Welcome back CyberDudes! This week, Omar breaks down a new DocuSign scam that’s raising eyebrows in the cybersecurity community. Attackers are finding ways to exploit legitimate signatures, making fraudulent invoices look official and bypassing the usual defenses—a reminder of how social engineering tactics keep evolving.

In our feature, we chat with Kenneth Ellington, founder of a cybersecurity academy that’s all about hands-on training in security operations and incident management. Kenneth shares his journey from a Big Four accounting firm to launching his own business, opening up about the balancing act required to build something new while working full-time. His academy’s practical approach has struck a chord with those looking to break into cyber or enhance their skills.

We also explore Kenneth’s experiences with representation in the industry, discussing why diverse leadership matters in cybersecurity. His story reflects a commitment to breaking down barriers and supporting growth, making the cyber field a little more accessible for everyone.

Links for our stories from this week:

• ​https://www.infosecurity-magazine.com/news/nigerian-sentence-real-estate/
• ​https://therecord.media/moldova-election-winner-pro-west-president-maia-sandu
• ​https://www.bleepingcomputer.com/news/security/germany-drafts-law-to-protect-researchers-who-find-security-flaws/
• ​https://cybersecuritynews.com/hackers-abuse-docusign-api/
• ​https://therecord.media/cisa-2024-presidential-election-threats

Offers:

• ​Get up to 175k Amex Points with a Platinum Card - https://americanexpress.com/en-us/referral/platinum-card?ref=ROBINTN6e3&XL=MIMNS
• ​Get a $250 bonus when you spend $3k with an Amex Blue Cash Preferred Card - https://americanexpress.com/en-us/referral/blue-cash-preferred-credit-card?ref=ROBINT3nvs&XL=MIMNS
• ​Get a $100 bonus with Discover - https://refer.discover.com/s/robin.t925?advocate.partner_share_id=4724472810
• ​Get a $200 cash bonus with a CapitalOne Quicksilver Card - https://i.capitalone.com/Gg3TIobsQ
• ​Get $10 free Bitcoin when you sign up to Coinbase - https://coinbase.com/join/Z5UAY8C?src=ios-link

This week, we bring you quick headlines on a phishing scam targeting online shoppers, Delta’s security update dispute, and a new job scam hitting social media platforms. Then, in our Spotlight stories, we dig into two cases with big cybersecurity takeaways:

Employee Sabotage at Disney: A fired Disney employee retained access and tampered with allergy warnings in food venues, a reminder of the risks poor offboarding can pose.

Halloween Parade Hoax in Dublin: Thousands gathered for a parade that didn’t exist, illustrating how fast misinformation can spread and its potential for real-world impact.

“Cybersecurity teams can only protect what they know exists.” – Robin Thornton

“When being first to publish is prized above all else, it leads to situations where misinformation spreads unchecked.” – Omar Sangurima

Enjoyed this episode? Please give us a follow and leave the show a lovely, juicy 5* rating

In the REAL Episode 13, we tackle pressing topics in cybersecurity, from election integrity to the recent United Health data breach impacting over 100 million people. We explore how these issues underscore broader challenges in data protection and our collective responsibility in cybersecurity. Diving into the influence of misinformation, the role of regulation, and the stakes for securing personal data, we examine why now, more than ever, organizations need to step up.

In this episode:

United Health’s Data Breach Fallout: With over 100 million records exposed, this breach underscores the risks tied to healthcare data, where immutable information like medical history and Social Security numbers are at stake. We discuss the implications for patients, how attackers leverage triple-threat ransomware, and why large organizations still struggle with basic security practices.

Election Integrity and Misinformation’s Growing Threat: Misinformation campaigns are becoming increasingly difficult to combat, especially during politically charged times. We explore how data-driven disinformation impacts U.S. and global elections and why, even with secure voting systems, public mistrust can quickly erode confidence in outcomes.

Executive Accountability in Cybersecurity: We share why executives need to take a proactive stance on cybersecurity, including setting a stronger example across their organizations. We examine how tying executive compensation to cybersecurity standards could shift security culture, incentivizing leaders to adopt a stronger security posture.

Industry Culture & Training the Next Generation: Reflecting on the barriers aspiring cybersecurity professionals face, we chat on the need to foster a more supportive and inclusive environment. Developing diverse talent pipelines is key, and we emphasize the importance of mentorship and skill-building to meet the industry’s growing demands.

“The risk isn’t just about the immediate fallout. When it comes to healthcare data, these breaches leave a lasting mark on people’s lives.” – Robin Thornton

”MFA is just table stakes. If you’re a major player and you’re not doing it, you’re behind.” – Omar Sangurima

If you enjoyed this episode, please give Cyber Dudes a five-star rating on Spotify and subscribe to stay informed on cybersecurity, data integrity, and digital resilience.