Simply Cyber Newsletter #109 🎅

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Android malware found on Amazon Appstore disguised as health app. A malicious Android spyware app, BMI CalculationVsn, was discovered on the Amazon Appstore. Masquerading as a BMI calculator, it secretly recorded screens, collected SMS data, and scanned installed apps. Users must remove it manually and run a full device scan. Always scrutinize app permissions and install from trusted publishers.

What you need to know: Educate your end users about navigating app safety on platforms like the Amazon Appstore. While generally reliable, even trusted marketplaces may occasionally host malicious apps. To reduce risks, users should prioritize apps from reputable publishers with good reviews and download histories.

Before installing an app, review its permissions carefully. Ask whether the requested access aligns with the app's stated purpose. For instance, why would a health calculator need access to your messages or screen recording? After installation, periodically review and revoke unnecessary permissions in your device’s settings.

Encourage users to enable security features like antivirus programs or device security tools, which can detect and block known threats. Finally, remind them to stay updated on app safety practices and apply software updates promptly, as these often include security patches.

FOR PEERS

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware. A new social engineering attack exploited Microsoft Teams to deploy DarkGate malware, leveraging remote access tools like AnyDesk. This highlights growing phishing tactics and the need for vigilance. End users must remain cautious when handling unexpected requests or communication via trusted platforms.

What you need to know: This incident highlights the importance of clear protocols for IT support interactions and robust remote administration policies. Take this opportunity to review your organization’s practices and ensure they address emerging threats, such as social engineering attacks exploiting trusted platforms. Implement allowlists for approved remote access tools and establish monitoring to detect unauthorized usage. Communicate these protocols effectively across teams and consider offering training to reinforce awareness of the risks. By proactively aligning your policies with current threats, you can strengthen your organization’s defenses against evolving cyberattacks.

For End Users: Make sure your end users know what to expect from legitimate IT interactions. Train them to recognize that unexpected requests, especially those involving urgency or unfamiliar software, could be a phishing attempt. Encourage them to verify any unusual requests and report suspicious activity immediately.

FOR EXECUTIVES

CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach. Federal experts warn senior officials to assume communications are vulnerable, following revelations of Chinese hackers infiltrating U.S. telecom networks and compromising 150 officials. CISA advises using end-to-end encryption and highlights systemic risks. Businesses must evaluate secure communication tools and consider dedicated solutions to protect sensitive executive interactions.

What you need to know: Recent breaches targeting senior U.S. officials have exposed significant vulnerabilities in communications systems, highlighting risks that could impact businesses. Businesses must consider the implications: Are current tools adequately protecting executives’ communications? Leaders should initiate discussions about adopting secure platforms tailored for high-level interactions, ensuring sensitive conversations remain confidential. Beyond encryption, evaluating potential vulnerabilities in widely used technologies, such as routers under scrutiny like TP-Link, is essential. Proactively investing in secure communication systems demonstrates a commitment to safeguarding business intelligence and mitigating risks from emerging cyber threats.

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Find more about what’s happening this week in the Simply Cyber community, below.

Thank you and see you again next time! Have a great week, #TeamSC!

Gerry

DAILY CYBER THREAT BRIEF SIMPLY CYBER 

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever, #TeamSC!

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, Spotify, Apple Podcasts, or your favorite podcast platform.

SIMPLY CYBER WHY CYBER CERTS ARE BROKEN IN 2024

In case you missed it, learn more about why cybersecurity certs are broken with industry expert, Jason Dion!

While careers and cyber risk reduction are serious business, the Simply Cyber community is all about good times and having fun along the way.

That’s why this interview with Simply Cyber Academy instructor Steve McMichael and AKYLADE co-founder Jason Dion uses a Hot Takes format.

Steve brought your spicy questions, and even spicier sushi with wasabi! Check it out!

SIMPLY CYBER ACADEMY NEW FREE CAREER COURSE

Last week I made an announcement about a NEW FREE COURSE available to anyone and everyone on Simply Cyber Academy! It’s designed to help you get ahead of the game with my FREE Cyber Career Launch Pad Course!

Make sense of those cyber resources today! Learn more about this new resource in this video I created: youtu.be/fpSORPJ_cww

Get my FREE AWESOME course here: academy.simplycyber.io/p/cybersecurity-career-launchpad-a-complete-resource-guide-for-career-changers

SIMPLY CYBER MEDIA GROUP WEEKLY STREAM LINEUP

SIMPLY CYBER ACADEMY THE PLACE FOR GRC CAREERS

At Simply Cyber Academy, we specialize in making GRC Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have NEW COURSES available to help you advance in your GRC Cyber career.

Visit academy.simplycyber.io to learn more now.