Weekly blog articles covering current, critical cybersecurity topics to help the world become more aware and more secure.
“CyberHoot’s Newsletter has been on a brief hiatus as we focused on critical product improvements, finished 2024 strategic planning, and addressed performance improvements. This newsletter is chock full of cyber …
Lessons learned from the Change Healthcare data breach can teach us immediate actions we can take to reduce the chance of a breach in our own companies, networks, and the loss of the data entrusted to us.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Superuser accounts in small to medium-sized businesses (SMBs) and managed service providers (MSPs) face unique cybersecurity challenges. Bridging the gap between Privileged Access Management (PAM) and Identity Management (IdM) is critical for comprehensive protection. Effective cybersecurity for SMBs and MSPs requires tailored strategies that are practical, cost-effective, and straightforward to implement. This includes establishing clear governance policies, regular employee training, risk assessments, and implementing essential technical defenses to enhance overall security posture and protect sensitive data.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
CyberNews broke a story detailing a collection of more than 26 Billion credentials and other private data in what security researchers are called a Mega-Breach.
CyberHoot has been shown to improve customer retention for MSPs. It lowers the cost of supporting clients through fewer security incidents, better product training, and educational phish testing. We know it works because MSPs tell us emails to support asking “Is this a Phish?” or “Is this an Attack?” go away. Start a 30 day free trial and month-to-month forever afterwards.
Hackers (and jilted lovers) are transferring money to themselves using your phone’s cash app (Paypal, Zelle, Cash App) to transfer funds out of your bank account.
In the dynamic realm of cybersecurity, Artificial Intelligence (AI) stands as a game-changer, especially for Managed Service Providers (MSPs) and Small to Medium-sized Businesses (SMBs). This blog delves into how AI is reshaping threat detection and response, offering a new edge to cybersecurity strategies.
P2P payment scams are escalating, exposing people to advanced social engineering tactics resulting in significant financial losses.
2024 is off to a great start, however, Small to Medium sized Businesses need to proactively address their cybersecurity program development as soon as possible. 2023 was a banner year for hacker attacks and this has only encouraged more and more hackers to enter the fray. The time is ripe for everyone to batten down the hatches and training and test their employees to build their cyber literacy skills.
Navigating the Cybersecurity Risks of AI Assistants in Video Conferencing Silent Eavesdroppers: As AI Digital Assistants seamlessly integrate into popular video conferencing platforms, a concerning trade-off emerges between convenience and …
AI Digital Assistants in platforms like Microsoft Teams and Zoom raise data privacy concerns, risking exposure of regulated, intellectual, or personal information. Despite claims of de-identifying sensitive data, significant risks like exposing proprietary information remain underappreciated.
Passkeys provide better authentication for end users than traditional passwords which they seek to replace. They are based upon public and private cryptography, are resilient to phishing and hacker password database theft (since the private keys aren’t stored on the server or website), and represent an easier mechanism to identify users into online systems.
A recent breach at 23andme resulted in the theft of immutable and irreplaceable data – our DNA! Companies with such critical data must take every precaution to limit the data they have become caretakers of, from theft my malicious actors. In this case, 23andme has lost our DNA! This needs to be a serious criminal offence that is punished with significant consequences.
Understanding and Protecting Against Telegram App Scams Unraveling the Dark Side of Telegram: While the messaging app offers a seamless communication experience, users face many dangers. Dive into this article …
The Telegram App provides great ways for users to communicate with one another, however it also enables scammers to attack us in novel ways. This article outlines three common ways hackers use telegram to exploit unsuspecting users for their money.
Hackers have evolved into snitches leveraging recent SEC legislation which requires companies to disclose within 4 days that they have been hacked and hit with ransomware. When Meridian did not disclose to the SEC they had been hacked, the Hacker group “BlackCat” filed a complaint with the SEC informing them they had evidence that Meridian had been hacked.
Hackers are hi-jacking websites and hiding malware in Google Ads to target unsuspecting users with malware. Users simply visit the formerly safe and always legitimate looking websites and are presented with fake downloads, malware, and other nasty surprises.
The SEC has Strengthened Cybersecurity Reporting Requirements – What you Need to Know Over the last two years, the SEC has enhanced cybersecurity disclosure rules for publicly traded companies. Learn …
For the past 2 years the SEC has embarked on strengthening cybersecurity disclosure requirements at publicly traded companies. This article summarizes the changes that have come into effect and what all companies, whether publicly traded or not, should be considering in the face of a cybersecurity incident or preparing to avoid them.
A Written Information Security Plan is not meant to a bureaucratic policy collecting dust on the book shelf, but rather a living breathing document to guide companies on the safe collection, storage, manipulation, and destruction of non-public personal information on their employees, clients, or business services.
CISCO has announced and released patches for a critical bug in their product that could allow Internet hackers to create accounts remotely on CISCO devices via the HTTP management application. Patches have been released and workarounds documented for unpatched systems no longer supported. Take action to patch now.
Cybersecurity Awareness Month is upon us. In our efforts to address all of the questions a business owner reviewing our blog might have, we’ve collected the most frequently asked questions and have tried to answer them with the most effective mitigating control available for a particular risk. There are undoubtedly many more mitigating controls one can put in place, but this is a great starting point.
In the spooky season of October, Cybersecurity Awareness Month reminds us of the real threats lurking in the digital realm. CyberHoot sheds light on three cybersecurity fundamentals: Password Protection, Phishing Awareness, and Safe Browsing Practices. Fortify your digital domain with strong password practices, stay vigilant to phishing schemes, and navigate the web safely. Embrace the cybersecurity training and phishing testing offered by CyberHoot to morph into a digital wizard against the sinister specter of cyber threats. Venture to cyberhoot.com and make cybersecurity awareness a fun-filled endeavor!
October marks the observance of Cybersecurity Awareness Month, a pivotal time for businesses and individuals to bolster their understanding and actions towards cybersecurity. This means it is time for you to put action to words and get your staff trained up on the cyber threats they face. Cyber Literacy is a critical skill for the 21st century. Are you doing your part to educate your employees on the threats they face and how to avoid them?
Investing in Employee Cyber Literacy to build better human firewall skills makes strong financial sense. A string of recent breaches has put this in stark perspective for all companies. This article presents a case for the financial Return On Investment of employee awareness training and phish testing as delivered automatically by CyberHoot.
CyberHoot is offering any MSP free enrollment of any and all clients into CyberHoot for free until the end of October (31st), 2023. Enroll your prospects or existing customers in our platform and launch expedited Cybersecurity awareness training in the Month of Oct. using our fully automated system. We will credit you any users or clients enrolled for the entire month of Oct. Must be a new client to CyberHoot. If after the month ends you want to remove them, you absolutely may without penalty.
CyberHoot has been shown to improve customer retention for MSPs. It lowers the cost of supporting clients through fewer security incidents, better product training, and educational phish testing. We know it works because MSPs tell us emails to support asking “Is this a Phish?” or “Is this an Attack?” go away. Start a 30 day free trial and month-to-month forever afterwards.
Top 5 Emerging Cybersecurity Threats Businesses Must Be Aware Of Cybersecurity threats continue to evolve in sophistication and impact. Businesses must address these top 5 emerging threats proactively instead of …
Cybersecurity threats continue to evolve and expand in both sophistication and impact. Businesses must choose how to address these top 5 emerging threats proactively, when they control the playing field and have high ground instead of reactively, after an incident when they have been knocked down and are struggling to get up.
Augmentt partners with CyberHoot to build Cybersecurity Literacy within MSPs and their clients.
Hackers have been using EvilProxy to capture authenticated session tokens from unsuspecting phishing email victims.
The White House recognizes the importance of cybersecurity literacy by proposed to fund K-12 education of school teachers and administrators and possibly also students.
For most businesses, balancing time and money is a constant struggle. A risk assessment is designed to simplify your conversations by identifying both the most critical risks and rank ordering them, enabling you to determine what to work on first and then work your way down the list of critical threats to your business.
CyberHoot Press Release Microsoft Graph API Integration Portsmouth, NH – July 17th, 2023 – CyberHoot, a leading Cybersecurity Learning Management System (LMS), today announced the integration of Microsoft’s Graph API …
Cybersecurity training and phish testing delivers enormous value to your MSP, its clients and all employees. Most value is obvious such as fewer security incidents while other value may be over looked such as providing employees better work-life balance with fewer nights and weekends spent recovering from security incidents.
Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization’s employees. Microsoft believes this is a feature and no patch will be provided. This delivery method bi-passes traditional payload delivery security controls.
Protecting Your Business and Family from DeepFake Attacks: A Comprehensive Guide Unmasking the Dark Reality: FBI Discovers Surge in Deep Fake Attacks, Threatening Individuals and Businesses with Extortion and Humiliation. …
Business Ninja’s interviewed CyberHoot’s co-Founder Craig Taylor. This interview outlines CyberHoot’s unique and positive outcome approach to cybersecurity program development at your company. Our Co-Founder details what’s working and what’s broken in the emergency Cybersecurity industry. Business owners need to watch to learn what they should be doing to protect their businesses from compromise. Doing so provides much needed peace of mind.
The FBI has reported a dramatic growth in Deep Fake attacks on individuals and businesses from hackers seeking to extort money from or embarrass individuals and businesses by creating elicit pornographic material in the likeness of the victim from their online persona and public images and videos.
This article outlines five unusual benefits and five well known benefits to Awareness Training and Phish Testing service. It presents them to Manage Service Providers (MSPs) hoping to convince them to add such services to their standard offerings for all clients.
Virus warning attacks have plagued computer users for years. Recently, hackers have figured out how to exploit these attacks in your Google Chrome (and possibly other) browsers, seizing control of your browser and scaring you into calling fake customer support hotlines to extort you for money.
