Weekly Security Sprint EP 28. The return of the weatherman, CISA strategic plans, espionage, exploited vulnerabilities and…so much more!

In this week's Security Sprint, Dave and Andy talk about the following topics. Hurricanes. CSU released its final forecast for the 2023 Atlantic hurricane season on Thursday, 3 August. CISA Cybersecurity Strategic Plan. CISA Cybersecurity Strategic Plan: Shifting the Arc of National Risk to Create a Safer Future. China Espionage. https://www.justice.gov/usao-sdca/pr/us-navy-sailor-arrested-and-charged-espionage More CISA. CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022. Top 12 vulnerabilities list highlights troubling reality: many organizations still aren’t patching; The list includes well-known vulnerabilities impacting Fortinet's VPNs and Log4Shell that hackers still routinely exploit. Cloudflare: Unmasking the top exploited vulnerabilities of 2022   QH Biden-⁠Harris Administration Launches New Efforts to Strengthen America’s K-12 Schools’ Cybersecurity The Synagogue Attack Stands Alone, but Experts Say Violent Rhetoric Is Spreading Pensacola police arrest 4 teens in connection to string of antisemitic vandalism Man who allegedly fired shots at Jewish school shared grievances against it, flashbacks of father’s violent death & Former student fired gun at Jewish school, shot by police Police investigating vandalism at Utah’s oldest Black church Georgia man accused of breaking into Florida church, ‘baptizing’ himself Bomb threat shuts down OHSU clinic after anti-trans information posted online The USCP Remains Vigilant Following False Active Shooter Report The Senate went into a shelter-in-place and partial evacuation following reports of an possible active shooter on the Capitol campus. Outside of Trump’s arraignment, revelers mark dueling visions of justice Among MAGA extremists, Trump charges draw big talk, small crowds Security upped near Fulton courthouse as possible Trump indictment nears Malwarebytes: 2023 State of Ransomware Threat Intelligence. Report: Ransomware Command-and-Control Providers Unmasked by Halcyon Researchers Cloud company assisted 17 different government hacking groups -US researchers Dragos Industrial Ransomware Attack Analysis: Q2 2023 RUSI: Cyber Insurance and the Ransomware Challenge.  Threat Research Analysis of Ransomware Victims from Ransom Leak Site Data August 2023 Threat Horizons Report Provides Cloud-Focused Cybersecurity Insights and Recommendations SC Magazine: No evidence organizations with cyberinsurance more likely to pay ransom How Tampa General Hospital thwarted a ransomware attack The Week in Ransomware - August 4th 2023 - Targeting VMware ESXi Additional MOVEit-related health data breaches reported 1.7 Million Oregon Health Plan Members Affected by MOVEit Hack US govt contractor Serco discloses data breach after MoveIT attacks Crozer Health’s computer systems were knocked offline Thursday by a ransomware attack Ransomware Roundup - DoDo and Proton Ransomware attacks cost manufacturing sector $46 billion in downtime since 2018, report claims CYFIRMA: RANSOMWARE TRENDS : H1 2023 – Part 1 Qilin Ransomware Gang Adopts Uncommon Payment System: All Ransom Payments Funneled through Affiliates