Simply Cyber Newsletter #139

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

Google Gemini flaw hijacks email summaries for phishing. Researchers found that attackers can trick Google Gemini into summarizing emails with fake security warnings, using hidden text that you cannot see. These summaries may include phone numbers or messages urging you to act, even though the original email had no links or attachments.

What you need to know: Share this with your end users and focus on the phishing risks of trusting AI-generated summaries without context. Understand that an AI summary is only as trustworthy as the message it came from. Attackers can hide invisible instructions inside an email that the AI will read and repeat back to you. The goal is to make the summary sound urgent or official, tricking you into action such as warning that your account is at risk or urging you to call a fake support number.

If an AI summary includes a security alert, stop and do not click links or call numbers from the summary. Your only action should be to find and read the full, original email to see what is actually going on. AI is a tool, not a final decision-maker.

FOR PEERS

CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’. CISA has ordered federal agencies to patch what they've dubbed "Citrix Bleed 2" (CVE-2025-5777) within 24 hours due to active exploitation and high risk. The bug impacts self-managed NetScaler ADC and Gateway appliances, allowing attackers to hijack sessions and bypass MFA.

What you need to know: "This alert is not for cloud services; it's for the hardware you run in your own environment. Ask your peers if you host NetScaler appliances internally, if so, you need to act now on CVE-2025-5777. Active exploitation has been confirmed, allowing attackers to steal session tokens, bypass MFA, and move laterally across your network.

If you aren’t directly impacted, use this as a stress test for your own team. How quickly can your organization patch when a critical CISA alert drops? Can your organization detect token hijacking in real time? An incident like this isn't just a test of your technology, rather a test of your organization's readiness.

FOR EXECUTIVES

DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total. Cloudflare reports that the number of DDoS attacks it blocked in the first half of 2025 has already surpassed the entire volume for 2024. This includes a rise in hyper-volumetric attacks, with one peaking at 7.3 Tbps. Telecom, IT, and even agriculture sectors were among the most targeted.

What you need to know: Share this with your leadership team and talk through what a DDoS disruption would look like for your business. These attacks are increasing in scale and frequency, and they are being used to deliberately knock services offline. The question is not just whether your organization is protected, but whether your vendors are. If a key provider goes down, the impact could cascade into your own operations.

Take time to review your DDoS mitigation strategy. Relying on default protections from a cloud provider may not be enough. Look at how traffic is managed, how fast your team can respond, and how service restoration is communicated. These are executive-level decisions that affect risk, reputation, and resilience.

SCMG PRESENTS SIMPLY OFFENSIVE PODCAST

Tuesday, July 22 at 9:30 PM EDT - Community, Burnout, and Leveling Up in Offensive Security with Joe Brinkley

In this powerful and heartfelt episode of Simply Offensive, Phillip Wylie is joined by Joe Brinkley, better known as The Blind Hacker, Founder of the DeadPixelSec community and a seasoned offensive security professional.

Joe shares his journey from sysadmin to red teamer, his philosophy on mentorship, and candid insights on burnout in cybersecurity.

Whether you're breaking into the field or leveling up, this episode offers invaluable advice on growth, community, and sustainability.

Click here to join us, subscribe, and set your notifications!

SCMG PRESENTS SIMPLY SOCIAL ENGINEERING

Wednesday, July 23 at 1:00 PM EDT - How to Be a Social Engineer (Or Just a Better Human)

This solo episode is packed with real, actionable advice for improving your social skills—whether you're trying to get better at social engineering or just want to connect with people more effectively.

No fluff, no gimmicks, just proven principles and field-tested habits that actually work.

Join us for this exciting new podcast from Simply Cyber Media Group!

SCMG PRESENTS CYBERSECURITY MENTORS PODCAST

Thursday, July 24 at 9:30 AM EDT - Unlocking the Power of Soft Skills in Cybersecurity

It's the Season 4 premiere of the Cybersecurity Mentors Podcast, with your hosts, John and Steve! Join us as we discuss the critical role of soft skills in the cybersecurity field.

In this episode we discuss how technical skills are essential, but soft skills such as communication, empathy, adaptability, critical thinking, and teamwork are equally important for career growth and success.

Tune in after the Daily Cyber Threat Brief - we hope to see you there!

SCMG PRESENTS SIMPLY SECURED PODCAST

Friday, July 25 at 9:30 AM EDT - Blending Bytes and Barley: Ryan Pearson's Unique Tech Adventure

Ever wondered how a passion for home brewing could blend seamlessly with a career in cybersecurity? In this episode, we sit down with Ryan Pearson, known to many as "Brews n' Hacks," to explore the fascinating intersection of these two worlds and the valuable lessons they share.

Whether you're a cybersecurity professional looking for fresh perspectives or a home brewing enthusiast curious about the world of digital security, Ryan's story offers a unique blend of insights that will inspire and inform. Join us as we explore the unexpected synergies between crafting the perfect brew and safeguarding our digital world.

Meet us there at 9:30 AM EDT on Simply Cyber!

Visit youtube.com/@SimplyCyber/podcasts to explore all the SCMG podcasts!

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

SIMPLY CYBER CON 2025

When: Sunday, Nov. 2nd & Monday, Nov. 3rd

We’re excited to share Simply Cyber Con is back for the third year in a row!

Registration is now available! Head over to the website to learn more about conference registration and training day options.

Ready to share your knowledge? Navigate to the Call For Papers section of simplycybercon.org and submit yours now!

Interested in sponsoring? Review the sponsor packet. It’s going to be the best Simply Cyber Con yet, don’t miss out on this chance to sponsor and share your business with #TeamSC!

Stay tuned for updates! #simplycybercon

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry