MalSmoke Attack: Atera RMM Tool At Risk
January 7th, 2022: CyberHoot has investigated a new form of malware known as Malsmoke. This malware is taking advantage of a vulnerability in the way Microsoft digitally signs a specific …
Network Interface Card (NIC)
Secure your business with CyberHoot Today!!! Sign Up Now A Network Interface Card (NIC) provides networking capabilities for a computer. It may enable a wired connection (Ethernet) or a wireless connection (Wi-Fi) …
The Hidden Benefits of Awareness Training for MSPs
As a Managed Service Provider (MSP), you know your customers are serious about defending against cyberattacks. That’s part of the reason why they hired you. Data breaches are all too …
Open Systems Interconnection (OSI) Model
The Open Systems Interconnection (OSI) Model is a conceptual model created by the International Organization for Standardization that allows various communication systems to communicate using standard protocols. In simpler terms, …
Layer 2 Network
Layer 2 Networks refers to the second layer of the Open Systems Interconnection (OSI) Model, which is the data link layer. Layer 2 Network is the link layer (second-lowest layer) …
Layer 3 Network
A Layer 3 Network is the third layer of the Open Systems Interconnection (OSI) Model, or network layer. Layer 3 provides the network’s routing and switching logic that creates network …
Advisory: Wormable Windows HTTP Bug
January 12th, 2022: Today Microsoft sent a notification of a critical risk to those who use Windows devices. The critical bug is CVE-2022-21907, also known as HTTP Protocol Stack Remote …
Google Docs’ Comment Phishing Exploit
A wave of phishing attacks has been generated within Google’s cloud-based word processing solution (Google Docs) and its “Comments” feature. Attackers use the commenting feature to send malicious links to …
Private Virtual Local Area Network (PVLAN)
Private Virtual Local Area Network (PVLAN), also known as port isolation, is a network segmentation technology for layer 2 networks, which allows for separate sub-networks, or private VLANs under the main …
Copyright Infringement Instagram Scam
Learn how spot and ignore copyright infringement threats from hackers claiming you stole their art.
Fleeceware
Fleeceware is a malicious application that tricks users into paying money for simple apps with functionality that’s readily available for free elsewhere. Fleeceware is successful on Google’s Play Store (rather …
MD5 Hash
An MD5 Hash is a hashing algorithm that is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value …
Peer-to-Peer (P2P) Network
Peer-to-Peer (P2P) Networks exist where groups or “peers” of computer systems are linked to each other through the Internet for a common purpose usually with a common application directing their …
Torrent
A Torrent is a file type used by the BitTorrent file-sharing protocol. The protocol authorizes and points to a remote server that contains the location of different remote hosts with …
Pirated Movies Containing Malware
ReasonLabs, a provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into computers with the mask of the latest Spiderman movie. The movie is …
Mean Time To Respond (MTTR)
Mean Time To Respond (MTTR) is the average time required to return a system to operational condition after receiving notification of a failure or cyberattack. MTTR represents the security of …
CyberHoot Newsletter – December 2021
Software as a Service (SaaS) Risks and Challenges Software as a Service (SaaS) applications have transformed businesses over the last decade providing enormous value. SaaS solutions have enabled businesses to …
Malicious ‘Fleeceware’ App Downloaded 600M Times
Google has tried to eliminate malicious apps from its Android platform on the Google Play Store, but certain apps slide by Google’s security team, like Fleeceware. Fleeceware is a malicious application that …
Mean Time To Detect (MTTD)
Mean Time To Detect (MTTD), also known as Mean Time To Identify (MTTI), is one of the main key performance indicators in Incident Management. MTTD refers to the mean (average) …
Software as a Service (SaaS) Risks and Challenges
Software as a Service (SaaS) applications have transformed businesses over the last decade with enormous value. SaaS solutions have enabled and empowered businesses to continue operating during the pandemic with …
Security Orchestration, Automation, and Response (SOAR)
Security Orchestration, Automation, and Response (SOAR) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events without human intervention. …
Individual Training Confirmation
Thank you for signing up with CyberHoot for your ‘Individual’ Cybersecurity Awareness Training. You will be receiving an email from CyberHoot in the next 15 minutes with the subject line: …
Periodic Backups
For decades now, Periodic Backups have been used to backup and safeguard critical data. Periodic backups are performed on a set schedule, rather than event-driven, such as whenever new data …
Job Scam Attack: Fake Offers and Checks
The pandemic has created new opportunities for social engineering attacks on unsuspecting users. One method of attack has been successful enough to force the FBI to release a warning. Cybercriminals …
GoDaddy Password Breach Affects Over A Million Users
The US Securities and Exchange Commission (SEC) has published a “Security Incident” submitted by web services giant, GoDaddy. GoDaddy says that in November 2021, it realized that there were cybercriminals in …
Backup Versioning
Backup Versioning is when a backup solution allows a computer file to exist with several archived versions. Most common backup versioning file systems keep a number of old copies of the …
Be Wary of ‘Black Friday’ Scams
Finally, we’ve made it through the majority of 2021 and into the Holiday season, allowing us to celebrate by getting together with family and friends and perhaps do a little …
Castle-and-Moat Network Security Model
Castle-And-Moat refers to a network security model in which no one outside the network is able to access data on the inside, but everyone inside the network can. Imagine an …
Employee SSNs Exposed in California Pizza Kitchen Breach
California Pizza Kitchen (CPK) founded in Beverly Hills, California in 1985, has more than 250 locations across 32 states. CPK experienced a data breach exposing the full names and Social …
‘Tis The Season To Be Smished
The holiday shopping season means big business for retailers around the world, but it unfortunately also means big business for hackers. The reasoning is, people tend to be on the …
CyberHoot Newsletter – November 2021
‘Tis The Season To Be Smished The holiday shopping season means big business for retailers around the world, but it unfortunately also means big business for hackers. The reasoning is, people …
Network Attached Storage (NAS)
Network Attached Storage (NAS) is high-capacity storage that connects to your home or office network so that you and other trusted users can access your files from mobile devices and …
Monero Coin (XMR)
Monero Coin (XMR) is a cryptocurrency focused on ‘Privacy and Anonymity’. The privacy token runs on its own blockchain, which hides virtually all transaction details. The identity of the sender …
CyberHoot’s 3-2-1 Backup Guide
As the number of areas where data is stored increases, the concept of following a 3-2-1 Backup Strategy is often forgotten. While you can’t prevent every compromise of your company’s …
Vulnerability Alert Management Policy (VAMP)
A Vulnerability Alert Management Policy (VAMP) is created within an organization to establish consistent rules for the review, evaluation, application, and verification of system updates to alleviate vulnerabilities in one’s …
Monero – The New Crypto For Hackers
Cybercriminals had a wake-up call after the FBI successfully breached a cryptocurrency wallet held by the Colonial Pipeline hackers by following the money trail on bitcoin’s public blockchain. The FBI …
Cybersecurity Awareness Month Vlog Series 2021
Each day this month, we published a short (3–5 minute) interview CyberHoot’s Co-Owner Craig Taylor had with Mindwhirl outlining necessary topics to help improve people’s cybersecurity hygiene. Check CyberHoot’s VLOG and social media …
Vulnerability Scanning
Vulnerability Scanning is the process of identifying security weaknesses and coding flaws in systems and software running on them. This is a vital component of a vulnerability alert management program, …
Cyber Insurance – Day 31 of Cybersecurity Awareness Month
Today is Day 31, the final day of Cybersecurity Awareness Month! Each day, we published a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG …
vCISO, Why Do I Need One? – Day 30 of CSAM
Today is Day 30 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Vulnerability & Penetration Testing – Day 29 of CSAM
Today is Day 29 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Benefits of Encryption – Day 28 of Security Awareness Month
Today is Day 28 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Least Privilege – Day 27 of Cybersecurity Awareness Month
Today is Day 27 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Cybersecurity Policy Importance – Day 26 of Awareness Month
Today is Day 26 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
CIA of Data Protection – Day 25 of Cybersecurity Awareness Month
Today is Day 25 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Privacy Regulations – Day 24 of Cybersecurity Awareness Month
Today is Day 24 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Preventing Identity Theft – Day 23 of CSAM
Today is Day 23 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Business Email Compromise (BEC) – Day 22 of CSAM
Today is Day 22 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Dark Web Exposures – Day 21 of Cybersecurity Awareness Month
Today is Day 21 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
U.S. Water and Wastewater Systems Cyber Breach
The Cybersecurity and Infrastructure Agency (CISA) released an alert of an ongoing cyber threat to the U.S. Water and Wastewater Systems, also highlighting five incidents that occurred between March 2019 …
