Simply Cyber Newsletter #151

Crush Your Week Like a Cyber Pro with Simply Cyber!

In partnership with

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

DRAFTKINGS THWARTS CREDENTIAL STUFFING ATTACK, BUT URGES PASSWORD RESET AND MFA. DraftKings detected a credential stuffing attack where stolen logins from other breaches were used to access user accounts. No data was stolen, but the incident is a reminder that password reuse remains one of the biggest risks online. Using unique passwords and MFA can stop most attacks.

What you need to know: Educate your end users about how attackers reuse stolen usernames and passwords from past data breaches to break into other accounts. This is called credential stuffing, and it works because many people use the same password across multiple sites. DraftKings recently experienced this type of attack when threat actors used stolen logins from unrelated breaches to access user accounts.

The company responded quickly and found no evidence of system compromise, but it is a wake-up call for everyone. Always use unique passwords for every site, ideally managed through a password manager, and enable multifactor authentication whenever it is available. These two steps stop most credential-based attacks.

Since it is Cybersecurity Awareness Month, remind employees to take an extra minute to review their online security habits. If a service you use does not offer stronger protection such as MFA or login alerts, ask yourself if it is worth trusting with your data. Good security habits protect more than your account; they protect your peace of mind.

FOR PEERS

Critical Flaw Exposes 60,000 Redis Servers to Remote Exploitation. A critical flaw dubbed “RediShell” has been discovered in Redis, affecting roughly 60,000 servers exposed online. The 13-year-old vulnerability allows attackers to execute code remotely if authentication is weak or missing. Redis has issued patches, and admins should verify configurations and restrict public exposure immediately.

What you need to know: Share this story with your peers and ask if Redis is in your environment. The RediShell vulnerability (CVE-2025-49844) shows how something old, stable, and widely trusted can quietly carry catastrophic risk. Redis is heavily used in cloud environments, and this flaw lived undetected for over a decade.

Even if you are not running Redis, this should spark a conversation about what else in your environment could have a similar footprint. How many dependencies, embedded engines, or legacy frameworks have been running untouched for years? How often do you validate exposure on systems assumed to be internal-only?

Use this as a scenario to test your organization’s visibility. Do you have an inventory that tracks runtime components? Are you monitoring authentication and configuration drift? The goal is not just to patch what is known, but to uncover what has quietly aged into risk without anyone noticing.

FOR EXECUTIVES

Azure outage blocks access to Microsoft 365 services, admin portals. A major Azure Front Door outage disrupted Microsoft 365 services across Europe, Africa, and the Middle East. Microsoft restored most capacity within hours, but the incident highlights how even large providers face cascading issues. Leaders should use this event to revisit cloud dependency and business continuity assumptions.

What you need to know: Executives should view the recent Azure Front Door outage as a reminder that cloud reliability is not absolute. Microsoft’s disruption impacted access to Microsoft 365 and related portals across several regions before recovery began. Even with failover mechanisms, the ripple effect reached essential productivity and identity services.

This incident highlights the importance of understanding where your business operations depend on a single vendor or cloud region. It is not about whether Microsoft is secure or capable; it is about how your organization prepares for moments when critical services go down.

If the conversation turns to this topic, be prepared to ask: 1. What are our contingencies if core cloud services become unavailable? 2. How do we communicate outages to customers and employees? 3. When was the last time we tested our continuity plan end to end?

The Future of the Content Economy

beehiiv started with newsletters. Now, they’re reimagining the entire content economy.

On November 13, beehiiv’s biggest updates ever are dropping at the Winter Release Event.

For the people shaping the next generation of content, community, and media, this is an event you won’t want to miss.

SIMPLY CYBER MEDIA GROUP PODCAST HIGHLIGHT

The Cybersecurity Mentors are BACK!

Magician, podcaster, and World’s Greatest Con creator Brian Brushwood joins us to talk about the coming Scampocalypse, where AI-powered deception meets human vulnerability.

Join your hosts, John and Steve as we explore how magic, psychology, and “deceptive role play” can transform security awareness from boring quizzes into hands-on human defense training.

Learn why Brian says it’s time to stop training “sheep” and start raising “wolves.” https://youtu.be/TaioK84sG64

Visit https://www.youtube.com/@SimplyCyber/podcasts to catch up on all of the podcasts available on Simply Cyber Media Group!

SIMPLY CYBER CON 2025

When: Sunday, Nov. 2nd & Monday, Nov. 3rd

We’re excited to share Simply Cyber Con is back for the third year in a row!

Registration is now available! Head over to the website to learn more about conference registration and training day options.

SIMPLY CYBER CON IN-PERSON TRAINING: GRC RISK

Check out the short below to learn more about the GRC training option with Steve McMichael at Simply Cyber Con 2025:

Don’t miss the opportunity to attend onsite training in-person with the amazing instructors on Nov. 2nd!

Stay tuned for updates! #simplycybercon

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

Join us for learning and networking: simplycyber.io/learn & simplycyber.io/discord

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry