Simply Cyber Newsletter #137

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

AT&T now lets you lock down your account to prevent SIM swapping attacks. AT&T has launched a new Account Lock feature to help protect customers from SIM swapping attacks. This setting stops unauthorized changes like phone number transfers or SIM swaps. You can turn it on or off anytime in the myAT&T app, with alerts sent to the account holder.

What you need to know: AT&T just launched Account Lock to help stop SIM swapping. It blocks unauthorized changes to your number or SIM and sends alerts if anyone tries. You can turn it on in the myAT&T app.

Share this with your end users and remind them that locking a SIM is like freezing their credit. It adds a barrier that makes life harder for scammers. Because we are a global community, no matter who your carrier is, whether it be AT&T, Verizon, T-Mobile, EE or O2 in the UK, Reliance Jio in India, or MTN Group in Africa, encourage your end users to check if similar protections are available and to turn it on if possible. SIM swapping lets criminals hijack a number to steal two-factor codes and break into accounts. Remind your users to watch for unexpected texts or emails about account changes, and report anything suspicious right away.

For extra protection, have them look up how to set a SIM PIN so no one can use the phone if it is lost or stolen. Additionally, built-in security features on iPhone or Android add another layer of defense if a device ends up in the wrong hands.

FOR PEERS

New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status. A new study shows popular IDEs like Visual Studio Code and IntelliJ can let malicious extensions appear trusted. Attackers can slip in hidden code that runs quietly on developer machines, putting sensitive projects and credentials at risk.

What you need to know: Want to spark a good conversation with your team? Take a closer look at the extensions in your development environment. A new study found that the verified icons in popular IDE marketplaces can be misleading. Attackers have figured out ways to make malicious extensions look trusted, which tricks people into installing code that quietly runs in the background. This matters because developer setups often hold sensitive code, credentials, and other pieces that attackers want.

This flaw highlights the risk of extension sideloading abuse, where plugins get shared as VSIX or ZIP files outside official channels. Even files that appear legitimate can hide scripts no one expects.

The best move now is to stop relying only on a verified badge and stay cautious with every install. If your team needs to share VSIX or ZIP files, add a quick review or signing step before they get used. Make extension checks part of your regular audits, and work with your admins to confirm who actually needs permission to add or update plugins. Small habits like these keep risky surprises out and help everyone stay ahead of the next trick.

FOR EXECUTIVES

Arrest, seizures in latest U.S. operation against North Korean IT workers. U.S. authorities announced arrests, website takedowns, and asset seizures targeting North Korean IT workers who used fake identities to infiltrate over 100 U.S. companies. These workers caused millions in losses and gained access to sensitive information, highlighting an urgent risk to businesses of all sizes.

What you need to know: Share this story with your leadership team and talk openly about the hidden risks in remote hiring. It may be time to revisit what final interviews and onboarding look like, especially for technical roles that touch sensitive data. Consider requiring final interviews or the first week of onboarding to happen in person when possible. Yes, this adds cost and logistics, but it can help filter out people who are not who they claim to be. Stronger identity verification, routine access audits, and deeper vetting for contract and freelance work all matter here. And remember, no plan is foolproof. Someone with enough motivation could still play along just long enough to pass these checks. The goal is to make it harder, raise the cost for bad actors, and keep your teams alert to gaps that policy alone will not catch.

SPONSOR POST

Check out Palo Alto's new podcast Threat Vector. Dive into the mind of an Insider Threat. Clicking on this link will directly support this newsletter and keeps it coming out every week; Thanks for clicking! 💙 http://simplycyber.io/paloalto 

FROM THE DESK OF GERALD AUGER, PH.D.

"Drinking water is important. As humans, we are mostly made of water and any health advisor (whether a doctor or a 'guru' will tell you drinking water is super important. But water doesn’t taste good to me, and its hard to remember to drink it (we're all busy). I'm more of a coffee and beer guy. (hey if they could brew water maybe I'd like it more hehehe).

Anyways, I've been drinking a TON of water lately and its because of these water additives. Personally I use Liquid IV (thanks Costco for the bulk pricing), specifically the ""Rocket Bomb"" flavor. Now whether its Liquid IV or Mio or any of these water enhancers, for me I've been drinking SO MUCH WATER because of it, and I think its making me healthier...?

Also for me, I now regularly walk around with a Big A water cup too, which seems to make drinking even more water more accessible.

Just wanted to share a quick and easy atomic habit that can help you long term health wise.

Gerry

SCMG PRESENTS SIMPLY OFFENSIVE PODCAST

Tuesday, July 8 at 9:30 PM EDT - AI in Red Teaming & Communicating with Leadership

In this episode of Simply Offensive, Phillip Wylie interviews Amélie Koran, a seasoned expert in offensive security and AI red teaming.

They discuss the evolution of red teaming, the challenges and opportunities presented by AI in security, and the importance of human expertise in navigating the complexities of cybersecurity.

The conversation also touches on the differences between federal and corporate security practices, the significance of security clearances, and the need for organizations to reevaluate their security tools and practices.

Click here to join us, subscribe, and set your notification!

SIMPLY CYBER ACADEMY LUNCH & LEARN

Tuesday, July 8 at 1:00 PM EDT - Human Hacking 101 with Eddie Miro

🎯 Ready to discover into the fascinating world of social engineering? Join us for an eye-opening Lunch & Learn session from Simply Cyber Academy: Human Hacking 101.

Eddie Miro reveals how cybercriminals exploit the human element—often the weakest link in cybersecurity.

What You'll Learn:

✅ Common Social Engineering Attacks - From phishing to pretexting, we'll break down the tactics attackers use daily

✅ The Psychology Behind Human Hacking - Understand why these attacks work and how emotions become weapons

✅ Red Flag Recognition - Develop your "spidey-sense" to spot manipulation attempts before you become a victim

✅ Real-World Defense Strategies - Practical tips you can implement immediately to protect yourself and your organization

Eddie Miro brings years of experience as a Social Engineering Expert and Instructor. Known for his engaging, no-nonsense approach, Eddie will share real-world stories and actionable insights that go far beyond theoretical knowledge.

While we invest millions in firewalls and encryption, attackers are increasingly targeting the human element. This session arms you with the knowledge to recognize manipulation tactics and build stronger human firewalls in your personal and professional life.

🔴 LIVE Q&A - Bring your questions about social engineering, security awareness, or specific scenarios you've encountered!

Register to attend now and meet us there, live!

SCMG PRESENTS SIMPLY SOCIAL ENGINEERING

Wednesday, July 9 at 1:00 PM EDT - What Makes a Social Engineer?

In the first episode of Simply Social Engineering, host Eddie Miro shares his wild journey from a rough start in life to a career in cybersecurity.

This episode kicks off a new show all about the human side of hacking: how people manipulate, persuade, and influence.

Expect fresh takes, real stories, and interviews with social engineers and other sharp minds who know how to get results.

Click to join us for this exciting new podcast premiere!

SIMPLY CYBER FIRESIDES PSYCHOLOGY IN CYBER OPS

Thursday, July 10 at 4:30 PM EDT - Leveraging Psychology in Cyber Ops

Join host Gerald Auger, Ph.D. for an insightful conversation with John Caballero, a cybersecurity expert with over 25 years of experience in leveraging social and cyberpsychology in the workplace.

John brings a unique perspective to cybersecurity, having served as the former Cyber leader of Florida's Economic Development agency under 6 Florida Secretaries of Commerce.

What makes John's approach distinctive is his expertise in the human element of cybersecurity. He's developed the ".01% Defense Methodology" to help organizations stay "Left of Boom" by focusing on cyberpsychology principles.

Don't miss this opportunity to learn how psychology can strengthen your cyber operations and ask questions about bridging the gap between human behavior and cybersecurity defense strategies.

Set your notifications and bring your questions!

SCMG PRESENTS SIMPLY SECURED PODCAST

Friday, July 11 at 9:30 PM EDT - Cyber and OSINT: Fueled by Curiosity

Are you ready for the premiere of Simply Secured with James McQuiggan? It’s happening this Friday!

This is a podcast you do not want to miss! Prepare to tune in and meet #TeamSC there. Each episode of Simply Secured will feature a cybersecurity community member you should get to know more about.

His special guest on this inaugural episode is the talented Dennis Keefe, Simply Cyber community member currently on a journey into the world of OSINT.

Join us after the Daily Cyber Threat Brief on Simply Cyber - we can’t wait and hope to see you there!

Visit youtube.com/@SimplyCyber/podcasts to explore all the SCMG podcasts!

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

SIMPLY CYBER CON 2025

When: Sunday, Nov. 2nd & Monday, Nov. 3rd

We’re excited to share Simply Cyber Con is back for the third year in a row!

Registration is now available! Head over to the website to learn more about conference registration and training day options.

Ready to share your knowledge at Simply Cyber Con? Navigate to the Call For Papers section of simplycybercon.org and submit yours now!

Interested in sponsoring? Review the sponsor packet. It’s going to be the best Simply Cyber Con yet, don’t miss out on this chance to sponsor and share your business with #TeamSC!

Stay tuned for updates! #simplycybercon

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!

SC ACADEMY HANDS-ON PHISHING COURSE

🎣 HANDS-ON PHISHING WITH TYLER RAMSBEY DROPS THIS TUESDAY!!!

Starting on Tuesday, July 8th, the brand new course, Hands-On Phishing with Tyler Ramsbey will be available at an Early Bird Special of $24.99 - for one week only!

This course takes you far beyond theory. You’ll get real, practical experience with:

• Building full phishing infrastructure from scratch,

• Purchasing & configuring custom domains,

• Conducting OSINT to identify high-value targets,

• Launching phishing campaigns using GoPhish and Evilginx,

• Bypassing MFA through session token hijacking,

• Executing vishing attacks via phone spoofing,

• Evading email security controls and common defenses

Whether you’re simulating the attack or defending against it — this course is your edge.

Click here to follow Simply Cyber Academy on LinkedIn for the post that will drop on Tuesday morning to get the code for the Early Bird Special with $10 off the normal price!

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry