Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.
In this Week’s Security Sprint, Dave and Andy talked about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].
Main Topics
UK NCSC: Cyber security governance: the role of the board
Air Canada Has to Honor a Refund Policy Its Chatbot Made Up. More on AI:
- Gab’s Racist AI Chatbots Have Been Instructed to Deny the Holocaust
- Bobbi Althoff deepfake spotlights X’s role as a top source of AI porn
- AI-generated video is here to awe and mislead
- From ChatGPT to Gemini: how AI is rewriting the internet
- Google pauses AI-generated images of people after ethnicity criticism
- Exclusive: Reddit in AI content licensing deal with Google
- FCC advisory committee to focus on how AI can defend against unwanted calls
- Understanding the EU AI Act: Implications for Communications Compliance Officers
- Can AI help us predict extreme weather?
- Risk of AI Abuse by Corporate Insiders Presents Challenges for Compliance Departments
- Google’s ‘Woke’ Image Generator Shows the Limitations of AI
- AI Is in the Midst of a Fever Dream and It’s Only Getting Worse
- AI Contracts Woke Mind Virus
- Weapons of Mass Hate Dissemination: The Use of Artificial Intelligence by Right-Wing Extremists
Ransomware
- U.S. and U.K. Disrupt LockBit Ransomware Variant
- Ransomware Operation LockBit Reestablishes Dark Web Leak Site
- Trend Micro: LockBit Attempts to Stay Afloat With a New Version
- US pharmacy outage triggered by ‘Blackcat’ ransomware at UnitedHealth unit, sources say
- Change Healthcare Cyberattack: Network Connectivity Issues, Indicators of Compromise
- Health-ISAC: Change Healthcare / Optum Network Connectivity and Additional Recommendations
- LoanDepot ransomware attack: Industry reaction
- Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit; ‘I can’t sugarcoat it — this shit is bad,’ said Huntress’ CEO
- ConnectWise exploit could spur ‘ransomware free-for-all,’ expert warns
- Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
- Risky Biz News: Change Healthcare cyberattack
- Exclusive: Cyberattack on Change Healthcare was an exploit of the ConnectWise flaw
- Hospitals and Pharmacies Reeling After Change Healthcare Cyberattack
- UnitedHealth subsidiary Change Healthcare down for a fourth day following cyberattack
- AHA: UnitedHealth Group’s Change Healthcare Experiencing Cyberattack that Could Impact Health Care Providers
- Change cybersecurity attack is a ‘threat-to-life’ crime, says AHA
- Canadian Centre for Cyber Security ConnectWise security advisory (AV24-100) – Update 1
Spark Arena gives ‘training’ to security staff after seat-stealers ruin 50 Cent concert
Quick Hits
SAVE THE DATE! CISA Hosts CISA Live! – K-12 School Safety on Thursday, February 29 at 12:30. On Thursday, February 29, we will mark the 4th year of SchoolSafety.gov on our next CISA Live!. Our guest Lindsay Burton, CISA’s Associate Director of School Safety, will discuss kindergarten to grade 12 (K-12) School Safety. Hosted on LinkedIn, this event offers participants an opportunity to learn about CISA’s work and resources to help the K-12 community reduce their physical security risk while increasing their resilience and capability. Learn about information, tools, technical assistance and other services available through CISA. Join us on February 29 at 12:30PM EST with your questions—and feel free to share this invite with others who may be interested! Access the event page here.
Resources
- Canadian Centre for Cyber Security Best practices for passphrases and passwords (ITSAP.30.032).
- Cybersecurity Emotions
- Canadian Centre for Cyber Security Digital footprint (ITSAP.00.133)
- Canadian Centre for Cyber Security Secure your accounts and devices with multi-factor authentication (ITSAP.30.030)
- UK NCSC: Private Branch Exchange (PBX) best practice
- Updated: Top Cyber Actions for Securing Water Systems
AT&T
- $5! AT&T to Reimburse Customers Struck by Outage
- AT&T is mocked by customers after network outage downed 70,000 phones and triggered fears of ‘Leave the World Behind’ apocalypse
- Americans reporting nationwide cellular outages from AT&T, Cricket Wireless and other providers
- Nationwide AT&T cellphone outage prevents emergency calls, some 911 centers say
- AT&T Network Update: “Based on our initial review, we believe that today’s outage was caused by the application and execution of an incorrect process used as we were expanding our network, not a cyber attack.”
- AT&T says service has been restored after massive, nationwide outage. Authorities are investigating
- AT&T Says Outage Wasn’t Cyberattack Despite Widespread Conspiracy Theories Online
Russia 🇷🇺🇷🇺🇷🇺 Biden announces 500 new sanctions targeting Russia over war on Ukraine, Navalny death
- US and EU pile new sanctions on Russia for the Ukraine war’s 2nd anniversary and Navalny’s death
- Statement from President Joe Biden Ahead of the Two-Year Anniversary of Russia’s Brutal Assault Against Ukraine
- Statement by Secretary of Defense Lloyd J. Austin III Marking Two Years Since Russia’s Invasion of Ukraine
- Readout of President Biden’s Meeting with Yulia Navalnaya and Dasha Navalnaya
- Senate Majority Leader Chuck Schumer is in Ukraine to meet Zelenskyy as US aid hangs in the balance
- Russia’s Invasion of Ukraine, 2 Years On
- Alexei Navalny: UK sanctions Russian prison chiefs after activist’s death
- President Biden to hit Russia with ‘major sanctions’ in response to death of Navalny
- Russia adds Lindsey Graham to list of ‘terrorists’ after he pushes consequences for Navalny’s death
- Putin says Russia has no intention of putting nuclear weapons in space
New Biden order would stem flow of Americans’ sensitive data to China
CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure
Brussels spyware bombshell: Surveillance software found on officials’ phones
A Vending Machine Error Revealed Secret Face Recognition Tech
Leaked files from Chinese firm show vast international hacking effort
- Unmasking I-Soon | The Leak That Revealed China’s Cyber Operations
- An online dump of Chinese hacking documents offers a rare window into pervasive state surveillance
- Leaked documents show how firm supports Chinese hacking operations
East coast cable issues hit operators
- Israeli daily claims Yemeni attacks harmed telecom lines in Red Sea
- Damage causes outage for Africa’s first subsea cable
- Could the Houthis sabotage international internet cables in the Red Sea?
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads, LinkedIn, via email at: [email protected], and also on X, the platform formerly known as Twitter.