Software as a Service (SaaS) applications have transformed businesses over the last decade providing enormous value. SaaS solutions have enabled businesses to continue operating during the pandemic with a remote workforce whose tools are cloud-based instead of office-based or desktop-based. With this SaaS power come new challenges and risks. Read this CyberHoot article to learn more.
A critical vulnerability (CVE severity =10, the worst possible) is being targeted on the Internet. Called “Log4Shell” , this vulnerability is found in Apache Webserver’s Log4j (v2.0 – 2.14.1). It was disclosed on 12/9/21. Log4Shell (CVE-2021-44228) allows remote code execution on vulnerable servers. Learn more at CyberHoot.
The pandemic has created new opportunities for social engineering attacks on unsuspecting users. One method of attack has been successful enough to force the FBI to release a warning. Cybercriminals are using fake job listings to target applicants to steal their Personally Identifiable Information (PII) and then steal the identities. Remote work is causing more of these attacks to surface.
The US Securities and Exchange Commission (SEC) has published a “Security Incident” submitted by web services giant, GoDaddy. GoDaddy says that in November 2021, it realized that there were cybercriminals in its network, kicked them out, tried to determine when the hackers got in, and what they managed to do while on the inside.
We’ve made it through the majority of 2021 and into the Holiday season, allowing us to celebrate by getting together with family and friends and perhaps doing a little shopping for them too. As with any other year, it’s a good time to find great deals but it’s equally important to be wary of “too good to be true” deals. Hackers exploit consumer excitement on these big shopping days each and every year.
California Pizza Kitchen (CPK) has more than 250 locations across 32 states. CPK experienced a data breach exposing the full names and Social Security Numbers (SSNs) of current and former employees. The Maine Attorney Generals’ website reported this “external system breach” had occurred in Sep. 2021 and impacted nearly all 103,767 employees, according to the Data Breach notification report.
“The team at Cyberhoot has been very friendly, professional, and helpful throughout the time we have used the product over the last 18 months. We are only a small company with fewer than 100 employees and a large compliance obligation, Cyberhoot was one of the few companies that allow a small company to use its services for less than 150 employees. The training and phishing modules are continuing to grow and they are always open to feedback and will make changes to improve the overall experience. Using the short videos 1 to 2 times a month to deliver training works a lot better with our staff and I have had positive feedback that this way is much better than a large training block once a year. We are so pleased with the product, that we have been recommended it also to our own clients”
ANONYMOUS
IT Infrastructure Manager
CyberHoot has finalized the 2022 Cybersecurity Foundational Training Program (Year 3 Recommended). You can find the new training program inside of your Program Library, ready to be assigned for 2022. Continue using CyberHoots ‘Foundational Training Program’ to stay on top of current threats your users face on a day-to-day basis.
We added the ability to resend outstanding assignments to the list of users found in the Top 10 Least Compliant Users table on the dashboard. Click the ‘envelope’ icon to the right of the user’s name to send their assignments.
This button sends an email to the currently Pwned user. This email includes a customizable message to the user and a PDF copy of the user’s ‘Account Exposures’ page.
Under the Reports section, admins can generate an exportable report. The Admin can include which sections they wish to include in the report. They are also able to either email or download the generated pdf file. This report and the email that sends adheres to the customer’s branding setup.
Castle-And-Moat refers to a network security model in which no one outside the network is able to access data on the inside, but everyone inside the network can. Imagine an organization’s network as a castle and the network firewall as a moat. Once the drawbridge is lowered and someone crosses it, they have free rein inside the castle grounds. Similarly, once a user connects to a network in this model, they are able to access all the applications and data within that network.
CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!
Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and “My Assignments”.
CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.
Cyber”Hoots” are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.
CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.
In a survey of 100 CyberHoot users, 60% would be “Disappointed” or “Very Disappointed” if CyberHoot Training was stopped.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...
Read more
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read more
A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
