ChatGPT - help me hack.

Five Ways ChatGPT Helps You Hack

There is a dark side to ChatGPT. Hacking tutorials abound on YouTube showing unskilled hackers how to hack with ChatGPT. ChatGPT can create convincing phishing attacks in a language of your choice, writing software code for them, which through trial and error can transform into novel and effective malware.

OpenSSL Vulnerability Alert

OpenSSL Releases Vulnerabilities Patches

OpenSSL releases vulnerability patches containing 8 bug fixes in its latest releases available across three release train binaries. The criticality of bugs range from high to moderate. They all relate to memory handling issues stemming from the fact OpenSSL was written in C.

Top 10 Security Awareness Training Challenges and Solutions

Top 10 Security Awareness Training Challenges and Solutions

This article outlines the top 10 security awareness training challenges and solutions. Businesses are under increased attack with ever more costly outcomes for failure. People are the weakest link. Training and testing them carefully, with automated solutions provide the greatest return on investment.

AI Generated Image from

A Humorous AI Story Detailing the T-Mobile Breach

CyberHoot has reported on the opportunities and challenges of ChatPGT’s natural language engine and deep research capabilities. This article summarizes the recent T-Mobile breach of 37M records in a humorous way while outlining the very real risks of Smishing, Phishing, and Vishing.

LastPass 2022 Breach Update

The Last Straw for LastPass – Migration Time

Over the last few months, CyberHoot has learned more and researched more opinions on Password Managers concerning the latest LastPass security breach. We have felt for some time we needed to migrate to a new solution. However, what criteria would we use and recommend in order to not hope from the frying pan into the fire? This article is our attempt to summarize how you should choose your replacement password manager for your company or yourself individually.

newsletter banner cyberhoot

CyberHoot Newsletter – January 2023

FBI’s Vetted Cybersecurity Organization “Infragard” Breached Learn how a cybersecurity organization that partnered with the Federal Bureau of Investigation (FBI) to protect critical US infrastructure got hacked. “Aikido” Vulnerability Turns EDR …

LastPass 2022 Breach Update

LastPass Breach Update – August 22 – December 22

In August, LastPass was breached but they claimed that no client data was stolen only source code. In late December 2022 they updated their stance stating that encrypted client vaults were stolen but that default password length requirements protected most users. CyberHoot recommends you change your master password.

Wiper-malware Can Devastate Systems

“Aikido” Vulnerability Turns EDR into Wiper Malware

Security Researcher from SafeBreach has revealed critical race conditions in EDR software that can lead to a compromise of the devices running the security software. Exploit code has been seen in the wild that delivers Wiper malware to destroy the infected hosts data and operating system. Immediate patching and reboot is required.

New Rules Proposed by SEC

New Cybersecurity Rules Proposed by SEC

The U.S. Securities and Exchange Commission (SEC) is proposing new disclosure requirements by company boards regarding cybersecurity risk management, strategy, governance policies, procedures, and incidents.  This would be an amendment …

newsletter banner cyberhoot

CyberHoot Newsletter – October 2022

Top 10 Reasons to Conduct Awareness Training and Testing Businesses all over the world experience increasingly sophisticated attacks with escalating damages and impact.  Awareness training and phish testing are two …

10 Reasons for Awareness Training

CyberHoot: 10 Reasons to Adopt Awareness Training

Cybersecurity awareness training helps combat human error, one of the most common exploitable parts of any cybersecurity program. Use these facts to convince management at your company its finally time to train your staff on cybersecurity.

2FA or MFA Protects Online Accounts

Cybersecurity Awareness Month – Multi-Factor (aka Two-Factor) Authentication

How much do companies pay when breached? It depends upon the data that was stolen. In some cases, such as healthcare, the costs of managing a breach are increasing YOY. Recent IBM data showed Healthcare records costing 3x what other records cost in a breach. Isn’t it time you started preparing for and sought to prevent breaches.

Healthcare Breach Costs

Cybersecurity Awareness Month – Breach Costs in Healthcare

How much do companies pay when breached? It depends upon the data that was stolen. In some cases, such as healthcare, the costs of managing a breach are increasing YOY. Recent IBM data showed Healthcare records costing 3x what other records cost in a breach. Isn’t it time you started preparing for and sought to prevent breaches.

Consumer Trust

Cybersecurity Awareness Month – Consumer Trust

Life isn’t fair. Companies that are victims of a cyberattack are most often blamed (64%) by consumers for inadequate controls and protective mechanisms for their cybersecurity program. Perception is reality and so the time to prepare and harden your company to these attacks is now. Don’t wait until a breach happens, sign up for CyberHoot today.

Stolen Data Value

Cybersecurity Awareness Month – Stolen Data Value

Banking information, healthcare records, credential databases are all extremely valuable to hackers seeking to profit from the sale of this data on the Dark web. Know what data you have and how it is both saleable and to be protected. Begin building your cybersecurity program today to protect against breaches with CyberHoot.

Privacy Regulations World-Wide

Cybersecurity Awareness Month – Privacy Regulations

Privacy regulations have been passed in 70% of the world’s countries and 100% of the Americas. Is your website privacy policy up-to-date with these regulations? If not, you’re going to need to spend some energy complying. CyberHoot’s vCISO services can help. Visit us today.

Credential Value

Cybersecurity Awareness Month – Credential Value

The dark web contains marketplaces where illegal items are traded including credentials into our online accounts. For as little as $2.00/account hackers can by employee credentials to breach your company’s email systems, VPN, or online SaaS applications to cause havoc and steal your money, data, or both. Learn how to protect yourself using CyberHoot.

Healthcare and Ransomware

Cybersecurity Awareness Month – Healthcare & Ransomware

Healthcare providers are huge targets for ransomware because modern ransomware publishes patient data online if you don’t pay the ransom. Gone are the days where you could simply restore your critical data from backup and ignore the ransom. For healthcare providers, a ransomware breach is the worst possible outcome. Pay the ransom, report the attack, pay the HIPAA fine for lack of cybersecurity protections. Get busy today creating a strong defense-in-depth cybersecurity program to protect your patient records.