In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• Patch It or Pay: Closing the Door on Exploits. This blog is part of Gate 15’s Summer of Security: Ransomware Resilience Series, highlighting the essential considerations for organizational leaders and cybersecurity professionals.Main Topics:• House panel approves cyber information sharing, grant legislation as expiration deadlines loom• CISA Delays Cyber Incident Reporting Rule for Critical InfrastructureRansomware & Data Breaches: • Australian Government - Australian Institute of Criminology: Examining the activities and careers of ransomware criminal groups. PDF • Stopping ransomware before it starts: Lessons from Cisco Talos Incident Response• Cyberattack on Jaguar Land Rover threatens to hit British economic growth• Hackers linked to M&S breach claim responsibility for Jaguar Land Rover cyber-attack • How JLR's Cyber Breach is Disrupting Global Operations • Jaguar Land Rover staff home for another day as company reels from cyber attackPresidential Message on National Preparedness Month• National Insider Threat Awareness Month; Help prevent the exploitation of authorized access from causing harm to your organization• Plan to avoid scams this National Preparedness Month• ABA Foundation and FBI Release New Infographic to Help Americans Spot and Avoid Deepfake ScamsQuick Hits:• All IT work to involve AI by 2030, says Gartner, but jobs are safe. All work in IT departments will be done with the help of AI by 2030, according to analyst firm Gartner, which thinks massive job losses won’t result.• Salesloft Drift updates• Not Safe for Work: Tracking and Investigating Stealerium and Phantom Infostealers• Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack• Frostbyte10 flaws in Copeland E2 and E3 controllers highlight cyber threats to refrigeration, HVAC, lighting infrastructure• Czech NUKIB alerts critical infrastructure sector to rising cyber risks from Chinese data transfers, remote management• ‘Unrestrained’ Chinese Cyberattackers May Have Stolen Data From Almost Every American• Chinese Hackers Impersonate US Lawmaker in Malware Scheme During Trade Talks• US military kills 11 in strike on alleged drug boat tied to Venezuelan cartel, Trump says• Targeting Iran’s Leaders, Israel Found a Weak Link: Their Bodyguards• U.S. and Canadian Intelligence Partners Issue Guidance to Protect Western Tech Startups from Exploitation in International Pitch Competitions • The Blockchain Is Not Your Friend: Examining EtherHiding and using Blockchain for Attacks• New Cyber Resources from the Canadian Centre for Cyber Security: Cyber security hygiene best practices for your organization - ITSAP.10.102o Virtualizing your infrastructure (ITSAP.70.011)o Universal plug and play (ITSAP.00.008)
In this week's Security Sprint, Dave and Andy covered the following topics:Main Topics:Annunciation Catholic Church Attack • Minneapolis Suspect Knew Her Target, but Motive Is a Mystery• Shooter who opened fire on Minneapolis Catholic school posted rambling videos• Robin Westman: Minneapolis gunman was son of church employee• Robin Westman posted a manifesto on YouTube prior to Annunciation Church shooting• Minneapolis school shooter wrote “I am terrorist” and “Kill yourself” in Russian on weapon magazines and listened to Russian rappers• Minneapolis Catholic Church shooter mocked Christ in video before attack• Minneapolis school shooter 'obsessed with idea of killing children', authorities say• Minnesota Mass Shooter Steeped in Far-Right Lore, White Nationalist Murderers• In Secret Diaries, the Church Shooter’s Plans for Mass Murder• Minneapolis church shooting search warrants reveal new details and evidence• 'There is no message': The search for ideological motives in the Minneapolis shooting• Minneapolis Church Shooting: Understanding the Suspect’s Video• More Of Minnesota Shooter’s Writings Uncovered: ‘Gender And Weed F***ed Up My Head’• Classmates say Minnesota school shooter gave Nazi salutes and idolized school shootings back in middle schoolHoax Active Shooter Reports• More than a dozen universities have been targeted by false active shooter reports• This Is the Group That's Been Swatting US Universities• FBI urges students to be vigilant amid wave of swatting hoaxesAI & Cyber Threats • The Era of AI-Generated Ransomware Has Arrived• Researchers flag code that uses AI systems to carry out ransomware attacks & First known AI-powered ransomware uncovered by ESET Research • Anthropic: Detecting and countering misuse of AI: August 2025• A quick look at sextortion at scale: 1,900 messages and 205 Bitcoin addresses spanning four yearsCountering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System• FBI warns Chinese hacking campaign has expanded, reaching 80 countries• Allied spy agencies blame 3 Chinese tech companies for Salt Typhoon attacks• UK NCSC: UK and allies expose China-based technology companies for enabling global cyber campaign against critical networksQuick Hits:• Storm-0501’s evolving techniques lead to cloud-based ransomware • Why Hypervisors Are the New-ish Ransomware Target• FBI Releases Use-of-Force Data Update• Denmark summons US envoy over report on covert American ‘influence operations’ in Greenland• Falsos Amigos• Surge in coordinated scans targets Microsoft RDP auth servers• Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424• Citrix patches trio of NetScaler bugs – after attackers beat them to it• U.S., Japan, and ROK Join Mandiant to Counter North Korean IT Worker Threats• US sanctions fraud network used by North Korean ‘remote IT workers’ to seek jobs and steal money• H1 2025 Malware and Vulnerability Trends • The FDA just overhauled its COVID vaccine guidance. Here’s what it means for you• 25 August 2025 NCSC, AFOSI, ACIC, NCIS, DCSA, FBI, ED, NIST, NSF bulletin • DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says• Blistering Wyden letter seeks review of federal court cybersecurity, citing ‘incompetence,’ ‘negligence’• Email Phishing Scams Increasingly Target Churches
In this week's Security Sprint, Dave and Andy covered the following topics: Warm Open:• Nerd Out EP 61. The 2/3 of the Year Awards!Main Topics:FBI PSA - Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure. The Federal Bureau of Investigation (FBI) is warning the public, private sector, and international community of the threat posed to computer networks and critical infrastructure by cyber actors attributed to the Russian Federal Security Service's (FSB) Center 16. The FBI detected Russian FSB cyber actors exploiting Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to broadly target entities in the United States and globally. Info Ops: • Most Adults in 25 Countries Say Spread of False Information Is a Top National Threat. The findings come from Pew’s seventh iteration of its Global Attitudes Survey: International Opinion on Global Threats, which was last published in 2022. • Foreign disinformation enters AI-powered era. At least one China-based technology company, GoLaxy, seems to be using generative AI to build influence operations in Taiwan and Hong Kong… Documents also show that GoLaxy has created profiles for at least 117 members of Congress and over 2,000 American political figures and thought leaders.• Toxic politics and TikTok engagement in the 2024 U.S. election• Why wind farms attract so much misinformation and conspiracy theory UN - Terror threat posed by ISIL ‘remains volatile and complex,’ Security Council hears. The threat posed by the terrorist group ISIL – known more widely in the Middle East as Da’esh – remains dynamic and diverse, with Africa currently experiencing the highest level of activity worldwide.• PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General for Counter-Terrorism, United Nations Office of Counter-Terrorism. • PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General, United Nations Office of Counter-Terrorism.• UN Report: ISIS Fighters’ Migration to Afghanistan and the Taliban’s Failure• ISIS-K poses major threat with 2,000 fighters in Afghanistan, UN saysFEMA Employees Warn That Trump Is Gutting Disaster Response. After Hurricane Katrina, Congress passed a law to strengthen the nation’s disaster response. FEMA employees say the Trump administration has reversed that progress. Employees at the Federal Emergency Management Agency wrote to Congress on Monday warning that the Trump administration had reversed much of the progress made in disaster response and recovery since Hurricane Katrina pummeled the Gulf Coast two decades ago. The letter to Congress, titled the “Katrina Declaration,” rebuked President Trump’s plan to drastically scale down FEMA and shift more responsibility for disaster response — and more costs — to the states. It came days before the 20th anniversary of Hurricane Katrina, one of the deadliest and costliest storms to ever strike the United States.Quick Hits:• 25% of security leaders replaced after ransomware attack• Gate 15: Hack Yourself First: Pen Testing for Prevention • FB-ISAO: Ransomware Incident Review January to June 2025• Dissecting PipeMagic: Inside the architecture of a modular backdoor framework• Maryland Transit Administration says cybersecurity incident is affecting some of its servicesNevada state government offices closed after network security incident• Audit of Antisemitic Incidents 2024• MIT report: 95% of generative AI pilots at companies are failing• Report: Russian Sabotage Operations In Europe Have Quadrupled Since 2023• CISA Requests Public Comment for Updated Guidance on Software Bill of Materials• Risky Bulletin: NIST releases face-morphing detection guideline• CVE-2025–41688: Bypassing Restrictions in an OT Remote Access Device• Think before you Click(Fix): Analyzing the ClickFix social engineering technique
In the latest episode of Nerd Out, Dave goes through the annual (3rd or 4th - who knows) 2/3 of the year awards! The categories are:MVP. Who or what is the security MVP to date. This can be a person, or a tactic.The Cobra (Sly Stallone) Award - "You're the disease and I’m the cure". What has been a great security process or procedure that can really help "cure" organization's security problems.The Dennis Green "they are who we thought they are" Award. What is a threat or tactic that threats use that really showed their true colors.The Aldus Snow (Get Him to The Greek) Award. Don’t forget about me - what is the security threat that remains always present . Something so simple yet so deadly.Dumpster Fire Award. What incident or threat will just make things a mess.Scotty Doesn’t Know award (EuroTrip) Award. What threat is out there that orgs aren’t thinking about but should.Avengers Team Up Award. Is there a great product or paper that involved multiple groups that orgs should know about.Heath Ledger Joker Award. What threat just takes it to another level - when you think last time was bad, the next time is worse.
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Adam Rak, Executive Director CyberUSA, Head of Strategic Partnerships, and San Carlos City Council Member and Former Mayor. Adam is a highly accomplished, analytical government relations executive with 25 years of experience and proven success promoting initiatives in the technology and cyber security industry. Possesses detailed expertise in developing partnerships and programs to achieve organizational objectives, and enhance industry reputation. Learn more about Adam on LinkedIn.In the discussion Adam and Andy cover:Adam’s background.CyberUSA, overview, members, and marketplaceBuilding communitiesSelling new ideas in tech and securityWe play 3 Questions and talk civics, being an Eagle Scout, Vikings, Valkyries and more!Selected links:CyberUSANM Technology Council Unites with CyberUSA to Bridge Innovation and CybersecurityCyberUSA Welcomes CyberMontana as Newest AffiliateCyber Florida at USF Partners with CyberUSA, Strengthening National Cybersecurity CollaborationCyberUSA MarketplaceCyberUSA Gate 15 Marketplace Offer: Gate 15 Resilience and Intelligence Portal (GRIP) SubscriptionCyberUSA Gate 15 Marketplace Offer: Gate 15 Low Cost Ransomware Workshop
In this week's Security Sprint, Dave and Andy are joined by Alec Davison and they covered the following topics:Warm Open:• Crypto ISAC• Odin.fun Exploited for $7 Million as 58.2 BTC Stolen in Security Breach• BtcTurk under attack again: withdrawals suspended after alleged $50 million hack & Major Turkish Crypto Exchange BtcTurk Allegedly Hacked for Nearly $50 Million• Treasury Sanctions Cryptocurrency Exchange and Network Enabling Sanctions Evasion and Cyber Criminals• More everyday in the SUN. Join the GRIP! Get the SUN! Main Topics:EPA, WaterISAC caution utilities on drone threats and cyber risks in evolving security landscape. The U.S. Environmental Protection Agency (EPA) and WaterISAC recognized that UASs (unmanned aerial systems), or drones, can pose significant threats to critical infrastructure, due to their accessibility, versatility, and potential for misuse. These threats can range from unauthorized surveillance, physical attacks, and even cyber attacks. Drones have revolutionized the critical infrastructure sector by enabling efficient and cost-effective inspections, reducing the need for manual labor and minimizing safety risks associated with hazardous environments, while providing real-time data and high-resolution imagery, allowing for more accurate monitoring and maintenance of infrastructure assets, leading to improved operational efficiency and reduced downtime. UK NPSA: Security Fences and Gates. Fences, along with integrated gates, play a key role in delivering security solutions both for perimeters and protecting important assets. This guidance is intended to aid those responsible for delivering security solutions including fences and gates to identify the factors that need to be considered. NPSA wish to advise that fences and gates are no longer tested to the Manual Forced Entry Standard (MFES). As a result, all fences and gates which were previously given an MFES rating have been removed from the Catalogue of Security Equipment. This document provides advice on the requirements for security fences and gates and signpost alternative security standards that should be considered. Please use the NPSA Forced Entry Standards Guidance1 to assist you. NPSA Forced Entry Standard 2024Hurricane Erin: • NHC issuing advisories for the Atlantic on Hurricane Erin• Key messages regarding Hurricane Erin• Hurricane Erin to grow, will next threaten US coast with dangerous conditionsQuick Hits:• NOAA - July 2025 was planet's 3rd warmest on record • Dragos Industrial Ransomware Analysis: Q2 2025 • CISA: Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators• Canada’s Guide on Biometric Management Is a Useful Resource for All Corporate Security Directors• Canadian Centre for Cyber Securityo Steps to address data spillage in the cloud (ITSAP.50.112)o Introduction to cloud computing (ITSAP.50.110)o Models of cloud computing (ITSAP.50.111)• Norway spy chief blames Russian hackers for hijacking dam• Colt Telecom attack claimed by WarLock ransomware, data up for sale• SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations & Risky Bulletin: Academics pull off novel 5G attack• Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities• ReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaver• Plex warns users to patch security vulnerability immediately• ClickFix phishing links increased nearly 400% in 12 months, report says
In this week's Security Sprint, Dave and Andy covered the following topics:Main Topics:Physical Security: • FBI Releases 2024 Reported Crimes in the Nation Statisticso Hate crimes hit second largest record in 2024: FBIo Crime down in every category in 2024, FBI report sayso Jews targeted in 69% of religion hate crimes in 2024, 71% since October 2023, per FBI datao FBI Report: Anti-Jewish Hate Crimes Across U.S. Nearly 10x Higher Than Any Other Groupo NYC Sees Drop in Antisemitic Hate Crimes, Yet Jews Still Targeted Most, Police Say• CDC shooter blamed COVID vaccine for depression; union demands statement against misinformationo CDC Shooter Believed Covid Vaccine Made Him Suicidal, His Father Tells Policeo Suspect identified in Atlanta shooting outside CDC: What to know• Shooter kills three in a Target parking lot in Austin before being captured, police sayo Child among 3 killed in north Austin shooting, suspect detainedo 'I was running for my life' | 3 dead in shooting at North Austin TargetThe Cost of a Call: From Voice Phishing to Data Extortion - Update (August 5) & Google says hackers stole its customers’ data by breaching its Salesforce databaseHackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home; For likely the first time ever, security researchers have shown how AI can be hacked to create real-world havoc, allowing them to turn off lights, open smart shutters, and more. In a new apartment in Tel Aviv, the internet-connected lights go out. The smart shutters covering its four living room and kitchen windows start to roll up simultaneously. And a connected boiler is remotely turned on, ready to start warming up the stylish flat. The apartment’s residents didn’t trigger any of these actions. They didn’t put their smart devices on a schedule. They are, in fact, under attack. Each unexpected action is orchestrated by three security researchers demonstrating a sophisticated hijack of Gemini, Google’s flagship artificial intelligence bot. Quick Hits:• NOAA - Prediction remains on track for above-normal Atlantic hurricane season• New state, local cyber grant rules prohibit spending on MS-ISAC• Joint Counterterrorism Assessment Team (JCAT): Hybrid and Electric Vehicle Emergency Planning and Postattack Response Considerations• Canadian Centre for Cyber Security - Potential SSL VPN Zero-Day vulnerability impacting Gen 7 SonicWall Firewalls• SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation• Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments • CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities• CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability • Leak Reveals the Workaday Lives of North Korean IT Scammers • US companies spending record amounts to protect executives as threats rise• Mysterious Crime Spree Targeted National Guard Equipment Stashes• American Nazis: The Aryan Freedom Network is riding high in Trump era• Florida Man Sentenced to 20 Years for Conspiring to Destroy Baltimore Region Power Grid & Neo-Nazi leader sentenced to 20 years for plotting Baltimore power grid attack• Leader of Transnational Terrorist Group Pleads Guilty to Soliciting Hate Crimes, Soliciting the Murder of Federal Officials, and Conspiring to Provide Material Support to Terrorists
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• Decrypted: FunkSec Ransomware; Avast releases free decryptor for AI-assisted FunkSec ransomware & Skip directly to the decryptor download. Main Topics:Hostile Events:• NYC shooting at heavily secured office building raises questions about what more can be done • FBI Arrests Dayton Man for Making Social Media Post Threatening to Kill Tens of Thousands & Man accused of threatening to kill 30K Black people in Cincinnati days after megaviral attack video• Tennessee man threatened to kill public officials, kept explosive devices in his home, authorities sayCyber Threat Reports: • CrowdStrike 2025 Threat Hunting Report: AI Becomes a Weapon and a Target• Censys: 2025 State of the Internet: Malware Investigations• Forescout - Midyear Threat Report: Numbers Grow in Nearly All the Wrong Places• Cside: Client-Side Attack Report Q2 2025DHS Launches Over $100 Million in Funding to Strengthen Communities’ Cyber Defenses Quick Hits:• FBI PSA - Unsolicited Packages Containing QR Codes Used to Initiate Fraud Schemes• Leading phone repair and insurance firm collapses after paying crippling ransomware demand — Cutting 100+ employees to just eight wasn’t enough• Canadian Centre for Cyber Security - Security considerations for critical infrastructure (ITSAP.10.100)• Iran hiring criminal networks in Europe to attack Jews, US religious freedom report finds• UNC2891 Bank Heist: Physical ATM Backdoor & Linux Forensic Evasion Evasion• Swedish crypto exchange Trijo hacked for 7.8 MSEK
On this week's Security Sprint, Dave is solo and talked about the following topics.Warm Opening.Check out the blogs on the Gate 15 website including the recent one on network segmentation (www.gate15.global). https://gate15.global/digital-firebreaks/Main Topics.NYC active shooter incident. https://www.nbcnews.com/news/us-news/nyc-shooting-suspect-shane-devon-temura-what-know-rcna221638Walmart incident and bystanders. https://www.nbcnews.com/news/us-news/walmart-stabbings-michigan-traverse-city-suspect-terrorism-what-know-rcna221445CISA Active Shooter resources: https://www.cisa.gov/topics/physical-security/active-shooter-preparednessChinese ‘Fire Ant’ spies start to bite unpatched VMware instances. https://www.csoonline.com/article/4029545/chinese-fire-ant-spies-start-to-bite-unpatched-vmware-instances.htmlSygnia Uncovers Active Chinese-Nexus Threat Actor Targeting Critical Infrastructure. https://www.sygnia.co/press-release/sygnia-uncovers-chinese-threat-targeting-critical-infrastructure/
In the latest Nerd Out, Alec and Dave welcome in Hunter Headapohl to talk about the cyber basics, and why so many threats can be prevented by following appropriate cyber hygiene. Alec and Hunter share their best practices and some of their tools and resources that can be leveraged to mitigate risk.Some of the references from the pod include:Top Cyber Actions for Securing Water Systems - https://www.cisa.gov/resources-tools/resources/top-cyber-actions-securing-water-systemsDefending OT Operations Against Ongoing Pro-Russia Hacktivist Activity - https://www.cisa.gov/resources-tools/resources/defending-ot-operations-against-ongoing-pro-russia-hacktivist-activityIRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities - https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335aChina Strategically Infiltrates U.S. Critical Infrastructure as Cyberattacks Escalate - https://thesoufancenter.org/intelbrief-2025-january-10/Secure by Design - https://www.cisa.gov/securebydesignCISA Training - https://www.cisa.gov/resources-tools/training
In this week's Security Sprint, Dave and Andy covered the following topics: Warm Open:• 26th Annual TribalNet Conference & Tradeshow• The Gate 15 Interview EP 60 – Sasha Larkin: “I like the chaos, chaos makes sense to me.” • The SUN will not be published the week of 28 Jul – 01 Aug. The SUN will resume the following week.• P2D2!Main Topics:Microsoft, China & Vendor Risk Management:• A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers• US senator seeks details from Defense Department on Microsoft's Chinese engineers• Microsoft says it will no longer use engineers in China for Department of Defense work• Chairmen Gimenez, Moolenaar, Self Probe Tech Companies Over Risks To Undersea Telecom InfrastructurePasswords. Weak password allowed hackers to sink a 158-year-old companyPatching!• Microsoft SharePoint vulnerability CVE-2025-53770: Microsoft: Customer guidance for SharePoint vulnerability CVE-2025-53770 & UK NCSC: Active exploitation of vulnerability affecting Microsoft Office SharePoint Server products in the UK• Canadian Centre for Cyber Security: CrushFTP security advisory (AV25-432)• CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability• CitrixBleed 2 situation update — everybody already got owned• Canadian Centre for Cyber Security - Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 – Update 2 Managing Politics and BiasQuick Hits:• National Guard hacked by Chinese 'Salt Typhoon' campaign for nearly a year, DHS memo says• Charter Calls Increased Critical Infrastructure Attacks on Spectrum Network in Missouri Acts of Domestic Terrorism• UK NPSA - Security-Minded Communications - Guidance for Remote and Rural Locations • Canadian Centre for Cyber Security (CCCS) & Canadian Anti-Fraud Centre (CAFC) Joint Advisory: Cyber officials warns of malicious campaign to impersonate high-profile public figures• Examining How International Hacktivist Groups Pursue Attention, Select Targets, and Interact in an Evolving Online Landscape• China’s cyber sector amplifies Beijing’s hacking of U.S. targets• Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity• Of course, Grok’s AI companions want to have sex and burn down schools• Investor Alert: Look Out For Possible Investment Scams Related to the Texas Floods • The Amnban Files: Inside Iran's Cyber-Espionage Factory Targeting Global Airlines• Indian crypto exchange CoinDCX hacked, $44M drained
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Sasha Larkin, Director of Intelligence and C4 Operations at FIFA World Cup 2026. Sasha retired as an Assistant Sheriff with the Las Vegas Metropolitan Police Department, where she served for over twenty-five years. Sasha oversaw two Divisions: Homeland Security and Investigative Services. She was also the Intelligence Commander for Major County Sheriff’s Association and represented the LVMPD in national conferences on issues related to crime, terrorism, and prevention efforts. Sasha also sat on the Office of Director National Intelligence Board and the Joint Counterterrorism Assessment Team in Washington DC on behalf of the Sheriff to ensure proactive messaging for the LVMPD in the prevention and recognition of domestic and international terrorism. Sasha has been honored by numerous community organizations for her work in terrorism, law enforcement and community building efforts. She’s also a very proud wife and mother, with a little boy and twin girls. Learn more about Sasha on LinkedIn.In the discussion Sasha and Andy cover:Sasha’s background and being a member of the Super Friends.Mass events and gatherings and Sasha’s takes on drones, crowds and protests, hometown security, learning from others, cybersecurity and more.The Route 91 Harvest Music Festival, Sasha’s powerful personal experience and lessons learned.The importance of partnerships, training, and managing the fog of war.Personal wellness, health and resilience and the importance of sleep, balance and boundaries.Giving back, supporting women in law enforcement and the 30 x 30 initiative.We play 3 Questions as we learn some unexpected likes and Sasha’s sports and fitness journey, from ballet to kicking ass to yoga and running.Lots more!Selected links:‘Mission first, people always': Sasha Larkin’s blueprint for law enforcement leadership and second career successShattering glass ceilings: Sasha Larkin’s legacy in policingBook Sasha to speak at your next event!30X30 Advancing and Supporting Women in Policing
In the latest Weekly Security Sprint, Dave and Andy covered the following topics:Warm Open:• Join the GRIP! The GRIP is one year old and to celebrate, we’re running an anniversary sale!! Join the GRIP in July and use promo code HOTJULY2025 to receive a 20% discount!• We’re excited to release this brand-new collaborative report! (TLP:CLEAR) North Korea IT Worker Threat Report: Threat Overview and Mitigation. This report is a collaboration that incorporates analysis from several leading Information Sharing and Analysis Centers (ISACs), including Crypto ISAC, Oil and Natural Energy ISAC (ONE-ISAC), Real Estate ISAC, Tribal ISAC, WaterISAC, the Faith-Based Information Sharing and Analysis Organization (ISAO), and Gate 15. • New! Lock It Down: Why MFA Isn’t Optional Anymore• FB-ISAO Current Threat Level• Faith-Based (U.S.): TLP:CLEAR | FB-ISAO Newsletter• DHS intelligence office halts staff cuts after stakeholder backlashMain Topics:• Unreleased Beyoncé music stolen from car at Atlanta's Krog Street Market• Elmo has been hacked, claims Trump is in Epstein files, calls for Jews to be exterminated• Hacktivist Attacks on Critical Infrastructure Grow as New Groups Emerge• NOAA - June 2025 was Earth’s 3rd warmest on record• A deadly 1987 flood foreshadowed the Texas disaster. Survivors ask, ‘why didn’t we learn?’ • Camp Mystic waited over an hour to evacuate after receiving ‘life threatening’ flood alert• CSU: Forecast for 2025 Hurricane Activity, 09 Aug update. PDF• UK arson attack trial reveals how Russia-linked operatives recruited ‘gig’ workers for terrorismo British criminals convicted over Wagner Group-linked arson attack on London warehouseo Intelligence officials worry a sabotage campaign blamed on Russia is growing more dangerousQuick Hits:• A Marco Rubio impostor is using AI voice to call high-level officials• Recorded Future: US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025• Soufan Center: Assessment of the Global Terrorism Threat Landscape in Mid-2025• Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now • Pay2Key’s Resurgence: Iranian Cyber Warfare Targets the Westo To view this content in one document, please download the full threat report here.o Iranian ransomware crew reemerges, promises big bucks for attacks on US or Israel• CISA warns hackers are actively exploiting critical ‘Citrix Bleed 2’ security flaw• 'Anti-Government Militia' Says It’s Targeting Oklahoma Weather Radars• Suspect In News 9 Radar Vandalism Arrested By Oklahoma City Police• (TLP:CLEAR) WaterISAC: Anti-Government Extremist Group Threatens to Destroy Critical Weather Radars, NOAA Warns (15 May 2025)• Far-right extremist group threatens to take weather radars offline• US neo-fascist group claims it is part of Texas floods relief efforts & Extremist Groups Uphold Long Tradition of Exploiting National Tragedies for Publicity• Swedish PM’s private address revealed by Strava data shared by bodyguards• UK NCSC: Getting your organisation ready for Windows 11 upgrade before Autumn 2025• Crypto Wallets Continue to be Drained in Elaborate Social Media Scam• U.S. Secret Service One-Year Update Following the July 13, 2024, Attempted Assassination of President Donald Trump• US GAO - Cybersecurity: Implementation of the 2015 Information Sharing Act• NATO Ally Warns of Iranian Assassination Threat
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• Stopping Vehicles Before They Become Weapons at Church; Learn how to protect your church from vehicle-based attacks using bollards and physical barriers. • DHS to cut 75% of staff in its intelligence office amid heightened threat environment• North Korean IT Worker Threat: Microsoft - Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizationsMain Topics:Severe Weather, Texas & Camp Mystic Flood Disaster.• FEMA Activates in Texas Following President Trump’s Major Disaster Declaration Announcement• How the cataclysmic floods unfolded, minute by minute, amid darkness and chaos• Texas Hill Country is no stranger to flash floods, but alerts came too late• Meteorologists Say the National Weather Service Did Its Job in Texas• Chantal triggers life-threatening flash floods as storm pushes inland in North Carolina and Virginia• Chantal continues to bring flooding rain as it moves inland after South Carolina landfall• A Majority of Companies Are Already Feeling the Climate HeatScams!• FBI PSA: Fraudsters Target US Stock Investors through Investment Clubs Accessed on Social Media and Messaging Applications• Cyber Criminals Target Prime Day Shoppers with Fake Amazon Domains and Phishing ScamsIran and Domestic Threats.• Iran Suspected of Scouting Jewish Targets in Europe• Sleeper cells and threat warnings: how the US-Iran conflict is spinning up fear • After U.S. strikes on Iran, officials warn of retaliation from ‘sleeper cells’ in the U.S.• Iran-linked hackers threaten to release Trump aides' emails• Iran's Top General Issues Threat Quick Hits:• DOJ investigates ex-ransomware negotiator over extortion kickbacks• Risky Biz News - C&M hack linked to malicious insider: Brazilian authorities have arrested a 48-year-old programmer in connection with the hack of software company C&M and six Brazilian banks. • Cybercrime set to become the world’s third largest economy• How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777)• AIVD: threat against the Netherlands remains high, uncertainty regarding world order• CYFIRMA: Executive Threat Landscape Report Australia• Hack3d: The Web3 Security Quarterly Report - Q2 + H1 2025• ReliaQuest: Ransomware and Cyber Extortion in Q2 2025• Comparitech: Ransomware Roundup: H1 2025 stats on attacks, ransoms, and active gangs• National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud.• Chinese Scholars Probe for Weaknesses in Western Electricity Grids• Chinese Hackers Target France in Ivanti Zero-Day Exploit Campaign
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• The GRIP is one year old and to celebrate, we’re running an anniversary sale!!• Join the GRIP in July and use promo code HOTJULY2025 to receive a 20% discount!• (TLP:CLEAR) Hostile Nation States Employing Non-State Actors• Surge in MOVEit Transfer Scanning Could Signal Emerging Threat Activity• ‘Suspended animation’: US government upheaval has frayed partnerships with critical infrastructure• Short-term extension of expiring cyber information-sharing law could be on the table• Gate 15 is excited to offer a low-cost ransomware resilience exercise for executives! Contact us today for more information on this great opportunity!Main Topics:Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. CISA, the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors. Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk. At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. Beazley Report: U.S. Executives Misjudge Their Cyber Preparedness. U.S.-based executives feel more prepared to counter cyber threats, potentially indicating a false sense of security because many companies lack the ability to be adequately preparedness, according to a new report from specialist insurer Beazley. According to the report, Spotlight on Tech Transformation & Cyber Risk 2025, the perception of cyber resilience rose to 81% from 73% a year ago. Hostile Events:• A violent ambush in Idaho leaves 2 firefighters dead and 1 injured. What to know about the attack• Suspect Identified in Deadly Ambush of Idaho Firefighters• Chilling ‘coincidence’ of Idaho shooting sends internet sleuths into overdrive• Gunman started Idaho blaze and then fatally shot 2 firefighters in ambush attack, officials say• Here’s a timeline of how the Canfield Mountain ambush shooting unfolded• Multiple firefighters reportedly shot while responding to fire near Coeur d’Alene• Europol: New report - major developments and trends on terrorism in Europe in 2024Quick Hits:• Canadian Centre for Cyber Security - Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 • Over 1,200 Citrix servers unpatched against critical auth bypass flaw• The State of Ransomware 2025• Scattered Spider hackers shift focus to aviation, transportation firms • Scattered Spider’s Calculated Path from CFO to Compromise • M&S fashion rivals ‘benefited from its pause on online orders after cyber-attack’ • Ransomware attack contributed to patient's death• Canada orders Chinese CCTV biz Hikvision to quit the country ASAP• FBI PSA - Criminals Posing as Legitimate Health Insurers and Fraud Investigators to Commit Health Care Fraud• 50 Customers of French Bank Hit by Insider SIM Swap Scam; An intern at Société Générale is believed to have facilitated the theft of more than EUR1mn (USD1.15mn) from the bank's customers.• State of CPS Security 2025: Building Management System Exposures • H1 2025 Crypto Hacks and Exploits: A New Record Amid Evolving Threats
In the latest episode of Nerd Out Alec and Dave welcome back show regulars Joe Levy and Bridget Johnson as they dissect the incidents in the Middle East. Topics included:Reaction to the escalation and then de-esscalation.What this means for organizations.The risk of sleeper cells or inspired / influenced individuals or groups.How to organizations can increase preparedness.Then the group of nerds moved to the weather and talked about the extreme heat and how weather preparedness is no longer optional for organizations.They wrap up the pod with some fun summer activities and what they are looking forward to in regards to pop culture events.
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• WaterISAC to host tabletop exercise to strengthen utility resilience• Maryland Man Charged With Mailing Threatening Communications to Jewish Organizations, Including a Jewish Institution in PhiladelphiaMain Topics:• DHS NTAS Bulletin, 22 June 2025. Summary of the Threat to the United States. o National Terrorism Advisory System Bulletin - Issued June 22, 2025 (PDF)o DHS Issues National Terrorism Advisory System Bulletin Amid Israel-Iran Conflicto US Department of State: Worldwide Caution• Top AI models will lie, cheat and steal to reach goals, Anthropic finds. Large language models across the AI industry are increasingly willing to evade safeguards, resort to deception and even attempt to steal corporate secrets in fictional test scenarios, per new research from Anthropic… Read: Anthropic: Agentic Misalignment: How LLMs could be insider threats• A potent heat dome is building over the US, sending temperatures into the triple digitsQuick Hits:• Scattered Spider Tactics Observed Amid Shift to US Targets• Scattered Spider has moved from retail to insurance• Retail Council Of Canada Member Notice: Cybersecurity Threat Actor Scattered Spider Attacks Retail Sector• Hackers Weaponize Legitimate 'Netbird' Tool in Phishing Campaign Targeting CFOs• Telecom giant Viasat breached by China's Salt Typhoon hackers• Cyber threat bulletin: People's Republic of China cyber threat activity: PRC cyber actors target telecommunications companies as part of a global cyberespionage campaign • Defending the Internet: how Cloudflare blocked a monumental 7.3 Tbps DDoS attack• 13 improvised explosive devices found at home of man arrested near Pennsylvania "No Kings" protest, DA says. “Without that one report from the vigilant person at the "No Kings" rally who noticed something suspicious about Krebs' behavior and reported to police, this threat and the disturbing stockpile of explosives may have gone undetected.”• Minnesota Shootings: After Two-Day Manhunt, Suspect Charged with Shooting Two Minnesota Lawmakers and Their Spouseso Vance Boelter went to other lawmakers' homes the night he killed Rep. Hortman, wounded Sen. Hoffman, FBI sayso Minnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets' Addresseso When the Minnesota shooting suspect's life took a strange turno Minnesota shooting suspect Vance Luther Boelter is former pastor, Tim Walz appointeeo Inside the 40 hours of violence and fear as gunman stalks Minnesota politicianso Suspected Dem Killer Sent Cryptic Text to Family After Shootings• Booking photo released of former Coast Guard officer arrested over Trump assassination threats• Miscalculation by Spanish power grid operator REE led to massive blackout, report finds
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Brian Hein and Kristen Dalton, with Silobreaker. Brian presently serves as a Senior Strategic Advisor, and Kristen is the Director, Channel Sales.In the podcast we discuss:Brian and Kristen’s personal and professional backgrounds (did you know one of them played in two NCAA women’s basketball tournaments? And it wasn’t the guy known as “The Paul Revere of Cybersecurity.“).Silobreaker, OSINT and making intel useful.Threats, challenges and mitigating risks.The power of communities, collaboration, and making connections (and of course, ISACs!).We play 3 Questions! And talk about some of our favorite places, growing up on the internet, and pork chops.Lots more!
In this week's Security Sprint, Dave went solo to talk about:The LA ProtestsA disrupted hostile event and recognizing concerning behaviors.
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Start:· The Gate 15 Interview EP 58 – Cathy Lanier: Leading NFL Security with Attitude, Effort, Crabs and Beer· Gate 15: Test, Don’t Guess: Exercising Your Response Plan· WaterISAC’s H2OEx: Click Below to Register for a Location Near You! o Daytona, FL- July 28 o Los Angeles, CA- Sept 11 o Arlington, TX- Nov 6· 26th Annual TribalNet Conference & Tradeshow Main Topics: Boulder:· DOJ: Justice Department Files Federal Charges Against Alleged Perpetrator of Anti-Semitic Terror Attack in Colorado. The Justice Department has filed federal charges against illegal alien Mohammed Sabry Soliman, the alleged perpetrator of yesterday’s anti-Semitic terrorist attack in Colorado… Soliman is being charged with a federal hate crime in addition to facing state charges for attempted murder in Colorado. Read the federal complaint HERE· Updates: Colorado Attack That Injured 12 Was Planned for a Year, Officials Say. The F.B.I. said in a court filing that thesuspect, an Egyptian citizen who had sought asylum in the U.S., brought more than a dozen incendiary devices to a march in support of hostages in Gaza.· Colorado suspect, now charged with federal hate crime, planned antisemitic attack for a year, FBI says· 12 burned in Boulder attack; suspect charged with federal hate crime:· Boulder terror attack suspect planned mass shooting but was stopped from buying gun due to immigration status, as he faces 624 years in prison· What We Know About the Boulder, Colorado Attack· After Several Attacks, Heightened Anxiety Among American Jews Pride Month: Trans community most targeted in anti-LGBTQ+ incidents, GLAAD data shows. Transgender and gender-nonconforming people were the target of over half of allanti-LGBTQ+ incidents tracked by GLAAD over the last year in a new report… GLAAD counted more than 930 anti-LGBTQ+ incidents from May 2024 through April 2025, 52% of which targeted transgender and gender nonconforming people, across 49 states and Washington, D.C. Insider Threat:o U.S. Government Employee Arrested for Attempting to Provide ClassifiedInformation to Foreign Government. · Intelligence agency employee accused of attempting to leak classified documents out of frustration with Trump. Ransomware! · Gate 15: Test, Don’t Guess: Exercising Your Response Plan· Q1 '25 Travelers' Cyber Threat Report: Record Attack Activity· Delinea - 2025 State of Ransomware Report - Adapting with agility to a fast-changing threat landscape· FBI PIN - Silent Ransom Group Targeting Law Firms· Firm in Baltimore Archdiocese bankruptcy case says stolen data wasdeleted after cyber breach· Akira Ransomware: When Paying Isn’t Enough to Stay Anonymous· The State of State-Sponsored Hacktivist Attacks Quick Hits· Ukraine launches massive drone strike on air bases deep inside Russia · Crypto Hacks in May 2025 Hit $244M, But $157M Frozen in Swift Recovery Efforts· FBI FLASH: Infrastructure Used to Manage Domains Related to Cryptocurrency Investment Fraud Scams between October 2023 and April 2025 · US DIA 2025 Threat Assessment warns of growing complexity in global threats, national security· DIA Releases 2025 Worldwide Threat Assessment: Cyber, Cartels, and Global Military Buildup Dominate Outlook· Get ready for several years of killer heat,top weather forecasters warn· America's summers keep getting warmer· North Korea Infiltrates U.S. Remote Jobs—With the Help of Everyday Americans· Tornado season 2025: active through April, andMay is keeping pace· Treasury Takes Action Against Major Cyber Scam Facilitator