Please enjoy our newest podcast, the weekly Security Sprint, on Spotify, Apple, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.
ELECTION SPECIAL!! Join the GRIP this week for just $47!! Use discount code “ELECTION” and get your first year for just $47. Offer valid this week only!
Join the new Gate 15 Resilience and Intelligence Portal – the GRIP! and get our daily report, the SUN, TARGET reports, our ransomware digest, partner reports, and more – including our new Generative AI version of the SUN! Join the GRIP! Share the Gen AI SUN! Our new TLP:GREEN Gen AI version of the SUN highlights a few notable items from the complete SUN in a 3-4 minute video that can be easily shared and digested across your organization! An easy security win, you can share the Gen AI SUN as a daily security awareness update with your security teams and even across your entire team. Take the easy win!
In this week’s Security Sprint, Dave and Andy covered the following topics:
Organizational Cyber Security Culture
- The Gate 15 Interview – Rob Sherman on CISOs: “Focus on risk, focus on resilience.” Plus: A Salt and Pepper America, burnout, beta, and more!
- TribalHub x Gate 15: Organizational Cyber Culture Meets Concert Moments & The Gate 15 Interview – TribalNet! Building a Cybersecurity Culture, Tribal-ISAC, and how we rock!
- Statement from National Economic Advisor Lael Brainard on National Security Memorandum (NSM) on Artificial Intelligence (AI)
- FACT SHEET: Biden-Harris Administration Outlines Coordinated Approach to Harness Power of AI for U.S. National Security
- Biden administration urges US agencies to ‘harness’ AI systems for national security
- White House will order Pentagon and intel agencies to increase use of AI
- US to unveil AI national security memo to avoid China’s ‘strategic surprise’
Main Topics:
Info Ops
- Russian propaganda exploits US hurricane response to undermine FEMA and Ukraine support. This article explores how Russian information campaigns are leveraging hurricanes Milton and Helene to amplify discontent within the US. It focuses on the key narratives pushed by Kremlin-backed media and their role in undermining trust in US disaster relief efforts.
- Fact check: Debunking weather modification claims. No one creates or steers hurricanes; the technology does not exist. As the southeastern United States reels from the impact of two historic hurricanes, a large amount of disinformation about nonexistent weather manipulation technology is spreading across the internet, particularly on social media platforms.
2024 Elections
- Joint ODNI, FBI, and CISA Statement. The Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released the following statement: “The IC assesses that Russian actors manufactured and amplified a recent video that falsely depicted an individual ripping up ballots in Pennsylvania, judging from information available to the IC and prior activities of other Russian influence actors, including videos and other disinformation activities. Local election officials have already debunked the video’s content. This Russian activity is part of Moscow’s broader effort to raise unfounded questions about the integrity of the US election and stoke divisions among Americans, as detailed in prior ODNI election updates. In the lead up to election day and in the weeks and months after, the IC expects Russia to create and release additional media content that seeks to undermine trust in the integrity of the election and divide Americans.”
- Pennsylvania officials rebut false voter fraud claims from home and abroad
- Russians behind fake video of ballots being destroyed, US officials say; Recent video purportedly showing a man destroying ballots marked for Trump is a disinformation campaign, say officials
- U.S. officials say Russia smeared Tim Walz, might stoke post-vote violence
- American creating deepfakes targeting Harris works with Russian intel, documents show
- CISA Launches #PROTECT2024 Election Threat Updates Webpage
- Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications
- Chinese Hackers Are Said to Have Targeted Phones Used by Trump and Vance
- Foreign threats to the US election are on the rise, and officials are moving faster to expose them
- Election Security Update as of Late October 2024
- Foreign Threats to US Elections After Voting Ends in 2024
- Foreign influence operations will expand before election and linger afterward, US agencies say
- Recorded Future: Operation Overload Impersonates Media to Influence 2024 US Election
- Microsoft: As the U.S. election nears, Russia, Iran and China step up influence efforts
- Justice Department Announces Four Cases Brought by Election Threats Task Force
- Secretary of State’s Office says they stopped cyberattack aimed at crashing voter website
- Wisconsin sued over voting system’s allegedly weak cyber protections
- Philadelphia Resident Charged for Election-Related Threat to State Party Representative
- Maine man made homemade bombs and dropped some from drones, officials say
- Dr. Paul Requests Information On DHS & CISA’s Participation At Election Day Cybersecurity Conference
- Lots more in the SUN each day! Join the GRIP and get this delivered daily! Use discount code “ELECTIONS” to join the GRIP today for just $47. This week only!
HYPR is latest firm to reveal hiring of fraudulent IT worker overseas. The problem of fake remote tech workers attempting to gain employment at Western companies has been in the news quite a bit these days. Quite a bit. But this problem may not be restricted to North Korean operatives, and more and more organizations are stepping up to reveal their own encounters with fake IT employees, while sounding an alarm that companies need to invest more attention and resources into how they vet remote and contract employees. Executives from HYPR, an identity security company, revealed this week that they recently offered a contract to a software engineer claiming to be from Eastern Europe. This person initially accepted the job before walking away when the onboarding and verification process raised a number of red flags about their true identity and location. HYPR Unmasks a Fake IT Worker: North Korea Isn’t the Only Threat
Quick Hits:
Terrorism
- Arizona grand jury indicts juvenile for planning attack at Phoenix Pride Festival
- Maryland Man Charged With Attempting To Provide Material Support To ISIS
- Suburban Chicago Man Sentenced to 18 Years in Prison for Trafficking Fentanyl and Attempting To Support ISIS
‘All servers’ for Redline and Meta infostealers hacked by Dutch police and FBI
Ransomware:
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
- New Iranian-based Ransomware Group Charges $2000 for File Retrieval
- Japanese Man Convicted of Making Virus Using AI; Likely 1st Person in Japan to be Convicted in Criminal Case for Abusing Generative AI
- New Qilin.B Ransomware Variant Boasts Enhanced Encryption and Defense Evasion
- Crystal Rans0m: Rust-Based Hybrid Ransomware
- Avast Releases Free Decryptor for Mallox Ransomware
- Decrypted: Mallox ransomware
- Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action
- Embargo ransomware: Rock’n’Rust
- macOS NotLockBit | Evolving Ransomware Samples Suggest a Threat Actor Sharpening Its Tools
- Akira Ransomware Evolution: A move towards cross-platform adaptability
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- Venue Security, The IAVM Podcast Series was a 2024 limited series podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosted a series of short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads, LinkedIn, via email at [email protected].