FTC Warns of ‘Romance Scammers’
For people searching for love online, it has become a little difficult due to scammers’ hell-bent on catfishing vulnerable people. The Federal Trade Commission (FTC) issued a warning about such …
Packet
A Packet is the unit of data that is routed between an origin and a destination on the Internet or any other packet-switched network. TCP packets, passed over TCP/IP networks …
Ping of Death (PoD)
A Ping of Death (PoD) is a type of Denial of Service (DoS) attack that deliberately sends IP packets larger than the 65,536 bytes allowed by the IP protocol. One of …
CyberHoot Newsletter – Volume XIII
Emotet Operation Takedown In January of 2021, law enforcement and judicial authorities across the globe disrupted one of the most notable botnets of the past decade: Emotet. Investigators have taken control of its …
CyberHoot February Press Release
Click on the image below and select the ‘learn more’ links to take you to the HowTo tutorials. Here are our two ‘HowTo’ videos for these announcements: https://www.youtube.com/watch?v=ALsjmxZoz90https://www.youtube.com/watch?v=Sn22dU9EN00
Canada Rules Clearview AI’s Facial Recognition Illegal
Clearview AI has created one of the broadest and most powerful facial recognition databases in the world. Their application allows a user (law enforcement we hope) to upload a photo of …
Synthetic Transaction Monitoring (STM)
Synthetic Transaction Monitoring (STM), also known as Synthetic Monitoring, is a web monitoring tool similar to Real User Monitoring (RUM), but Instead of collecting real user data, it simulates it. …
Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a list of computer security flaws ranked on critical measures to aid individuals and companies with assessing the risk posed by the vulnerability or exposure …
Real User Monitoring (RUM)
Real User Monitoring (RUM) is a form of performance monitoring that captures and analyzes user activity and transacations on a website or application. It’s also known as real user measurement, …
Emotet Operation Takedown
In January of 2021, law enforcement and judicial authorities across the globe disrupted one of the most notable botnets of the past decade: Emotet. Investigators have taken control of its …
Container
Before we get into what a container is, we need you to understand the difference between today’s term ‘Container’ and the previous term CyberHoot published ‘Hypervisor‘. Knowing the difference between …
Security Advisory – Two Critical Patches: Apple and Linux/Unix
February 1st, 2021 Update: All Apple MacOS products are also at risk for the sudo privilege escalation vulnerability details in CVE-2021-3156. Patch these operating systems as soon as you have …
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) is an attack vector where hackers inject malicious code into a vulnerable web application. XSS differs from other web attack vectors in that it does not directly …
Hypervisor
A Hypervisor, also known as a Virtual Machine Monitor or VMM, is software that creates and manages virtual machines (VMs). A hypervisor allows a computer to maintain many guest VMs …
Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF), also known as XSRF, is an attack method that fools a web browser into performing unwanted actions in a user application. Similar to Phishing Attacks, CSRFs …
WordPress Site Risks
WordPress websites account for more than one-third of all websites on the Internet. WordPress is both flexible and powerful and runs some of the most used Internet sites such as …
Ubiquiti Security Breach
Ubiquiti, a large vendor of cloud-enabled Internet of Things (IoT) devices such as Wi-Fi Access Points, Video Recorders, and Security Cameras recently faced a security incident. Ubiquiti stated an incident …
PCI-DSS
PCI-DSS (Payment Card Industry-Data Security Standard) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information manage it safely and in …
Chrome Extension Privacy Concerns
Browser extensions are tools that help with spelling/grammar, finding deals, storing passwords, or blocking ads; users don’t consider helpful tools being malicious in any form at all. Have you installed …
Internet Engineering Task Force (IETF)
The IETF (Internet Engineering Task Force) is the organization that defines standard Internet operating protocols such as TCP/IP. The IETF is a community of network designers, operators, vendors, and researchers concerned with …
Read-Only Memory (ROM)
Read-Only Memory (ROM) is storage technology that permanently stores data in a chip built into computers and other electronic devices. ROM includes the most basic programming needed to start a …
Domain Name System (DNS)
A Domain Name System (DNS) is essentially the ‘phonebook’ of the Internet. DNS is an elaborate, fault-tolerant way of connecting people to resources online. While it is quite complex, this …
PayPal Smishing Attack
A PayPal text message phishing campaign was discovered that attempts to steal your account credentials and other sensitive information. This form of phishing attack, through text messages, is called Smishing. Hackers …
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is an anti-spam tool where email domains of the senders can be authenticated. SPF works hand-in-hand with DKIM and DMARC to help authenticate email messages to …
DKIM
DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. …
DMARC
DMARC which stands for Domain-based Message Authentication, Reporting, and Conformance is an email security protocol. When enabled, your email domain is protected from spoofing by hackers. DMARC sets up an …
CyberHoot Newsletter – Volume XII
Ransomware Task Force Forming The damaging effects of ransomware hit $11.5 billion in 2019 and doubled in 2020 as new, more damaging and dangerous strains of ransomware (Maze, Sodinokibi, Ryuk, Dharma) hit companies. In December 2020, …
Non-Public Personal Information (NPPI)
Non-Public Personal Information (NPPI) is personal and private information that’s provided by a consumer to some entity for their use. This information includes the following examples: Name, address, income, social …
Ransomware Task Force Forming
The damaging effects of ransomware hit $11.5 billion in 2019, and doubled in 2020 as new, more damaging strains of ransomware (Maze, Sodinokibi, Ryuk, Dharma) hit companies even harder. Older …
IRS Impersonation Attack
Fake IRS Tax Forms This week, AbnormalSecurity reported an attack on an estimated 15-50 thousand email inboxes with a phishing attack. The attack’s purpose was to gain personal information that …
Anti-Censorship
Anti-Censorship are methods to combat censorship – for example, preventing search results from being blocked or interfered with. The growth of online platforms (Facebook, Instagram, Twitter, etc.) raises important questions …
Graphical User Interface (GUI)
A Graphical User Interface (GUI), often pronounced ‘gooey’, is a user interface that includes graphical elements, such as windows, icons, and buttons. The term was created in the 1970s to distinguish graphical interfaces from text-based …
Solid State Drive (SSD)
A Solid State Drive (SSD) is a type of storage device that supports reading and writing data and stores the data in a permanent state even without a power source …
IRS Pin Protection in 2021
The Internal Revenue Service (IRS) announced this week that in January 2021 taxpayers can apply for an Identity Protection Personal Identification Number (IP PIN). This single-use code is designed to …
Direct Sign-Up (Nest.CyberHoot.com) FAQs
How can I adjust my payment/billing information? Sign in with your credentials (Administrators) Click on your name in the top right corner Select Account Select the Subscription tab next to ‘profile’ Click the green ‘update …
Hard Disk Drive (HDD)
A Hard Disk Drive (HDD), also known as a hard drive, is a computer storage device holding magnetic disks or platters spinning at high speeds. It’s the only long-term storage …
HowTo: Edit Billing Information in Nest Site
This article details how to setup and edit your billing information as a direct client of CyberHoot. Direct clients, who signed up for CyberHoot.com for services, live and operate on …
Close Proximity iPhone Hack
Google’s Project Zero cybersecurity researcher (and white-hat hacker) Ian Beer published an article in December of 2020, outlining how hackers can break into nearby iPhones to steal personal data. The …
HowTo: Edit ProofPoint’s Allow List Settings to ensure Email Delivery from CyberHoot
Overview Email protection vendors like ProofPoint can make it hard for cybersecurity companies that engage in Phish Testing to deliver their tests to employee inboxes. This article outlines the steps …
RAM Disk
A RAM Disk is Random Access Memory (RAM) that has been adjusted to simulate a disk drive. You can access data on a RAM disk as you’d access data on a ‘hard disk’ (hard drive). RAM …
Polymorphic Virus
A Polymorphic Virus is a type of ‘shape-shifting’ virus, producing malicious code that is able to replicate itself with new signatures but identical payloads over and over again. These viruses …
Apple Wireless Direct Link (AWDL)
Apple Wireless Direct Link (AWDL) is a low latency/high-speed Wi-Fi peer-to peer-connection Apple uses everywhere you’d expect them to: AirDrop, GameKit (which also uses Bluetooth), AirPlay, and conceivably with future …
Clickbait
Clickbait is Internet content that uses overemphasized or misleading headlines to lure a person into clicking a link. Once the link is clicked, it brings the user to another website …
Biometrics
Biometrics identification refers to computer-based data that identifies a person based on unique physical characteristics and traits, including your face, fingerprints, voice, and even retinas (eye scans). Biometric identifiers (something …
Parasitic Virus
A Parasitic Virus, also known as a file virus, is spread by attaching itself to executable programs. When a program infected with a parasitic virus is opened, the virus code …
Boot Sector Virus
A Boot Sector Virus is a virus that infects the ‘boot sector’ of floppy disks or the ‘Master Boot Record’ (MBR) of hard disks (some infect the boot sector of …
Macro Virus
A Macro Virus is a virus that adds its code to the macros embedded within documents, spreadsheets, and other data files. The first macro virus appeared in July of 1995 infecting …
‘Smart’ Doorbell Vulnerabilities
The holiday season is officially upon us. Now is a good time to find great deals but proceed with caution: be wary of “too good to be true” deals. CyberHoot …
CyberHoot Newsletter – Volume XI
HTTPS-Only Mode Introduced by Firefox Having HTTPS-enabled websites is crucial when entering passwords, credit card numbers, or other sensitive information. When accessing unencrypted HTTP-enabled sites, users can fall victim to …
Memory-Resident Virus
A Memory-Resident Virus is a virus that is located in the memory of a computer, even after the ‘host’ application or program has stopped running (been terminated). Non-Memory-Resident Viruses are …
