Weekly Security Sprint EP 88. Elections, Liability, and Off-boarding.

In the latest Security Sprint, Dave and Andy covered the following topics. Warm Start. • CISA: Critical Infrastructure Security and Resilience Month 2024. “Resilience means doing the work up front to prepare for a disruption, anticipating that it will in fact happen, and exercising not just for response but with a deliberate focus on continuity and recovery, improving the ability to operate in a degraded state, and significantly reducing downtime when an incident occurs.” o A Proclamation on Critical Infrastructure Security and Resilience Month, 2024 o Biden declares November as critical infrastructure security and resilience month, calls safeguarding these systems • FS-ISAC: Ransomware Essentials. A Guide for Financial Services Firm Defense (PDF) Main Topics: Election Week! • Joint ODNI, FBI, and CISA Statement. • US cybersecurity chief says disinformation surge hasn't impacted election • CISA: Election Security Rumor vs. Reality • Georgia Poll Worker Arrested for Making Bomb Threat to Election Workers • FBI PSA: Scammers Exploit 2024 US General Election to Perpetrate Multiple Fraud Schemes • Colorado accidentally put voting system passwords online, but officials say election is secure • Joint ODNI, FBI, and CISA Statement on Russian Election Influence Efforts (01 Nov). Liability: • Attorney General James Secures $2.25 Million from Capital Region Health Care Provider to Protect Patient Data • HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $500,000 • HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000 Insider Threats! Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information Quick Hits: • Wiz CEO says company was targeted with deepfake attack that used his voice • Ripple effect: the devastating impact of data breaches • Canadian Centre for Cyber Security - Cyber Security Readiness • Defendants with Ties to White Supremacy Sentenced in Connection with Plot to Destroy Energy Facilities • United States Welcomes the United Kingdom’s Actions Against Known Purveyors of Kremlin Disinformation • Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives • Army of bots promotes petrostate hosting global climate talks • Reset Tech Investigation - Clickbait Cures: How Meta and Google Tolerate a Dubious Meds Market in the EU • Fitness app Strava gives away location of Biden, Trump and other leaders, French newspaper says • Meet Interlock — The new ransomware targeting FreeBSD servers • Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network • Spain floods disaster: death toll rises to 205 as extra troops mobilised • Biden Administration Announces Additional Security Assistance for Ukraine • Iran Tells Region ‘Strong and Complex’ Attack Coming on Israel • Cybersecurity Advisory – Threats Posed by Remote Technology Workers with Ties to Democratic People’s Republic of Korea • Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments • New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad • Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication • Canadian Centre for Cyber Security - National Cyber Threat Assessment 2025-2026 • Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats • Massive PSAUX ransomware attack targets 22,000 CyberPanel instances • Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files