Simply Cyber Newsletter #93

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Woman uses AirTag to catch thieves stealing her mail. A California woman used an Apple AirTag to track down thieves who were stealing her mail. The Santa Barbara Sheriff's Office arrested two suspects after tracing the AirTag to them, uncovering stolen mail and other items linked to over a dozen victims.

What you need to know: "This is a great topic to share with your end users - yes, even though it is not a cyber topic. :)

Mail theft is on the rise, especially as the holiday season approaches. Criminals are increasingly targeting PO boxes, where checks and sensitive documents are dropped off, often exploiting lost or unaccounted-for keys used to access these boxes. These thefts frequently lead to fraud, identity theft, and other crimes. To protect yourself, consider taking your mail—particularly checks and important documents—directly into the post office rather than leaving them in outdoor or unsecured boxes. This simple action reduces the risk of theft and ensures your mail is securely handled. Additionally, regularly monitor your accounts for unauthorized transactions, especially if you’ve recently mailed checks. By following these precautions, you can help safeguard your mail and avoid the serious consequences of theft.

Remember: Unless it is in physical control and observation of a postal employee or office, consider the risk dropiing it into another box. This includes the drive-up boxes just outside the post office as well."

FOR PEERS

Google cloud bucket leak tied to business of Shark Tank contestant. A misconfigured Google Cloud Storage bucket linked to Alice’s Table exposed the personal data of over 83,000 customers, including names, emails, and addresses. The incident highlights the widespread issue of insecure cloud storage, which poses significant security risks, including phishing and data breaches.

What you need to know: This incident is a timely reminder to share with your peers, encouraging them to consider the risks of cloud misconfigurations, especially as more businesses transition to the cloud. With so many organizations making this move, it is important to ensure that each step is carefully planned and rigorously tested. Misconfigurations like the one affecting Alice's Table highlight the importance of securing cloud environments. Discussing these risks and best practices with your teams can help everyone stay vigilant and better prepared to address potential vulnerabilities as they navigate the cloud landscape.

FOR EXECUTIVES

Online scam cycles are getting shorter and more effective. Chainalysis found that cybercriminals are shifting to shorter, faster, and more targeted scam campaigns, using disposable infrastructure and blockchain technology to evade detection. This trend suggests evolving threats to businesses and online security.

What you need to know: Share this with your business leaders. Let them know that research is showing the trend in cybercrime is changing, as Chainalysis reports a shift toward shorter, more targeted scam campaigns using disposable infrastructure and blockchain technology. View this evolving threat as an opportunity to strategically discuss the roadmap for enhancing online activity monitoring and increasing investment in real-time threat intelligence solutions to identify and mitigate these fast-moving scams. Also, consider engaging your teams in scenario planning exercises to uncover blind spots and sharpen your responses, turning this evolving threat landscape into a competitive advantage.

SIMPLY CYBER CON

Simply Cyber Con is Coming This November!

When & Where: Friday, November 1 - Charleston, SC

Simply Cyber Con is now a hybrid event, available to attend IN-PERSON in Charleston, South Carolina, or VIRTUAL.

Speakers are presenting in-person on location in Charleston, SC, and will be streamed live on Simply Cyber Con's YouTube Channel.

Simply Cyber Con YouTube: https://www.youtube.com/@SimplyCyberCon

Learn more about SC Con and Register to Attend! simplycybercon.org.

We hope to see you there, either in-person or virtual! #conference #hybrid

Stay current on trending topics, tips, and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Thank you so much and see you next Monday!

Have a great week everybody!

Gerry

MORE FROM SIMPLY CYBER

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever. #TeamSC

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, and your favorite podcast platform:

SIMPLY CYBER ACADEMY

Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

Visit academy.simplycyber.io to learn more. The popular GRC Analyst Master Class and Cyber 101 courses are below. We even have new courses coming to the academy. Check it out!