Weekly Security Sprint EP 42: Ransomware, Resilience, MDM and more.

In the latest epsiode of the Weekly Security Sprint, Dave and Andy talked about the following topics: Announcement! Venue Security, The IAVM Podcast Series! A new monthly podcast starting in 2024. Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.  SHIELDS READY. The Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) launched the new Shields Ready campaign to encourage the critical infrastructure community to focus on strengthening resilience. Resilience is the ability to prepare for, adapt to, withstand, and rapidly recover from disruptions caused by changing conditions. CISA Launches Critical Infrastructure Security and Resilience Month 2023   Scams. ‘with sales come scams’. https://www.ncsc.gov.uk/news/black-friday-bargain-hunters-warned-of-enhanced-online-scams-after-millions-lost-last-year  MDM The Truth Crisis | The Rising Threat of Online Misinformation and Disinformation The Gate 15 Interview: Malicious Info Operations & MDM, the Space Sector, supply chain resilience, the City of Light, and nudging the world in a better direction. Nerd Out: EP 41. Dave Clark joins to talk about MDM and other nerd topics.   Ransomware. Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools. CYBERSECURITY ADVISORY - #StopRansomware: Royal Ransomware, November 13, 2023 update Security Affairs: DOLLY.COM PAYS RANSOM, ATTACKERS RELEASE DATA ANYWAY Brazen ransomware attack on US unit of Chinese banking giant has financial sector on alert Risky Biz News: Clop is coming after your SysAid servers Basically all of Maine had data stolen by a ransomware gang; Maine's state agencies are the latest victims in the far-reaching MOVEit file transfer tool hack. Boeing data published by Lockbit hacking gang Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 Same threats, different ransomware; A threat cluster's switch from Vice Society to Rhysida Hive Ransomware's Offspring: Hunters International Takes the Stage Ransomed[.]vc Sunsets Operations, Auctions Off Infrastructure Critical Vulnerability: SysAid CVE2023-47246   Quick Hits Critical infrastructure Updates: Major Australian Ports Affected By Cyber Incident Operations at DP World Australia resume, though ‘doesn’t mean the incident has concluded’ Washington state transportation services partially restored after cyberattack The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology International Terrorism: Five right-wing terrorists arrested throughout Europe with the support of Eurojust and Europol Israel: Mossad foils Hezbollah terror plot against Jews in Brazil FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents Faith-Based and Israel-Gaza Related Updates: OpenAI blames DDoS attack for ongoing ChatGPT outage. In a series of Telegram messages seen by TechCrunch, hacktivist group Anonymous Sudan took credit for the alleged attack. In the messages, Anonymous Sudan said the reason it targeted OpenAI is due to the company’s “general biasness towards Israel and against Palestine”. Earthquake Preparedness. FEMA’s Earthquake & Wind Programs Branch, along with the National Earthquake and Hazard Reduction Program (NEHRP), is excited to announce the updated Earthquake Safety Checklist (FEMA B-526). CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain FEMA’s National Business Emergency Operations Center (NBEOC) - YouTube