Gate 15's Avatar

Gate 15

@gate15.bsky.social

Risk Management: Threat Intel & Analysis, Operations, Preparedness & Critical Infrastructure Security/Cybersecurity & Resilience

298 Followers  |  949 Following  |  249 Posts  |  Joined: 25.11.2024  |  1.8597

Latest posts by gate15.bsky.social on Bluesky

Today in the SUN, we feature an article from @reuters.com on Poland saying cyberattacks on critical infrastructure are rising and is blaming Russia.

Read more below:
www.reuters.com/technology/p...

#cybersecurity
@andyjabbour.bsky.social

10.10.2025 15:47 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
RondoDox botnet targets 56 n-day flaws in worldwide attacks A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosedΒ during Pwn2Own hacking competitions.

A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosedΒ during Pwn2Own hacking competitions.

09.10.2025 13:17 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0
Preview
CISA staffers offered deferred resignations, extending broader cybersecurity fears Staff at the key cybersecurity agency were initially excluded from government efforts to leave their jobs, but then on Wednesday they were given deferred resignation offers with just hours to decide.

Also, CISA staffers I see you...know you've been having a rough go of it since DOGE came on the scene, from disinfo work to the Cyber Safety Review Board:

www.npr.org/2025/02/06/n..., www.npr.org/2025/02/11/n...

09.10.2025 17:03 β€” πŸ‘ 14    πŸ” 6    πŸ’¬ 1    πŸ“Œ 0
Preview
Sen. Peters tries another approach to extend expired cyber threat information-sharing law A new bill renames the Cybersecurity Information Sharing Act of 2015 and would make its legal protections retroactive after its lapse.

Sen. Peters tries another approach to extend expired cyber threat information-sharing law cyberscoop.com/gary-peters-...

09.10.2025 16:43 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 1
Preview
How the latest deepfake scam can cheat companies out of millions | CNN Business From CEOs to colleagues, deepfake technology can trick people into sending money, sharing passwords, or revealing sensitive information - all in seconds. CNN’s Clare Duffy met with ethical hacker and ...

Great work from @racheltobac.bsky.social, with @cnn.com: How the latest deepfake scam can cheat companies out of millions. Good one to share with your company, and with friends & loved ones. edition.cnn.com/2025/10/07/b... cc @craignewmark.bsky.social @pausetake9.bsky.social @gate15.bsky.social

10.10.2025 11:42 β€” πŸ‘ 8    πŸ” 8    πŸ’¬ 2    πŸ“Œ 0
Preview
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign | Google Cloud Blog A financially motivated actor conducting a large-scale extortion campaign under the CL0P brand by exploiting a zero-day vulnerability in Oracle E-Business Suite to steal customer data.

Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign: 'new, large-scale extortion campaign by a threat actor claiming affiliation with the CL0P extortion brand' cloud.google.com/blog/topics/... #cybersecurity @gate15.bsky.social

10.10.2025 12:17 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
(TLP:CLEAR) North Korea IT Worker Threat Report: Threat Overview and Mitigation | Gate 15

ICYMI, our team @gate15.bsky.social and several ISACs released a TLP:CLEAR report on this threat in July: '(TLP:CLEAR) North Korea IT Worker Threat Report: Threat Overview and Mitigation' gate15.global/north-korea-... πŸ‡°πŸ‡΅ #cybersecurity #NorthKorea

10.10.2025 14:14 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
North Korean Scammers Are Doing Architectural Design Now New research shows that North Koreans appear to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, rΓ©sumΓ©s, and Social Security numbers.

New from @mattburgess1.bsky.social, the North Korea worker threat continues to expand: πŸ‡°πŸ‡΅ appears to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, rΓ©sumΓ©s, and SSNs. www.wired.com/story/north-... @gate15.bsky.social #cybersecurity

10.10.2025 14:12 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
The Gate 15 Interview EP 63: Incident Response & What’s the Buzz from the TribalNet Floor! | Gate 15

Our latest episode of the Gate 15 Interview is out now! In this special episode of The Gate 15 Interview, Andy speaks with TribalHub’s Senior Marketing & Communications Manager, Michelle Bouschor.

Check it out below:
gate15.global/the-gate-15-...

#cybersecurity
@andyjabbour.bsky.social

09.10.2025 15:48 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 1
Preview
Policyholder Plot Twist: Cyber Insurer Sues Policyholder’s Cyber Pros

Today in the SUN we feature an article from Hunton on a cyber insurer suing a policyholder’s cyber pros. Some insurers are turning to claims against the cybersecurity vendors entrusted to protect systems.

Read more below:
www.hunton.com/hunton-insur...

#cybersecurity
@andyjabbour.bsky.social

09.10.2025 15:45 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Hacktivists target critical infrastructure, hit decoy plant A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure.

'the threat actor claimed an attack on a water treatment facility that turned out to be a realistic honeypot system set up by threat researchers specifically to observe adversaries’ movements' @bleepingcomputer.com www.bleepingcomputer.com/news/securit... @gate15.bsky.social #cybersecurity

09.10.2025 14:05 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Love to see this below. Check out our two newest @gate15.bsky.social pods, subscribe and feedback and yelling at @dpounder.bsky.social is always welcome! 😼

09.10.2025 14:08 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Lessons from the Ashes: Post-Incident Analysis | Gate 15

Check out the newest blog post added to our Summer of Security: Ransomware Resilience Series, "Lessons from the Ashes: Post-Incident Analysis!"

#cybersecurity
@andyjabbour.bsky.social
gate15.global/lessons-from...

08.10.2025 15:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 1
Weekly Security Sprint EP 130. The Evangelist has returned! Cybersecurity Awareness Month and more! | Gate 15

Our latest edition of the Security Sprint is out now! In this episode, Andy is joined by Jennifer Walker and Sadie Anne Jones! They discuss Cybersecurity Awareness Month and more! Our podcast is available right now, check it out!
#cybersecurity
@andyjabbour.bsky.social
gate15.global/weekly-secur...

08.10.2025 15:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 1
Preview
Russia, China and North Korea are using ChatGPT to influence you β€” here’s how A new report from OpenAI found foreign adversaries are increasingly using artificial intelligence to power hacking and influencing operations.

Today in the SUN we feature an article from Straight Arrow News on Russia, China and North Korea using ChatGPT to influence you.

Read more below:
san.com/cc/russia-ch...

#cybersecurity
@andyjabbour.bsky.social

08.10.2025 15:40 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Phishers target 1Password users with convincing fake breach alert Attackers are using realistic-looking 1Password emails to trick users into handing over their vault logins.

Find the Malwarebytes article here:
www.malwarebytes.com/blog/news/20...

07.10.2025 16:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@malwarebytes.com reports that in a well-targeted phishing attempt, scammers tried to get hold of credentials belonging to a Malwarebytes’ employee.

When you see something that doesn't seem right, take a 9 second pause. A short pause goes a long way.

Learn more below
pausetake9.org?utm_source=c...

07.10.2025 16:03 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Redis warns of critical flaw impacting thousands of instances The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances.

Today in the SUN we feature an article from @bleepingcomputer.com about Redis warning of a critical flaw impacting thousands of instances.

Read more below:
www.bleepingcomputer.com/news/securit...

#cybersecurity
@andyjabbour.bsky.social

07.10.2025 15:59 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Yet another shutdown and its impact on cybersecurity professionals This year’s shutdown risk is especially troubling because Congress failed to reauthorize the Cybersecurity Information Sharing Act (CISA) of 2015.

Government shutdown. CISA expiration. ISACs. We'll be touching on all of this, and Cybersecurity Awareness Month, on today's recording of the @gate15.bsky.social Security Sprint as I'm joined by two excellent teammates & champion women in #cybersecurity. www.scworld.com/perspective/...

07.10.2025 10:51 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Developing: Salesforce data leak site being seized? Looks like it. – DataBreaches.Net I am guessing that the breachforums[.]hn leak site for ScatteredLAPSUS$Hunters is in the process of being seized. A whois lookup now shows that the name servers

Salesforce data leak site: 'A whois lookup now shows that the name servers have been changed to hans.ns.cloudflare [.] com and surina.ns.cloudflare [.] com, which I am guessing are government accounts.' databreaches.net/2025/10/06/d... #cybersecurity #cybercrime @gate15.bsky.social

07.10.2025 11:50 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

There's a lot of talk about CISA 2015 expiration. We discuss that in today's @gate15.bsky.social Security Sprint and I argue that maybe the worries are a little misplaced, and not for good reasons. Just recorded today's episode; it'll be out soon! And I may have H/T @colinwood.me... πŸ• #cybersecurity

07.10.2025 12:42 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn The Year 2036/2038 problem is a bug that will be triggered in more than a decade, but hackers could exploit it today.

We barely survived Y2K πŸ˜‘ not sure we can handle this... The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn; hackers could exploit it today against ICS and consumer devices. www.securityweek.com/the-y2k38-bu... #cybersecurity @gate15.bsky.social #Y2K38

07.10.2025 14:11 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
XWorm malware resurfaces with ransomware module, over 35 plugins New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project last year.

Today in the SUN we feature an article from @bleepingcomputer.com on the XWorm malware resurfacing with ransomware module.

Read more below:
www.bleepingcomputer.com/news/securit...

#cybersecurity
@andyjabbour.bsky.social

06.10.2025 15:37 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

-Violent riot erupts at Cambodian scam compound
-Australia fines man for AI deepfake pr0n
-Cisco brute-forcing campaign
-PAN reconnaissance campaign
-WhatsApp worm in Brazil
-SideWinder's Operation SouthNet
-PRISONBREAK info op linked to Israel
-New ZeroDay Cloud hacking contest
-New Zimbra zero-day

06.10.2025 08:48 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
ENISA 2025 Threat Landscape report highlights EU faces escalating hacktivist attacks and state-aligned cyber threats - Industrial Cyber ENISA 2025 Threat Landscape report highlights EU faces escalating hacktivist attacks and state-aligned cyber threats.

Today in the SUN, we feature an article from Industrial Cyber on the ENISA 2025 Threat Landscape report highlighting that the EU faces escalating hacktivist attacks and state-aligned cyber threats.

Read more below:
industrialcyber.co/reports/enis...

#cybersecurity
@andyjabbour.bsky.social

03.10.2025 15:37 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Tribal-ISAC Unveils Cybersecurity Report The Tribal Information Sharing and Analysis Center (Tribal-ISAC) released its first-ever report, The Pulse – The State of Cybersecurity Within Tribal Nations.

In the SUN, we cover the Tribal-ISAC releasing its first-ever report, featuring cybersecurity insights, trends and more gathered from three key sources, including our very own CHIEF and NATIVE reports!

Read more below:
www.indiangaming.com/tribal-isac-...

#cybersecurity
@andyjabbour.bsky.social

03.10.2025 15:34 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Ransomware | Gate 15

The new @gate15.bsky.social page on Ransomware Resilience is live! Learn more about how our team can help you prepare for and fight against ransomware and check out our blog posts and related risk mitigation info! gate15.global/blog/ransomw... #ransomware #resilience #cybersecurity

03.10.2025 12:33 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
The Evolution of Qilin RaaS Qilin represents one of the most dangerous and adaptive RaaS threats active today.

New from @bushidotoken.net via SANS: In this blog, we will discuss the evolution of Qilin, a well-known RaaS platform that has been linked to several high-profile ransomware attacks... www.sans.org/blog/evoluti... @gate15.bsky.social #cybersecurity #ransomware

03.10.2025 12:40 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Clop extortion emails claim theft of Oracle E-Business Suite data Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems

Today in the SUN we feature an article from @bleepingcomputer.com on Clop extortion emails claiming theft of Oracle E-Business Suite data.

Read more below:
www.bleepingcomputer.com/news/securit...

#ransomware
@andyjabbour.bsky.social

02.10.2025 15:41 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Texting and Messaging Scam Attempts Have Increased by 50 Percent, a Consumer Reports Survey Finds - Consumer Reports Texting and messaging scam attempts have increased by 50 percent, according to Consumer Reports' 2025 Cyber Readiness Report

A key finding: texting and messaging scam attempts have increased by 50 percent, according to a nationally representative CR survey of 2,158 U.S. adults conducted in April 2025. Here’s how to protect yourself:

01.10.2025 14:03 β€” πŸ‘ 6    πŸ” 7    πŸ’¬ 1    πŸ“Œ 0

@gate15 is following 20 prominent accounts