Simply Cyber Newsletter #105

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Microsoft 365 Admin portal abused to send sextortion emails. Sextortion scammers are abusing the Microsoft 365 Admin Portal to bypass spam filters, sending distressing emails that falsely claim to have compromising information or footage. Microsoft has addressed the issue, but end users should stay vigilant, avoid engaging with these emails, and protect personal data online.

What you need to know: Educate your end users about sextortion scams exploiting legitimate-looking emails, such as those from Microsoft 365 Admin Portal, to bypass security filters. These emails may claim to have compromising footage or sensitive details, such as your address, to create urgency and fear. End users must understand these claims are lies; scammers do not have this information. To protect themselves, they should avoid interacting with links or sending money. Encourage them to blur their home address on public-facing platforms like Google Maps or other online directories to reduce exposure. Remind them to report such emails to your IT team for further investigation. Stress that these scams are designed to manipulate their emotions and that staying calm and informed is the best defense.

FOR PEERS

Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites. A critical vulnerability (CVE-2024-10924, CVSS 9.8) in the "Really Simple Security" WordPress plugin allows attackers to bypass authentication, gaining admin access on 4M+ sites. Impacting versions 9.0.0 to 9.1.1.1, it’s now patched in 9.1.2. Admins should urgently update and secure any vulnerable instances.

What you need to know: A critical vulnerability (CVE-2024-10924) in the ""Really Simple Security"" WordPress plugin has put over 4 million websites at risk, allowing attackers to bypass authentication and gain admin-level access. Exploitable when the plugin’s two-factor authentication (2FA) is enabled, this flaw emphasizes the importance of immediate action. Versions 9.0.0 to 9.1.1.1 are vulnerable, but version 9.1.2 addresses the issue.

Start by scanning your internet-facing assets to identify any vulnerable instances of the plugin. Check your entire IP range and prioritize these findings. If updating isn’t feasible immediately, evaluate whether the plugin is essential. Disable its 2FA functionality, restrict access via firewalls, or take the instances offline until a fix is applied. Looking ahead, consider switching to a competitive security plugin with robust SSL and 2FA support.

FOR EXECUTIVES

Privacy-focused mobile phone launches for high-risk individuals. Cape’s privacy-focused phone aims to protect high-risk individuals, including activists and journalists, by addressing network-level threats like SIM-swapping and metadata tracking. Despite its adherence to U.S. surveillance laws, the phone raises questions about its appeal to both security-conscious users and potentially the criminal underground, given its advanced privacy capabilities.

What you need to know: If you have a business exec who is hyper-interested in privacy, options like this or Graphene OS may be essential considerations for protecting sensitive information. Executives, due to their position and influence, are prime targets for advanced threat actors seeking to exploit their devices for strategic or financial gain. Solutions that prioritize privacy and reduce metadata exposure align with the growing need for secure communication in high-stakes environments. The concept of privacy-focused technology isn’t just about protecting personal data; it’s about safeguarding corporate strategy, maintaining competitive advantage, and preventing reputational damage. While the market for such solutions is expanding, executives must weigh the benefits of adopting advanced privacy measures against potential regulatory and ethical implications. Ensuring privacy tools meet compliance requirements and cannot be misused by malicious actors is a must when fostering trust and sustaining the integrity of both personal and organizational communications.

Stay current on trending topics, tips, events and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Thank you so much and see you again next Monday!

Have a great week, #TeamSC!

Gerry

DAILY CYBER THREAT BRIEF ON SIMPLY CYBER

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever. #TeamSC

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, and your favorite podcast platform. Click the links below to favorite on your devices.

SIMPLY CYBER INISDE THE MIND OF A RISING STAR

Premieres: Wednesday, Nov. 27 at 9:30 AM ET presented by Simply Cyber Media Group

In this video, DEF CON / Black Hat speaker Or Yair shares his thoughts on doing top tier cybersecurity research and where we are heading as an industry.

Join us after the Daily Cyber Threat Brief on Wednesday morning. See you there! https://youtu.be/u6qtPUEtjo4

SIMPLY CYBER ACADEMY BLACK FRIDAY 30% OFF SALE

Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. Plus, we have NEW COURSES available to excel your cyber career. Check them out and use the discount below.

At Simply Cyber Academy, we specialize in making GRC Cybersecurity Careers a reality. Visit academy.simplycyber.io to learn more now.

Use Code: HOLIDAY30 for 30% off your purchase at check out, now through Nov. 30th!