Simply Cyber Newsletter #104

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Hackers now use ZIP file concatenation to evade detection. Threat actors use concatenated ZIP files to bypass security tools, hiding malware in compressed archives. This technique exploits differences in how ZIP parsers handle concatenated files. To mitigate risks, use security tools supporting recursive unpacking and treat emails with ZIP attachments with caution, particularly in critical environments.

What you need to know: Here is an example email that you can send to your end users. Also, include images on what the zip file looks like and an example on what could be inside:

Cybercriminals are using new tricks to sneak malware into emails, hiding it in special ZIP files that can bypass some security tools. These files might look harmless, but they can contain harmful programs designed to steal information or damage systems.

For example, you might receive an email about a shipping update with an attachment that seems safe, but it’s actually hiding malware. This is why we can’t assume that every email in our inbox is safe.

Here’s what you can do: if an email seems odd, like it’s from someone you don’t know or it asks you to act quickly, stop and think. Don’t open attachments or click on links unless you’re sure they’re safe. If you’re unsure, report the email to our security team right away. Being cautious and reporting suspicious emails helps keep you and our company protected from cyber threats.

FOR PEERS

Top 200 Most Common Passwords. NordPass's 2024 analysis reveals that weak password practices persist among both individuals and corporations, with "123456" and "password" topping the list of most common passwords. The study analyzed a 2.5TB database from various sources, including the dark web, highlighting the ongoing vulnerability to cyber threats due to poor password hygiene.

What you need to know: Share this story with your peers and have conversations about what your organization is doing to prevent weak passwords like these from infiltrating the environment. Discuss the risks associated with weak passwords, and review or implement policies to prohibit the use of common, easily guessed passwords such as "123456" or "password." Regularly audit credentials to ensure compliance with password complexity requirements, promote or enforce the use of password managers, and deploy multi-factor authentication (MFA) for an added layer of protection. Encourage end users to take ownership of their credential security by creating strong, unique passwords, emphasizing that they play a critical role in maintaining a secure environment.

FOR EXECUTIVES

Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance. The Five Eyes intelligence alliance warns of a surge in zero-day vulnerability exploitation, now a "new normal." A 2023 advisory highlights Citrix, Cisco, Fortinet, and MOVEit among top targets. Organizations are urged to prioritize patching, secure-by-design principles, and proactive threat mitigation to counter increasingly sophisticated cyber threats.

What you need to know: This is a great topic to bring to your senior business leaders to have a discussion around the growing threat of zero-day vulnerabilities and their potential impact on the organization. Highlight how the rise in these exploits underscores the need for timely patching, vendor accountability, and investment in secure-by-design technologies. Use this opportunity to evaluate the organization's current patch management processes and whether proactive measures, such as advanced detection tools, are sufficient to mitigate evolving risks. Engage leaders by discussing how unaddressed vulnerabilities could disrupt operations, impact compliance, and erode customer trust. Framing cybersecurity as a strategic business imperative ensures alignment between technical and executive priorities for resilience in today’s threat landscape.

Stay current on trending topics, tips, events and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Thank you so much and see you again next Monday!

Have a great week, #TeamSC!

Gerry

DAILY CYBER THREAT BRIEF SIMPLY CYBER

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever. #TeamSC

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, and your favorite podcast platform. Click the links below to favorite on your devices.

SIMPLY DEFENSIVE THE FINAL EPISODE OF S1

Premieres: Monday, Nov. 18 at 9:30 AM ET presented by Simply Cyber Media Group

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells sit down with Melanie Thomas, Vice President of Cyber Security at BridgePoint Technologies. Melanie shares insights from her role, her experience in cybersecurity, and her path from tech support to VP.

We discuss Melissa’s adjunct professorship at the University of San Diego, her community service, and the importance of networking. The conversation covers the significance of education in cybersecurity, Melanie's approach to balancing technical and strategic roles, and valuable advice for new entrants in the field, including teamwork and maintaining humility. Join us for this final episode of the season!

Click the images below to set your reminder and subscribe! See you next season!

2 CYBER CHICKS WITH CISO NEAL BRIDGES

Premieres: Wednesday, Nov. 20 at 9:30 AM ET presented by Simply Cyber Media Group

Neal Bridges is an absolute powerhouse in the Cybersecurity space and the Chief Information Security Officer at Query.ai. With over two decades of experience, Neal has helped federal and commercial organizations develop and execute cybersecurity strategies, and has built teams at multiple Fortune 100 companies.

Attend to here the trio as they delve into the life of a #CISO, leading by influence in a transformation environment, cloud security, #SecDataOps and how federated cloud search can help organizations level up.

Join us! Click below and we will see you in chat!

SIMPLY CYBER FIRESIDES AI SOCIAL ENGINEER

Premieres: Thursday, Nov. 21 at 4:30 PM ET presented by Simply Cyber Media Group

This Thursday. Simply Cyber Firesides with host Gerald Auger, Ph.D. welcomes Perry Carpenter, a multi-award-winning author, podcaster, and speaker. As the Chief Human Risk Management Strategist at KnowBe4, Perry helps organizations and individuals build strong defenses against the ever-changing landscape of online deception.

In this episode, we’ll dive into Perry’s latest book, FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions. FAIK explores the intriguing and often alarming world of artificial intelligence, highlighting both its potential benefits and the darker side of its use in deception and misinformation. Whether you’re a cybersecurity professional or just curious about the world of online deception, this episode is for you!

Tune in to learn more & subscribe to Simply Cyber to get updates when new episodes drop! Click below to attend and set your reminder.

SIMPLY CYBER ACADEMY 30% OFF SALE

Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. Plus, we have TWO NEW COURSES available to excel your cyber career. Check them out and use the discount below now!

At Simply Cyber Academy, we specialize in making GRC Cybersecurity Careers a reality. Visit academy.simplycyber.io to learn more now.

Use Code: HOLIDAY30 for 30% off your purchase at check out, now through Nov. 30th!