Midnight Blizzard: Spear-Phishing Campaign Using RDP Files
Learn about Midnight Blizzard’s spear-phishing campaign using malicious RDP files and discover practical tips to stay protected.
CyberHoot’s HootPhish Challenge
Learn how CyberHoot’s HootPhish Challenge gamifies phishing detection, helping users quickly and accurately identify phishing threats!
GitHub Config Breach Exposes Cloud Service Credential
Explore 5 essential strategies for SaaS security, including identity management, data encryption, SSPM tools and more!
CyberHoot Newsletter – November 2024
This newsletter summarizes cybersecurity news from November, and boy there are some big events that happened.
Reducing SaaS Security Risks in 2024
Explore 5 essential strategies for SaaS security, including identity management, data encryption, SSPM tools and more!
The Meta Breach: Game of Thrones Level Walk of Shame
This article dives into the Meta lawsuit for the 2019 breach that exposed 600 million unencrypted passwords in plain text.
Securing Social Media: How SSPM Protects Against Cyber Threats
Learn how social media accounts pose a cybersecurity risk and how SSPM can protect your business through multiple different ways!
CyberHoot Newsletter – October 2024
This newsletter summarizes cybersecurity news from October, and boy there are some big events that happened.
Session Hijacking: How Cybercriminals Take Over Your Online Sessions
Learn how to protect yourself from evolving Session Hijacking threats with expert tips on secure connections, encryption, 2FA, and more.
How to Spot a Phishing Link: Tips to Keep You Safe
Learn expert tips to spot phishing links and protect yourself from cyber threats, including how to check URLs, avoid scams, and stay secure online.
The Passwordless and Keyless Future of Authentication
Explore the shift toward passwordless and keyless authentication, its benefits for cybersecurity, and how businesses can prepare for this future
Airplane Wi-Fi Security Risks: How to Protect Your Data
Learn about the cybersecurity risks of using in-flight Wi-Fi and discover essential tips to protect your data while traveling, from VPNs to device updates.
CyberHoot Newsletter – August 2024
This newsletter summarizes cybersecurity news from August, and boy there are some big events that happened.
Dual Critical Advisory: Critical Vulnerabilities in Veeam Backup & Replication and SonicWall SonicOS
Learn about critical vulnerabilities in Veeam Backup & Replication and SonicWall SonicOS, including active exploits. Apply patches and follow key security measures to protect your systems.
New Rust-Based Cicada 3301 Ransomware
Learn how to protect your business from the new Rust-based Cicada 3301 ransomware. Discover key strategies to safeguard your data and prevent ransomware attacks.
Protect Your Business from Zero-Day Exploits:
Learn how to protect your business from zero-day exploits like those recently used by Chinese hackers targeting U.S. internet providers. Discover key cybersecurity strategies to stay ahead of emerging threats.
New Qilin Ransomware Attack
Learn how to protect your organization from the new Qilin ransomware attack, which exploits VPN vulnerabilities. Discover essential tips for strengthening your cybersecurity defenses and preventing ransomware threats
NPD Breach Exposes 3 Billion Personal Records
Discover the extensive impact of the NPD breach that exposed 3 billion personal records, underscoring significant privacy risks and highlighting essential steps for safeguarding personal information against identity theft and cyber fraud.
Prevention Techniques for Top 10 Common Cyber Attacks
Discover prevention techniques for the top 10 common cyber attacks. Learn how to identify the attacks through scenarios and then take steps to mitigate the damage and protect your business and data from harm.
CyberHoot Newsletter – June and July 2024
This newsletter summarizes cybersecurity news from June and July, and boy there are some big events that happened. From CrowdStrike’s global outage to increased focus on credential stuffing attacks, hackers were hard at work during this period.
Top 10 Cyber Attacks and How to Respond
Discover the top 10 cyber attacks. Learn how to identify the attacks through scenarios and then take steps to mitigate the damage and protect your business and data from harm.
Understanding the CrowdStrike Global Outage
Learn about the CrowdStrike global outage, its potential causes, and essential risk mitigation strategies to protect your organization from similar cyber threats.
Cybersecurity Perspective on the Ticketmaster-Taylor Swift Incident
A unique ransomware scheme is seeking to extort money from Ticketmaster to prevent the release of printable tickets and concert chaos.
How MFA Failures and Rising Ransomware Costs are Threatening Cybersecurity
Discover how MFA failures are contributing to a 500% surge in ransomware costs and learn how adopting Passkeys can enhance your cybersecurity defenses.
Critical Advisory: OpenSSH Remote Code Execution Vulnerability
Learn about the critical OpenSSH vulnerability CVE-2023-38408 that allows remote code execution via the ssh-agent’s forwarding feature. Discover immediate steps to protect your systems, including upgrading to OpenSSH 9.3p2, restricting PKCS#11 providers, and enhancing security measures.
The Evolving Kill Chain (On-Premise vs. SaaS)
Learn how to protect your business from the evolving SaaS kill chain by understanding the stages of cyber attacks, or kill chain links, and the nuances of on-premise vs. SaaS models of the kill-chain.
Hackers Exploiting Legitimate Websites
Learn how hackers exploit legitimate websites to launch sophisticated attacks and discover ways to protect yourself from these evolving cybersecurity threats.
CyberHoot Newsletter – May 2024
Time-Intensive Mobile Hacks Are Causing Big Headaches for Companies Time-Intensive Mobile Hacks: Discover how time-intensive mobile hacks are evolving and what companies can do to protect themselves from these sophisticated …
Understanding Credential Stuffing Attacks
Learn how Okta is addressing credential stuffing attacks and what steps users can take to protect their accounts from this growing cybersecurity threat.
FireTail Podcast: CyberHoot CEO Craig Taylor
Business Ninja’s interviewed CyberHoot’s co-Founder Craig Taylor. This interview outlines CyberHoot’s unique and positive outcome approach to cybersecurity program development at your company. Our Co-Founder details what’s working and what’s broken in the emergency Cybersecurity industry. Business owners need to watch to learn what they should be doing to protect their businesses from compromise. Doing so provides much needed peace of mind.
Advanced Phishing Tactics: A Hacker’s Playbook
Discover the latest phishing tactics targeting unsuspecting victims, including Cloudflare Workers, HTML smuggling, and AI-generated emails. Learn how cybercriminals bypass security measures and how you can protect yourself from these sophisticated attacks. Stay informed and stay safe in the ever-evolving world of cybersecurity.
Advisory: Protecting Yourself After the Ticketmaster Data Breach
May 30th, 2024: Learn how to protect yourself after the Ticketmaster data breach affecting 60 million customers. Discover immediate steps, identity protection tips, and long-term security practices to safeguard your personal information.
Time-Intensive Mobile Hacks Are Causing Big Headaches for Companies
Discover how time-intensive mobile hacks are evolving and what companies can do to protect themselves from these sophisticated cybersecurity threats.
CyberHoot Newsletter – April 2024
Understanding the Change Healthcare Cyberattack Change Healthcare Cyberattack: Gain valuable insights into the attack’s origins, impact, and implications for your cybersecurity. Read now. Understanding Latrodectus: A Stealthy Cyber Threat Delve into …
Ransomware Defense: Protection from Remote Access Risks
Learn how to protect your systems from ransomware attacks by understanding the role of remote-access tools and implementing effective cybersecurity strategies.
Protecting Your Data: Lessons from the “Dropbox Sign” API and OAuth Breach
Explore the implications of the Dropbox Sign Breach incident, emphasizing the critical role of cybersecurity measures in defending against API key and OAuth token theft. It discusses the methods used by attackers, offers practical insights for safeguarding data, and underscores the ongoing need for vigilance in today’s interconnected digital landscape.
Why Ditching Passwords is the Future of Online Security
For over 40 years, passwords have been the cornerstone of computer security, despite their many flaws. People turned to password managers to simplify and secure their login processes. Now, passkeys are set to revolutionize how we secure our online identities. Unlike traditional passwords, passkeys eliminate many common security risks, making them a crucial advancement everyone should understand. This article will explain what passkeys are, how they work, and why they represent the future of identity management online.
CyberHoot Newsletter – Q1 2024 January, February, March
“CyberHoot’s Newsletter has been on a brief hiatus as we focused on critical product improvements, finished 2024 strategic planning, and addressed performance improvements. This newsletter is chock full of cyber …
Understanding the Change Healthcare Cyberattack
Lessons learned from the Change Healthcare data breach can teach us immediate actions we can take to reduce the chance of a breach in our own companies, networks, and the loss of the data entrusted to us.
Understanding Latrodectus: A Stealthy Cyber Threat
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Beware of Impersonation: How to Spot Malicious Ads Disguised as Legitimate Services
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
CISA Issues Alert on Phobos Ransomware Targeting State and Local Governments
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Exposing the Apple ID Push Bombing Scam: Essential Protection Strategies
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
The Evolution of Phishing: SMS and Voice-Based Attacks
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Five Easy Steps to Boost Your Cybersecurity
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Understanding Privileged User Management (PUM) vs. Privileged Access Management (PAM)
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Bridging the Gap: Superuser Protection for SMBs and MSPs
Superuser accounts in small to medium-sized businesses (SMBs) and managed service providers (MSPs) face unique cybersecurity challenges. Bridging the gap between Privileged Access Management (PAM) and Identity Management (IdM) is critical for comprehensive protection. Effective cybersecurity for SMBs and MSPs requires tailored strategies that are practical, cost-effective, and straightforward to implement. This includes establishing clear governance policies, regular employee training, risk assessments, and implementing essential technical defenses to enhance overall security posture and protect sensitive data.
Safeguarding Your SMB or MSP Against Deepfake Cybercrime: Insights from Hong Kong
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Microsoft Executive Email Breach: Lessons for SMBs and MSPs
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
Mega-Breach: The Impact of 26 Billion Leaked Credentials
CyberNews broke a story detailing a collection of more than 26 Billion credentials and other private data in what security researchers are called a Mega-Breach.