Before CyberHoot can email training assignments, policies, surveys, or phishing tests reliably to targeted email accounts, our mail relays need to be permitted to do so through whitelisting. Here’s how you do that in a few easy steps and videos.
This article will walk you through setting up allow list in Mimecast. The required IP address and Domain name information is found in this HowTo article: CyberHoot Email-Relay IP Addresses, …
These steps will guide you on how to restore an archived user. How to restore local archived users on the Power Platform: Upon login to the Power Platform select the customer you wish to …
These instructions will guide you through the process of sending reminders for outstanding assignments to all users. Please note that the system will only send emails to users who have …
This support HowTo video shows how to move a single user/employee to a new manager. If you wish to assign multiple users to different managers, please watch HowTo: Re-assign Multiple …
This video provides end users with an overview of the Phish Testing by assignment service in CyberHoot. It should be shared with anyone who is struggling to complete their phishing test by assignment.
The “My Assignments” section helps you stay on top of your training. You can: See which assignments are still outstanding Re-watch past training videos or reread completed policies View your …
These steps will show you how to send a nudge to all non-compliant users. In the Power Platform: Click on Users under the selected customer. Click on the ellipsis (…) …
These instructions provide a step-by-step walkthrough on how to upload a new video to CyberHoot and assign it to a specific user group. Important: When adding a video, do not …
These instructions provide a step-by-step guide for adding a Super Admin to CyberHoot’s multi-tenant Power Platform. As an MSP, it’s common to assign your own staff as Super Admin to …
These steps outline how to add a local Client Administrator to CyberHoot under the Power Platform. This is not to be confused with adding an MSP Super User, which is …
CyberHoot delivers tremendous value to businesses and Managed Service Providers (MSPs) through a steady stream of high-quality cybersecurity content. By tapping into our RSS feed, you can keep your team …
This article details how to setup and edit your billing information in CyberHoot’s Power platform. Once you’ve logged in to CyberHoot, click on your name in the top right. Next, …
HR Contacts are edited and assigned under each Group. The process to update the HR Contact for your MSP or a customer is outlined below: Log in to your site …
Unique Roles within CyberHoot There are five distinct roles within the CyberHoot platform. These roles are mutually exclusive, being assigned one role does not automatically grant permissions of another. For example, …
CyberHoot provides phish testing of end users to ensure they learn to pay attention to their email and the risks is presents. This article provides a Powershell script to automate the setup work required to ensure delivery of phishing test emails to end users inboxes.
This script will allow you to add CyberHoot’s domains to the Safe Senders listing enabling the automatic downloading of images in an email message.
Are your users having issues with an endless looping with authentication emails after trying to reach your ‘My Assignments’ page on CyberHoot? One common factor that causes these issues are …
Phish testing has been punitive to employees and difficult for SMBs and MSPs to set up. It requires you to configure allow-lists, X-Headers, and PowerShell scripts. This video and how explains how to avoid all that hassle with automated assignment-based phish testing that is a positive learning experience for employees with zero administration and setup for SMBs or MSPs.
Overview CyberHoot’s API allows for the following information to be pulled from the platform: Customers Managers Users Administrators Compliance Metrics Training Schedules Partner Settings Subscription Information Email Logs Reporting More …
Microsoft Azure / Entra allows you to define Managers for each employee entry in Azure AD. This helps CyberHoot and Clients maintain high compliance as CyberHoot will automatically notify Managers when employees are non-compliant both through weekly reports and by CC’ing Managers on a Due Date email sent to employees who have not completed their assignments.
CyberHoot supports 3 forms of multi-factor authentication: Email, SMS, and Authenticator applications. This article explains how to set each up and provides a video overview of how to setup an authenticator application.
New CyberHoot businesses need to allow our training and phishing emails to reach their user’s inboxes directly. This article describes the two steps needed to make this happen. Note: If …
Updated: May 8th, 2025 This article is a reference to CyberHoot’s mail relay IP Addresses and Domain names. The process of allowing phishing tests through to your end users inboxes …
When Phish testing environments where Sophos EDR is present, you will need to enable allow listing and add the CyberHoot addresses. Otherwise the Website Management defenses will intercept any attempt …
This video provides MSPs with instructions on how to add a new “Automatic” client to CyberHoot. Automatic Clients automate the delivery a single monthly security awareness training video and a quarterly phishing test by assignment with no intervention by the MSP at all. The only requirement for the MSP is that they manage user adds and deletes.
Sending Attack emails to your users for Phish Testing requires writing an Allow-List for CyberHoot Mail relays exempting them from filtration by ProofPoint. This is true for all phish testing platforms.
This blog post includes quick-start videos to help new users navigate CyberHoot’s Power Platform, covering your dashboard, automation tools, policies, training, phishing, dark web scans, product modules, and reporting insights.
Initial Access Brokers are changing tactics, selling low-cost access to more targets. Learn how this shift increases cyber risks and what defenses to implement.
Overview of Phish testing.
If you’re utilizing Barracuda’s Email Security Gateway, you can white-list CyberHoot IP Addresses and Domain Name to allow our simulated phishing test emails and training notifications to get through to …
Adding customers is easy with the 5 step wizard. This article goes into the basic details of adding your customers into CyberHoot.
Allow-Listing X-Headers is necessary in order for CyberHoot to send simulated phishing emails to bypass your mail filter. We recommend whitelisting by IP address or hostname but depending on your …
This 2-minute video outlines how social engineers manipulate people in social settings to gain information on how to hack systems and steal valuable information. The video outlines various methods social …
Spotting and Avoiding Phishing Attacks This foundational CyberHoot video teaches critical skills to identify phishing attacks. Viewers learn the most common phishing patterns and simple, effective questions to quickly spot …
This video is part of CyberHoot’s Cyber Literacy program of six (6) videos. It outlines the critical need for anyone and everyone to adopt a password manager. However, this video …
Fake Email Phishing is broken in many ways. Google researchers liken it to early fire drills that caused more harm than good. Empirical research shows users clicking more not less after fake email phish testing. End users universally complain as do IT departments when chaos breaks out after sanctioned fake email testing. Enter HootPhish, a solution that eliminates the negatives, and empowers end users to spot and avoid this scourge of modern internet email.
ArcaneDoor delivers malware via zero-day exploits to CISCO ASA and Firepower network security devices. Patches are available and need to be applied once system integrity is verified.
CyberHoot’s autopilot release notes delivers our industry leading awareness training videos and phishing simulations/tests, as well as dark web reports, and compliance reports in a 100% automated solution.
CyberHoot’s Power platform includes the most comprehensive set of cybersecurity program development features available on the market today. From our Govenance Policy module and templates to 1000s of videos on Product training and cybersecurity, to our innovative and patent-pending educational, and hype-realistic phishing simulations, the power platform has everything you need to succeed in teaching employees Cyber Literacy. Best of all, it also includes 100% automation for videos, phishing, and user management. Spend less time on cybersecurity and more time on your business with our power platform.
CyberHoot’s All Phishing Simulator is HootPhish. A positive, educational, hyper-realistic phishing test and simulator that provides better metrics, automation, and outcomes than any attack-based phishing test on the market, guaranteed, or you may cancel at any time.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Hackers (and jilted lovers) are transferring money to themselves using your phone’s cash app (Paypal, Zelle, Cash App) to transfer funds out of your bank account.
In the dynamic realm of cybersecurity, Artificial Intelligence (AI) stands as a game-changer, especially for Managed Service Providers (MSPs) and Small to Medium-sized Businesses (SMBs). This blog delves into how AI is reshaping threat detection and response, offering a new edge to cybersecurity strategies.
P2P payment scams are escalating, exposing people to advanced social engineering tactics resulting in significant financial losses.
2024 is off to a great start, however, Small to Medium sized Businesses need to proactively address their cybersecurity program development as soon as possible. 2023 was a banner year for hacker attacks and this has only encouraged more and more hackers to enter the fray. The time is ripe for everyone to batten down the hatches and training and test their employees to build their cyber literacy skills.
AI Digital Assistants in platforms like Microsoft Teams and Zoom raise data privacy concerns, risking exposure of regulated, intellectual, or personal information. Despite claims of de-identifying sensitive data, significant risks like exposing proprietary information remain underappreciated.
Passkeys provide better authentication for end users than traditional passwords which they seek to replace. They are based upon public and private cryptography, are resilient to phishing and hacker password database theft (since the private keys aren’t stored on the server or website), and represent an easier mechanism to identify users into online systems.
A recent breach at 23andme resulted in the theft of immutable and irreplaceable data – our DNA! Companies with such critical data must take every precaution to limit the data they have become caretakers of, from theft my malicious actors. In this case, 23andme has lost our DNA! This needs to be a serious criminal offence that is punished with significant consequences.
Hackers have evolved into snitches leveraging recent SEC legislation which requires companies to disclose within 4 days that they have been hacked and hit with ransomware. When Meridian did not disclose to the SEC they had been hacked, the Hacker group “BlackCat” filed a complaint with the SEC informing them they had evidence that Meridian had been hacked.
Notifications
