Weekly Security Sprint EP 55. MDM, hostile events, health, and ransomware

Please enjoy our newest podcast, the Weekly Security Sprint, on Spotify, Apple, Google, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

---

In this Week’s Security Sprint, Dave and Andy talked about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].

• TribalHub hosts online Tribal Cybersecurity Summit March 7. Gate 15 is grateful to contribute to Tribal-ISAC and to facilitate the Opening Welcome and Keynote: Cybersecurity Organizational Structures and Best Practices Based Upon Tribe Size and Cyber Maturity Level!
• Health-ISAC Workshop: Enhancing Threat Awareness and Preparedness for Active Shooter/Hostile Event Response (ASHER) Attacks in Health Services Facilities
• Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC
• PCAST Releases Report on Strategy for Cyber-Physical Resilience

Main Topics

Content farm impersonates 60+ major news outlets, like BBC, CNN, CNBC

• AI Chatbots Provide False Information About November Elections
• 2024 Elections Misinformation Tracking Center
• Pennsylvania creates fact-checking website ahead of 2024 election
• Media Habits and Misinformation Susceptibility of Adults Aged 55 Years and Older: Findings from a RAND American Life Panel Survey
• Germany accuses Moscow of ‘disinformation attack’ in leaking senior officers’ call

Man Pleads Guilty to Firebombing Planned Parenthood Clinic and Plotting to Attack Electrical Substation

• targeted the clinic because it provided reproductive health services and they wanted to encourage others to engage in similar violent acts…
• consulted with an associate about surveillance, drone operations and firearms…discussed a desire to murder politicians and journalists. 
• discussed and researched how to attack the Dodger Stadium parking lot or the stadium’s electrical room on a night celebrating LGBTQI+ pride… exchanged sabotage manuals and discussed doing “dry runs” to “case” the stadium. 

CDC: Immunization and Respiratory Diseases Bulletin. 

• CDC announces new respiratory virus guidance, ends COVID isolation policy
• Wenstrup Announces Hearing on White House’s Role in Pandemic Preparedness and Response

Ransomware Updates: Proofpoint: 2024 State of the Phish

• 69% of Organizations Infected by Ransomware in 2023.
• Trend Micro: LockBit Attempts to Stay Afloat With a New Version
• Top 10 Issues General Counsel Need to Know About Ransomware in 2024
• CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware
• #StopRansomware: ALPHV Blackcat
• Ransomware Groups Are Bouncing Back Faster From Law Enforcement Busts; Two months ago, the FBI “disrupted” the BlackCat ransomware group. They’re already back—and their latest attack is causing delays at pharmacies across the US.
• Fulton County, Georgia, refuses to pay ransom, again
• The Mysterious Case of the Missing Trump Trial Ransomware Leak
• A large US health care tech company was hacked. It’s leading to billing delays and security concerns
• Health-care hack spreads pain across hospitals and doctors nationwide

Quick Hits

CORRECTED: SAVE THE DATE! CISA Hosts CISA Live! – Open Source Software Security on Thursday, March 7 at 1:00 PM EST! On Thursday, March 7, we will talk about the importance of securing Open Source Software (OSS) during our next CISA Live! On LinkedIn Live. Our guests are CISA’s Aeva Black, Open Source Security Section Chief, and Jack Cable, Senior Technical Advisor, who will chat about how CISA is collaborating with the open source community, federal partners, and the private sector to foster a more secure and resilient OSS ecosystem. This event offers participants an opportunity to learn about how CISA is working to strengthen the security of open source ecosystems, including package managers, along with ensuring the secure use of OSS within the federal government. Join us on March 7 at 1:00 PM EST! with your questions—and feel free to share this invite with others who may be interested! Access the event page here.

• The White House Warns Cars Made in China Could Unleash Chaos on US Highways
  • Statement from President Biden on Addressing National Security Risks to the U.S. Auto Industry
  • FACT SHEET: Biden-⁠Harris Administration Takes Action to Address Risks of Autos from China and Other Countries of Concern
  • US to probe if Chinese cars pose national data security risks
  • U.S. launches investigation of Chinese vehicles, citing security risks
  • Senator asks FTC to investigate automakers’ data privacy practices
• Red Sea cables have been damaged, disrupting global internet traffic
• Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern
• Message to the Congress on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern
• CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities
• FACT SHEET: President Biden Issues Executive Order to Protect Americans’ Sensitive Personal Data
• Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations
• As Predicted: Scammers Are Now Scanning Faces To Defeat Biometric Security Measures
• AI & Tech
  • As House task force work begins, Rep. Bonamici is ‘very worried’ about AI — ‘and we all should be’
  • Google working to fix Gemini AI as CEO calls some responses “unacceptable”
  • US tech giants refuse to work with Britain’s top secret military censorship board
  • How AI Will Help the World’s Top Hospital CEOs Transform Health Care
  • OpenAI claims the Times cheated to get ChatGPT to regurgitate articles
  • Tumblr and WordPress to Sell Users’ Data to Train AI Tools
  • Apple to disclose AI plans later this year, CEO Tim Cook says
• Denmark closes probe into Nord Stream blasts saying there’s not enough grounds for a criminal case
• NIST Cybersecurity Framework 2.0 Officially Released.
• PRESS RELEASE: Future Software Should Be Memory Safe
• Joint Statement Endorsing Principles for 6G: Secure, Open, and Resilient by Design
• Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams
• GAO – Countering Violent Extremism: FBI and DHS Need Strategies and Goals for Sharing Threat Information with Social Media and Gaming Companies

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, Google, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

• The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
• Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
• The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
• Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
• The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
• The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at: [email protected], and also on X, the platform formerly known as Twitter.