Weekly Security Sprint EP 55. MDM, hostile events, health, and ransomware

In the latest episode of the Security Sprint, Dave and Andy talked about the following topics. Warm Start ·       CISA Announces 9th Cyber Storm National Exercise. The Cybersecurity and Infrastructure Security Agency (CISA) is hosting its ninth iteration of the Cyber Storm (CS IX) Cyber Exercise. It’s the nation’s largest cyber exercise designed to improve the cybersecurity posture of our nation’s critical infrastructure. Through extensive planning, this exercise strengthened cybersecurity preparedness and response capabilities through exercising policies, processes, and procedures for identifying and responding to a multi-sector significant cyber incident impacting critical infrastructure. For more information and resources, visit Cyber Storm IX: National Cyber Exercise | CISA & Cyber Storm IX: National Cyber Exercise | CISA FB-ISAO: Best Practices for Securing Your Router / Wi-Fi 'NCSC Cyber Series' podcast now available on Spotify   Main Topics:  US 911 emergency call line outage resolved in some areas The PRC has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist… Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats FBI says Chinese hackers preparing to attack US infrastructure Gallagher’s ominous farewell Chinese Government Poses 'Broad and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says UK: Government cracks down on ‘deepfakes’ creation “Proactive De-escalation”   Quick Hits ·       Russian US election interference targets support for Ukraine after slow start ·       Microsoft: Nation-states engage in US-focused influence operations ahead of US presidential election ·       Information operations will be ‘foundational’ to future DOD efforts, Cybercom chief says ·       How A.I. Tools Could Change India’s Elections ·       Google: Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm ·       Secret Russian foreign policy document urges action to weaken the U.S. ·       RAND: Generative Artificial Intelligence Threats to Information Integrity and Potential Policy Responses ·       Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations ·       Montgomery Co. student charged with threats of mass violence after police discover disturbing ‘manifesto.’ ·       CISA and Partners Release Advisory on Akira Ransomware ·       FBI: Akira ransomware raked in $42 million from 250+ victims ·       Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities ·       FACT SHEET: Biden-⁠Harris Administration Releases Strategy to Strengthen Global Health Security ·       U.S. Government Global Health Security Strategy 2024 (PDF) ·       Undersea ‘hybrid warfare’ threatens security of 1bn, Nato commander warns ·       Joint Guidance on Deploying AI Systems Securely ·       UK NPSA: Personal Safety and Security for High-Risk Individuals ·       840-bed hospital in France postpones procedures after cyberattack ·       Cloudflare: DDoS threat report for 2024 Q1 ·       Hearing - Held for Ransom: How Ransomware Endangers Our Financial System. See the full hearing video on YouTube. ·       Ex-White House cyber official says ransomware payment ban is a ways off ·       Top officials again push back on ransomware payment ban ·       Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse ·       UnitedHealth Group reports that the Change Healthcare ransomware attack has had an $872 million financial hit on its business so far ·       Congress rails against UnitedHealth Group after ransomware attack ·       AHA testifies at hearing on health care cybersecurity

In the latest episode of Nerd Out, Dave welcomes in Alec Davison as his partner in crime for the podcast. After they get through the excitement of the latest Taylor Swift album, they talked through the latest activity in the Middle East and what it could mean domestically. Then they looked at the latest news related to the U.S. election including the recent incident outside of the Trump trial and potential concerns that may play out over the course of the year especially related to mis/dis/mal-information. They wrap up the pod with some real nerd discussions on Star Wars and what the new series has to offer! Alec Davison is the Lead Analyst at the Water Information Sharing and Analysis Center (WaterISAC). In addition, he works as a Risk Analyst at Gate 15. He holds an M.A. in Security Policy Studies from George Washington University. Some of the resources discussed in the pod include: https://www.cisa.gov/resources-tools/resources/personal-security-considerations-action-guide https://www.cisa.gov/resources-tools/resources/preventing-workplace-violence-security-awareness-considerations-infographic https://www.dni.gov/files/NCTC/documents/jcat/firstresponderstoolbox/89s_-_Violent[…]il_Unrest_and_Public_Assemblies_in_the_United_States-survey.pdf Mobilization/SARs https://www.dni.gov/files/NCTC/documents/news_documents/Mobilization_Indicators_Booklet_2021.pdf https://www.dhs.gov/nationwide-sar-initiative-nsi Info sharing communities https://www.dhs.gov/fusion-centers https://www.nationalisacs.org/

In this week's Security Sprint, Dave and Andy discussed the following topics: Warm Start  Palo Alto Command Injection Vulnerability in PAN-OS GlobalProtect 'Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400 Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) Volexity on GitHub Adding content for Palo Alto Networks GlobalProtect post Palo Alto Networks Security Advisories CVE-2024-3400 CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect Palo Alto: Applying Vulnerability Protection to GlobalProtect Interfaces Compromise of Sisense Customer Data Brian Krebs: Why CISA is Warning CISOs About a Breach at Sisense Sisense customers told to reset credentials amid supply chain attack fears Risky Biz News: Sisense breach has CISA and everyone else panicking   Main Topics: Israeli war cabinet to meet again to consider response to Iran’s attack o   Iran Issues Fresh Threat to U.S. o   US will not take part in any Israeli retaliatory action against Iran o   The Latest | World leaders urge Israel not to retaliate for the Iranian drone and missile attack o   U.S. details Pentagon’s role in defending Israel from Iranian attack o   Analysis: Israel Repelled Iran’s Huge Attack. But Only With Help From U.S. and Arab Partners.   Idaho Man Arrested for Attempting to Provide Material Support to ISIS Idaho teen arrested for allegedly plotting to attack church in name of ISIS What we know about Clenard Parker, the man accused of driving into a Brenham DPS office 'Obvious' Sydney killer targeted women - Australian police. Man who confronted attacker with bollard and other bystanders praised for heroic acts during Bondi stabbings. Stabbing rampage at Sydney mall leaves at least 7 dead, including attacker Sydney stabbing: Police say no ideological motivation English Tutor Identified as Mall Stabbing Attacker Left Behind Disturbing Facebook Post Sydney knife attacker Joel Cauchi 'had worked as male escort' before Bondi shopping centre stabbing False claims started spreading about the Bondi Junction stabbing attack as soon as it happened Posture Statement of General Timothy D. Haugh 2024. “ Beijing, Moscow, and Tehran increasingly use social media and state-sponsored disinformation sites, both overt and covert, to shape narratives and sow confusion..." Chinese nationalist trolls pretend to be Trump supporters ahead of US elections   Quick Hits: UK NPSA: Personal Safety and Security for High-Risk Individuals Delaware Woman Arrested for International Sextortion and Money Laundering Scheme LastPass: Hackers targeted employee in failed deepfake CEO call UNSW: World-first Cybercrime Index ranks countries by cybercrime threat level Google Insider Threat: https://www.justice.gov/opa/pr/chinese-national-residing-california-arrested-theft-artificial-intelligence-related-trade Director Wray's Remarks to the ABA Standing Committee on Law and National Security Russia thwarts planned terrorist attack on Moscow Synagogue Change Healthcare breach data may be in hands of new ransomware group Politico: Grassley knocks agencies slacking on cyber CISA & FBI: Transitioning to .Gov: Helping Mitigate Election Office Cybersecurity and Impersonation Risks CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat / CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System.  CDC Data Modernization Efforts Accelerate Nation’s Ability to Detect and Rapidly Respond to Health Threats The Black Market That Delivers Elon Musk’s Starlinks to U.S. Foes China's attacks on U.S. infrastructure aren't going anywhere Police Scour LockBit Ransomware Evidence, Turning Up 200 Leads TLP:CLEAR | FB-ISAO Newsletter Man on terror watchlist was released by Border Patrol

Warm Start: ·       GridEx VII Report Highlights Further Action to Enhance Grid Resilience ·       US electric grid growing more vulnerable to cyberattacks, regulator says ·       CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan   Main Topics: ·       US Environmental Protection Agency hack exposes data of 8.5 million users. ·       Sophos - Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector.   ·       Bomb threats follow Libs of TikTok's campaign against Planet Fitness o   Bomb threats reported at Planet Fitness locations in Northern Va. amid transgender controversy o   No threat found after several Planet Fitness locations in Jacksonville received bomb threats o   Alabama Planet Fitness locations receive bomb threats, evacuated by FBI o   Planet Fitness bomb threats in Connecticut spark concerns o   Police: Planet Fitness locations evacuated after bomb threats o   Planet Fitness locations in Daphne, Fairhope, and Mobile receive bomb threats   ·       Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden.   ·       Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023. The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion. o   Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf o   Cyber board says Chinese hack of US officials was 'preventable' o   Microsoft faulted for ‘cascade’ of failures in Chinese hack   ·       CSU: Forecast for 2024 Hurricane Activity. “We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.”    Info Ops:  o   Russian trolls target U.S. support for Ukraine, Kremlin documents show o   New effort to "inoculate" U.S. voters against AI misinformation o   AI-generated story that Iran had fired missiles at Tel Aviv were amplified by X's own systems o   Microsoft: China tests US voter fault lines and ramps AI content to boost its geopolitical interests   Quick Hits: ·       CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities.   ·       DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource. ·       FTC Announces Impersonation Rule Goes into Effect Today (01 Apr) ·       FBI Atlanta gate crash: Man tries to breach security by tailing employees ·       Suspect arrested after vehicle crashes into gate at Atlanta FBI field office ·       The Surprising Intelligence Community Outreach to Russia ·       Why Russian intelligence dismissed US warnings of terror threat ·       Germany announces military overhaul with eye on cyber threats ·       “All your base are belong to us” – A probe into Chinese-connected devices in US networks ·       Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure ·       Risky Biz News: Backdoor found in 92k D-Link NAS devices ·       Omni Hotels experiencing nationwide IT outage since Friday ·       A Quantitative Analysis of the Security Ratings of the S&P 500 ·       How a steel ball protected Taiwan’s tallest skyscraper in an earthquake ·       Rotterdam teen arrested for plotting a terror attack, prosecutors say ·       ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data ·       The Unification Church Infiltrated Japan’s Government. Now Its Sights Are Set on the U.S. ·       India rescues 250 citizens enslaved by Cambodian cybercrime gang ·       Targeted Phishing Linked to 'The Com' Surges ·       GenAI: The next frontier in AI security threats ·       ChatGPT jailbreak prompts proliferate on hacker forums ·       Threat Actors Deliver Malware via YouTube Video Game Cracks ·       7 Types of Business Email Compromise (BEC) Attacks ·       SEO Poisoning  

In this episode of Venue Security, The IAVM Podcast Series, Andy Jabbour talks with Christopher Post, Assistant General Manager, Amarillo Civic Center Complex. Christopher graduated from West Texas A&M University with a Bachelor of Business Administration. He has been in venue management for 18 years and prior to that, was a professional musician for a little over 20 years (yes, he started very young!). As Assistant General Manager, his duties have included serving as the Emergency Coordinator and First-Aid Response Trainer for the Amarillo Civic Center since 2009. He is a graduate of IAVM’s AVSS and VMS. Read more at his complete LinkedIn profile. Amarillo Civic Center Complex® - Meet. Play. Celebrate. Christopher’s background. Clear, consistent, collaborative, communications. Throwing EAP’s in the trash a few times. The 10-80-10 rule. The value of full-scale exercises. Name dropping some champions from the community. More! “It has to be muscle memory, it has to be automatic.”In the discussion we address:

The following topics were discussed on the latest Security Sprint: Warm Start Major companies put U.S. cyber defenses to the test in simulated attack The Auto-ISAC Launches Automotive Threat Matrix (ATM) Tool to Enhance Vehicle Cybersecurity Governance Change Healthcare Wake-Up Call: Is Sector Too Codependent? Denise Anderson and Errol Weiss of Health-ISAC Discuss Critical Cyber Issues.  Signing of MOU between CI-ISAC Australia and Health ISAC   Main Topics   Russia, Terrorism ISIS issues horrifying warning as 'lone wolves' ordered to target Christians and Jews. ISIS spokesperson Abu Hudhaifa al-Ansari told "lone wolves" to mobilise and target Christians and Jewish people in the US, Europe and Israel. ISIS calls for Ramadan massacre of Christians and Jews by lone wolves across US, Europe and Israel Reuters: Iran alerted Russia to security threat before Moscow attack Egyptian suspect, 62, to face trial after police foil alleged ISIS terror attack on Notre Dame Cathedral ISIS Issues Fresh Threat To Putin: Reports No evidence so far of Ukraine's involvement in Moscow terrorist attack: Putin What is ISIS-K, the terror group claiming responsibility for the Moscow concert hall attack? Russian intel heads allege Western support for Moscow attack Rocked by Deadly Terror Attack, Kremlin Amps Up Disinformation Machine “Israel is ISIS” and other lies about the Crocus City Hall terror attack Improving the Security of Soft Targets and Crowded Places: A Landscape Assessment Keeping Soft Targets and Crowded Places Safe from Mass-Casualty Attacks: Insights from a Landscape Assessment   Explosive Atlantic hurricane season predicted for 2024, AccuWeather experts warn; April Fools! Atlantic hurricanes to be given both first and last names   Health and Broader Preparedness:  Future State of Smallpox Medical Countermeasures National Academies report says US not ready for intentional, accidental smallpox outbreak Gate 15: Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 Apr 2020 Gate 15: Pandemic Preparedness: Start Your After-Action Report & Improvement Planning (NOW), 26 Mar 2020)   Quick Hits CISA Seeks Input on CIRCIA Notice of Proposed Rulemaking. CISA releases draft rule for cyber incident reporting Thompson, Clarke Release Statement on CISA Cyber Incident Reporting Proposed Rule WSJ: U.S. Publishes Draft Federal Rules for Cyber Incident Reporting CISA publishes 447-page draft of cyber incident reporting rule CISA’s cyber incident reporting rules will apply to 316K entities CISA's proposed framework for cyber incident reporting rules includes subpoena power   CISA: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094 Red Hat: Urgent security alert for Fedora 41 and Rawhide users. FBI PSA: Child Sexual Abuse Material Created by Generative AI and Similar Online Tools is Illegal Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians The Audacious MGM Hack That Brought Chaos to Las Vegas IRS kicks off annual Dirty Dozen with warning about phishing and smishing scams Ivanti-linked breach of CISA potentially affected more than 100,000 individuals AT&T notifies users of data breach and resets millions of passcodes How the Baltimore bridge collapse spawned a torrent of instant conspiracy theories Misinformation Milestone of More than 100 Israel-Hamas War False Claims Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign Readout from state convening to discuss cybersecurity and the water sector FS-ISAC: New Cyber Threats To Challenge Financial Services Sector In 2024 Rewards for Justice – Reward Offer for Information on ALPHV BlackCat-linked Cyber Actors Targeting U.S. Critical Infrastructure

In this episode of The Gate 15 Interview, Andy Jabbour welcomes Mayya Saab, Executive Director, Faith-Based Information Sharing & Analysis Organization (FB-ISAO), Susan Schneider, presently detailed as Associate Director, Non-governmental Engagements, with the DHS Office of Partnership and Engagement, and Daniel Avondoglio, with the Office of Security Programs at CISA. Mayya on LinkedIn. Susan on LinkedIn. Daniel on LinkedIn. Those who want to engage with the DHS Office of Partnership and Engagement may email [email protected]. This discussion is not limited in only being relevant to the faith-based community but addresses considerations and ideas relevant to the broader community. During the podcast, when discussing 2023 Threat Data, Andy noted that it is possible that mosques came under attack more frequently than the data suggested. Out of a total of 1027 incidents, mosques were targeted 5% of the time. That percentage, 5%, accounts for the overall number of mosques in the United States and correctly reflects the percentage of mosques that were targeted in 2023. What is FB-ISAO and what DHS is doing for the faith-based community. The general threat environment and how current geopolitical events are impacting that. Private-Public Partnership. Mitigating Risk. Resources! Connecting. Planning. Training. We play Three Questions and talk summer, food and music! And more! FB-ISAO CISA You can find more information about what the FBSAC is here Faith-Based Security Advisory Council | Homeland Security (dhs.gov) and what they are working on here: Taskings to FBSAC from DHS Secretary | Homeland Security Protecting Houses of Worship | Cybersecurity and Infrastructure Security Agency CISA Resources for Leaders of Faith-Based Communities, Organizations, and Institutions | Homeland Security (dhs.gov) This website provides leaders of faith-based communities, organizations, and institutions resources across DHS to prepare for and respond to a range of public safety challenges. FB-ISAO: The 2023 Threat Data in Review, 12 Feb FB-ISAO: What We Learned About Ransomware Resilience, 20 Feb Within this website is a fact sheet with resources on training, services, and grants. Resources for Community Organizations and Service Providers | Homeland Security (dhs.gov) The DHS Center for Faith-Based and Neighborhood Partnerships recently conducted a Spring Religious Observances Threat Briefing, here is a link to news and events of the center for additional information and past webinars: News and Events from the DHS Center for Faith-Based and Neighborhood Partnerships | FEMA.gov Secure Our World Tip Sheets (Punjabi) | CISA recently translated cyber products into Punjabi. National Critical Functions Several recent Gate 15 podcasts addressed the Lakewood Church shooting, including: Special Podcast. Lakewood Church Shooting with Faith-Based ISAO Nerd Out EP 45. Venue security, extremist news, and what to look for in 2024. Weekly Security Sprint EP 53. A Super Bowl amount of information – Church shooting, AI (good and bad), and much more. The Gate 15 Interview with Kirk Cerny: Security, old wagons, leadership integrity, Wyoming, and… the afterlife? “We are fundamentally an Agency of partnerships”“there’s no such thing as a small act of hate”-       two quotes shared in the podcast, both attributed to Secretary of Homeland Security, Alejandro Mayorkas.Two notes.In the discussion we address:The QR code and associated web address below are for CISA’a “Active Assailant Security” list-serve, managed by CISA’s Active Assailant Security Branch, through the GovDelivery platform. We encourage those interested in the topic of “active assailant security” to scan the QR code or go to this web site and subscribe to receive relevant products and announcements as they become available.A few references mentioned in or relevant to our discussion include:

In this week's Security Sprint, Dave and Andy covered the following topics: Opening  Guest Blog Posts – Another Great Way to Contribute to FB-ISAO’s Mission Biden-Harris Administration engages states on safeguarding water sector infrastructure against cyber threats Health-ISAC Publishes 2023 Annual Report   Main Topics:   Moscow Attack & Terrorism Russia says 60 dead, 145 injured in concert hall raid; Islamic State group claims responsibility Maps and Diagrams of the Moscow Concert Hall Attack.  U.S. Warned Russia Before Moscow Attack That Killed at Least 60 Islamic State releases Moscow attack video as death toll rises to 137 How the deadliest attack on Russian soil in years unfolded over the weekend What We Know About ISIS-K, the Group That Has Been Linked to the Moscow Attack State Department: The Islamic State Five Years Later: Persistent Threats, U.S. Options, 21 March CISA: Complex Coordinated Attacks Security Awareness for Soft Targets and Crowded Places Macron Says Islamic State Branch Behind Russia Attack, Also Targeted France Germany arrests suspected ISIS supporters accused of planning terror attack on Swedish parliament (19 Mar)   Weather. Spring Outlook: Warmer for most of U.S., wetter in the Southeast; Low flood potential likely, as drought worsens for parts of the Plains   Chinese Cyber Threats Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians BBC LIVE - UK to accuse China of major hack as Beijing warns against 'smears.' China targets group of MPs and peers with string of cyber-attacks   Insider Threats & Espionage Airman Accused of Sharing Classified Info With Boogaloo Buddies Owners of China-Based Company Charged with Conspiracy to Send Trade Secrets Belonging to Leading U.S.-Based Electric Vehicle Company U.S. Accuses Two Men of Stealing Tesla Trade Secrets   Threats to Catholic Charities staffers increase amid far-right anti-migrant campaign. Over the past few months, Pajanor and staffers at Catholic Charities across the country, a decentralized, 113-year-old faith-based non-profit, have become the targets of right-leaning media personalities, conspiracy theorists and even members of Congress.   Quick Hits UK NCSC: Responding to a cyber incident – a guide for CEOs UN adopts first global artificial intelligence resolution Imposing Sanctions on Actors Supporting Kremlin-Directed Disinformation Efforts CDC: US life expectancy rises after 2-year dip Lessons Learned from the COVID Pandemic: ‘There Needs to Be an Honest Discussion’ New report blasts government's COVID response, warns of repeating same mistakes In a pandemic milestone, the NIH ends guidance on COVID treatment Launch of Foreign Ministry Channel for Global Health Security Baltimore Key Bridge collapse live updates: 2 rescued, several others believed in water Attorney General Merrick B. Garland Statement on FBI Quarterly Uniform Crime Report. National Guard ready to assist states with cyber response, say officials Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds Unsaflok flaw can let hackers unlock millions of hotel doors Kremlin Uses Word 'War' For Ukraine Invasion For First Time CISA: Nothing Scares the PRC More Than a Russian Defeat in Ukraine Justice Department Sues Apple for Monopolizing Smartphone Markets Understanding and Responding to Distributed Denial-Of-Service Attacks Repository for Software Attestation and Artifacts Now Live Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity Google, Meta and others face tough questions in Australia over cyber extremism threats    

In the latest episode of Nerd Out, Dave is solo and integrating his love for Ted Lasso into the security world. Challenging everyone to be curious, Dave evaluates the famous dart game in Ted Lasso (season 1) and calls out three points for individuals and organizations to be focused on as we evaluate threats. Whether it be the terrorist or extremist threat, or MDM, Dave reminds everyone to be mindful in their security preparedness planning.

In this week's Security Sprint, Dave and Andy talked about the following topics: Warm Start: Growing need to address cybersecurity challenges across US healthcare sector for improved resilience Health-ISAC Supports Health Industry Cybersecurity Strategic Plan; Joint effort gives measurable objectives toward resilience within 5 years   Terrorism & Extremism Gaza War could spark radicalization for years to come: https://theintercept.com/2024/03/14/fbi-gaza-war-domestic-radicalization-hamas/ U.S. Senate Select Committee on Intelligence: Worldwide Threats C-SPAN: Intelligence Officials Testify on Global Threats Before Senate Cmte. 2024 Annual Threat Assessment of the U.S. Intelligence Community Top threats to watch in Intel’s worldwide forecast Four things we learned when US spy chiefs testified to Congress FBI director warns of 'dangerous individuals' coming across southern border US Intelligence Chiefs Deliver Grim Warning on Ukraine U.S. intelligence officials warn of global security threats during Senate hearing The Terrorist: How a devout Christian kid became a radicalized mass murderer A New Terror Threat Is Emerging in Europe Linked to Iran, Gaza War Illegal migrant from Lebanon caught at border admitted he’s a Hezbollah terrorist hoping ‘to make a bomb’ — and was headed for NY FB-ISAO: March 2024 Threat Level Statement Update   PSA - Extortion: On popular online platforms, predatory groups coerce children into self-harm. Using flattery and guile, he persuaded the 14-year-old girl to send a nude photo. It instantly became leverage. Over the following two weeks in April 2021, he and other online predators threatened to send the image to the girl’s classmates in Oklahoma unless she live-streamed degrading and violent acts, the girl’s mother told The Washington Post. They coerced her into carving their screen names deep into her thigh, drinking from a toilet bowl and beheading a pet hamster — all as they watched in a video chatroom on the social media platform Discord. The pressure escalated until she faced one final demand: to kill herself on camera. Related: There Are Dark Corners of the Internet. Then There's 764. What to Know About the Proposed TikTok Legislation   IoT: https://www.nextgov.com/cybersecurity/2024/03/fcc-approves-cyber-labeling-program-iot-devices/394946/ Quick Hits: Earth just had its warmest February on record European Environment Agency: Europe is not prepared for rapidly growing climate risks Ransomware: Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption Malwarebytes: Ransomware review: March 2024 GRIT Ransomware Report: February 2024 Haiti: Haitian PM tenders resignation after Jamaica talks Haitian gangs abduct churchgoers amid escalating violence: 'Kidnappings everywhere' Haiti security mission in limbo as urgency grows Rush to deploy multinational force sets conditions on Haiti Plan to install new leaders in Haiti appears to crumble after political parties reject it American missionaries trapped in Haiti seek prayers and help Undersea cable failures cause Internet disruptions for multiple African countries   Info Ops:  Blinken Warns of Disinformation Threat to Democracies. South Korea hosted summit warns of AI risks to democracy How a Foul Ball From 2014 Became Part of a Russian Disinformation Campaign White House’s Efforts to Combat Misinformation Face Supreme Court Test Exclusive: Trump launched CIA covert influence operation against China US is still chasing down pieces of Chinese hacking operation, NSA official says UK NCSC: Cloud-hosted supervisory control and data acquisition (SCADA) US GAO - Science & Tech Spotlight: Combating Deepfakes HHS Office for Civil Rights Issues Letter and Opens Investigation of Change Healthcare Cyberattack The water industry wants to write its own cybersecurity rules. Will Biden and Congress go for it? CISA: Secure Cloud Business Applications: Hybrid Identity Solutions Guidance