Simply Cyber Newsletter #87

Crush Your Week Like a Cyber Pro!

Gerald Auger
July 22, 2024

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Facebook ads push malware. Cybercriminals use Facebook ads to spread SYS01 malware, disguised as fake Windows themes and pirated games. Trustwave observed thousands of ads exploiting business pages, stealing browser cookies, credentials, and Facebook account information for further cybercrime.

What you need to know: This is just as much something to share with family and friends as it is with your end users. Cybercriminals are using Facebook ads to spread SYS01 malware, disguised as fake Windows themes and pirated games. These malicious ads exploit business pages to steal browser cookies, credentials, and Facebook account information. Please avoid clicking on suspicious ads and ensure your antivirus software is up to date. Report any suspicious activity to IT immediately to prevent potential data breaches.

FOR PEERS

Cloud security and PowerShell expertise emerge as key SOC analyst skills. AI is transforming SOCs, but essential skills remain, such as SIEM, XDR, and vulnerability remediation. Key additional skills include cloud security, PowerShell, and automation. SOCs struggle with staffing, visibility, and automation. Improved retention is linked to better work environments and automation. AI will enhance SOC efficiency and skill requirements.

What you need to know: Share this with your peers and discuss how PowerShell is a valuable skill, but it should be complemented with expertise in incident handling, threat hunting, and Python. Organize meetups to explore these critical skills together and build a comprehensive skill set. By collaborating, you can enhance your team's capabilities and better prepare for future SOC challenges. Engaging in peer learning and skill-building sessions will ensure your team remains adept and versatile in the ever-evolving cybersecurity landscape, leveraging both foundational and advanced skills effectively.

FOR EXECUTIVES

CrowdStrike update goes wrong, Friday morning is canceled. A faulty software update from CrowdStrike caused global IT disruptions, leading to widespread system reboots and affecting sectors like healthcare and transportation. This incident highlights the fragility of interconnected digital infrastructure.

What you need to know: The recent CrowdStrike update incident highlights the necessity of robust operational resilience and proactive incident response planning. Ensure comprehensive response plans, maintain cloud-based backups and redundant systems, and regularly test and update these measures. Establish clear communication channels and diversify cybersecurity tools and vendors. Investing in early detection systems and ensuring critical business functions can continue during disruptions will help maintain business continuity and minimize the impact of unexpected vendor-related issues.

Got Blackhat plans Wednesday 8/?: I'll be at an EPIC party in Las Vegas, EXPOSED, hosted by XM Cyber and Carahsoft, starting at 6pm PT, immediately when the Business Hall closes on 8/7 at BlackHat.

Join the party, get high fives, and connect with #teamSC folks for comfort food, cocktails and beers at Mandalay Bay hotspot, Libertine Social. There will be a lockpicking village too.

I hear that the first 100 guests will receive a souvenir.

When: 8/7 6PM-9PM || Where: Libertine Social (Mandalay Bay)

RSVP here and invite your friends
(Event is FREE!, an uber convenient party)

https://bit.ly/XMCyberParty

Find me at the party and get some sweet SC stickers!

Stay current on trending topics, tips, and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel so I can find it.

Thank you so much and see you next Monday!

Have a great week everybody!

Gerry