Simply Cyber Newsletter #133

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

Phishing Campaign Uses Fake Booking.com Emails to Deliver Malware. A new phishing campaign is using fake emails from popular travel websites to fool people. The emails direct victims to a deceptive verification page that instructs them to copy and run a computer script, which then installs malware onto their device. Be cautious with unusual requests.

What you need to know: Here is a simple and powerful way to train your users on modern phishing. Frame it like spotting a poker player's "tell." For ninety-nine percent of a phishing attack, the scammer does everything to appear normal, building trust with a fake email and a polished website. Their final move, where they ask you to copy code and paste it into a system command window, is their tell. It is the one action a legitimate website will never ask you to do. Train your users that this moment is their signal. It is the point where the attacker reveals their hand, showing their entire game is based on this one deceptive trick. Recognizing that tell is how you empower users to confidently walk away from the table before placing the final bet.

FOR PEERS

Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub. A widespread cryptojacking campaign is targeting publicly accessible DevOps tools like Docker and HashiCorp Nomad. Attackers exploit insecure default configurations and open APIs to deploy cryptocurrency miners, essentially gaining remote code execution to hijack server resources for their own financial gain.

What you need to know: It is easy to get lost chasing the latest CVE, but the reality of these cryptojacking campaigns is often less glamorous. They are not breaking down reinforced walls; they are walking through unlocked front doors. Many powerful DevOps tools are not secure by default, and an exposed API is the digital equivalent of leaving the keys in the ignition. Here is the one question to take to your engineers that cuts through the noise: Can someone on the public internet, without credentials, spin up a new container or job on this system?

The simplicity of the question is the point. If the answer is not an immediate and confident "no," you have just found your next priority.

FOR EXECUTIVES

Reddit sues AI startup Anthropic for breach of contract, ‘unfair competition’. Reddit is suing AI firm Anthropic, alleging it used platform data to train models without a proper license. The lawsuit highlights a breach of contract, noting that competitors like Google and OpenAI have secured official partnerships for similar data access, creating a major intellectual property dispute.

What you need to know: This lawsuit highlights that in the AI economy, your company’s public data is no longer just content; it's a valuable, licensable asset. The critical question for leadership is not just about risk, but about missed opportunity. It’s time to ask your teams: "What is our strategy for monetizing our unique data set with AI developers?" and "Do our terms of service explicitly prohibit unlicensed data scraping for commercial AI training?" This shifts the view of data from a simple byproduct of your business to a potential revenue stream, ensuring you don't inadvertently let others build their future on your investment.

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry

SIMPLY CYBER MEDIA GROUP PODCAST LINEUP

Simply Cyber Media Group presents our family of cybersecurity podcasts! We are on break until Q3, but check out the podcast episodes you may have missed in the meantime.

More podcasts coming in Q3 2025!

• Simply Defensive - Mondays

• Simply ICS Cyber - Wednesdays (Bi-weekly)

• 2 Cyber Chicks - Wednesdays (Bi-weekly)

• Cybersecurity Mentors Podcast - Thursdays

Visit youtube.com/@SimplyCyber/podcasts to explore all the podcasts!

SIMPLY CYBER ACADEMY LUNCH & LEARN 🍔

Tuesday, June 10 at 1:00 PM EDT - Build-a-Fake Workshop: Getting Hands-on with Deepfakes and Deception

Curious about how deepfakes are made or how they’re used in real-world scams, influence campaigns, and social engineering?

Join Perry Carpenter for this Lunch & Learn as he walks you through the basics of generating convincing deepfakes and then takes it further: showing how they’re weaponized in multi-stage deception campaigns.

Whether you're a complete beginner or already experimenting, you’ll walk away with practical skills, a starter toolkit, and a sharper understanding of how synthetic media fits into the modern threat landscape.

Prepare for an exciting livestream and ask Perry questions live - get notified!

SIMPLY CYBER FIRESIDES🔥

Thursday, June 12 at 4:30 PM EDT - What You Need to Know About Application Security

Join host Gerald Auger, Ph.D. for an essential conversation about application security with renowned cybersecurity expert Tanya Janca (aka SheHacksPurple).

Tanya brings over 28 years of IT experience to this discussion, including her work as a best-selling author of "Alice and Bob Learn Secure Coding" and "Alice and Bob Learn Application Security."

As an OWASP Lifetime Distinguished Member and internationally recognized authority on software security, she has trained thousands of developers and security professionals through her academies and speaking engagements worldwide.

🎯 What You'll Learn:

• Core principles of application security that every security professional should know

• Common vulnerabilities and how to prevent them

• Best practices for secure coding and application development

• Real-world insights from decades of cybersecurity experience

Set your notifications to attend and bring your questions to ask in live chat!

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!