Simply Cyber Newsletter #156

In partnership with

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

China-Aligned UTA0388 Uses AI Tools in Global Phishing Campaigns. Researchers observed a phishing campaign using AI generated emails, fake institutions, and extended conversations to trick people into downloading harmful files. The messages looked professional and sometimes included unusual attachments, highlighting a growing shift toward more convincing and automated phishing tactics.

What you need to know: Educate your end users about new phishing tactics that feel more human and harder to spot. Attackers are now using AI tools to write emails that sound like real people, hold conversations, and send strange files disguised as research or documents. Instead of sloppy grammar, you may see well written messages, personalized greetings, or unusually friendly follow up replies. Some attacks even include bizarre file extras like unrelated videos or random text, which is a red flag. Remind your team to slow down, verify who they are talking to, and avoid opening unexpected attachments. If an email feels off, report it instead of responding. Building safer habits now prevents future damage for everyone.

FOR PEERS

Drilling Down on Uncle Sam’s Proposed TP-Link Ban. The U.S. government is considering a ban on TP-Link routers over national security concerns tied to Chinese influence and prior abuse of the devices in state-sponsored cyberattacks. TP-Link disputes the claims, but the proposal highlights ongoing concerns about supply chain trust and insecure consumer-grade networking gear.

What you need to know: Share this story with your peers and have conversations about what your organization is doing to validate trust in the hardware and infrastructure it depends on, even if you do not use TP-Link or consumer-grade equipment. The proposed ban is a reminder that insecure or unverified devices can still enter your environment through remote workers, contractors, vendors, and unmanaged home networks. This is less about a single brand and more about visibility, updateability, and supply chain trust. Cheap networking gear often ships insecure, remains unpatched, and operates outside traditional monitoring. Use this moment to revisit remote access requirements, asset discovery, and assumptions about what is allowed to touch production systems. If the conversation turns to this topic, be prepared to ask how confident you are in the devices your users plug in before they ever reach the corporate network.

FOR EXECUTIVES

Two key cyber laws are back as president signs bill to end shutdown. A last-minute funding bill temporarily revived two major cyber authorities: the CISA threat-sharing protections from 2015 and the State and Local Cybersecurity Grant Program. Both now expire January 30. The renewal avoids immediate risk, but it leaves organizations and government partners operating without long-term certainty.

What you need to know: Executives should treat this short-term reauthorization as a strategic risk indicator. The legal protections enabling private sector threat intelligence sharing are now on a countdown clock. If Congress fails to act, companies could lose liability safeguards and face uncertainty in how they engage with federal partners during an incident. The same temporary window applies to the grant program funding state and local cybersecurity efforts, which ultimately support the infrastructure every business depends on.

This isn’t just a policy story. It’s a continuity and resilience issue. Organizations must understand what dependencies, partnerships, or reporting expectations are tied to authorities that could go dark overnight.

A strong security program isn’t built around what exists today but what could disappear tomorrow.

Realtime User Onboarding, Zero Engineering

Quarterzip delivers realtime, AI-led onboarding for every user with zero engineering effort.

✨ Dynamic Voice guides users in the moment
✨ Picture-in-Picture stay visible across your site and others
✨ Guardrails keep things accurate with smooth handoffs if needed

No code. No engineering. Just onboarding that adapts as you grow.

See how it works

SIMPLY CYBER MEDIA GROUP PODCAST HIGHLIGHT

Thursday at 9:30 AM ET on Simply Cyber Media Group

Think Like a Spy, Hunt Like a Hacker: Former FBI Agent Eric O’Neill on Outsmarting Cybercriminals

In this episode of the Cybersecurity Mentors Podcast, Eric O'Neill shares his experiences as an undercover FBI agent who caught one of the most damaging spies in U.S. history, Robert Hansen.

He discusses the evolution of cybercrime, the importance of understanding cyber attacks, and the intersection of espionage and cybersecurity. O'Neill emphasizes the need for a proactive approach to cyber defense, the dangers of the dark web, and the psychological tactics used by cybercriminals.

He also provides valuable advice for aspiring cybersecurity professionals and highlights the importance of traits like attention to detail and flexibility in investigations.

👉 Set a reminder and meet us there: https://youtu.be/Zj0DMTInqgI

Visit https://www.youtube.com/@SimplyCyber/podcasts to catch up on all of the podcasts available on Simply Cyber Media Group!

JOIN US EVERY WEEKDAY DAILY CYBER THREAT BRIEF

Gerald Auger, Ph.D. livestreams the Daily Cyber Threat Brief on Simply Cyber on weekdays at 8:00 AM EST. It’s a party full of cybersecurity enthusiasts and professionals of all levels who enjoy learning about the latest in cybersecurity news and staying connected.

Meet #TeamSC in live chat and join the community! https://simplycyber.io/streams 

CHECK OUT THE CYBER CEO SUMMIT

🚀 Calling all cybersecurity founders, CEOs, and investors!

On Dec 10 in Austin, TX, the CyberCEO Summit is THE place to be.

Join industry leaders like Ross Haleliuk and Nick Muy, plus top security innovators, for deep dives on scaling your business, securing funding while navigating today’s complex market and GTM challenges.

It’s your chance to:

• Connect 1x1 with security analysts, investors, and influencers

• Gain real-world insights and feedback you can act on immediately

• Build powerful relationships that could accelerate your company’s next phase of growth

If you’re serious about shaping the future of cybersecurity, you don’t want to miss these conversations or the opportunity to define your next big move.

Get your pass - see you in Austin!

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

Join us for learning and networking: simplycyber.io/learn & simplycyber.io/discord

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry