Actionable Cyber Intel #119
Simply Cyber
Make and take your cybersecurity career further, faster. Visit simplycyber.io/streams for daily cyber news and streams!
Crush Your Week Like a Cyber Pro with Simply Cyber!
Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with Simply Cyber Newsletter!
FOR END USERS
Beware: PayPal "New Address" feature abused to send phishing emails.?PayPal's new address feature is being exploited in phishing attacks. Scammers use it to send emails with fake invoices, tricking users into clicking malicious links and potentially revealing sensitive information.
What you need to know:?Below is a short sample email you can use to drive the point and educate your end users:
Subject: Protect Yourself from PayPal Phishing Scams
PayPal scams are on the rise, and even legitimate-looking emails from them can be dangerous. [link to article]
Here’s how to stay safe:
? Carefully check the sender's email address for any inconsistencies.
? Never respond to unexpected invoices or payment requests.
? Always go to the official PayPal website or app instead of clicking links in emails. This is considered verifying out-of-band from the communication you received to verify legitimacy.
This is a great example of a phishing attack, where scammers try to trick you into giving them your personal information, like passwords or bank account details, by pretending to be someone you trust.
[Signature]
?
FOR?PEERS
Botnet targets Basic Auth in Microsoft 365 password spray attacks. A botnet is targeting Microsoft 365 accounts using password spray attacks against basic authentication. Organizations should disable basic authentication and enforce multi-factor authentication to mitigate this risk.
What you need to know:?This campaign highlights the ongoing risks of basic authentication and the effectiveness of password spraying. To protect your Microsoft 365 environment, discuss these key actions with your colleagues:
? Assess and disable basic authentication by identifying all services and applications still using it.
? Migrate to modern authentication by prioritizing the use of protocols like OAuth 2.0.
? Implement strong access controls by using conditional access policies and multi-factor authentication (MFA) to prevent password spray attacks.
? Monitor login activity to detect anomalies that may indicate compromised accounts.
? Conduct regular penetration testing to validate your security posture and test for basic authentication vulnerabilities."
?
FOR EXECUTIVES
Thousands of exposed GitHub repositories, now private, can still be accessed through Copilot. Thousands of GitHub repositories, initially exposed and later made private, remain accessible through GitHub Copilot. This highlights the risk of AI tools inadvertently leaking sensitive data, even when traditional security measures are applied. Executives must address AI integration security.
What you need to know: The rapid integration of AI into development workflows is introducing new, unforeseen security vulnerabilities. This means traditional security perimeters are no longer sufficient to protect your organization's most valuable assets. The implications are profound, ranging from potential data breaches and legal liabilities to irreparable damage to your company's reputation.
Actionable Steps for Executives:
? Initiate conversations with your executive team about the necessity of broadening security strategies beyond traditional perimeter defenses.
? Emphasize the inherent risks associated with AI integration and the critical importance of implementing robust data governance policies.
? Conduct thorough evaluations of the security of all AI tools used within your organization.
? Develop and enforce clear guidelines for AI usage to mitigate potential data leaks.
Prioritize a comprehensive review of your AI security protocols today to safeguard your valuable assets and maintain your competitive edge.
?
LET’S CONNECT
Stay current on trending topics, tips, events and resources in cybersecurity,?connect with Simply Cyber on socials?for new content, every day.
As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X?with #actionableintel in the subject so I can find it.
Find more about what’s happening this week in the Simply Cyber community, below.
Thank you and see you again next time! Have a great week, #TeamSC!
Gerry
?
SIMPLY CYBER DAILY CYBER THREAT BRIEF
Catch the most popular weekday cyber threat news analysis livestream around and meet the most supportive community ever, #TeamSC!
Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM EST via YouTube and?LinkedIn - podcast also available on?Spotify, Apple Podcasts, or your favorite podcast platform. You can also check it out on our podcast webpage.
?
SC MEDIA GROUP?SIMPLY DEFENSIVE PODCAST
When: Monday, March 3 at 9:30 AM ET | Presented by: Simply Cyber Media Group
S2 E8: SOC Challenges, Trends, and Community Wisdom with Reanna Schultz
In this episode of Simply Defensive, hosts Josh Mason and Wade Wells are joined by Reanna Schultz, a renowned cyber influencer and SOC manager. Reanna shares her journey from aspiring state highway patrolwoman to cybersecurity expert, emphasizing the importance of community engagement and continuous learning.
Join us as we cover the challenges and rewards of working in a SOC, the nuances of public speaking, and offers valuable advice for newcomers to the field. This episode is a treasure trove of insights, humor, and practical tips for anyone interested in cybersecurity.
Join us?at 9:30 AM EST on Monday after the Daily Cyber Threat Brief and Jaw Jackin’.
?
SC MEDIA GROUP?SIMPLY ICS CYBER PODCAST
When: Wednesday, March 5 at 9:30 AM ET | Presented by: Simply Cyber Media Group
S1 E2: How to get started in ICS, OT, SCADA
In episode 2 of Simply ICS Cyber, we answer the following questions for those interested in starting a career in ICS (industrial control systems), OT (operational technology), or SCADA (supervisory control and data acquisition):
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Catch the next episode here and watch with #TeamSC every other Wednesday.
?
SIMPLY CYBER FIRESIDES?PERSONAL BRANDING
When: Thursday, March 6 at 4:30 PM ET | Live on Simply Cyber
Personal branding is an important skill to hone in cybersecurity. In this episode of Simply Cyber Firesides, we will talk to Brittany White, aka bdubzz, a cybersecurity professional, lifelong learner, community builder - and a great example of how to brand yourself for your career.
Brittany's journey from CAD engineering to GRC shaped her inquisitive nature and passion for problem-solving. Today, she's dedicated to helping others, sharing knowledge, and making an impact in the ever-evolving world of cybersecurity.
To top it off, she recently completed the Personal Branding for Cybersecurity Career course from Simply Cyber Academy and can share her experience on starting a YouTube channel to begin building your brand.
Tune in this Thursday and join us live on Simply Cyber Firesides!
?
SIMPLY CYBER DISCORD?CYBERSECURITY AMA
When: Friday, March 7 at 1 PM EST | Live on Simply Cyber Discord (not recorded)
Hop into Discord and join us for this monthly AMA event where we answer your questions live - no recordings or replays available.
Don’t miss out on the advice and insights. We hope to see you there!
?
SC MEDIA GROUP WEEKLY STREAM SCHEDULE
?
SC ACADEMY?THE PLACE FOR CYBER CAREERS
At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.
The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have NEW COURSES - even a couple free courses, including Intro to Hacking with Tyler Ramsbey - available to help you advance in your Cyber career.
Visit?academy.simplycyber.io?to learn more now!
Subscribe to get the weekly newsletter!
Repost to share with your community!
Shout out to Charles Sapp and Kimberly McKnight for being amazing contributors to this newsletter!
Thanks
Gerry ??