cookie cybrary term

Cookie

A Cookie, or web cookie, is a small data file used by computers to track website communications and sessions. When you visit a website, it sends a cookie to your …

June 30th, 2020

mac malware article

Malware in Macs

MAC Malware has grown faster than Windows Malware in the last 24 months. If you bought a MAC because it was “safer” think again and learn all the types of malware that’s impacting these systems. Become more aware to become more secure especially with respect to MAC hardware.

June 30th, 2020

recovery point objective rpo

Recovery Point Objective (RPO)

A Recovery Point Objective (RPO) is the maximum amount of data that your company is willing to lose in a disaster. Most businesses backup their data at specific intervals (hourly, …

June 25th, 2020

rto recovery time objective

Recovery Time Objective (RTO)

A Recovery Time Objective (RTO) is a metric used to measure how fast you can recover your IT infrastructure and services following an incident or outage (business continuity). RTO is …

June 25th, 2020

recaptcha cybrary term

reCAPTCHA

reCAPTCHA is a (presently) free security tool from Google which helps separate automated Bots from real humans wanting to interact with your website whether to purchase, query, complete a form. or register for something. Enabling reCAPTCHA can greatly reduce nuisances in your website from hackers and provide SMBs peace-of-mind.

June 24th, 2020

cyber patch term

Patch

A Patch is a software component that is installed onto a device that modifies files or device settings. Patches are typically done to fix an issue with a device or …

June 24th, 2020

restore recovery cybrary

Restore (Recovery)

When -planning for risks to your small to medium sized business, you need to include data backups and recovery processes. Test that these work at least annually and be aware that some new hacking attacks cannot be addressed by simply restoring data from a strong backup strategy because of threats to your data’s confidentiality.

June 24th, 2020

Hackers Are Releasing Fake Contact Tracing Apps

Hackers are constantly adapting to the changing realities of today’s global pandemic. Their latest attack method is the release of bogus contact tracing applications. Twelve (12) country’s have had fake contract tracing apps released by hackers impersonating their government contact tracing programs in order to compromise citizen’s mobile devices. Learn how to protect yourself in this article.

June 23rd, 2020

Newsletter Vol 7

CyberHoot Newsletter – Volume 7

CyberHoot Newsletters is a monthly summary of the hot cybersecurity topics published by CyberHoot in our Cybrary terms and blog over the previous 30 days. Indepth analysis, recommendations for protection, and topics pertinent to the Small-to-Medium sized Businesses (SMB) market are covered. We’re helping SMB’s even the playing field or boxing ring to ensure there’s a fair fight between them and hackers.

June 19th, 2020

eavesdropping cybrary term

Eavesdropping

Eavesdropping in the cybersecurity world refers to the interception of communication between two parties by a malicious third party (hackers). Eavesdropping is similar to a sniffing attack, where software applications …

June 19th, 2020

POS Intrusions

A POS Intrusion is an attack that happens at the Point-of-Sale device. The POS device in retail stores process credit card transactions at check out. Newer devices allow you to …

June 19th, 2020

cyber espionage cybrary

Cyber Espionage

Cyber Espionage is a cyber attack that leads to stolen classified, sensitive, or critical data often in the form of intellectual property in order to gain a competitive advantage over …

June 17th, 2020

data mining cybrary

Data Mining

Examining the data you collect to run your business can lead to greater efficiency, shorter periods of down-time, and better predictive models surrounding demand for your products and services. This is known as data mining.

June 16th, 2020

cyber ecosystem cybrary

Cybersecurity Ecosystem

Whether you like it or not, you and your business are part of an online Cybersecurity ecosystem. There are predators (hackers) and the hunted (businesses and individuals). You can sit passively and idly by hoping no predators see you, or you can build your defenses by training your employees and evaluating your cybersecurity maturity to ensure you can run faster than the person or business next to you. Inaction is no longer an option. Do something at CyberHoot.com.

June 16th, 2020

stalkerware cybersecurity

Stalkerware Could Be Spying On You

In this day and age, the ability to track someone with their mobile devices is incredibly easy. It’s made easier still using automated tools like stalkerware available online from the dark web. Learn how to protect yourself and your devices at CyberHoot.com.

June 16th, 2020

Password Sniffing

Password Sniffing is a hacking technique that uses a special software application that allows a hacker to steal usernames and passwords simply by observing and passively recording network traffic.  This …

June 10th, 2020

cracker cybrary term

Cracker

A Cracker is an individual who breaks into a computer accounts, systems, or networks and intentionally causes harm. A cracker can be doing this for profit, for malicious reasons, for …

June 10th, 2020

influencer cybrary term

Influencer

An Influencer is someone who creates or promotes content on the Internet to a group of social media followers (subscribers) via a variety of websites. The term Influencer is a …

June 10th, 2020

youtube blog

YouTubers: The Growing Security Target

YouTube Influencers make a good deal of money and are being targeted for account hi-jacking by hackers seeking to extort them for bitcoin ransom payments. Pay or lose your followers/subscribers when the hacker posts offensive materials alienating subscribers.

June 9th, 2020

closed source cybrary

Closed Source

Closed Source is software that is generally not free, where the source code is safe and encrypted. Contrary to Open Source, Closed Source can’t copy, modify, or delete parts of …

June 4th, 2020

open source cybrary term

Open Source

Open source software (OSS), unlike proprietary software, is software that keeps the code open so IT professionals can alter, improve, and distribute it.  Popular Open Source software examples include Mozilla’s …

June 3rd, 2020

phish testing employees

Phish Testing Employees

Phishing attacks represent 90% of successful breaches at Small to Medium Sized Businesses (SMBs). Learn what they are and how to protect yourself from them at CyberHoot.com.

June 2nd, 2020

waterfall method cybrary

Waterfall Development Methodology

Software development has come a long way from the days of mechanical switches, punch cards, and the potential for a moth (Bug) in your machine. Today development programs usually follow one of two methodologies: waterfall or agile development. This article provides a quick layman’s overview of Waterfall development methodology.

June 1st, 2020

agile development cybrary

Agile Development Methodology

The Agile Development Methodology refers to a practice that uses continuous improvement and testing in software application development processes. Within the Software Development Life Cycle, there are a couple methodologies …

June 1st, 2020

sdlc software development cybrary

Software Development Life Cycle (SDLC)

Software Development Life Cycle (SDLC) is the process companies follow to produces quality software in an efficient, supportable, and timely way. SDLC has undergone as many changes over the last …

June 1st, 2020

Protect Your Business

CyberHoot Newsletter – Volume 6

CyberHoot is your authority for cybersecurity news and understanding what the news means. From in-depth analysis articles to a library of 500 cybersecurity terms with related videos, CyberHoot provides you the information and training you need, when you need it.

May 28th, 2020

owasp top ten

OWASP Top Ten

Development shops need to practice safe and secure coding. The best way to get your developers all on the same page is to train them in the Top 10 most common security mistakes made in coding. Visit CyberHoot.com’s blog article here on OWASP Top 10 coding errors that lead to insecure applications.

May 26th, 2020

ccpa gdpr privacy act laws

Regulations Like the CCPA Don't Stop at California

Data Privacy legislation has received some heavy support from the European Union with the passing of the General Data Privacy Regulations (GDPR) followed by California’s Consumer Protection Act (CCPA). Additional states are looking to bring a patchwork quilt of privacy requirements to the US in concert and conflict with one another. Learn more here at CyberHoot.

May 19th, 2020

email impersonation cybrary term

Email Impersonation

Impersonation email phishing attacks are rampant online. Do not trust an External email from your CEO or CFO if it seems unexpected, urgently needs your attention, and seems off in some unexplainable way. Pick up the phone and call that person or send them a separate text message (not email) to confirm their request.

May 18th, 2020

MAZE Ransomware

Ransomware has been the scourge of businesses for many years. MSP’s and SMB’s have sought to protect themselves with strong backups rather than educating users in many cases. With the MAZE ransomware, hackers have upped the ante for SMB’s by exporting the data and threatening to release it to the public Internet exposing that data and breaching its confidentiality. Train employees to spot and avoid these attacks rather than rely on your backups or you will be paying these bitcoin ransom extortion requests.

May 14th, 2020

wireshark cybrary term

Wireshark

Wireshark is a powerful network analysis and packet assembly tool. It is used by Network Administrators and hackers alike to view data on the Local Area Network regardless of wired or wireless.

May 14th, 2020

rainbow table definition cybrary

Rainbow Tables

Rainbow tables are mostly dead today, but not all dead. Salting and iterative hashing functions have made rainbow tables obsolete when used. However, there are hundreds of thousands of websites and password databases that do not use password salting and iterative hashing making a rainbow table useful for hackers in these situations.

May 14th, 2020

Man-In-The-Middle Attack

Man-In-The-Middle (MITM) attacks are a hacker staple. They are commonly used on rogue WiFi networks where unsuspecting free WiFi users unencrypted traffic can be intercepted by these MITM attacks.

May 13th, 2020

session hijacking cybrary

Session Hijacking Attack

Web applications are rapidly eclipsing desktop application installs. However, each web application has an exposure to Session Hijacking not present on a desktop installed software product. Learn all about this attack vector with online applications at CyberHoot.com.

May 13th, 2020

Buffer Overflow Attack

Online applications that allow for password logins, database searches, and forms completion will need to validate the input they allow to prevent excessive input data that could overflow the system buffers receiving such inputs. Otherwise, code can be injected to run on these systems through these missing input validation coding errors as buffers overflow.

May 13th, 2020

hmac cybrary term

HMAC Authentication

HMAC Authentication is short for Hash-Based Message Authentication Code, a strategy used to verify the integrity and authenticity of a message. This strategy is different from other authenticaton methods in …

May 13th, 2020

Internet of Things (IoT)

The Internet of Things (IoT) is any device or machine that has the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. IoT is essentially any …

May 12th, 2020

credential stuffing cybrary term

Credential Stuffing

When hackers are in possession of a large set of usernames and passwords, they perform credential stuffing attacks on popular websites, slowly enough to evade failed password login monitoring solutions. Over time they will amass a treasure trove of compromised credentials which they can sell on the dark web for a tidy profit or they can use those credentials to cause significant damage to the original account holder.

May 7th, 2020

password salting cybrary term

Password Salting

Passwords are toxic data. They require very careful handling to avoid a major security incident from taking your company down. Salting and hashing those passwords recursively is critical to your application authentication success. Learn more about this at CyberHoot.com.

May 6th, 2020

cots cybrary

Commercial Off-The-Shelf (COTS)

Commercial Off-The-Shelf (COTS) in cybersecurity is a computer hardware or software product made for nearly any user because it is available to the general public for purchase. COTS products are …

May 5th, 2020

anti malware cybrary term

Anti-Malware

Anti-Malware is a solution that maintains computer security and protects sensitive data that is transmitted by a network or stored on local devices. Anti-malware tools employ signature based scanning strategies …

May 5th, 2020

Safe Links | URL Protection | Link Protection

Links in email can lead to malicious websites that push malware to your computer or attempt to steal your credentials when you visit a look-alike website that prompts for a familiar looking login. To address this risk, Anti=SPAM email security gateways and providers have implemented a URL rewrite technique to proxy connections to these websites after inspection by the Vendor reveals them to be safe. This technology is called by many different names including: Safe Links (Microsoft), URL Protection (Mimecast), and Link Protection (Great Horn).

April 22nd, 2020

End-Of-Life (EOL) – End-Of-Support (EOS)

End-of-Life (EOL)/End-of-Support(EOS) describe the final stage of a product’s lifecycle. Once a product reaches EOL/EOS, developers stop updating and patching the product and it is no longer maintained. Software development …

April 21st, 2020

cmmc cyber security

The New CMMC Standard

Cybersecurity Maturity Model Certification is a much needed adjustment to DFARS that provides risk based compliance to five levels of controls that relates to the Controlled Unclassified Information (CUI) that underpins a defense contractor, sub or prime working in the defense industry.

April 21st, 2020