The New & Improved Wi-Fi 6 Standard
Do you ever get frustrated with your Internet speeds and find yourself saying “there’s no way this is as fast as it can go”? Well luckily for you, there’s a …
API Security Risks and Recommendations
Experts are warning security professionals of the next big threat hitting the cyber world: Application Programming Interface (API) attacks. APIs work to make systems perform better by integrating other website’s …
Hacker’s Court Hearing Disrupted By Porn Clip
CyberHoot’s mission is to help people become more aware and therefore more secure. This week’s blog is about securing Zoom meetings and why you would need to do so. When …
Facial Recognition Takes A Step Back
As facial recognition technology improves and becomes more widespread in its applications for authentication purposes, it is important to understand that security researchers are also devising schemes to fool these systems and to both hide identities from the technology, and to find people from large identity databases alike. The only thing certain about facial recognition today is that it exists and it will continue to be refined and that privacy laws are struggling to keep pace with these advancements.
GandCrab Ransomware
Increasingly sophisticated and damaging ransomware attacks are here. Availability has always been threatened, but backups prevented ransoms from being paid so hackers have added confidentiality attacks. Ransomware like Maze and REvil now threaten to release critical data online if a ransom isn’t paid. Visit Cyberhoot to learn how to protect from this evolution and escalation in the ransomware war with hackers.
Garmin Ransomware Attack
Garmin, like Twitter the week before, suffered a massive breach. For Garmin it was ransomware while Twitter saw 130 of its most influential accounts taken over by hackers. Both companies suffered at the hands of hackers who used social engineering attacks to get into the companies and cause their damage. Visit CyberHoot to learn how to protect yourself and your company from these attacks.
Jackpotting: Asian ATM Hacking Reaches the US
Automated Teller Machines (ATMs) have been around for more than 50 years. In that time, criminals have found many unique ways to steal the cash they contain. Physical security, network security, logical security all play roles in protecting these machines from compromise. Learn how banks are protecting the machines and what you can learn from ATM heists to protect your own business at CyberHoot.
U.S.S.S. Reporting Increase In Hacked MSPs
The Secret Service warned of increasing attacks on MSPs in July 2020. If you’re not learning how to protect yourself as a Next Generation MSP, then you’re going to be compromised and you’re going to be out of business in the future. The risks are too great. You need to become more aware to become more secure. Learn how to do all this with CyberHoot.
Major Twitter Accounts Hacked
July 15, 2020: Hundreds of high-profile twitter accounts were hacked including Elon Musk, Kanye West, Barack Obama, Bill Gates, and many others. They all posted nearly identical messages asking for …
SIGRed – Critical Microsoft Vulnerability
Every so often, a vulnerability is discovered so egregious that its discovery warrants a special name. On July 14th 2020, a new vulnerability named “SIGRed” was announced that could lead to the compromise of ALL Windows servers from a simple email phishing attack containing a specially-crafted DNS query that would yield complete hacker control of impacted servers. Now that I have your attention, stop what you were planning to do, and read up on SIGRed and apply the Patch of the Registry work-around NOW.
Hacker’s Latest Scam: Pet Adoptions
Cyber criminals capitalize on global events (COVID) and national trends that result from global events (Pet Adoption increases). CyberHoot is seeing an increase in Pet Adoption Scams and wants to help our users become more aware of how to spot these scams and avoid them. Become more aware to become more secure.
Social Media Used To Catch Violent Protester
Social media video was used to identify and apprehend a violent protester in Philidelphia. Our images and identity markers are being documented everywhere we go and our privacy is being bottled up in countless databases across the world, boiled down to a digital fingerprints, and used by law enforcement and others if the data is breached and stolen. Are the right protections in place to protect our 4th amendment rights? With great power comes great responsibility. It also requires great cybersecurity protection which CyberHoot is not convinced exists to keep these digital fingerprints safe and protected from misuse.
Malware in Macs
MAC Malware has grown faster than Windows Malware in the last 24 months. If you bought a MAC because it was “safer” think again and learn all the types of malware that’s impacting these systems. Become more aware to become more secure especially with respect to MAC hardware.
Hackers Are Releasing Fake Contact Tracing Apps
Hackers are constantly adapting to the changing realities of today’s global pandemic. Their latest attack method is the release of bogus contact tracing applications. Twelve (12) country’s have had fake contract tracing apps released by hackers impersonating their government contact tracing programs in order to compromise citizen’s mobile devices. Learn how to protect yourself in this article.
Stalkerware Could Be Spying On You
In this day and age, the ability to track someone with their mobile devices is incredibly easy. It’s made easier still using automated tools like stalkerware available online from the dark web. Learn how to protect yourself and your devices at CyberHoot.com.
YouTubers: The Growing Security Target
YouTube Influencers make a good deal of money and are being targeted for account hi-jacking by hackers seeking to extort them for bitcoin ransom payments. Pay or lose your followers/subscribers when the hacker posts offensive materials alienating subscribers.
Phish Testing Employees
Phishing attacks represent 90% of successful breaches at Small to Medium Sized Businesses (SMBs). Learn what they are and how to protect yourself from them at CyberHoot.com.
OWASP Top Ten
Development shops need to practice safe and secure coding. The best way to get your developers all on the same page is to train them in the Top 10 most common security mistakes made in coding. Visit CyberHoot.com’s blog article here on OWASP Top 10 coding errors that lead to insecure applications.
Regulations Like the CCPA Don't Stop at California
Data Privacy legislation has received some heavy support from the European Union with the passing of the General Data Privacy Regulations (GDPR) followed by California’s Consumer Protection Act (CCPA). Additional states are looking to bring a patchwork quilt of privacy requirements to the US in concert and conflict with one another. Learn more here at CyberHoot.
Internet of Things (IoT)
The Internet of Things (IoT) is any device or machine that has the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. IoT is essentially any …
Three (3) Reasons Policies and Processes are Key
Cybersecurity program require many things, but Policies and Procedures should be near the top of the list.
MAZE Ransomware: 3x Threat to Data Security
MAZE Ransomware represents a change for the worse in the capabilities of online hackers today. Traditional backup strategies are no longer enough to provide a get-out-of-jail-free card when hit with ransomware. Data confidentiality is also at risk now and that changes who will pay ransoms dramatically. Prepare now to avoid this scourge of online hacking.
Cybersecurity Maturity Model Certification (CMMC)
Cybersecurity Maturity Model Certification is a much needed adjustment to DFARS that provides risk based compliance to five levels of controls that relates to the Controlled Unclassified Information (CUI) that underpins a defense contractor, sub or prime working in the defense industry.
MSPs Should Require Risk Assessments
Risk assessments have many benefits and only one drawback (they cost money). Having a Risk Management framework in place requires a risk assessment be performed. Avoid costly down-time and improve network robustness by having one done on your business.
Zoom Security Update from their CEO – Eric
Dear Valued Customer, As Eric shared last week, our commitment to strengthening and improving Zoom is our number one priority. We wanted to reach out with a quick overview of …
Attacks on Mobile Devices Increasing
In 2020, the number of daily smartphone users in the world totals 3.5 Billion or 45% of the world’s population. However, the total number of people who own a smart or …
Facial Recognition Technology Through Coronavirus Masks
With the issues we are facing today with the coronavirus, many technology companies are looking for ways they can stay afloat, but some are looking for ways to use their …
Despicable Coronavirus Phishing Attack
Ruthless phishing attacks purporting to inform you of exposure to the coronavirus from a hospital are now compromising computers everywhere. Become more aware to become more secure!
Zoom Bombing
Zoom Bombing is where an unauthorized person enters your Zoom video conference to cause disruptions or to gain sensitive information. Many companies and schools have begun using video conferencing extensively …
Shark Tank Host Phished For Nearly $400K
Barbara Corcoran, a world famous Shark Tank host, was scammed out of nearly $400,000 in late February. Barbara Corcoran, a renowned real-estate broker and business expert, admitted last month that …
Stay Secure While Working Remotely
Working remote introduces many new cybersecurity risks to businesses large and small. Review the best practices, watch a few videos, and prepare your business for success in the new era of COVID19 and working remote.
97% Top International Airports Fail Cybersecurity Test
A few weeks ago a report was published by a cybersecurity firm, ImmuniWeb. This report revealed that only three of the world’s top 100 international airports passed their basic high …
Trello Exposes Personally Identifiable Information
Trello, the platform used by many businesses for organizing to-do lists and coordinating team tasks has recently exposed the personally identifiable information (PII) data of its users. The finding was …
Coronavirus Advisory
Last Updated: Sun. March 8th, 2020 The Coronavirus (COVID-19), has infected nearly 90,000 people worldwide as of March 2, 2020, killing more than 3,000 of those infected. The virus started …
Jeff Bezos and the WhatsApp Security Flaw
Knowing how to protect yourself and your critical accounts from compromise is becoming ever more important. Learn what can happened to and setup 2FA into all of your online critical accounts.
FTC Warns of Potential Coronavirus Scams
The Coronavirus has been on the front of everyone’s mind lately, causing fear and concern across the world. This deadly virus opens up yet another way for attackers to hack …
Hack Back Bill
The Active Cyber Defense Certainty Act (ACDC), also known as the “Hack Back” bill was first introduced in the U.S. House of Representatives in 2017. The bill has been worked …
US Government Entities are Waking Up to Cybersecurity
Governments across the world are starting to realize how important cybersecurity really is. The United States is currently working on legislation that would help protect state and local governments by …
Clearview AI’s Groundbreaking Facial Recognition
Clearview AI has created one of the broadest and most powerful facial recognition databases in the world. Their application allows a user (usually law enforcement) to upload a photo of …
SIM Swapping by Hacking Telecom Companies
Hackers never cease to stop evolving and finding new ways to get your information. Hackers are now breaking into telecom companies to take over victim’s phone numbers. Being able to …
Critical Microsoft Vulnerabilities
Infrequently, Microsoft released critical vulnerability alerts and patches that are so important to know about, that you should stop what you’re doing and review them and plan to patch as soon as possible. This is one of those times.
DHS Warns of Potential Cyber Attacks from Iran
With tensions cooling ever so slightly from the days following Suleimani’s killing, the threat of Cyberattack by Iranian hackers remains a very real threat. Vigilance is still key.
Michigan School District Shut Down by Ransomware
Educational institutions are easy marks for hackers peddling ransomware. They have lots of critical student and employee data, small cybersecurity budgets, and don’t train students or faculty how to spot and avoid common cyber-attacks. Combined with an ability to pay ransoms either through cyber-insurance coverage or city coffers, and they have a perfect cyberattacks bullseye on them!
5 Password Manager Myths
The Internet is racing towards 10 Billion publicly documented breached accounts. You can check your own email accounts for breaches and what information was compromised through CyberHoot’s website, inside your …
New Orleans State of Emergency Following Cyber Attack
It was only about a week ago that the government facility in Pensacola, Florida was shut down due to a cyber attack. Now the city of New Orleans is shut …
Deepfakes: Hackers Newest Trick
Technology is always improving and hackers are always finding novel ways to exploit those advances. Cyber security analysts believe new attacks are on the way next year with some powerful …
RYUK Ransomware infects 110 Healthcare Facilities
This past Thanksgiving weekend, 110 healthcare facilities were infected by a ransomware attack on their IT provider. Virtual Care Provider Inc. (VCPI), provides security, data hosting and access management services …
Watch out for Cyber Monday Phishing Scams
Who is most likely to fall victim to Cyber Monday phishing scams? People who don’t know about phishing scams, typosquatting, and fake look-alike websites. Did you know there are 4 …
BlueKeep is MS Blaster
Good backups will let you go back in time to recover compromised systems. Don’t let this happen by not patching for BlueKeep now.
Google Chrome Zero Day in the Wild
CyberHoot has learned there is a new Zero-Day vulnerability in Chrome actively being exploited in the Wild. Your computer can be compromised just by visiting a malicious website. That is …
