Weekly Security Sprint EP 36. Cybersecurity Awareness Month, Physical Security issues, Ransomware and much more!

In this week's Security Sprint, Dave and Andy talk about the following topics: Cybersecurity Awareness Month.  A Proclamation on Cybersecurity Awareness Month, 2023. CISA Kicks Off 20th Anniversary of Cybersecurity Awareness Month with New Public Awareness Campaign to Secure Our World Transforming Vulnerability Management: CISA Adds OASIS CSAF 2.0 Standard to ICS Advisories NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management Procurement and Acceptance Testing Guide for Servers, Laptops, and Desktop Computers  CISA: Cyber Training Bulletin Transforming Vulnerability Management: CISA Adds OASIS CSAF 2.0 Standard to ICS Advisories NSA Launches 10th Annual Codebreaker Challenge for 2023 Check out NSA Cyber Director Rob Joyce’s social media meme-fest! Here, on Threads. Gate 15, along with many ISACs, ISAOs and other great organizations, is Cybersecurity Awareness Month Champion!   Headlines Beware of Floor Plans. https://www.cnn.com/2023/09/28/politics/dhs-investigating-ransomware-attack  FBI PIN: Two or More Ransomware Variants Impacting the Same Victims and Data Destruction Trends Most dual ransomware attacks occur within 48 hours. Ransomware attack on Johnson Controls may have exposed sensitive DHS data Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang The Week in Ransomware - September 29th 2023 - Dark Angels FB-ISAO: September 2023 Threat Level Statement Update – Threat Levels Remain at GUARDED. The U.S. National Strategy to Counter Antisemitism: Key Actions by Pillar | The White House Fact Sheet: Biden-Harris Administration Takes Landmark Step to Counter Antisemitism | The White House Secretary Mayorkas Delivers Remarks at the Protecting Places of Worship Roundtable. Peruvian National Arrested In Peru For Sending Over 150 Hoax Bomb Threats To Schools And Other Institutions In The United States And Soliciting Child Pornography. VA man who made threats against church arrested after showing up to Sunday service armed with gun, knive Armed suspect arrested at Haymarket church, while service in progress Sept. 24 - Bull Run, VA  Pastor says ‘miracle of God’ led to peaceful arrest of armed man at Va. church Target Press Release: Target Closes Select Stores to Prioritize Team Member and Guest Safety   US GAO - Critical Infrastructure Protection: National Cybersecurity Strategy Needs to Address Information Sharing Performance Measures and Methods.   Quick Hits FCC Net Neutrality. https://techcrunch.com/2023/09/26/fcc-announces-plans-to-reinstate-net-neutrality/ Apple updates. https://www.securityweek.com/macos-14-sonoma-patches-60-vulnerabilities/ Prepare for the unlikely. https://www.dhs.gov/science-and-technology/news/2023/09/25/preparing-unlikely FBI PSA: "Phantom Hacker" Scams Target Senior Citizens and Result in Victims Losing their Life Savings FEMA and FCC Plan Nationwide Emergency Alert Test for Oct. 4, 2023. Test Messages Will be Sent to All TVs, Radios and Cell Phones Massive emergency alert test scheduled to hit your phone on Wednesday. Here's what to know. Bridging the gender gap in the public sector. Bipartisan Senate Intelligence Committee Report Warns of New Threats from China and Russia (PDF report) CISA, NSA, FBI and Japan Release Advisory Warning of BlackTech, PRC-Linked Cyber. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices  Global Engagement Center Special Report: How the People’s Republic of China Seeks to Reshape the Global Information Environment.  Critical vulnerabilities in Exim threaten over 250k email servers worldwide.   CISA releases Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management. A Hardware Bill of Materials Framework for Supply Chain Risk Management A Hardware Bill of Materials Framework for Supply Chain Risk Management Fact Sheet The Cybersecurity 202 - Want to learn what’s in your hardware? CISA has an idea for that.