Weekly Security Sprint EP 41. Normalizing violent threats, Critical Infrastructure Security and Resilience month, cybersecurity resources and tools.

In this week's Security Sprint, Dave and Andy talked about the following topics: Physical Security. Increasing acceptance of threats of violence MAGA Commentator Wants People to Shoot Charity Workers Assisting Migrants 'Be looking over your shoulder': MAGA man arrested for threats against Fani Willis Threats to U.S. senator amid spike in anti-Jewish, anti-Muslim activity; U.S. officials say they are responding to a rise in threats against Arab, Jewish and Muslim communities as Gaza war intensifies DOJ: Nevada Man Arrested And Charged For Making Threats To United States Senator Vehicle Ramming. Nuclear Power Plant. https://www.nbcnews.com/news/us-news/police-searching-suspect-drove-fence-south-carolina-nuclear-station-at-rcna123489 CISA Security Planning Workbook. https://www.cisa.gov/sites/default/files/2023-10/CISA_AASB_Security_Planning_Workbook_508_Compliant_20230929.pdf   US Senate Hearing: Threats to the Homeland Secretary Mayorkas Testimony to Committee on Homeland Security & Governmental Affairs FBI Director Wray: Threats to the Homeland   Cybersecurity. CISA Launches Critical Infrastructure Security and Resilience Month 2023. The Cybersecurity and Infrastructure Security Agency (CISA) announced the kickoff of Critical Infrastructure Security and Resilience Month. Yesterday, the White House issued a Presidential Proclamation to commemorate November as Critical Infrastructure Security and Resilience Month and called on Americans to recognize the importance of this month to enhance our collective national security and resilience… This November, CISA is asking everyone to Resolve to be Resilient by preparing and investing in resilience today, so that, as a nation, we can recover quickly in the event of an incident tomorrow.  We are highlighting practices critical infrastructure organizations can implement to recover rapidly in the aftermath of any significant disruption: Assess Your Risk. Make a Plan and Exercise It.  Continuously Improve and Adapt. NCSC. https://www.ncsc.govt.nz/news/record-high-financially-motivated-cyber-activity/ Zero-Day. https://cyberscoop.com/cisa-zero-day-ransomware/   Quick Hits Maine gunman’s family contacted police months before massacre, sheriff says NIJ: Five Things About Protecting Against Mass Attacks FACT SHEET: Biden-⁠Harris Administration Convenes Third Global Gathering to Counter Ransomware 2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard w reference to our good friends at eCrime – the single best source for ransomware information U.S. officials hold their breath for Iranian cyberattacks Man Armed with Weapons Found Dead at Colorado Amusement Park, Investigation Underway; Authorities said that the 22-year-old suspect wore body armor and had with him a semi-automatic rifle and IEDs FIRST has officially published the latest version of the Common Vulnerability Scoring System (CVSS v4.0) FBI Tech Tuesday: Beware of Scams on Popular Peer-to-Peer Payment Apps SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures Citrix Bleed: Two ransomware groups now exploiting bug for initial access “This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard; By some estimates, 20,000 devices have already been hacked. Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey GCA Launches a User-friendly Cybersecurity Tools Wiki NZ NCSC: The NCSC announces record-high financially motivated cyber activity