Jeff Bezos and the WhatsApp Security Flaw
Knowing how to protect yourself and your critical accounts from compromise is becoming ever more important. Learn what can happened to and setup 2FA into all of your online critical accounts.
Media Access Control (MAC) Address
A Media Access Control (MAC) Address is a hardware identification number that is uniquely assigned to each device on a network. The MAC address is manufactured into every network card, …
Lightweight Directory Access Protocol (LDAP)
A Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. The networks …
Zero Day Vulnerabilities
A Zero Day Vulnerability is a security flaw that is unknown to the software vendor or the business it is found in and there isn’t a patch released yet for …
Responsible Disclosure
Responsible Disclosure refers to the best practice followed by most security researchers of not disclosing a critical vulnerability in a software product until a vendor patch or fix has been …
Revenge Porn
Revenge Porn is sexually explicit images or videos of a person posted online without that person’s consent especially as a form of revenge or harassment. Revenge Porn is typically seen …
Privileged User
A Privileged User is a user of a computer who is authorized to bypass normal access control mechanisms, usually to be able to perform system management functions. Cybersecurity governance policies …
Command and Control (C&C) Server
A Command and Control (C&C) Server is a computer being controlled remotely by a cyber criminal that is used as a command center to send commands to systems that have …
Honeypot
A Honeypot in cybersecurity refers to a strategy used to catch cyber criminals in the act of trying to exploit a vulnerability and compromise a company. A honeypot can be …
Computer Emergency Response Team (CERT)
A Computer Emergency Response Team (CERT) is a group of security experts who respond to cybersecurity incidents. These teams work on many unique cybersecurity incidents involving malware, viruses, and cyber …
Internet Message Access Protocol (IMAP)
Internet Message Access Protocol (IMAP) is a standard email protocol, first widely deployed in the 1980s, that stores email messages on a mail server, but allows the end user to …
CyberHoot Newsletter – Volume 3
In this monthly Newsletter, we provide you a look at the previous month of Cybersecurity news with some analysis, some new Cybersecurity terms, and more…
FTC Warns of Potential Coronavirus Scams
The Coronavirus has been on the front of everyone’s mind lately, causing fear and concern across the world. This deadly virus opens up yet another way for attackers to hack …
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a security protocol made for privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between …
Information Dissemination
Dissemination of Information refers to the distributing of a company’s or customer specific information to the public, whether through printed or electronic documents, or other forms of media. “Dissemination of information” …
Information Resources Management (IRM)
Information Resources Management (IRM) is the planning, budgeting, organizing, directing, training, and control associated with an organization’s information. The term encompasses both information itself and the related resources, such as personnel, …
Packet Sniffing
Packet Sniffing is the practice of gathering, collecting, and logging the packets that pass through a computer network, regardless of how the packet is addressed. In this way, every packet …
Network Based Intrusion Detection System (NIDS)
A Network Based Intrusion Detection System (NIDS), or Network Based IDS, is security hardware that is placed strategically to monitor critical network traffic. Traditional Network Based IDS analyzes passing network …
Backdoor
A Backdoor in the world of cybersecurity refers to the strategy used to get around normal security measures and gain privileged user access on a computer system, network, or software …
SQL Slammer Virus
The SQL Slammer Virus, also known as the Sapphire Virus, is malware in the form of a worm that caused a Denial of Service on many internet hosts in 2003, and …
Hack Back Bill
The Active Cyber Defense Certainty Act (ACDC), also known as the “Hack Back” bill was first introduced in the U.S. House of Representatives in 2017. The bill has been worked …
HowTo: Create Your Own Unique Training Program
This video outlines how to create your own unique training program within CyberHoot. The video shows how to set a frequency at which your employees receive their training videos, how …
HowTo: Clone and Assign an Existing Training Program from the Program Library
This video outlines step-by-step how to clone a training program, assign a frequency at which the videos are being sent out to staff, and customize the training program if you …
HowTo: Delete A Training Program
This video outlines step-by-step how to delete a training program. Deleting a training program will get rid of the training program forever, whereas archiving a training program will allow you …
HowTo: Archive A Training Program
This video outlines step-by-step how to archive a training program. Archiving a training program is different from deleting a training program in the way that you are able to restore …
Morris Worm
The Morris Worm goes down in history as the first worm in existence. This self repeating computer program that was written by Robert Tappan Morris, a student at Cornell University, …
Stuxnet
Stuxnet is a computer worm that was uncovered in 2010, which many people believe was in development since at least 2005. Stuxnet was targeting supervisory control and data acquisition (SCADA) …
Crypto-Mining or Cryptojacking
Crypto-Mining, also known as Cryptocurrency Mining, is a process in which transactions of various forms of cryptocurrency are verified and added to the blockchain digital ledger. Each time a cryptocurrency transaction …
Brute Force Attack
A Brute Force Attack is a strategy used by hackers trying to break into your data, password, or network. In this attack a computer, or its Graphics Processing Unit (GPU) will …
Zombie
A zombie is the term for a computer that is infected and being used remotely by a bot. A bot, short for “robot”, is a type of software application or …
Secure Shell (SSH)
Secure Shell (SSH) is a cryptographic network communications protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network …
Password Cracking
Password Cracking refers to the various methods hackers use to learn exactly what password you use to protect one of your computer accounts. This can be accomplished by recovering passwords …
Reverse Engineering
Reverse Engineering occurs when you take a finished product and working backwards to determine how it was constructed or engineered. By breaking a product or piece of software down into …
Melissa Virus
The Melissa Virus is malware that was was deployed in late March of 1999. A programmer by the name of David Lee Smith took over an America Online (AOL) account …
Reverse Intent
Reverse Intent the name given to a common hacker technique of flip-flopping a piece of security knowledge to identify a potential weakness. For example, identifying the version of Bind running …
Separation of Duties
Separation of Duties involves dividing roles and responsibilities to minimize the risk of a single individual subverting a system or critical process without detection. The classic example used in Separation of …
US Government Entities are Waking Up to Cybersecurity
Governments across the world are starting to realize how important cybersecurity really is. The United States is currently working on legislation that would help protect state and local governments by …
General (Public) Information
General Information, also known as Public information, is data that is commonly found in marketing campaigns, emails, and print media and generally requires less protection of its confidentiality and availability …
Intellectual Property
Intellectual Property (IP) refers to the ownership of a specific idea, design, manuscript, etc. by the person or company who created it. Intellectual property may give the person or company …
Swatting
Swatting is a cyber harassment tactic where the attacker deceives emergency response personnel such as the police by reporting an active shooter or hostage situation at a targeted person’s home …
ILOVEYOU Virus
The ILOVEYOU Virus, also known as, the Love Bug, is a computer worm that infected over 10 million Windows computers in May of 2000. The virus was an email that …
HowTo: Add a New Manager
This support HowTo video shows you exactly how to add a new manager into CyberHoot. https://www.youtube.com/watch?v=8k8C900JAac&feature=emb_logo
HowTo Add A New User Into CyberHoot
This HowTo video outlines how to add a single new user/employee into CyberHoot. If you would like to add multiple users/employees, we recommend using a CSV file, which is explained …
HowTo Restore an Archived User in a Training Program
This HowTo video outlines how to restore an archived user or employee in a Training Program. When an archived employee is restored to an active user, they regain all completed …
HowTo: Send an Email Reminder to One Employee With Outstanding Assignments
This HowTo video demonstrates how to resend all outstanding assignments to a single employee’s email address. Note: This email will contain links to ALL the employee’s outstanding assignments. It will also …
HowTo: Complete Assignments with your E-Signature
This support HowTo video illustrates exactly how to electronically sign your name to complete any assignment in CyberHoot. Pro Tip: Make sure to type your name exactly as shown in …
HowTo: Move an Employee to a New Manager
This support HowTo video shows how to move a single user/employee to a new manager. If you wish to assign multiple users to different managers, please watch HowTo: Re-assign Multiple …
Mandatory Access Controls (MAC)
Mandatory Controls, also known as Mandatory Access Controls (MAC), are a type of access control that restricts the user’s ability to access certain restricted data or to perform restricted actions. …
Discretionary Access Controls (DAC)
Discretionary Access Controls, also known as DAC, are types of cybersecurity measures that allow or restrict access based upon the discretion of the file or resource owner. For example, if …
Sensitive (Restricted) Information
Sensitive (or restricted) Information is data from a company or organization that is generally not regulated but that requires very important protections of its confidentiality, integrity and availability. Examples of sensitive …
