Simply Cyber Newsletter #90

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Russian APT uses a car for sale as a phishing lure. A Russia-linked APT group, Fighting Ursa, used a fake car ad to distribute the HeadLace backdoor, targeting diplomats. The campaign began in March 2024, using phishing and legitimate services to deploy malware, continuing their evolving tactics to exploit diplomatic targets.

What you need to know: A recent case of a sophisticated phishing attack involved a fake car advertisement that targeted diplomats with malware. This type of attack, known as whaling or spearphishing, uses personalized lures to trick specific individuals into clicking on malicious links. The unique hook—a seemingly harmless car ad—demonstrates how easily anyone can fall victim. As a security awareness professional, this is a perfect case study to share with your end users. Use it to highlight the importance of scrutinizing unexpected emails and remind them to report anything suspicious immediately. Educating your team on this example can strengthen your organization’s defenses.

FOR PEERS

Researchers find flaws in Georgia voter portal. A security flaw in Georgia's voter registration cancellation portal allowed anyone to submit cancellation requests using easily discoverable personal information. The issue, exposed by a cybersecurity researcher, was fixed after media alerts, but concerns remain about the portal's overall security and vetting process.

What you need to know: The recent security flaw in Georgia's voter registration cancellation portal underscores the critical need for thorough security testing of public-facing systems. This vulnerability, which could have been easily exploited, highlights the importance of robust coding practices and regular security audits. Simple coding oversights can lead to significant risks, potentially undermining trust in essential services. As cybersecurity professionals, we must remain vigilant in testing and securing all online portals. Share this story with your peers and discuss ways to enhance your organization's vetting process.

FOR EXECUTIVES

CrowdStrike to give customers control over Falcon sensor updates. CrowdStrike is enhancing control over Falcon sensor updates after a faulty update caused crashes in 8.5 million Windows systems. The company has implemented new safeguards and independent reviews to prevent recurrence while facing lawsuits from affected customers and shareholders.

What you need to know: Use CrowdStrike’s recent incident as a case study to emphasize the importance of robust testing and proactive incident response in your organization's cybersecurity strategy. Highlight how CrowdStrike's leadership took decisive action to address the issue, enhancing their processes to prevent future disruptions. Encourage business leaders to consider these lessons when evaluating your organization's security practices, ensuring that all vendors and internal systems undergo rigorous testing and review. This approach not only strengthens your organization's resilience but also reinforces the need for continuous improvement and vigilance in cybersecurity.

SIMPLY CYBER FIRESIDES

Join us on August 15th! “DFIR: All You Need to Know” on Simply Cyber Firesides with your host, Gerald Auger, Ph.D. and special return guest and Forensics Expert, Jessica Hyde, Founder at Hexordia.

In this episode, Gerald and Jessica will discuss the latest trends and challenges in digital forensics, sharing insights and experiences from their extensive careers. Don’t miss this opportunity to learn from one of the leading experts in the field!

Last time Jessica was on the show we ran into overtime with all of your questions and the resources dropped were priceless! Be sure to tune in and bring your questions to live chat and get them answered by the pro directly!

🔔 Subscribe and hit the notification bell to stay updated on all our latest episodes! Join us at 4:30 PM EDT this Thursday!

Mission Accomplished: H4xx0r Summer Camp

Last week, I attended Black Hat and DEF CON 32 and it was a busy week in Las Vegas! Woke up early to host and share the sunrise with #TeamSC, hosted some amazing guest interviews for Black Hat, met with friends and made some new connections.

On Friday, #TeamSC joined me for the Simply Cyber DEF CON 32 Meetup. A great time was had by all and we can’t wait to do it all over again next year!

Stay current on trending topics, tips, and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel so I can find it.

Thank you so much and see you next Monday!

Have a great week everybody!

Gerry

MORE FROM SIMPLY CYBER

Catch the most popular weekday cyber threat news analysis live stream around. Meet the most supportive community ever.

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, Twitch, and your favorite podcast platform:

SIMPLY CYBER ACADEMY

Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

Visit academy.simplycyber.io to learn more. The popular GRC Analyst Master Class and Cyber 101 courses are below. We even have new courses coming to the academy. Check it out!