Simply Cyber Newsletter #98

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your end users, peers, and executives. Support weekly security awareness with Simply Cyber Newsletter!

FOR END USERS

DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks. The U.S. Department of Justice and Microsoft seized 107 phishing websites used by Russian hackers to steal sensitive information from U.S. government agencies and others. This action aims to disrupt ongoing cyberattacks linked to Russia's Federal Security Service (FSB).

What you need to know: Remind your end users that cybercriminals are always evolving their crafty tricks to steal personal information. They create fake emails and websites that look legitimate, making it easy to fall for their schemes. To stay safe, always double-check unexpected messages, even if they seem official. Avoid clicking suspicious links, and never share login details without verifying the sender. Even with multi-factor authentication (MFA) in place, be cautious of phishing attempts that ask for MFA codes or push notifications; never approve an unexpected MFA request. Staying alert can help you avoid becoming a victim of these attacks and prevent a security breach that could impact your entire organization.

FOR PEERS

Research reveals vulnerabilities in routers that left 700,000-plus exposed. Researchers discovered 14 vulnerabilities in over 700,000 DrayTek routers, including one with a maximum severity score of 10. The vulnerabilities expose networks to espionage, data theft, and ransomware. Patches are available, and immediate action is necessary for protection.

What you need to know: This is a great example to share with your peers in IT to emphasize the critical importance of patch management and vulnerability assessments. DrayTek routers, commonly found in commercial settings, were exposed to high-severity vulnerabilities, leaving systems at risk of exploitation. Encourage your team to ensure all patches are implemented immediately, particularly for essential network infrastructure like routers, which may not always receive priority. Additionally, ensure that default credentials are not used or available for use on any device, as this is a common vulnerability that attackers exploit. Use this situation to advocate for regular security audits of network equipment and remind your peers of the risks associated with unpatched and poorly configured devices. This is an opportunity to highlight the need for proactive cybersecurity measures, especially around critical but often overlooked network hardware.

FOR EXECUTIVES

Elaborate Deepfake Operation Takes a Meeting With US Senator. Senator Ben Cardin was targeted by a deepfake operation impersonating a Ukrainian official via Zoom. The attack was thwarted, but the incident highlights the growing sophistication of deepfakes, posing significant risks to businesses, from financial losses to reputational damage.

What you need to know: This is a great topic to bring to your executives to demonstrate the growing threat of deepfake attacks, with a specific focus on training. While this technology poses risks to all departments, the finance team is especially vulnerable due to the potential for wire fraud or unauthorized transactions. It's essential to prioritize training for executives and finance teams on how to verify requests, including those that seem to come from familiar sources. Additionally, implementing advanced measures like rotating unique phrases for payments or wires over a specific threshold can enhance your organization's defenses. This strategy will ensure that even if deepfakes become more sophisticated, there are extra layers of protection in place.

Stay current on trending topics, tips, events and resources in cybersecurity, connect with me on socials for new content, every day.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Thank you so much and see you again next Monday!

Have a great week, #TeamSC!

Gerry

SIMPLY DEFENSIVE DETECTION AS CODE

Premieres: Monday, Oct. 6th from Simply Cyber Media Group

In this episode of Simply Defensive, host Josh Mason talks with co-host Wade Wells about the concept of “detection as code,” a methodology in cybersecurity focusing on automating and enhancing detection logic using software development principles.

Wade shares his experiences and upcoming engagements, including his talk at Blue Team Con in Chicago. The duo delves into the intricacies of detection engineering, highlighting the similarities with DevOps practices and the importance of proper tuning and testing.

They discuss the challenges and benefits of employing detection as code, its future potential, and the role of cybersecurity tools like Splunk, CrowdStrike, and Google Chronicle.

We hope to see you in chat at 9:30 AM EDT, immediately following the Daily Cyber Threat Brief and Jaw Jackin’ AMA.

2 CYBER CHICKS WORKPLACE INTROSPECTION

Premieres: Wednesday, Oct. 8th from Simply Cyber Media Group

Join 2 Cyber Chicks for a personal discussion filled with reflection, as Jax and Erika chat through navigating challenging workplace situations. From delivering messages that resonate to leading with empathy and understanding; seeking to understand while promoting a collaborative environment; and, the importance of building trust with your team and clients.

We hope to see you in chat at 9:30 AM EDT, immediately following the Daily Cyber Threat Brief and Jaw Jackin’ AMA.

SIMPLY CYBER CON IS COMING NOV 1ST!

Date: Friday, Nov. 1 - Harbor Walk | College of Charleston, Charleston, SC

Simply Cyber Con is hybrid, available to attend live in-person, or virtual. Speakers are presenting in-person on location.

Learn more about Simply Cyber Con talks, how to make it a cybersecurity weekend with Security B-Sides Charleston, and register to attend NOW at simplycybercon.org.

Tickets are limited and we are less than a month away. Make your plans today! #teamsc

SIMPLY CYBER CON MERCH IS NOW AVAILABLE

Simply Cyber Con 2024 merch has arrived! We have an assortment of styles available for everyone.

Gear up for November 1st! Purchase your merch now.

Special thanks to Simply Cyber Con’s non-profit sponsor, Cybersecurity Central, for the design and merchandise support. Learn more about CC at CybersecurityCentral.org.

DAILY CYBER THREAT BRIEF SIMPLY CYBER

Catch the most popular weekday cyber threat news analysis live stream around and meet the most supportive community ever. #TeamSC

Join us on the Daily Cyber Threat Brief, available on YouTube, LinkedIn, and your favorite podcast platform. Click the links below to favorite on your devices.

SIMPLY CYBER ACADEMY FOR GRC CYBER CAREERS

Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. Plus, we have TWO NEW COURSES to excel your cyber career.

We specialize in GRC Cybersecurity Careers.Visit academy.simplycyber.io.