newsletter banner cyberhoot

CyberHoot Newsletter – Volume XI

HTTPS-Only Mode Introduced by Firefox Having HTTPS-enabled websites is crucial when entering passwords, credit card numbers, or other sensitive information. When accessing unencrypted HTTP-enabled sites, users can fall victim to …

Memory-Resident Virus

A Memory-Resident Virus is a virus that is located in the memory of a computer, even after the ‘host’ application or program has stopped running (been terminated). Non-Memory-Resident Viruses are …

firefox 83 https

HTTPS-Only Mode Introduced by Firefox

For those that don’t know, the webpage you’re reading this article on features the security protocol of ‘HTTPS’ for example, https://cyberhoot.com/; meaning all data leaving this webpage to and from your …

RAM

Random Access Memory (RAM)

Random Access Memory (RAM) is a machine’s short-term memory. RAM is fundamental to computer processing, being a super-fast and temporary data storage space that a computer needs to access right …

lms

Learning Management System (LMS)

A Learning Management System (LMS) is a solution used by organizations to deploy and track online training initiatives. Typically assets, such as Training Assignments, Policies, or Surveys are uploaded to …

linux cybrary

Linux

Linux is an open-source operating system (OS) that manages a system’s hardware resources including memory and storage. The OS rests between applications and hardware making connections between all of your …

lateral movement

Lateral Movement

Lateral Movement is the technique that hackers use after gaining initial access to machines or networks. Hackers use this strategy to move deeper into a network in search of sensitive …

black friday cyberhoot

Be Wary of ‘Black Friday’ Scams

Finally, we’ve made it through the majority of 2020 and into the Holiday season, allowing us to celebrate by getting together with family and friends and perhaps do a little …

recon cybrary

Reconnaissance

Reconnaissance in cybersecurity refers to the preliminary step of a cyberattack, where a hacker is ‘scouting’ the target system. The terminology comes from military language, referring to a mission into …

secure web gateway swg

Secure Web Gateway (SWG)

A Secure Web Gateway (SWG) is a tool that shields users from web-based threats as well as applying and enforcing business use policies. Instead of connecting directly to a website, …

Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. SSO works based on relationships …

vishing threat

Vishing, A Threat You Haven’t Thought About

During COVID19 Hackers have upped their attacks to even circumvent two-factor authentication measures. Learn how they are using Vishing to by-pass your best VPN security measures and steal and ransom your data.

EOL and EOS Software and Hardware

11 Reasons to Upgrade Hardware and Software

The pyramids in Egypt and the Great Wall of China were built to last forever. Computer hardware and software? Not so much. IT departments typically replace their workstations, servers, and …

human firewall

Building A Human Firewall

Most cybersecurity experts believe people are the weakest link but at CyberHoot we view people as the strongest line of defense known as the Human Firewall. Through training, policy guidance, and technical protections, people can go from weakest link to cybersecurity tour-de-force in protecting your company. Give them a fighting change and help them become more aware and in so doing, more secure personally and professionally.

CyberHoot Newsletter – Volume X

Remote Worker Security and Productivity The 2020 Coronavirus pandemic has lead many workers to work from home to slow its spread. As we move into a third wave of infections, …

vCISO virtual CISO

vCISOs, Keeping Your Business Secure

There seems to be a news report every day about the latest security breach. Securing the privacy of company information, user information, and customer data is a top priority for …

vCISO

vCISO

A vCISO (virtual Chief Information Security Officer), provides cybersecurity leadership to businesses virtually at a fraction of the cost if hiring them full-time. By hiring a third-party provider to manage …

pdf file

PDF (Portable Document Format)

A PDF (Portable Document Format) is a file format designed to present documents consistently across multiple devices and platforms. Since developed by Adobe 1992, it’s become one of the most …

cyber insurance

Cyber Insurance: Why It’s Needed – Part 1

Cyber Insurance is a developing market with businesses regularly purchasing cyber coverage in addition to liability, errors and omissions, fire, and flood. With so many attacks and data breaches happening …

microsoft critical vulnerability

ALERT: Microsoft Releases “Zerologon” Patch

CyberHoot’s Chief Information Security Officer constantly monitors the cybersecurity threats MSPs and SMBs face. Recently, a critical vulnerability was patched by Microsoft in August 2020. This vulnerability was so severe, …

malicious URLs

Malicious URL

A Malicious URL is a link created with the purpose of promoting scams, attacks, and fraud. By clicking on an infected URL, you may download malware or a trojan that …

ssae soc 1

SSAE Compliance

SSAE Compliance, also known as Statement on Standards for Attestation Engagements and Compliance, is a collection of auditing standards and guidance using standards published by the Auditing Standards Board (ASB) …

All-Source Analysis

All-Source Analysis is the analysis of threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Analysts use this strategy to synthesize and group intelligence data gathered to …

smishing threat phishing

Smishing, The New Phishing

Many people know about Phishing, a form of social engineering to deceive individuals into doing a hacker’s bidding. Hackers convince users to click on malicious links in an email resulting …

wifi 6e

Wi-Fi 6E

Wi-Fi 6E is a new extension to the Wi-Fi 6 standard ratified unanimously by the FCC in April of 2020 which opens up unused spectrum in the 6 GHz band. …

government cybersecurity attacks

State & Local Government Cyberattacks Up 50%

Cybersecurity firm BlueVoyant published a report on August 27, 2020, finding that State and Local Governments have seen a 50% increase in cyberattacks since 2017. The report outlined the cyberattacks …

soc 3

SOC 3

SOC 3 isn’t an of upgrade over the SOC 2 report. It may have some of the components of SOC 2; still, it is entirely a different ball game. SOC …

soc 1

SOC 1

Systems and Organizational Controls (SOC) is an auditing standard that has its roots in financial systems and auditing. SOC audits come in three (3) flavors with SOC Type 1 being …

wifi 6

The New & Improved Wi-Fi 6 Standard

Do you ever get frustrated with your Internet speeds and find yourself saying “there’s no way this is as fast as it can go”? Well luckily for you, there’s a …

soc 2

SOC 2

SOC 2 is the most commonly achieved audit report of the three SOC audit types. SOC 2 audits are quite common when working with service providers. It’s common for people …

cyber insurance

Cyber Insurance

Cyber Insurance is a form of insurance for businesses and individuals against Internet-based threats. Many high profile data breaches have prompted insurance companies to offer cyber insurance policies to protect …

api security threat

API Security Risks and Recommendations

Experts are warning security professionals of the next big threat hitting the cyber world: Application Programming Interface (API) attacks. APIs work to make systems perform better by integrating other website’s …

Digital Content Management (DCM)

Digital Content Management (DCM) is the process for collection, delivery, retrieval, governance and overall management of information in any digital format. The term is generally used in reference to administration …

cyberwarfare cybrary

Cyberwarfare

Nation states have taken heavily to cyberwarfare over the past 20 years. Some flex their muscles openly such as when Russia invaded Georgia a few years back and took out their critical infrastructure through Cyberwarfare before they rolled their tanks in. Others do so more stealthily with false flags and more. The only certainty is you must protect yourself, because no-one else will or can. Learn how at CyberHoot.

CyberHoot Newsletter – Volume 9

Hacker’s Court Hearing Disrupted By Porn Clip The FBI caught the perpetrator involved in the recent Twitter Hack, 17-year old Graham Clark. Clark was having his arraignment virtually on a …

api

Application Programming Interface (API)

An Application Programming Interface (API) is a set of definitions and protocols for building and integrating application software. APIs let your product communicate with other products and services without having …

tor browser cybrary

Tor Browser

The Tor Browser is a web browser designed for anonymous web browsing and protection against traffic capture, providing some level of privacy protection for individuals who us it.  The Tor …

digital rights management drm

Digital Rights Management (DRM)

Digital Rights Management (DRM) are measures taken to protect digital media copyrights. DRM tries to prevent unauthorized redistribution of digital media and places restrictions on the ways consumers can copy …

facial recognition cyberhoot

Facial Recognition Takes A Step Back

As facial recognition technology improves and becomes more widespread in its applications for authentication purposes, it is important to understand that security researchers are also devising schemes to fool these systems and to both hide identities from the technology, and to find people from large identity databases alike. The only thing certain about facial recognition today is that it exists and it will continue to be refined and that privacy laws are struggling to keep pace with these advancements.

cyber spill cybrary

Data Spill

A Data Spill, or Data Leak, is the accidental or deliberate exposure of information into an unauthorized environment. Data spillage is often the result of hackers breaking into company networks …

paste attack cybrary

Paste

A Paste is information that has been “pasted” to a public facing website designed to share content such as Pastebin. These public forums are frequently used by hackers for their …