CyberHoot Newsletter – January 2023

FBI’s Vetted Cybersecurity Organization “Infragard” Breached

Learn how a cybersecurity organization that partnered with the Federal Bureau of Investigation (FBI) to protect critical US infrastructure got hacked.

“Aikido” Vulnerability Turns EDR into Wiper Malware

Just like the martial art by the same name, the Aikido vulnerability used its opponent’s force against it. 

Don’t let the American Data Privacy and Protection Act Fizzle Out – Vote

Different states in the US are creating their own data privacy laws, resulting in varying consumer protections and complex compliance for businesses. Some states have yet to pass legislation, leaving their residents without protection. A national data privacy law similar to the EU’s GDPR would benefit both consumers and businesses in the US.

New Cybersecurity Rules Proposed by SEC

The U.S. Securities and Exchange Commission (SEC) is proposing new disclosure requirements by company boards regarding cybersecurity risk management, strategy, governance policies, procedures, and incidents.  This would be an amendment to the Securities Exchange Act of 1934.

Royal Ransomware’s Evolving Threat Vectors

Royal ransomware uses several different methods to deliver and spread their malware. Read up on how they propagate and learn how to protect yourself and your business.

Secure Online Payment Options – Risks and Benefits

When shopping online, you have several options for payment, including credit cards, virtual credit cards, payment services such as Venmo and Cash, and digital wallets such as Apple Pay and Google Pay. However, it is important to consider the security of each payment method and the risks involved in using them.

Customer Spotlight

"Cyberhoot has increased my awareness in regard to the latest and emerging cyber threats that are constantly ongoing. The increased awareness has boosted my confidence to better confront cyber risks on a daily basis. The training videos, tutorials, and quizzes are filled with nuggets of very informative and helpful cyber knowledge."
Gabriel Underwood, CISSP
Professional Services Engineer

CyberHoot's Awards Keep Growing: G2 High Performer Winter 2023

EDR

Endpoint Detection and Response (EDR), also referred to as Endpoint Detection and Threat Response (EDTR), is an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware.

EDR security solutions record the activities and events taking place on endpoints and their workloads, providing security teams with the visibility they need to uncover incidents that might otherwise be missed. An EDR solution needs to provide continuous and comprehensive visibility into what is happening on endpoints in real-time.

An EDR tool should offer advanced threat detection, investigation, and response capabilities; including incident data search and investigation alert triage, suspicious activity validation, threat hunting, and malicious activity detection and containment.

Recently Added Features

- Added the ability to send dark web reports to all exposed users. (Power Console)
- Added the ability to acknowledge dark web exposures for individual users. (Power Console)
- Added color coding to users' table in phishing PDF report. (ZAC & Power Console)
- Updated Azure sync feature to pull users or groups depending on selection. (ZAC & Power Console)
- New Secure Coding program for developers with 15 best practice videos from Safecode.org. (Power Console)

Sign up for CyberHoot’s Referral program to get your very own CyberHoot Referral Program link.  You can directly benefit from referrals to CyberHoot and receive 20% of all revenue for 1 year for anyone who signs up.  This includes MSPs, MSSPs, or direct customers.  If you are an influencer or you regularly meet with companies, MSPs, or MSSPs, you should be referring them to CyberHoot! Become a referral partner of CyberHoot’s for the quadruple (4x) WIN. It’s a win for You (1) personally (financially) by recommending a quality and innovative product. It’s a Win for Employees (2) who will learn how to protect themselves. It’s a win for the Companies (3) who are less likely to succumb to a cyber-attack. It’s a win for MSP’s or MSSP’s (4) who sign up to resell our SaaS offering.  Finally, it’s a win for CyberHoot (5). Ha, ha… Ooops. That’s a Quintuple (5x) win, if you’re counting. Sign up here today: https://cyberhoot.com/referralprogram/

Email based authentication for Training.

Instant Access

CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!

Email Based Assignments

Email Automation

Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and "My Assignments".

Manager Escalations

Manager Escalation

CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.

Micro Training

Cyber"Hoots" are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.

The Power of Open

CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.

Effective

In a survey of 100 CyberHoot users, 60% would be "Disappointed" or "Very Disappointed" if CyberHoot Training was stopped.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.