Weekly Security Sprint 47. New SEC rules, AI, embezzlement, ransomware and more.

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

Gate 15 is on Threads! Give us a follow and join us: @gate_15_resilience

In this year-end Security Sprint, Dave and Andy talk about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email Gate15@Gate15.global. The Security Sprint will return in January! Happy Holidays and Happy New Year!

Happy Holidays and Happy New Cyber Incident Reporting Requirements! The long anticipated new SEC cyber incident reporting requirements are in effect, just in time for holiday season cyberattacks!

• New SEC cyber rules are about to go into effect. Expect some bumps
• Justice Department Issues Guidelines in Response to National Security and Public Safety Exemption in SEC Rule
• FCC Approves Major Updates to Data Breach Notification Rules
• CISOs Gear Up For Compliance with SEC Cyber Regulation

Main Topics

AI threats and terrorism

Seasonal Security Reminders

• Denmark, Germany, Netherlands arrest 7 terror suspects, including alleged Hamas members, authorities say. Denmark and Germany announced Thursday the arrests of seven terror suspects, including several alleged Hamas members suspected of plotting attacks on Jews and Jewish institutions in Europe amid the ongoing Israel-Hamas war. The announcements were issued separately and it was unclear how the arrests were connected or if they were the result of coordinated actions, or even possibly one operation spanning the continent.

• FBI PSA: Threat of Violence Likely Heightened Throughout Winter, 12 Dec. The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and National Counterterrorism Center (NCTC) are issuing this Public Service Announcement to highlight potential threats in the United States from a variety of actors during the winter season. This is an update to 25 October and 10 October FBI and DHS Public Service Announcements. FBI and DHS also continue to share information with our law enforcement partners. NCTC joins those portions of this Announcement that concern international terrorism; general terrorist tactics, techniques, and procedures; and threats posed by foreign violent extremists and those violent extremists they inspire.
  • ‘Exponential increase’ in antisemitic swatting threats in US this weekend
  • FB-ISAO Newsletter, v5, Issue 12
  • FB-ISAO: Guess Who Prepares for the Holidays All Year Long?
  • DHS Center for Faith-Based and Neighborhood Partnerships Invitation: Non-Profit Security Grant Program FY2024 Winter Webinar Series + Other DHS Resources
  • 13-year-old accused of plotting mass shooting at Canton Jewish synagogue
  • Juvenile Arrested for Conducting Swatting Attacks Targeting Synagogues and Other Institutions

• UK NPSA: Social Media Auditors. There is a small but increasing number of reports within the United Kingdom involving individuals who attend premises and outside spaces, with the aim of capturing staff and property on camera, the content from which is often uploaded to social media and video platforms. We refer to them as Auditors in this guidance as it’s the term most associated with them online. Other terms include Social Media Auditors and Citizen Journalists… When interacting with suspected Auditors, we recommend a CALM approach – Chat, Assess, Limit, Monitor.

Cardinal found guilty of embezzlement in Vatican ‘trial of the century’

Ransomware & Cyber Threat Updates

• Another Record-Breaking Month for Ransomware: November Up 110% YoY
  • Corvus observed 484 new ransomware victims posted to leak sites in November 2023
  • That represents a 39.08% increase from October and a 110.43% increase year-on-year
  • This is the eleventh month in a row with a YoY increase in industry-wide ransomware victims, and the ninth month in a row with victim counts above 300
• eCrime
• Cybersecurity Advisory: Karakurt Data Extortion Group
• GRIT Ransomware Report: November 2023
• Malwarebytes: Ransomware review: December 2023
• 3 Ways Threat Actors Will Kick Off the New Year, According to Corvus Intel
• Vulnerabilities Now Top Initial Access Route For Ransomware
• Spider-Man And Wolverine Devs Hit By Alleged Ransomware Attack [Update]
• French Authorities Arrested a Russian National For His Role In The Hive Ransomware Operation
• Hackers Popped a Porn Site for Inflation Fetishists
• LockBit ransomware now poaching BlackCat, NoEscape affiliates

Quick Hits.

• Earth had its warmest November on record; 2023 still on track to be the globe’s warmest year recorded
• Former Special Agent in Charge of the New York FBI Counterintelligence Division Sentenced to 50 Months for Conspiring to Violate U.S. Sanctions on Russia.

“Charles McGonigal violated the trust his country placed in him by using his high-level position at the FBI to prepare for his future in business,” said U.S. Attorney Damian Williams for the Southern District of New York… “Charles McGonigal’s conduct can be summed up in one word – betrayal. He betrayed everything he once swore to protect.” said Executive Assistant Director Larissa L. Knapp of the National Security Branch. “Today’s sentencing is a message to all, no matter who they are, the FBI does not tolerate those who choose to jeopardize US National Security. Prioritizing personal gains over one’s oath to protect the American people and uphold the Constitution, will be prosecuted to the full extent of the law.”

• Recorded Future: Aggressive Malign Influence Threatens to Shape US 2024 Elections
• China’s cyber army is invading critical U.S. services
• Multistakeholder cooperation to protect water sector from growing threats
• See Something Say Something Campaign: Everyone Plays a Role in “If You See Something, Say Something®.”
• The Case for Memory Safe Roadmaps
• CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793
• Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
• CISA Releases Social Media Threat Guidance for School Staff and Authorities Infographic
• Intelligence Sharing is Caring: Collective Defense for a Safer Nation
• NSA Releases Recommendations to Mitigate Software Supply Chain Risks
• Statement by Marc Rogers on the CTI League

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community. Starts in January 2024.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at: podcast@gate15.global, and also on X, the platform formerly known as Twitter.