Simply Cyber Newsletter
Posts
Simply Cyber Newsletter #163

Simply Cyber Newsletter #163

Crush Your Week Like a Cyber Pro with Simply Cyber!

Gerald Auger & Chuck Sapp
January 05, 2026

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

Most Parked Domains Now Serving Malicious Content. Researchers found that most parked or mistyped domains now redirect users to scams, fake antivirus pages, and malware instead of harmless placeholder sites. These redirects often trigger automatically when the visitor is using a residential internet connection, making accidental typos a much higher-risk activity than before.

What you need to know: Explain to your end users that many scam sites no longer rely on someone clicking a bad link. Simply mistyping a popular website address or visiting an expired domain can trigger automatic redirects to fraudulent pages designed to steal information or install malware. Some attackers also register misspelled email domains, meaning messages sent to the wrong address can go straight to cybercriminals.

Encourage users to slow down when typing website addresses, use bookmarks for important sites, and rely on saved links instead of entering URLs manually. If a page looks unfamiliar, asks for payment, or shows security warnings, close the browser instead of interacting with it. Remind users to report suspicious redirects so the security team can investigate patterns and protect others.

FOR PEERS

Fake MAS Windows activation domain used to spread PowerShell malware. A typosquatted MAS activation domain tricked users who mistyped a single character in a PowerShell command, delivering Cosmali Loader malware that installed cryptominers and XWorm RAT. The incident reinforces the risks of unverified scripts, unofficial activators, and retyped commands pulled from look-alike domains.

What you need to know: Share this story with your peers and have conversations about how this attack follows the same deception patterns we warn end users about, only in a technical workflow. The delivery-phishing story relied on urgency and familiarity, and this campaign used the same psychology by targeting routine habits, trust in instructions, and small typing mistakes during command execution.

Use this story to reinforce disciplined behavior across engineering and security teams. Validate script sources before running them, avoid manually retyping commands when possible, and treat unofficial activation tools as high-risk even if they seem convenient or widely used. Encourage peers to run unknown utilities in isolated environments and recognize that technical users are still vulnerable to social engineering when attackers target speed, habit, and routine.

FOR EXECUTIVES

22 Million Affected by Aflac Data Breach. Aflac disclosed a June 2025 cyber incident that exposed personal data for about 22.65 million people, including customers, beneficiaries, employees, and agents. The breach involved highly sensitive identity and medical information, and Aflac is offering two years of monitoring and protection services.

What you need to know: Share this story with your executives and have conversations about what your organization is doing to protect large volumes of sensitive personal and customer data. This incident shows that the most damaging outcome is often not system downtime, but the exposure of identity and account information that drives regulatory scrutiny, legal risk, and long term reputational impact. Use this as an opportunity to review where sensitive records live, who can access them, how vendors and partners interact with that data, and whether your incident response, notification, and customer support plans are ready for a large scale data exposure event.

JOIN US EVERY WEEKDAY DAILY CYBER THREAT BRIEF

Gerald Auger, Ph.D. livestreams the Daily Cyber Threat Brief on Simply Cyber on weekdays at 8:00 AM EST.

Join the party with cybersecurity enthusiasts and professionals alike who enjoy learning about the latest in cybersecurity news and staying connected.

Meet #TeamSC in live chat and join the community! https://simplycyber.io/streams

NEW VIDEO SERIES: JUNIOR VS SENIOR GRC ANALYST

Part 1: Junior vs Senior GRC | The Risk Prioritization Question

What does it take to prioritize risk like a senior GRC professional? In this video, three cybersecurity professionals tackle the same challenging scenario:

"Your organization has identified 50 high-risk findings from a recent security assessment. You have budget and resources to address only 15 of them this quarter. Walk me through your process for prioritizing which risks to remediate first."

Watch as Gerald breaks down how an aspiring analyst, a mid-level GRC professional with 3 years in healthcare, and a senior GRC leader approach this real-world prioritization challenge—and learn what separates good answers from exceptional ones.

Check out the video now to learn more: https://youtu.be/BbBwJBuwYtc

SIMPLY CYBER SKILLS STREAM: JANUARY 13TH

Personal Branding for Your Cyber Career in 2026

LinkedIn has become one of the most powerful career tools in cybersecurity. Recruiters use it to find talent.

Hiring managers use it to validate candidates. Peers use it to build credibility and community. Yet many cyber professionals struggle with what to post, how to show expertise, or how to stand out without feeling uncomfortable or self-promotional.

In this Simply Cyber Skills Stream, Gerald Auger and Mike Miller break down how cybersecurity professionals can use LinkedIn intentionally to increase visibility, build trust, and create career opportunities at any stage. This is not about becoming an influencer or posting every day. It is about learning how to communicate your value, share what you know, and engage in ways that actually matter in the cyber industry.

You will learn how LinkedIn really works for cybersecurity professionals, why your profile and activity matter more than you think, and how small, consistent actions can compound into meaningful opportunities over time.

What You Will Learn:

Why LinkedIn has become a primary platform for cybersecurity hiring and career growth
How recruiters and hiring managers evaluate LinkedIn profiles and activity
How to position your experience and interests without sounding like a resume
Practical ways to create content even if you think you have nothing to say
Simple post ideas that demonstrate expertise, curiosity, and professionalism
How engagement and conversation drive visibility more than posting alone
Why video content accelerates trust and differentiation on LinkedIn
How to build a sustainable system for showing up consistently

Who This Skills Stream Is For:

Cybersecurity professionals at any career stage
Students and career changers trying to break into the industry
Practitioners who want to increase visibility without self-promotion
Professionals who want better opportunities to find them

You will leave this session with a clearer understanding of how LinkedIn fits into your cybersecurity career strategy, practical ideas you can apply immediately, and the confidence to start showing up more intentionally.

The goal is progress, not perfection. Meet us on January 13th at 1:00 PM EST: https://luma.com/wwu7427v

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

Join us for learning and networking: simplycyber.io/streams & simplycyber.io/discord

SC ACADEMY THE PLACE FOR CYBER CAREERS

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry