HowTo Restore an Archived User

These steps will guide you on how to restore an archived user. How to restore local archived users on the Power Platform: Upon login to the Power Platform select the customer you wish to …

HowTo: Access My Assignments

The “My Assignments” section helps you stay on top of your training. You can: See which assignments are still outstanding Re-watch past training videos or reread completed policies View your …

howto determine roles

HowTo: Roles in CyberHoot

Unique Roles within CyberHoot  There are five distinct roles within the CyberHoot platform. These roles are mutually exclusive, being assigned one role does not automatically grant permissions of another. For example, …

Powershell Scripting

PowerShell script for avoiding SPAM, Clutter, Junk in 365

CyberHoot provides phish testing of end users to ensure they learn to pay attention to their email and the risks is presents. This article provides a Powershell script to automate the setup work required to ensure delivery of phishing test emails to end users inboxes.

assignment based phishing

HowTo: The Benefits of CyberHoot’s HootPhish

Phish testing has been punitive to employees and difficult for SMBs and MSPs to set up. It requires you to configure allow-lists, X-Headers, and PowerShell scripts. This video and how explains how to avoid all that hassle with automated assignment-based phish testing that is a positive learning experience for employees with zero administration and setup for SMBs or MSPs.

CyberHoot API Documentation

CyberHoot’s API Documentation

Overview CyberHoot’s API allows for the following information to be pulled from the platform: Customers Managers Users Administrators Compliance Metrics Training Schedules Partner Settings Subscription Information Email Logs Reporting More …

Adding a Manager to an Employee in Azure AD

HowTo: Add Managers to Employees in Microsoft Azure / Entra AD

Microsoft Azure / Entra allows you to define Managers for each employee entry in Azure AD. This helps CyberHoot and Clients maintain high compliance as CyberHoot will automatically notify Managers when employees are non-compliant both through weekly reports and by CC’ing Managers on a Due Date email sent to employees who have not completed their assignments.

HowTo: Allow-List in Barracuda

If you’re utilizing Barracuda’s Email Security Gateway, you can white-list CyberHoot IP Addresses and Domain Name to allow our simulated phishing test emails and training notifications to get through to …

Social engineering training video

Social Engineering 101

This 2-minute video outlines how social engineers manipulate people in social settings to gain information on how to hack systems and steal valuable information.  The video outlines various methods social …

Phish Testing

CyberHoot: Phishing Attacks

Spotting and Avoiding Phishing Attacks This foundational CyberHoot video teaches critical skills to identify phishing attacks. Viewers learn the most common phishing patterns and simple, effective questions to quickly spot …

Fake Email Phishing: More Harmful than Helpful

Fake Email Phishing is broken in many ways. Google researchers liken it to early fire drills that caused more harm than good. Empirical research shows users clicking more not less after fake email phish testing. End users universally complain as do IT departments when chaos breaks out after sanctioned fake email testing. Enter HootPhish, a solution that eliminates the negatives, and empowers end users to spot and avoid this scourge of modern internet email.

CyberHoot Release Notes

CyberHoot’s Power Platform: Release Notes

CyberHoot’s Power platform includes the most comprehensive set of cybersecurity program development features available on the market today. From our Govenance Policy module and templates to 1000s of videos on Product training and cybersecurity, to our innovative and patent-pending educational, and hype-realistic phishing simulations, the power platform has everything you need to succeed in teaching employees Cyber Literacy. Best of all, it also includes 100% automation for videos, phishing, and user management. Spend less time on cybersecurity and more time on your business with our power platform.

CyberHoot Release Notes

HootPhish: Release Notes

CyberHoot’s All Phishing Simulator is HootPhish. A positive, educational, hyper-realistic phishing test and simulator that provides better metrics, automation, and outcomes than any attack-based phishing test on the market, guaranteed, or you may cancel at any time.

AI in Cybersecurity - benefits and limitations

AI in Cybersecurity: Enhancing Threat Detection and Response

In the dynamic realm of cybersecurity, Artificial Intelligence (AI) stands as a game-changer, especially for Managed Service Providers (MSPs) and Small to Medium-sized Businesses (SMBs). This blog delves into how AI is reshaping threat detection and response, offering a new edge to cybersecurity strategies.

2024 Cybersecurity Predictions

Top 10 Cybersecurity Trends and Strategies in 2024

2024 is off to a great start, however, Small to Medium sized Businesses need to proactively address their cybersecurity program development as soon as possible. 2023 was a banner year for hacker attacks and this has only encouraged more and more hackers to enter the fray. The time is ripe for everyone to batten down the hatches and training and test their employees to build their cyber literacy skills.

AI Digital Assistant Collecting Everything

Navigating AI Assistant Cybersecurity Risks

AI Digital Assistants in platforms like Microsoft Teams and Zoom raise data privacy concerns, risking exposure of regulated, intellectual, or personal information. Despite claims of de-identifying sensitive data, significant risks like exposing proprietary information remain underappreciated.

Passkeys are a Bright Idea

Passkeys: The Path to a Passwordless Future

Passkeys provide better authentication for end users than traditional passwords which they seek to replace. They are based upon public and private cryptography, are resilient to phishing and hacker password database theft (since the private keys aren’t stored on the server or website), and represent an easier mechanism to identify users into online systems.

DNA Double-Helix Heist

DNA Double-Helix Hacker Heist: A Wake-Up Call for Cybersecurity Vigilance

A recent breach at 23andme resulted in the theft of immutable and irreplaceable data – our DNA! Companies with such critical data must take every precaution to limit the data they have become caretakers of, from theft my malicious actors. In this case, 23andme has lost our DNA! This needs to be a serious criminal offence that is punished with significant consequences.

Ransomware Gang turns Whistleblower to the SEC

Hackers Turn SEC Snitches: The Evolution of Ransomware Tactics

Hackers have evolved into snitches leveraging recent SEC legislation which requires companies to disclose within 4 days that they have been hacked and hit with ransomware. When Meridian did not disclose to the SEC they had been hacked, the Hacker group “BlackCat” filed a complaint with the SEC informing them they had evidence that Meridian had been hacked.