Weekly Security Sprint EP 43. Workplace Violence, passwords, and security quick hits.

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

Gate 15 is on Threads! Give us a follow and join us: @gate_15_resilience

In this week’s Security Sprint, Dave and Andy talk about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email Gate15@Gate15.global.

Announcement! Venue Security, The IAVM Podcast Series! A new monthly podcast starting in 2024. Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community. 

Main Topics

• CISA: Preventing Workplace Violence: Security Awareness Considerations Infographic. The Preventing Workplace Violence: Security Awareness Considerations Infographic is a new CISA product designed for critical infrastructure leaders, human resources personnel, managers, and workers of any level. The infographic provides actionable recommendations and resources intended to prevent and mitigate workplace violence by cultivating a culture of awareness and support in the workplace. 
• The worst passwords of 2023 are also the most common, “123456” comes in first. NordPass has published their 2023 edition of the top 200 most common passwords and unsurprisingly very few of the entries are secure. The top 10 can all be cracked in under a second using simple brute-force tools. The vast majority of the rest are no better. Only a handful would give a hacker a problem for more than a second, and only one – “theworldinyourhand” – is virtually uncrackable. It is the number 173 most common password and would take centuries to guess using brute force. NordPass: Top 200Most Common Passwords
• Dave’s Round-Up
  • US flu activity continues to rise steadily
  • Taylor Swift Postpones Rio Concert Amid Safety Concerns Following Fan’s Death
  • Security guard incident in Canada which was captured on Social Media.
• Scams!
  • FBI IC3 PSA: 2023 Holiday Shopping Scams
  • 2023 Holiday Scam Predictions—Here’s What You Should Know
  • FBI Warns of Scammers Targeting Senior Citizens in Grandparent Scams and Demanding Funds by Wire, Mail, or Couriers
  • Pro Bono Investigations for Elderly Scam Victims

• The Committee on Homeland Security: Worldwide Threats to the Homeland
  • Video
  • Witness testimony can be found here
  • Director Wray’s Opening Statement to the House Committee on Homeland Security. 
    • Since October 7th, we’ve seen a rogue’s gallery of foreign terrorist organizations call for attacks against Americans and our allies. Hizballah expressed its support and praise for Hamas and threatened to attack U.S. interests in the Middle East. Al-Qaida issued its most specific call to attack the United States in the last five years. Al-Qaida in the Arabian Peninsula called on jihadists to attack Americans and Jewish people everywhere. ISIS urged its followers to target Jewish communities in the United States and Europe.
    • Given those calls for action, our most immediate concern is that individuals or small groups will draw twisted inspiration from the events in the Middle East to carry out attacks here at home. That includes homegrown violent extremists inspired by a foreign terrorist organization and domestic violent extremists targeting Jewish Americans or other faith communities, like Muslim Americans.
  • U.S. political violence driven by new breed of ‘grab-bag’ extremists

• Ransomware!
  • CSA – Scattered Spider
  • #StopRansomware: Rhysida Ransomware
  • CISA Releases Update to Royal Ransomware Advisory
  • AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)

Quick Hits.

• Faith-Based and Israel-Gaza Related Updates: FB-ISAO Newsletter, v5, Issue 11.
  • FB-ISAO Raises the Threat Level
  • Security Considerations for Houses of Worship
  • SPOTLIGHT: The Nonprofit Security Grant Program
  • Upcoming Events
• Official Tribal-ISAC Announcement: Tribal-ISAC Announces Membership as an Approved Expense of the Tribal Cybersecurity Grant Program
• CISA turns 5 and looks to the future
• Critical infrastructure policy rewrite expected to ‘emphasize’ CISA, NSC official says
• 🇺🇸 🇨🇳 Readout of President Joe Biden’s Meeting with President Xi Jinping of the People’s Republic of China
• China is using the world’s largest known online disinformation operation to harass Americans, a CNN review finds
• NCSC Annual Review 2023 – Looking back at the National Cyber Security Centre’s seventh year and its key developments and highlights, between 1 September 2022 and 31 August 2023
• CISA: Secure Tomorrow Series Toolkit
• ACSC and CISA Release Business Continuity in a Box
• HHS Factsheet: National Climate Assessment 5 Unveiled
• FCC Adopts Rules to Protect Consumers’ Cell Phone Accounts

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community. Starts in January 2024.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at: podcast@gate15.global, and also on X, the platform formerly known as Twitter.