government cybersecurity attacks

State & Local Government Cyberattacks Up 50%

Cybersecurity firm BlueVoyant published a report on August 27, 2020, finding that State and Local Governments have seen a 50% increase in cyberattacks since 2017. The report outlined the cyberattacks …

September 15th, 2020

soc 3

SOC 3

SOC 3 isn’t an of upgrade over the SOC 2 report. It may have some of the components of SOC 2; still, it is entirely a different ball game. SOC …

September 10th, 2020

soc 1

SOC 1

Systems and Organizational Controls (SOC) is an auditing standard that has its roots in financial systems and auditing. SOC audits come in three (3) flavors with SOC Type 1 being …

September 9th, 2020

wifi 6

The New & Improved Wi-Fi 6 Standard

Do you ever get frustrated with your Internet speeds and find yourself saying “there’s no way this is as fast as it can go”? Well luckily for you, there’s a …

September 8th, 2020

soc 2

SOC 2

SOC 2 is the most commonly achieved audit report of the three SOC audit types. SOC 2 audits are quite common when working with service providers. It’s common for people …

September 4th, 2020

cyber insurance

Cyber Insurance

Cyber Insurance is a form of insurance for businesses and individuals against Internet-based threats. Many high profile data breaches have prompted insurance companies to offer cyber insurance policies to protect …

September 2nd, 2020

api security threat

API Security Risks and Recommendations

Experts are warning security professionals of the next big threat hitting the cyber world: Application Programming Interface (API) attacks. APIs work to make systems perform better by integrating other website’s …

September 1st, 2020

Digital Content Management (DCM)

Digital Content Management (DCM) is the process for collection, delivery, retrieval, governance and overall management of information in any digital format. The term is generally used in reference to administration …

August 31st, 2020

cyberwarfare cybrary

Cyberwarfare

Nation states have taken heavily to cyberwarfare over the past 20 years. Some flex their muscles openly such as when Russia invaded Georgia a few years back and took out their critical infrastructure through Cyberwarfare before they rolled their tanks in. Others do so more stealthily with false flags and more. The only certainty is you must protect yourself, because no-one else will or can. Learn how at CyberHoot.

August 31st, 2020

CyberHoot Newsletter – Volume 9

Hacker’s Court Hearing Disrupted By Porn Clip The FBI caught the perpetrator involved in the recent Twitter Hack, 17-year old Graham Clark. Clark was having his arraignment virtually on a …

August 28th, 2020

api

Application Programming Interface (API)

An Application Programming Interface (API) is a set of definitions and protocols for building and integrating application software. APIs let your product communicate with other products and services without having …

August 26th, 2020

tor browser cybrary

Tor Browser

The Tor Browser is a web browser designed for anonymous web browsing and protection against traffic capture, providing some level of privacy protection for individuals who us it.  The Tor …

August 25th, 2020

digital rights management drm

Digital Rights Management (DRM)

Digital Rights Management (DRM) are measures taken to protect digital media copyrights. DRM tries to prevent unauthorized redistribution of digital media and places restrictions on the ways consumers can copy …

August 25th, 2020

facial recognition cyberhoot

Facial Recognition Takes A Step Back

As facial recognition technology improves and becomes more widespread in its applications for authentication purposes, it is important to understand that security researchers are also devising schemes to fool these systems and to both hide identities from the technology, and to find people from large identity databases alike. The only thing certain about facial recognition today is that it exists and it will continue to be refined and that privacy laws are struggling to keep pace with these advancements.

August 18th, 2020

cyber spill cybrary

Data Spill

A Data Spill, or Data Leak, is the accidental or deliberate exposure of information into an unauthorized environment. Data spillage is often the result of hackers breaking into company networks …

August 16th, 2020

paste attack cybrary

Paste

A Paste is information that has been “pasted” to a public facing website designed to share content such as Pastebin. These public forums are frequently used by hackers for their …

August 16th, 2020

quality of service QoS

Quality of Service (QoS)

Quality of Service (QoS) is a technology that manages and prioritizes certain types of data traffic on a network with the goal of reducing packet loss, latency and jitters for …

August 11th, 2020

gandcrab ransomware

GandCrab Ransomware

Increasingly sophisticated and damaging ransomware attacks are here. Availability has always been threatened, but backups prevented ransoms from being paid so hackers have added confidentiality attacks. Ransomware like Maze and REvil now threaten to release critical data online if a ransom isn’t paid. Visit Cyberhoot to learn how to protect from this evolution and escalation in the ransomware war with hackers.

August 11th, 2020

network behavior analysis

Network Behavior Analysis (NBA)

Network Behavior Analysis (NBA), also known as “Behavior Monitoring” is the collection and analysis of internal network data to identify malicious or unusual activity. Behavioral monitoring tools analyze information from …

August 6th, 2020

Multiple Internet Pipes help Network Redundancy

Bandwidth

Bandwidth is foundational to any company’s Internet presence and function. Having enough bandwidth and reliable connectivity to the Internet can ensure smooth operations. This article gives a high level overview of your Bandwidth needs, planning considerations, and troubleshooting tools.

August 6th, 2020

blended threat cybrary

Blended Threat

A Blended Threat is a computer network attack that seeks to maximize the severity of damage and speed of contagion by combining methods—for example, using characteristics of both viruses and …

August 6th, 2020

garmin ransomware attack

Garmin Ransomware Attack

Garmin, like Twitter the week before, suffered a massive breach. For Garmin it was ransomware while Twitter saw 130 of its most influential accounts taken over by hackers. Both companies suffered at the hands of hackers who used social engineering attacks to get into the companies and cause their damage. Visit CyberHoot to learn how to protect yourself and your company from these attacks.

August 4th, 2020

data normalization cybrary

Data Normalization

Data Normalization is a process of reorganizing information in a database to meet two requirements: data is only stored in one place (reducing the data) and all related data items …

July 30th, 2020

catfish cybrary term

Catfishing

Catfishing is a common technique used on social media sites to attack victims through fake personalities and accounts. This technique is also used on dating sites, playing on people’s emotions, …

July 29th, 2020

diebold atm hack

Jackpotting: Asian ATM Hacking Reaches the US

Automated Teller Machines (ATMs) have been around for more than 50 years. In that time, criminals have found many unique ways to steal the cash they contain. Physical security, network security, logical security all play roles in protecting these machines from compromise. Learn how banks are protecting the machines and what you can learn from ATM heists to protect your own business at CyberHoot.

July 28th, 2020

identity theft cybrary

Identity Theft

Identity Theft is when a hacker uses your personal identifying information and pretends to be you in order to commit fraud or to gain other financial benefits. Thieves look to …

July 27th, 2020

data aggregation

Data Aggregation

The world of big data swirls around all of us online today. Data Aggregation (DA) is how big data is analyses for meaningful relationships and then converted into actionable intelligence. Learn more at CyberHoot.

July 24th, 2020

Become more aware to become more secure.

CyberHoot Newsletter – Volume 8

CyberHoots monthly newsletter summarizes the most important cybersecurity news from the previous month and provides some analysis specific to business owners in the small to medium sized business space.

July 24th, 2020

cyber threat actor

Threat Actor

A Threat Actor is a person or group performing malicious or hostile actions which cause harm to the victims computers, devices, systems, or networks. Threat Actors are categorized into groups …

July 23rd, 2020

javascript

JavaScript

JavaScript is a programming language developed by Netscape commonly used in web development; used to add dynamic and interactive elements to web pages. The coding language is a “client-side” language …

July 22nd, 2020

msp attack increases

U.S.S.S. Reporting Increase In Hacked MSPs

The Secret Service warned of increasing attacks on MSPs in July 2020. If you’re not learning how to protect yourself as a Next Generation MSP, then you’re going to be compromised and you’re going to be out of business in the future. The risks are too great. You need to become more aware to become more secure. Learn how to do all this with CyberHoot.

July 21st, 2020

cyberspace cybrary

Cyberspace

Cyberspace is the complex environment of interdependent networks of IT infrastructures including the public Internet, various private “Internets” such as Internet2 or the US military’s Secret Internet Protocol Router Network (SIPRNet), telecommunications …

July 20th, 2020

twitter hacked

Major Twitter Accounts Hacked

July 15, 2020: Hundreds of high-profile twitter accounts were hacked including Elon Musk, Kanye West, Barack Obama, Bill Gates, and many others. They all posted nearly identical messages asking for …

July 16th, 2020

application hacked

JBOH (JavaScript-Binding-Over-HTTP)

JBOH (JavaScript-Binding-Over-HTTP) is a mobile device attack that enables an attacker to execute arbitrary code on a previously compromised device. These attacks are known to be deployed through malicious JBOH …

July 16th, 2020

situational awareness cybrary

Situational Awareness

Situational awareness is knowledge combined with attitudes and behaviors that work to protect our IT assets. Being aware in cybersecurity means you understand what the threats you face are and …

July 16th, 2020

SIGRed is not your run of the mill vulnerability.

SIGRed – All Windows Servers Running DNS Critical Vulnerability

Every so often, a vulnerability is discovered so egregious that its discovery warrants a special name. On July 14th 2020, a new vulnerability named “SIGRed” was announced that could lead to the compromise of ALL Windows servers from a simple email phishing attack containing a specially-crafted DNS query that would yield complete hacker control of impacted servers. Now that I have your attention, stop what you were planning to do, and read up on SIGRed and apply the Patch of the Registry work-around NOW.

July 15th, 2020

pet adoption scams

Hacker’s Latest Scam: Pet Adoptions

Cyber criminals capitalize on global events (COVID) and national trends that result from global events (Pet Adoption increases). CyberHoot is seeing an increase in Pet Adoption Scams and wants to help our users become more aware of how to spot these scams and avoid them. Become more aware to become more secure.

July 14th, 2020

cryptanalysis cybrary

Cryptanalysis

Cryptanalysis is the decryption and analysis of codes, ciphers or encrypted text. Cryptanalysis uses mathematical formulas to search for algorithm vulnerabilities, attempting to break into a cryptographic system. The goal …

July 14th, 2020

bloatware cybrary term

Bloatware

Bloatware is software that comes pre-installed with the purchase of a new computer or device. Many vendors include dozens of “utilities” and sometimes even “3rd Party software solutions” which add …

July 13th, 2020

trialware cybrary term

Trialware

Trialware is software that can be used for a short period of time before it expires. In order to keep using the software, the user must purchase an authentication key …

July 9th, 2020

piggybacking cybrary

Piggybacking

Piggybacking is a form of cyber attack where a hacker(s) gain access to an unauthorized network, computing resource, or even a physical building.  They do this by leveraging an insecure …

July 9th, 2020

adware cybrary term

Adware

Adware makes the Internet go round. However, excessive adware and madware (mobile adware) can lead to productivity damage or worse, malware. Learn all about adware and how to avoid it at CyberHoot.

July 7th, 2020

tattoo recognition software

Social Media Used To Catch Violent Protester

Social media video was used to identify and apprehend a violent protester in Philidelphia. Our images and identity markers are being documented everywhere we go and our privacy is being bottled up in countless databases across the world, boiled down to a digital fingerprints, and used by law enforcement and others if the data is breached and stolen. Are the right protections in place to protect our 4th amendment rights? With great power comes great responsibility. It also requires great cybersecurity protection which CyberHoot is not convinced exists to keep these digital fingerprints safe and protected from misuse.

July 7th, 2020

disinformation cybrary term

Disinformation

Disinformation is closely aligned to social engineering. When combined the two can have very believable and devastating consequences. Develop a healthy skepticism towards online content. To avoid being taken advantage of, seek to validate sources, facts, and authors.

July 6th, 2020

cookie cybrary term

Cookie

A Cookie, or web cookie, is a small data file used by computers to track website communications and sessions. When you visit a website, it sends a cookie to your …

June 30th, 2020