Gate 15
LightNews LightNews
banner
gate15.bsky.social
Gate 15
@gate15.bsky.social
330 followers 950 following 340 posts
Risk Management: Threat Intel & Analysis, Operations, Preparedness & Critical Infrastructure Security/Cybersecurity & Resilience
Posts Replies Media Videos
gate15.bsky.social
Our latest edition of the Security Sprint is out now! In this episode, Dave and Andy discuss a winter blast, hacktivists, a dose of cyber resilience and more! Our podcast is available right now, go check it out!

#cybersecurity
@andyjabbour.bsky.social
gate15.global/weekly-secur...
Weekly Security Sprint EP 142. Winter blast, hacktivists, and a dose of cyber resilience | Gate 15
gate15.global
January 21, 2026 at 4:55 PM
gate15.bsky.social
Today in the SUN we feature an article from Nextgov/FCW on the CISA budget bill that would require the agency to maintain ‘sufficient’ staffing levels.

Read more below:
www.nextgov.com/people/2026/...

#cybersecurity
@andyjabbour.bsky.social
CISA budget bill would require agency to maintain ‘sufficient’ staffing levels
The congressional justification diverges from steps taken last year to curb the agency’s workforce and election security footprint.
www.nextgov.com
January 21, 2026 at 4:52 PM
Reposted by Gate 15
bleepingcomputer.com
Using only natural language instructions, researchers were able to bypass Google Gemini's defenses against malicious prompt injection and create misleading events to leak private Calendar data.
Gemini AI assistant tricked into leaking Google Calendar data
Using only natural language instructions, researchers were able to bypass Google Gemini's defenses against malicious prompt injection and create misleading events to leak private Calendar data.
www.bleepingcomputer.com
January 20, 2026 at 5:50 PM
Reposted by Gate 15
cloudflare.social
We've updated our Email security learning path to include comprehensive coverage for Gmail users. Whether you're on Google Workspace or Microsoft 365, this updated path provides step-by-step instructions needed to protect your inbox from malicious activity. developers.cloudflare.com/learning-pat...
January 21, 2026 at 11:10 AM
Reposted by Gate 15
blackfog.com
Could the Model Context Protocol (MCP) become a covert channel for data theft? New analysis shows attackers could abuse MCP connections to siphon sensitive context and exfiltrate data outside traditional controls.

www.blackfog.com/mcp-could-be...

#AIsecurity #MCP #DataExfiltration #Cybersecurity
How MCP Could Become a Covert Channel for Data Theft | BlackFog
Find out how Model Context Protocol (MCP) could be abused as a covert channel for data theft: five real risks, examples, and mitigations.
www.blackfog.com
January 21, 2026 at 10:31 AM
gate15.bsky.social
Today in the SUN we feature an article from SecurityWeek on the importance of information sharing.

Read more below:
www.securityweek.com/cyber-insigh...

#cybersecurity
@andyjabbour.bsky.social
Cyber Insights 2026: Information Sharing
Cyber Insights: Expert insights on information sharing - what is happening now and preparing cybersecurity leaders for what lies ahead.
www.securityweek.com
January 20, 2026 at 4:34 PM
Reposted by Gate 15
joetidy.bsky.social
How crypto criminals stole $700 million from people - often using age-old tricks. My BBC In-Depth article about the troubling rise of scams, cyber attacks - and even muggings - on individual crypto holders. www.bbc.co.uk/news/article...
How crypto criminals stole $713 million
As crypto wealth continues to grow, criminals are mixing sophisticated hacks with deception, and in some cases, real life violence.
www.bbc.co.uk
January 19, 2026 at 10:28 AM
Reposted by Gate 15
christinaayiotis.bsky.social
"The World Economic Forum's Global Cybersecurity Outlook 2026, written in collaboration with Accenture, examines the cybersecurity trends that will affect economies and societies in the year to come." www.weforum.org/publications...
Global Cybersecurity Outlook 2026
The Global Cybersecurity Outlook 2026, written in collaboration with Accenture, examines the cybersecurity trends that will affect economies and societies in the year to come. It explores how accelera...
www.weforum.org
January 19, 2026 at 2:08 AM
Reposted by Gate 15
campuscodi.risky.biz
-Germany to let intel service hack foreign IT providers
-Finland intends to criminalize disinformation
-French "patriotic" accounts go silent amid Iranian internet outage
-Hackers extort GrubHub
-StackWarp attack

Newsletter: news.risky.biz/risky-bullet...
Podcast: risky.biz/RBNEWS514/
January 18, 2026 at 11:55 PM
Reposted by Gate 15
andyjabbour.bsky.social
4 new resources from the 🇨🇦 Canadian Centre for Cyber Security:
- Developing your :
--- IT recovery plan
--- incident response plan
--- business continuity plan
- Improving #cybersecurity resilience through emergency preparedness planning
www.cyber.gc.ca/en/guidance @gate15.bsky.social
Cyber security guidance - Canadian Centre for Cyber Security
Cyber security guidance
www.cyber.gc.ca
January 19, 2026 at 1:23 PM
Reposted by Gate 15
andyjabbour.bsky.social
New from the 🇬🇧 UK NCSC: Pro-Russia hacktivist activity continues to target UK organisations www.ncsc.gov.uk/news/pro-rus... @gate15.bsky.social @campuscodi.risky.biz #cybersecurity #Russia
Pro-Russia hacktivist activity continues to target UK organisations
The NCSC encourages local government and critical infrastructure operators to harden their ‘denial of service’ (DoS) defences
www.ncsc.gov.uk
January 19, 2026 at 1:24 PM
Reposted by Gate 15
campuscodi.risky.biz
30-year-old bug in Glibc... 😵‍💫

www.phoronix.com/news/Glibc-S...
CVE-2026-0915: GNU C Library Fixes A Security Issue Present Since 1996
CVE-2026-0915 was published on Friday as a security issue with the GNU C Library 'glibc' for code introduced 30 years ago
www.phoronix.com
January 20, 2026 at 3:49 PM
Reposted by Gate 15
ericjgeller.com
The "minibus" appropriations bill (extending government funding past 1/30) reauthorizes CISA 2015 info-sharing law, state and local cyber grant program, NCPS intrusion detection system, and Technology Modernization Fund through 9/30. docs.house.gov/billsthiswee... (h/t @ddimolfetta.bsky.social)
January 20, 2026 at 2:54 PM
gate15.bsky.social
Today in the SUN we feature an article from @censys.bsky.social on a honeypot view of internet-wide interest in ICS/OT protocols.

Read more below:
censys.com/blog/whos-kn...

#cybersecurity
@andyjabbour.bsky.social
Who's Knocking on Your PLC? A Honeypot View of Internet-Wide Interest in ICS/OT Protocols
What happens when you expose Modbus, Siemens S7, BACnet, IPMI, and other OT-adjacent protocols directly to the Internet? We set up honeypots to find out.
censys.com
January 16, 2026 at 4:46 PM
Reposted by Gate 15
dannypalmer.bsky.social
The rise of encryptionless ransomware?

Analysis of data leak sites (by Symantec & Carbon Black) suggests that there were almost 1500 'ransomware' incidents that relied on data theft alone for extortion attacks in 2025. The figure for 2024 was only 28.

www.infosecurity-magazine.com/news/hackers...
Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion
While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data
www.infosecurity-magazine.com
January 15, 2026 at 4:41 PM
Reposted by Gate 15
ericjgeller.com
Confirming this story about DHS readying a CIPAC replacement called ANCHOR. It's been sitting on DHS Secretary Noem's desk for weeks, my sources said, even as some details remain in flux.

DHS hasn't told infrastructure sector representatives much, either.

www.cybersecuritydive.com/news/dhs-cri...
ericjgeller.com Eric Geller @ericjgeller.com · 8d
Per CyberScoop, the Trump administration's replacement for the CIPAC public-private collaboration framework (which DHS Secretary Noem eliminated) will be called ANCHOR and will have a more streamlined structure. cyberscoop.com/dhs-anchor-c...
January 15, 2026 at 4:36 PM
gate15.bsky.social
Today in the SUN we feature an article from @newsweek.com on Germany and other NATO allies sending troops to Greenland amid President Trump's threats.

Read more below:
www.newsweek.com/greenland-ge...

#cybersecurity
@andyjabbour.bsky.social
Germany, other NATO allies sending troops to Greenland amid Trump threats
Trump said Wednesday that anything less than U.S. control of Greenland would be "unacceptable" in a warning to NATO allies.
www.newsweek.com
January 15, 2026 at 4:36 PM
gate15.bsky.social
The FB-ISAO released their first monthly newsletter of the year, highlighting AI deepfake impersonation scams targeting FBOs, additional security considerations for religious events, and more! Check it out below!

#cybersecurity
@andyjabbour.bsky.social
faithbased-isao.org/fb-isao-news...
FB-ISAO Newsletter, v8, Issue 1 – Faith-Based ISAO
faithbased-isao.org
January 15, 2026 at 4:29 PM
Reposted by Gate 15
campuscodi.risky.biz
Group-IB researchers have spotted a ransomware strain (named DeadLock) abusing blockchain smart contracts for its operations.

The technique has been used before by APT crews and other cybercrime ops, such as crypto miners and infostealers.

www.group-ib.com/blog/deadloc...
www.group-ib.com
January 15, 2026 at 10:58 AM
Reposted by Gate 15
blackfog.com
Shadow AI is quietly expanding the enterprise attack surface.

Our latest blog explains what Shadow AI is, why it matters, and how security teams can reduce the risk.
www.blackfog.com/shadow-ai-an...

#ShadowAI #CyberSecurity #AI #DataSecurity
Shadow AI And The Expanding Enterprise Attack Surface | BlackFog
Shadow AI expands the enterprise attack surface. Learn how unsanctioned AI use drives data leaks and why real-time prevention matters.
www.blackfog.com
January 15, 2026 at 11:00 AM
Reposted by Gate 15
campuscodi.risky.biz
A Chinese APT group has focused last year on compromising critical infrastructure across North America.

Cisco has linked multiple intrusions to a group it tracks as UAT-8837.

blog.talosintelligence.com/uat-8837/
UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor.
blog.talosintelligence.com
January 15, 2026 at 2:06 PM
gate15.bsky.social
Come hear our very own @andyjabbour.bsky.social speak at the TribalHub Cybersecurity Summit, a three-day, in-person event! He will discuss cybersecurity exercises, resilience, the Tribal-ISAC, and more! Find out more below!

#TribalHubCyberSummit
tribalhub.com/events/cyber...
6th Annual Cybersecurity Summit: TribalHub
tribalhub.com
January 14, 2026 at 4:28 PM
Reposted by Gate 15
andyjabbour.bsky.social
Come hang out with me in Jacksonville next month! Why not escape to sunny Florida, let me share about #cybersecurity exercises, resilience, Tribal-ISAC and more⁉️ #TribalHubCyberSummit @gate15.bsky.social
January 14, 2026 at 4:15 PM
gate15.bsky.social
Today in the SUN we feature an article from SC Media on the Russia-linked group APT28, also known as BlueDelta, being observed over the past year launching credential harvesting attacks.

Read more below:
www.scworld.com/news/russia-...

#cybersecurity
@andyjabbour.bsky.social
Russia-linked APT28 targets energy and defense groups tied to NATO
Active since 2004, APT28’s sustained campaign for the past year focused on credential harvesting.
www.scworld.com
January 14, 2026 at 4:15 PM
gate15.bsky.social
Today in the SUN we feature an article from @cybersecuritydive.bsky.social on CISA’s 7 biggest challenges in 2026.

Read more below:
www.cybersecuritydive.com/news/cisa-7-...

#cybersecurity
@andyjabbour.bsky.social
CISA’s 7 biggest challenges in 2026
From infrastructure protection to improving morale, the cybersecurity agency has a lot on its plate — and it still lacks a leader.
www.cybersecuritydive.com
January 13, 2026 at 4:52 PM