Weekly Security Sprint EP 52. Geo-political impacts, cyber warnings, BEC, scams, ransomware and more!

In this week's Security Sprint, Dave and Andy covered the following topics: In our warm start we address cyber threats from China and threats to the Water Sector, see quick hits for links. And we celebrate Pod friend Bridget Johnson on her new role.   Main Topics:   Cyber Warnings - BEC Evolving Threat Landscape: Crime, Confusion, Deepfakes, BEC, fake data breaches, fake political robocalls… Deepfake Scam Video Cost Company $26 Million, Hong Kong Police Says.  Europcar says someone likely used ChatGPT to promote a fake data breach. OpenAI: Building an early warning system for LLM-aided biological threat creation FBI PSA: Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams   Ransomware: Corvus: Q4 Ransomware Report: 2023 Ends as a Record-Breaking Year Ransomware Retrospective 2024: Unit 42 Leak Site Analysis.  The year saw a 49% increase in victims reported by ransomware leak sites, with a total of 3,998 posts from various ransomware groups. The ransomware business is booming, even as enforcers shut down some major players; Palo Alto Networks’ Unit 42 found a 49 percent bump in victims reported by ransomware leak sites in 2023   Quick Hits Brothers Charged After Seizure of Homemade Explosives, Ghost Guns in Their Astoria Apartment Queens bust: 2 brothers kept homemade explosive devices, 'hit list' in Astoria apartment, authorities allege. Investigators also recovered notebooks with hit lists that included police officers, politicians and celebrities, along with a scanner radio set to the frequency of the neighboring police precinct…The apartment is located right across from a Con Ed power facility. Cyber Threats to Critical Infrastructure and the United States  Hearing Notice: The CCP Cyber Threat to the American Homeland and National Security Exclusive: US disabled Chinese hacking network targeting critical infrastructure FBI director to warn Congress of dangers Chinese hackers pose to American infrastructure, innovation Opening Statement by CISA Director Jen Easterly CISA: People's Republic of China Cyber Threat   Water, Water, Everywhere!  Announcement! WaterISAC is excited to announce that this Spring, it will be hosting H2OSecCon as a one-day virtual event on Thursday, May 23 from 11 AM - 5 PM ET!  Sign Up For Updates Here! Securing Operational Technology: A Deep Dive into the Water Sector Environment, Manufacturing, and Critical Materials Subcommittee Hearing: "Ensuring the Cybersecurity of America's Drinking Water Systems" Chair Rodgers Opening Remarks on the Cybersecurity of America’s Drinking Water System More Cyber. The U.S. economy is booming. So why are tech companies laying off workers? Statement From Secretary of Defense Lloyd J. Austin III on U.S. Strikes in Iraq and Syria Geo-politics. Sullivan: Middle East strikes "not the end" of U.S. drone attack response Houthis may sabotage western internet cables in Red Sea, Yemen telecoms firms warn Iran Says Yemen Strikes 'Contradict' US, UK Policy Hostages at Procter & Gamble plant outside Istanbul rescued after 9-hour ordeal US Senate Judiciary Committee Hearing: Big Tech and the Online Child Sexual Exploitation Crisis Senator to Big Tech: ‘Collectively, your platforms really suck at policing themselves’ Ivanti Updates: Supplemental Direction V1: ED 24-01: Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities CISA orders Ivanti devices targeted by Chinese hackers be disconnected QAnon-aligned son decapitates federal employee dad, shows off ‘traitor’s’ head in sick YouTube video Virtual Event: Preventing Mass Attacks In Our Communities. In this event, researchers from the US Secret Service National Threat Assessment Center discuss their findings on mass attacks perpetrated in public and semi-public spaces, including businesses, restaurants, bars, retail outlets, houses of worship, schools, open spaces and more. Click Here To Register.