Simply Cyber Newsletter #96

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

Credential Flusher steals login credentials directly from browser. Credential Flusher is a dangerous cyberattack that allows hackers to steal your login information directly from your web browser. This attack involves an AutoIt script that tricks victims into entering their credentials on a browser in kiosk mode, making it hard to exit the page. Combined with other malware, hackers can collect your login details.

What you need to know: Cybercriminals are using more sophisticated methods, like Credential Flusher, to steal your login credentials, but they still rely on basic security weaknesses. You can protect your work and personal accounts by following simple but essential steps: keep your antivirus software updated, enable two-factor authentication (2FA) wherever possible, and be cautious when handling unexpected emails or links. Using strong, unique passwords for each account is vital, and password managers can make this easier. These practices may seem repetitive, but they are still the most effective way to prevent attackers from accessing your sensitive information.

Lastly, regularly review your account activity for any unusual behavior and report anything suspicious immediately. Taking this extra step can help catch potential threats before they cause damage.

FOR PEERS

Construction companies potentially vulnerable through accounting software. Hackers are targeting construction companies using Foundation accounting software by exploiting default usernames and passwords for administrative access. Brute-force attacks on publicly exposed Microsoft SQL Server (MSSQL) databases have impacted industries like plumbing, concrete, and HVAC, according to Huntress researchers.

What you need to know: Security analysts should prioritize reviewing default configurations for any business-critical software to prevent exploitation, as demonstrated by the failure to update default credentials in many cases. Strengthen brute-force detection mechanisms, especially for publicly exposed database services like MSSQL, by monitoring for unusual login activity. Ensure proper network segmentation by placing sensitive systems behind firewalls or VPNs and eliminating unnecessary public exposure of TCP ports. Proactive engagement with vendors is essential for addressing vulnerabilities. Coordinate with software providers to implement recommended security updates and best practices. This approach will help mitigate risks and protect against potential breaches in your environment.

FOR EXECUTIVES

Over a third of cyberattacks result in job losses. Over half of organizations faced cyber threats, with larger companies hit harder. A Databarracks survey revealed 37% of IT professionals reported job losses from attacks, emphasizing the need for stronger cybersecurity strategies and employee training to minimize risks.

What you need to know: Business executives must recognize that cyber-attacks pose significant operational risks, including data loss and downtime, which directly affect productivity and revenue. While insurance may cover some financial losses, the broader impact (job losses and workforce disruptions) can harm morale and long-term stability. To mitigate these risks, leadership must prioritize cybersecurity as a core business issue, ensuring robust defenses are in place, employees are properly trained, and recovery plans are clearly communicated. By equipping staff to recognize and respond to threats, executives can reduce uncertainty, enhance resilience, and minimize the impact of future attacks on their organizations.

Stay current on trending topics, tips, events and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Thank you so much and see you again next Monday!

Have a great week, #TeamSC!

Gerry

SIMPLY CYBER FIRESIDES

When & Where: Thursday, September 25 on Gerald Auger, Ph.D. - Simply Cyber YouTube

The "Insider" View on Hacking & Bug Bounties with the incredible Katie Paxton-Fear @InsiderPhD. This is the second time Katie has joined #TeamSC. The first time was amazing and the community wanted more - you do not want to miss round 2!

Katie is a renowned figure in the cybersecurity world, known for her exceptional skills as a hacker, educator, and content creator. With a stellar career in Bug Bounty, she has uncovered numerous vulnerabilities, making the digital world a safer place for everyone.

As an educator, Katie has inspired countless individuals to pursue careers in cybersecurity, sharing her knowledge and passion through engaging content and insightful talks. Her contributions to the community are invaluable, and we can’t wait to hear her insights on Simply Cyber Firesides.

Find Katie on YouTube @InsiderPhD and don’t forget to set your notification by clicking the image below.

SIMPLY CYBER CON

When & Where: Friday, November 1 - Charleston, SC

Simply Cyber Con is hybrid, available to attend IN-PERSON in Charleston, SC, or VIRTUAL.

Speakers are presenting in-person on location in Charleston, SC, and will be streamed for virtual attendees. Register to attend in-person or remote now at simplycybercon.org.

DAILY CYBER THREAT BRIEF SIMPLY CYBER

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever. #TeamSC

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, and your favorite podcast platform. Click the links below to favorite on your devices.

CAREER TRAINING FROM SIMPLY CYBER ACADEMY

Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy. We specialize in GRC!

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. Plus, we have TWO new course recently released. Check it out at academy.simplycyber.io to learn more.