LastPass Corporate Network Breach – What You Should Know
Mon. Aug. 29th Update: CyberHoot isn’t the only one to caution about throwing the Baby out with the Bath Water when reacting to the LastPass password management company breach. Here …
DeepFake Porn: 95% of Online DeepFake Media is Porn
CyberHoot monitors for trends in attacks whether against organizations or individuals. Recently we learned of a growing trend in which Internet profiteers and porn websites are abusing woman through the …
Restaurant Ordering Platforms Targeted By Hackers
Secure your business with CyberHoot Today!!! Sign Up Now Customers from over 300 restaurants’ had payment card details stolen in web-skimming campaigns targeting three online ordering platforms. Web-skimmers, or Magecart …
Security Advisory: Critical Patches in Adobe and Microsoft Products
CyberHoot Vulnerability Alert Management Process (VAMP) Rating: Critical/Red July 19th, 2022: CyberHoot has learned of multiple Microsoft and Adobe vulnerabilities that can allow for Remote Code Execution (RCE) on your devices that …
1 Billion Records Exposed in Chinese Data Leak
Secure your business with CyberHoot Today!!! Sign Up Now China has landed in the middle of one of the largest data breaches of all time after a government developer wrote …
Biometric Authentication Ring Gaining Traction
Secure your business with CyberHoot Today!!! Sign Up Now Token Ring the new company (not the old networking token ring technology), just received Series C investment that will accelerate growth …
Refund Vishing Scams
Secure your business with CyberHoot Today!!! Sign Up Now We’re constantly receiving emails, text messages, and phone calls from scammers claiming to be reputable brands we use. What you may …
Ransomware Insurance: Prescriptive and Restrictive
Secure your business with CyberHoot Today!!! Sign Up Now Insurers are drafting more restrictive and prescriptive insurance policy requirements designed to reduce the number of claims and better protect themselves …
Security Advisory: Adobe Vulnerabilities Allow Code Execution
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red June 15th, 2022: CyberHoot has learned of multiple Adobe Product vulnerabilities, where the most severe of which could allow for arbitrary code …
Smartphones Tracked Through Bluetooth Signals
Secure your business with CyberHoot Today!!! Sign Up Now A group of engineers at the University of California San Diego has shown for the first time that the Bluetooth signals …
Security Advisory: Android UNISOC Chip Vulnerability
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red June 7th, 2022: CyberHoot has learned of multiple critical Android vulnerabilities, affecting millions of Android smartphones, that have been patched today. Critical …
SaaS Application Access Creates Security Concerns
Secure your business with CyberHoot Today!!! Sign Up Now Software as a Service (SaaS) applications have transformed businesses over the last decade with enormous value. The pandemic forced many businesses …
Security Advisory: Microsoft Office ‘Follina’ Vulnerability
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red May 31st, 2022: CyberHoot has learned of a Remote Code Execution (RCE) bug that can be exploited in Microsoft Office files. Security researcher …
Snake Keylogger Spreading Through PDFs
Secure your business with CyberHoot Today!!! Sign Up Now Many malicious email campaigns today leverage Word documents to hide and spread malware, but a recently discovered campaign uses a malicious …
Security Advisory: Chrome Vulnerabilities Allow Code Execution
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red May 25th, 2022: CyberHoot has learned of multiple Google Chrome Web Browser vulnerabilities that could allow for arbitrary code execution. Successful exploitation of …
North Korean Hackers Posing as IT Freelancers
Secure your business with CyberHoot Today!!! Sign Up Now According to a joint advisory from the U.S. Department of State, the Department of the Treasury, and the Federal Bureau of …
Security Advisory: VMware Vulnerabilities Gives System Control to Hackers
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red May 19th, 2022: CyberHoot has learned of a number of VMware software vulnerabilities tracked as CVE-2022-22954 (Base score: 9.8/10) and CVE-2022-22960 (Base score: …
Emotet Has Reemerged as Top Malware in Circulation
Secure your business with CyberHoot Today!!! Sign Up Now The HP Wolf Security threat research team has identified a 2700% increase in Emotet infections in the first quarter of 2022, …
Security Advisory: SonicWall Authentication Vulnerability
May 16th, 2022: CyberHoot has investigated a SonicWall advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. …
FIDO’s Passwordless Sign-Ins
Secure your business with CyberHoot Today!!! Sign Up Now In early May 2022, Google, Apple, and Microsoft announced plans to support a common passwordless sign-in standard created by the Fast …
Google Assisting in Personally Identifiable Information Removal
Secure your business with CyberHoot Today!!! Sign Up Now In late April 2022, Google announced they’ve enabled new options for removing Personally Identifiable Information (PII) from Google Searches. Google is …
Text Message Scams: A Growing Trend
Secure your business with CyberHoot Today!!! Sign Up Now Anyone who owns a cellphone has likely received an unexpected text message from a number they don’t recognize containing a link …
Security Advisory: Critical Cryptographic Java Vulnerability
April 22nd, 2022: CyberHoot has investigated a Java Product vulnerability tracked as CVE-2022-21449 that allows accounts to be remotely exploitable without authentication. In other words, this vulnerability can be exploited …
7 Cybersecurity Trends in 2022 and Beyond
Secure your business with CyberHoot Today!!! Sign Up Now Cybersecurity remains a top concern for businesses and individuals alike. With each year passing, new technologies emerge to protect you from …
Fake Emergency Search Warrants Becoming a Problem
Secure your business with CyberHoot Today!!! Sign Up Now There is a concerning and highly effective strategy that criminal hackers are now using to harvest sensitive customer data from Internet …
6 Reasons to Adopt Cybersecurity Awareness Training
Secure your business with CyberHoot Today!!! Sign Up Now Cybersecurity awareness training should be a part of every company’s onboarding routine for all workers. Whether they are in-office or remote …
New Deadbolt Ransomware Targeting Small Businesses
Secure your business with CyberHoot Today!!! Sign Up Now In January 2021, reports emerged of a backup-targeting ransomware strain called Deadbolt aimed at small businesses, hobbyists, and serious home users. …
Security Advisory: Okta Breached
March 22nd, 2022: CyberHoot is investigating a potential breach at Okta, developers of a cloud-based identity and access management solution used by thousands of companies world-wide. Okta is currently investigating, …
Finding The Facts in a World of Misinformation
Secure your business with CyberHoot Today!!! Sign Up Now Co-Authored by Craig Taylor, CEO CyberHoot In a world of deepfakes and misinformation, too many people are tricked by things they …
Video Game Cheaters Targeted by Malware
Secure your business with CyberHoot Today!!! Sign Up Now Korean security analysts have spotted a malware distribution campaign that uses video game ‘cheat’ baits on YouTube to trick players into …
What to Do with Critical Medical Device Vulnerabilities
Secure your business with CyberHoot Today!!! Sign Up Now An analysis of data from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% …
Ukrainian Distributed Denial of Service (DDoS) Attack
Secure your business with CyberHoot Today!!! Sign Up Now In Mid-February 2022, institutions central to Ukraine’s military and economy were hit with a wave of Distributed Denial-of-Service (DDoS) attacks. The …
Post-Breach Notification Guide
Secure your business with CyberHoot Today!!! Sign Up Now Co-Authored by Craig Taylor In an ever-changing online world, data breaches continue to increase in frequency and impact. Cybersecurity threats come …
Security Advisory: PHP Security Flaw
February 18th, 2022: If you’re using PHP in your network, check that you’re using the latest versions, currently 7.4.28 or 8.1.3. Released yesterday [2022-02-17], this version fixes various memory mismanagement …
Cybernews Interviews CyberHoot Co-Owner, Craig Taylor
Secure your business with CyberHoot Today!!! Sign Up Now Malicious attackers have always been a part of the cyber world. And with working from home becoming the new normal, hackers …
LinkedIn Phishing Slink Attack
Secure your business with CyberHoot Today!!! Sign Up Now Hackers have found a new way to trick unsuspecting users into clicking on phishing links. Attackers use a marketing feature on …
Managing a Cybersecurity Incident
Secure your business with CyberHoot Today!!! Sign Up Now Co-Authored by Craig Taylor In an ever-changing cybersecurity world, data breaches continue to increase in frequency and impact. Cybersecurity threats come …
Security Advisory: Elementor WordPress Plugin
February 2nd, 2022: CyberHoot has investigated a WordPress vulnerability tracked as CVE-2022-0320, whereby a security flaw can lead to data leakage and more importantly remote code execution. The security gap …
Silk Fibers Used to Generate “Unbreachable” Secure Keys
Secure your business with CyberHoot Today!!! Sign Up Now A group of researchers at South Korea’s Gwangju Institute of Science and Technology (GIST) have used natural silk fibers from domesticated …
Security Advisory: Critical Linux Vulnerability
January 27th, 2022: CyberHoot has investigated a Linux vulnerability tracked as CVE-2021-4034 that is part of most Linux distributions, leads to escalation of privileges up to root, and is trivial …
Increase MRR While Reducing Costs At Your MSP
Secure your business with CyberHoot Today!!! Sign Up Now An important part of running a successful Managed Service Provider (MSP) is ensuring you’re increasing your monthly recurring revenue (MRR). One way …
MalSmoke Attack: Atera RMM Tool At Risk
January 7th, 2022: CyberHoot has investigated a new form of malware known as Malsmoke. This malware is taking advantage of a vulnerability in the way Microsoft digitally signs a specific …
The Hidden Benefits of Awareness Training for MSPs
As a Managed Service Provider (MSP), you know your customers are serious about defending against cyberattacks. That’s part of the reason why they hired you. Data breaches are all too …
Advisory: Wormable Windows HTTP Bug
January 12th, 2022: Today Microsoft sent a notification of a critical risk to those who use Windows devices. The critical bug is CVE-2022-21907, also known as HTTP Protocol Stack Remote …
Google Docs’ Comment Phishing Exploit
A wave of phishing attacks has been generated within Google’s cloud-based word processing solution (Google Docs) and its “Comments” feature. Attackers use the commenting feature to send malicious links to …
Copyright Infringement Instagram Scam
Learn how spot and ignore copyright infringement threats from hackers claiming you stole their art.
Pirated Movies Containing Malware
ReasonLabs, a provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into computers with the mask of the latest Spiderman movie. The movie is …
Malicious ‘Fleeceware’ App Downloaded 600M Times
Google has tried to eliminate malicious apps from its Android platform on the Google Play Store, but certain apps slide by Google’s security team, like Fleeceware. Fleeceware is a malicious application that …
Software as a Service (SaaS) Risks and Challenges
Software as a Service (SaaS) applications have transformed businesses over the last decade with enormous value. SaaS solutions have enabled and empowered businesses to continue operating during the pandemic with …
Vulnerability Advisory: Apache Log Binary (Log4J)
Dec 22nd 2022: UPDATES to Log4j, Log4Shell vulnerability details CISA has just released a new advisory: https://www.cisa.gov/uscert/ncas/alerts/aa21-356a I cannot remember, in a 25+ year cybersecurity career, having to deal with …
