Simply Cyber Newsletter #130

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

Google’s Advanced Protection for Vulnerable Users Comes to Android. Google is launching Advanced Protection for Android 16. It adds powerful new features to help protect high-risk users from spyware and targeted attacks. This includes intrusion logging, blocking unsafe networks, and detecting memory exploits. While designed for vulnerable users, the lessons apply to all of us.

What you need to know: Share this with your end users and encourage them to talk about it with friends and family. Google is releasing a powerful set of protections for Android phones, designed for people who face targeted digital threats. Features like blocking risky networks, disabling shady USB connections, and creating logs that cannot be erased all point to one truth: attackers are getting more sophisticated, and everyday devices are becoming a bigger target. These settings are not just for activists or journalists. They are for anyone who stores sensitive information, clicks links without thinking, or uses their phone to access work or personal accounts. The message is simple: we are all worth targeting now. Security starts with awareness, and awareness spreads one conversation at a time.

Ask your end users to think about this exercise: Before clicking, responding, or sharing anything that feels slightly off, pause and run a quick mental check: If this were a trick, what would happen next? Visualize the worst-case outcome. That five-second pause is your mental sandbox. It helps you spot manipulation before it becomes a mistake. It's time to change our reflexes.

FOR PEERS

Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom. Coinbase disclosed a breach where overseas support contractors were bribed to exfiltrate customer data. Attackers demanded a $20 million ransom, which the company refused. While no funds or keys were compromised, the exposed data could fuel social engineering. Insider recruitment remains a blind spot in technical control frameworks.

What you need to know: While this would be a great article to bring to your business leaders to discuss trust posture and outsourced workforce strategy, it is also essential to discuss with peers around focusing on access controls and monitoring. Ask whether your customer support systems log which employees view sensitive fields like ID numbers, account balances, or contact details. Check if your monitoring tools flag slow, repeated lookups rather than just bulk downloads. Run tabletop exercises where the breach comes not from malware, but from a human being who simply knows what to look for. This story screams understanding your blind spots, and you can help illuminate that.

FOR EXECUTIVES

Microsoft Teams will soon block screen capture during meetings. Microsoft will soon roll out a new Teams feature that blocks screen captures during meetings. This update aims to reduce unauthorized information leaks by blacking out content when screenshots are attempted. It also limits access on unsupported platforms to audio-only. Full rollout is expected by July 2025.

What you need to know: Have conversations with your business leaders around which types of visuals should be considered off-limits in digital meetings. Ask if everyone agrees on when sensitive information can be shared visually, and whether current access settings reflect that. Use this moment to review which tools your teams rely on, how defaults are managed, and where organizational habits need to shift. Microsoft’s update gives you a technical deterrent, but the real guardrail is shared understanding. If someone took a picture of your last slide deck, would it harm your position, your people, or your partners? This is about being intentional. The tools are evolving. Your leadership alignment should keep pace. Schedule those conversations now before exposure happens by assumption. Remember: Some truths belong in voice only.

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry

SIMPLY CYBER MEDIA GROUP PODCAST LINEUP

Simply Cyber Media Group presents our family of cybersecurity podcasts streaming Mon/Wed/Thu mornings at 9:30 AM Eastern. SCMG podcasts span a variety of areas in cyber including cyber defense, women in cyber, ICS/OT, cybersecurity mentorship - with more to come in Q3 2025.

Visit youtube.com/@SimplyCyber/podcasts to explore and learn more!

MONTHLY METACTF FLASH CTF TEAM SC

At Simply Cyber Academy, we’re excited to provide a monthly Flash CTF with other organizations in the community. Come represent #TeamSC! Learn more and register now.

Top 3 participants will get to pick two prizes from the following categories. The rest will be raffled to those who solve at least one challenge:

• $100, $50, $25 Amazon gift cards *

• Simply Cyber Academy GRC Analyst Master Class

• Ticket to the RVAsec 2025 Conference

• $100, $50 gift certificates to the Spearphish General Store *

• 1-mo access to the TCM Security Academy

• 3-mo access to the Antisyphon Cyber Range

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses and free courses - all available to help you advance your cyber career!