alerted about ‘veiled threats’ from Robert Card weeks before mass shooting
- Mystery note left behind by Maine mass shooting suspect revealed
- Robert Card legally bought rifle believed to be used in Maine massacre days before mental health treatment: report
- The Physical Threat Level is “ELEVATED.” ELEVATED means that FB-ISAO is unaware of any specific threats, but there is concern that an event is more likely than normal. We are also closely monitoring events and are considering an escalation to “SEVERE,” meaning that an event is highly likely, but decided to not escalate to that level at this time.
- The Cyber Threat Level is “ELEVATED.” ELEVATED means that FB-ISAO is unaware of any specific threats, but there is concern that an event is more likely than normal.
- FBI IC3 PSA – Scammers Solicit Fake Humanitarian Donations: “The FBI is warning the public that scammers are committing charity fraud by soliciting fake humanitarian donations during the Israel HAMAS conflict. Scammers quickly pivot to charity fraud when catastrophic events occur, such as a war, a natural disaster, or an epidemic.”
- Anonymous Sudan Claims KFC Cyberattack Amidst Geopolitical Tensions
- Shooting outside Upper Darby mosque under investigation: police
- Cops stop car showing anti-Israel slogans, swastikas; say loaded gun found inside. Driver reportedly aimed to ‘educate the public’ on Israel-Hamas war’s ‘true events.’
- Israel flag in front of Nash Co. church vandalized
- CAIR Video: Muslim Woman Targeted by Hateful Tirade in Maryland
- Much more in the Gate 15 SUN and at FB-ISAO.
FACT SHEET: President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence. Today, President Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of artificial intelligence (AI). The Executive Order establishes new standards for AI safety and security, protects Americans’ privacy, advances equity and civil rights, stands up for consumers and workers, promotes innovation and competition, advances American leadership around the world, and more. As part of the Biden-Harris Administration’s comprehensive strategy for responsible innovation, the Executive Order builds on previous actions the President has taken, including work that led to voluntary commitments from 15 leading companies to drive safe, secure, and trustworthy development of AI. Related article: Biden’s “aggressive” AI order will make firms share some test data
Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous. A Citrix vulnerability has entered the dangerous stage of mass exploitation as multiple threat actors are compromising unpatched devices all over the internet in a race with each other to steal their session tokens. Known as CitrixBleed and tracked as CVE-2023-4966, the vulnerability impacts Citrix ADC and Citrix NetScaler, which are extremely complex networking devices used in large enterprise and government networks in multiple roles, such as gateways, proxies, caching, VPN servers, and a bunch of other stuff. The vulnerability allows threat actors to send junk data to the Citrix OpenID component that will crash and leak a part of the device’s memory. The bad part is that, in some cases, this memory may contain session tokens that attackers can collect and then bypass authentication and access the device. For a more technical explanation, check this write-up from Assetnote researchers. Citrix released patches to fix the CitrixBleed memory leak earlier this month, on October 10…The Shadowserver Foundation has also been following the attacks and how companies have been responding. Based on its internal data, the organization is still seeing almost 5,500 unpatched Citrix devices exposed on the internet.”
- Mass exploitation of CitrixBleed vulnerability, including a ransomware group. This vulnerability is now under mass exploitation. A few weeks ago it was under limited targeted exploitation to allow network access… Many tens of thousands of business run it. It is very, very common in enterprise and governments.
- CVE-2023-4966: Critical security update now available for NetScaler ADC and NetScaler Gateway
More Quick Hits:
- Neuberger: New global initiatives will include information sharing, ransomware payment tracking
- DDoS threat report for 2023 Q3
- CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
- Cisco IOS XE Software Web UI Command Injection Vulnerability
- CISA Adds One Known Exploited Vulnerability to Catalog – CVE-2023-20273 Cisco IOS XE Web UI Unspecified Vulnerability
- Space ISAC Watch Center Prepares for Cyber Threats in Space
- Empowering Small and Medium-Sized Businesses; A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan
- Logging Made Easy. CISA’s newest tool is a free and open logging and protective monitoring solution serving all organizations. Secure your Windows-based equipment today with Logging Made Easy.
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads, LinkedIn, via email at: email@example.com, and also on X, the platform formerly known as Twitter.