Simply Cyber Newsletter #126

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024. Google blocked more than 5.1 billion harmful ads and suspended over 39.2 million advertiser accounts in 2024, including many involving scams and deepfakes. Most of these threats were caught automatically before users saw them, showing the massive scale of ongoing ad safety efforts.

What you need to know: We usually bring you actions your end users can take to protect themselves. This time, consider highlighting the massive efforts companies like Google are making to reduce online threats before they even reach people. It is a good opportunity to remind your team that while proactive systems are constantly working in the background, human intuition still matters. Encourage them to stay skeptical of unexpected ads, resist downloading unknown files, and report anything that feels suspicious. Sharing this story is a way to celebrate progress while reinforcing the importance of their own daily vigilance.

FOR PEERS

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns. Multiple nation-state threat actors including groups from North Korea, Iran, and Russia are now using the ClickFix technique. This social engineering method tricks users into copying and running malicious commands, making it easier to deploy malware in targeted campaigns.

What you need to know: Our March 10th newsletter outlined steps for end users to mitigate PowerShell risks. Now, collaborate with peers to disable or restrict PowerShell in your environment. First, identify where PowerShell is enabled and assess whether users genuinely need it. Implement strict policies, such as Constrained Language Mode or application control, to limit its scope. Ensure robust logging and alerting for PowerShell activity to detect potential misuse. These measures reduce vulnerabilities and enhance visibility. Finally, educate end users about the risks. Warn them against copying and pasting code from the internet, emphasizing that such actions signal a serious security concern.

FOR EXECUTIVES

CISA extends funding to ensure 'no lapse in critical CVE services. The U.S. government narrowly avoided a service disruption to MITRE’s Common Vulnerabilities and Exposures (CVE) program by extending its funding. The CVE program is essential for global cybersecurity coordination, enabling standardized vulnerability tracking and timely response efforts across industries and national infrastructures.

What you need to know: Programs like CVE (Common Vulnerabilities and Exposures) and other global cybersecurity initiatives deliver value far beyond IT. These programs strengthen vulnerability intelligence, secure supply chains, increase product resilience, and build digital trust. These programs benefit the entire ecosystem.

Talk with your teams about how your business depends on or contributes to these shared resources. Champion their inclusion in long-term planning, especially as policy and funding shifts may affect their future. Your advocacy helps prevent systemic disruptions and reinforces our commitment to a safer, more stable digital environment for all.

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Find more about what’s happening this week in the Simply Cyber community, below.

Thank you and see you again next time! Have a great week, #TeamSC!

Gerry

SIMPLY CYBER DAILY CYBER THREAT BRIEF

Catch the most popular weekday cyber threat news analysis livestream around and meet the most supportive community ever, #TeamSC!

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM EST via YouTube and LinkedIn - podcast also available on Spotify, Apple Podcasts, or your favorite podcast platform. You can also check it out on our podcast webpage.

SC MEDIA GROUP SIMPLY DEFENSIVE TALKS OPSEC

When: Monday, April 21 at 9:30 AM EDT | Presented by: Simply Cyber Media Group

S3 E3: Unlocking the Secrets of OPSEC - A Deep Dive with Mitch Cohen

In this episode of Simply Defensive, hosts Josh Mason and Wade Wells welcome Mitch Cohen, privacy and OPSEC expert from flare.io.

Mitch shares his journey to becoming a 'digital ghost' and offers valuable insights into operational security (OPSEC) and privacy practices. He discusses the importance of securing personal information, the risks associated with poor OPSEC, and provides actionable steps for improving digital privacy.

Josh, Wade, and Mitch explore real-world examples, the ethical implications of privacy, and how to strike a balance between convenience and security.

An excellent resource for cybersecurity professionals and anyone interested in protecting their digital footprint.

SC MEDIA GROUP 2 CYBER CHICKS BISO PERSPECTIVE

When: Wednesday, April 13 at 9:30 AM EDT | Presented by: Simply Cyber Media Group

S6 E6: Bridging Security and Business - The BISO Perspective with Meenu Verma

In this episode of 2 Cyber Chicks, Jax and Erika sit down with Meenu Verma, a powerhouse Business Information Security Officer (BISO) with expertise in threat and vulnerability management, security architecture, and enterprise security strategy. With a career spanning major organizations like Camelot Lottery Solutions, Savanti Consulting, and Affinity Water Limited, Meenu shares insights into the evolving cybersecurity landscape and how businesses can better align security with their strategic goals.

The conversation dives into the toughest challenges of being a BISO, key cybersecurity trends to watch in 2025, and the impact of AI on threat and vulnerability management. Meenu also opens up about her journey into cybersecurity, what keeps her passionate, and her experiences stepping onto the stage for speaking engagements.

If you’ve ever wondered how to balance security and business, stay ahead of AI-driven threats, or build confidence in public speaking, this episode is packed with practical advice and real-world insights. Grab your coffee, sit back, and enjoy this candid convo with Meenu Verma!

SC MEDIA GROUP THE CYBER MENTORS PODCAST E2

When: Thursday, April 24 at 9:30 AM EDT | Presented by: Simply Cyber Media Group

S3 E2: Peeling Back the Network Layers with Doug Burks

In this episode, we talk with Doug Burks, founder and CEO of Security Onion Solutions.

He shares his journey from computer enthusiast to cybersecurity company founder and how he's helping defenders catch bad guys through accessible network security monitoring tools.

We also discuss how important setting up your home lab is as a crucial learning environment for security professionals at all levels. Join us this Thursday!

SIMPLY CYBER FIRESIDES DETECTION ENGINEERING

When: Thursday, April 24 at 4:30 PM EDT | Presented by: Simply Cyber Media Group

Join host Gerald Auger, Ph.D. on Simply Cyber Live as he welcomes special guest Hayden Covington, SOC SecOps Lead at Black Hills Information Security, for an in-depth exploration of Detection Engineering 101.

Hayden brings extensive experience as an InfoSec engineer, analyst, and incident responder with expertise in: Advanced persistent threat investigation, incident response methodology, threat hunting techniques, digital forensics, SOAR engineering and automation, project management, and more.

Learn from Hayden's experience developing and deploying threat detections for a Fortune 5 cloud computing company. This session offers valuable insights for security professionals looking to enhance their detection engineering capabilities.

📣 Ask your questions in real-time during the stream! Hayden will be answering audience questions throughout the broadcast.

SC MEDIA GROUP WEEKLY STREAM SCHEDULE

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have NEW COURSES - even free courses, including Intro to Hacking with Tyler Ramsbey - all available to help you advance in your cyber career now!