Simply Cyber Newsletter #107

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Cyber-Unsafe Employees Increasingly Put Orgs at Risk. A survey of 14,000 employees reveals risky behaviors with sensitive data, including personal device use, password reuse, and bypassing cybersecurity policies. Rising AI tool usage further complicates data security, with many ignoring guidelines. These practices significantly increase organizational exposure to breaches and leaks.

What you need to know: Educate your end users about the importance of following cybersecurity policies to protect sensitive data. A survey of over 14,000 employees found that common behaviors like reusing passwords, accessing workplace apps from unsecured personal devices, and bypassing security policies expose organizations to significant risks. Alarmingly, 36% use the same login credentials for work and personal apps, and 65% bypass security measures for convenience. The increasing use of AI tools adds another layer of vulnerability, especially when sensitive data is inputted without adhering to handling guidelines, something 38% of employees admit they often neglect.

Encourage your team to take simple steps like using unique, strong passwords for every account, enabling two-factor authentication, and avoiding risky behaviors like downloading customer data or bypassing policies. Remind them that these practices not only protect the organization but also ensure their data and reputation remain safe.

FOR PEERS

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours. Cloudflare lost 55% of customer logs during a 3.5-hour outage on November 14, caused by a misconfiguration in its logpush service. A cascade of failures overwhelmed their buffering system, leading to data loss. Cloudflare has since introduced detection systems, updated configurations, and plans routine overload testing to prevent similar incidents.

What you need to know: Share this story with your peers and discuss how your organization ensures resilience in log management systems. Cloudflare recently lost 55% of customer logs over a 3.5-hour window due to a misconfiguration in its logpush service. This misconfiguration triggered a cascade of failures: a blank configuration caused log forwarding to default to all customers, overwhelming a buffering system designed to handle spikes. Critical safeguards failed due to improper configuration and insufficient testing, leading to significant data loss.

This incident highlights the importance of thoroughly testing failsafe mechanisms and maintaining properly configured systems to handle unexpected surges in data. Discuss with your team how routine overload testing and anomaly detection systems can be implemented to identify issues early. By strengthening your log management pipelines, you can prevent similar disruptions that could leave your organization vulnerable to missed security insights or delayed incident responses.

FOR EXECUTIVES

FBI Warns GenAI is Boosting Financial Fraud. The FBI warns businesses of generative AI's role in enhancing fraud schemes. Threats include AI-crafted phishing messages, deepfake impersonations, and fraudulent chatbots. Companies should reinforce verification processes, implement additional client authentication controls, and educate staff about AI-enabled tactics to mitigate risks and protect customer trust.

What you need to know: Generative AI is being used to enhance scams that target financial transactions and customer trust, posing a significant threat to business operations. Fraudsters employ deepfake technology and AI-crafted messages to impersonate clients or employees, bypassing weak verification methods and leading to unauthorized payments. This can result in direct financial losses and erosion of customer trust if fraudulent activity impacts them. Businesses must prioritize strengthening financial verification processes, such as implementing multi-factor authentication and secret passphrases for transactions, while ensuring secure and transparent communication channels with clients. Additionally, creating public-facing content to educate customers on how the business would and would not contact them, along with clear instructions on where to report suspected fraud, is essential for building trust and mitigating risks.

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Find more about what’s happening this week in the Simply Cyber community, below!

Thank you sand see you again next Monday! Have a great week, #TeamSC!

Gerry

DAILY CYBER THREAT BRIEF SIMPLY CYBER 

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever, #TeamSC!

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, Spotify, Apple Podcasts, or your favorite podcast platform.

TRYHACKME ADVENT OF CYBER DAY 9

Premieres: Monday, Dec. 9 at 11 AM ET on Simply Cyber

Learn to Assess Third Party Risk (GRC Skills), Let's crush Day 9 of Advent of Cyber doing GRC work. Yasss!!!! Check out TryHackMe's AOC Event: tryhackme.com/r/christmas.

Join me on Simply Cyber today at youtu.be/NoMNMJGdwn0.

TRYHACKME ADVENT OF CYBER DAY 10

Premieres: Tuesday, Dec. 10 at 11 AM EST on Simply Cyber

Crush Advent of Cyber Day 10 (Catch that Sweet Rev Shell) with a walkthrough of TryHackMe’s AOC Day 10. Play along with the TryHackMe Advent of Cyber here: tryhackme.com/r/christmas.

Join me on Tuesday at 11 AM EST at youtu.be/egM0Emlgvkw.

SC FIRESIDES YOU’RE DOING CYBER ALL WRONG

Premieres: Thursday, Dec. 12 at 4:30 PM ET presented by Simply Cyber Media Group

Simply Cyber Media Group is excited to welcome our upcoming guest, Brandon Poole, Founder and Principal Consultant at Panoptcy Security! Discover more about this former Associate Instructor at the SANS Institute,

With over 14 years of expertise in cybersecurity, Brandon brings a deep understanding of DFIR, disaster recovery, SOC operations, regulatory compliance, security architecture, and general security consulting. He holds the CEH, CCNA, GSEC, GCIH, GCCC, GCWN, GCTI certifications and is a member of Infragard, ISSA, and the SANS Advisory Board. If anyone knows what you're doing wrong in cyber, it's this guy!

Don't miss this opportunity to hear from Brandon as he is interviewed by your host, Gerald Auger, Ph.D. Bring your question to have answered in live chat! Warning: Knowledge bombs will be dropping throughout the stream to help you understand how to enhance your cyber capabilities!

SIMPLY CYBER MEDIA GROUP WEEKLY STREAM LINEUP

SIMPLY CYBER ACADEMY THE PLACE FOR GRC CAREERS

At Simply Cyber Academy, we specialize in making GRC Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have NEW COURSES available to help you advance in your GRC Cyber career.

Visit academy.simplycyber.io to learn more now.