MalSmoke Attack: Atera RMM Tool At Risk
January 7th, 2022: CyberHoot has investigated a new form of malware known as Malsmoke. This malware is taking advantage of a vulnerability in the way Microsoft digitally signs a specific …
The Hidden Benefits of Awareness Training for MSPs
As a Managed Service Provider (MSP), you know your customers are serious about defending against cyberattacks. That’s part of the reason why they hired you. Data breaches are all too …
Advisory: Wormable Windows HTTP Bug
January 12th, 2022: Today Microsoft sent a notification of a critical risk to those who use Windows devices. The critical bug is CVE-2022-21907, also known as HTTP Protocol Stack Remote …
Google Docs’ Comment Phishing Exploit
A wave of phishing attacks has been generated within Google’s cloud-based word processing solution (Google Docs) and its “Comments” feature. Attackers use the commenting feature to send malicious links to …
Copyright Infringement Instagram Scam
Learn how spot and ignore copyright infringement threats from hackers claiming you stole their art.
Pirated Movies Containing Malware
ReasonLabs, a provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into computers with the mask of the latest Spiderman movie. The movie is …
Malicious ‘Fleeceware’ App Downloaded 600M Times
Google has tried to eliminate malicious apps from its Android platform on the Google Play Store, but certain apps slide by Google’s security team, like Fleeceware. Fleeceware is a malicious application that …
Software as a Service (SaaS) Risks and Challenges
Software as a Service (SaaS) applications have transformed businesses over the last decade with enormous value. SaaS solutions have enabled and empowered businesses to continue operating during the pandemic with …
Vulnerability Advisory: Apache Log Binary (Log4J)
Dec 22nd 2022: UPDATES to Log4j, Log4Shell vulnerability details CISA has just released a new advisory: https://www.cisa.gov/uscert/ncas/alerts/aa21-356a I cannot remember, in a 25+ year cybersecurity career, having to deal with …
Job Scam Attack: Fake Offers and Checks
The pandemic has created new opportunities for social engineering attacks on unsuspecting users. One method of attack has been successful enough to force the FBI to release a warning. Cybercriminals …
GoDaddy Password Breach Affects Over A Million Users
The US Securities and Exchange Commission (SEC) has published a “Security Incident” submitted by web services giant, GoDaddy. GoDaddy says that in November 2021, it realized that there were cybercriminals in …
Be Wary of ‘Black Friday’ Scams
Finally, we’ve made it through the majority of 2021 and into the Holiday season, allowing us to celebrate by getting together with family and friends and perhaps do a little …
Employee SSNs Exposed in California Pizza Kitchen Breach
California Pizza Kitchen (CPK) founded in Beverly Hills, California in 1985, has more than 250 locations across 32 states. CPK experienced a data breach exposing the full names and Social …
‘Tis The Season To Be Smished
The holiday shopping season means big business for retailers around the world, but it unfortunately also means big business for hackers. The reasoning is, people tend to be on the …
CyberHoot’s 3-2-1 Backup Guide
As the number of areas where data is stored increases, the concept of following a 3-2-1 Backup Strategy is often forgotten. While you can’t prevent every compromise of your company’s …
Monero – The New Crypto For Hackers
Cybercriminals had a wake-up call after the FBI successfully breached a cryptocurrency wallet held by the Colonial Pipeline hackers by following the money trail on bitcoin’s public blockchain. The FBI …
Cybersecurity Awareness Month Vlog Series 2021
Each day this month, we published a short (3–5 minute) interview CyberHoot’s Co-Owner Craig Taylor had with Mindwhirl outlining necessary topics to help improve people’s cybersecurity hygiene. Check CyberHoot’s VLOG and social media …
U.S. Water and Wastewater Systems Cyber Breach
The Cybersecurity and Infrastructure Agency (CISA) released an alert of an ongoing cyber threat to the U.S. Water and Wastewater Systems, also highlighting five incidents that occurred between March 2019 …
Gift Card Fraud
The cybersecurity world is continually inundated with the new strains of ransomware taking down large and small businesses alike. Unfortunately, this has brought attention away from other cyber-related attacks, like …
Cybersecurity Advisory – Urgent iOS Update
October 13th, 2021: CyberHoot received notification of a Zero-Day Vulnerability on Apple’s iPhone and iPad very latest iOS version 15 which shipped pre-installed on the latest iPhones released in Oct. …
Apple AirTag Attack
In April of 2021, Apple unveiled the AirTag, a tracking device that can be put on nearly anything so users don’t lose their valuables. Users frequently use these on their …
Outlook “Autodiscover” Leaking Passwords
Cybersecurity experts at Guardicore published a report summarizing its research results involving security concerns in Microsoft “Autodiscover” feature. Their report states they were able to collect over a 372,072 domain …
WhatsApp Security Improvement: Encrypted Backups
WhatsApp, a Facebook-owned company, is a mobile application that allows users to send text messages, voice calls, and share documents with other WhatsApp users. You may wonder why the app …
Apple ‘FORCEDENTRY’ Zero-Day – Patch Now!
The Citizen Lab, a Canadian privacy and cybersecurity activist group, announced a zero-day security hole in Apple’s iPhone, iPad, and Mac operating systems. The lab gave the attack the nickname …
United Nations (UN) Breached
In the spring and summer of 2021, hackers stealthily entered the United Nation’s (UN) proprietary project management software, Umoja, accessing the network and stealing critical data to be used in …
T-Mobile Breach Affects Nearly All US Customers
T-Mobile, a self-proclaimed leader in 5G, is a CyberHoot worst of the worst for cybersecurity breaches. While preparing this article on the latest 54 million subscriber breach, we found no …
Japanese Crypto Exchange Robbed of $100,000,000
Recently, cryptocurrency exchanges, the place where you can buy and sell cryptocurrencies on the Internet, have been under active and successful attack. In one case, a Chinese cryptocurrency exchange called …
Microsoft Edge’s ‘Super Duper Secure Mode’
Microsoft’s Edge Vulnerability Research Team recently published details on a new feature in development called “Super Duper Secure Mode” (SDSM). SDSM is designed to improve security without notable performance losses. …
CISA Advisory (ICSA-21-119-04)
August 19th, 2021: CyberHoot has received notification of critical risks to our national cybersecurity. A critical vulnerability has been made public by CISA, known as “BadAlloc”. Details of the vulnerabilities …
BazarCaller – Vishing Gang
BazarCaller is a new cybercrime gang that uses Vishing to trick its victims into handing over information or access to a device. Vishing is the malicious practice of making phone …
Microsoft Patch Tuesday
On the second Tuesday of each month since 2003, Microsoft has released security-related updates to Windows (desktop and server), Office, and related products. Updates and patches aren’t only released on …
CISA’s Top Vulnerabilities in 2020 and 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) teamed up with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau …
Ransomware, Backups, and Testing your Plan
The news headlines seem to be filled with ransomware attacks of late. Business owners are taking note and asking their Managed Service Providers (MSPs) and IT departments to improve their …
Pegasus Spyware
NSO, the Israeli technology company has been working with governments around the world by selling them robust surveillance systems. The tool, named Pegasus, unlocks the contents of a victim’s cellphone …
Microsoft’s PrintNightmare Vulnerability
Microsoft’s released an Out-Of-Band (OOB) emergency patch, affecting windows systems’ print-spooler subsystem. These printing issues are being called PrintNightmare by the media. The vulnerabilities are being tracked in CVE-2021-1675 and …
Nextdoor App Security
A new social media service, Nextdoor, is gaining steam as we come out of the COVID-19 pandemic. The platform is used to share trusted information about one’s neighborhood, to give …
Kaseya RMM Spreads Ransomware
Update and Correction – 3:30pm 7/3/21: CyberHoot has confirmed from Kaseya and other cybersecurity news sources that Webroot was not and is not a risk from this Kaseya ransomware event. Only Kaseya …
How Secure Are Payment Apps?
Cash is King, for now. The use of electronic payment applications has been steadily growing, according to a recent survey by the US Federal Reserve, cash payments accounted for only …
Bipartisan Cybersecurity Bill Impending
Lawmakers on Capitol Hill are scrambling to introduce legislation addressing overwhelming spikes in ransomware and other cyberattacks on critical organizations like Colonial Pipeline and JBS. Until recently, the US federal …
FBI Recovers Colonial Bitcoin Payment
In May of 2021, the United States’ largest pipeline, Colonial Pipeline, halted operations due to a ransomware attack. At the time, Colonial Pipeline carried 45% of the fuel used on the …
JBS Ransomware Attack Shows Importance of Backups
[Update on JBS Ransomware attack: June 10, 2021 CyberHoot learned that backups and a strong disaster recovery plan weren’t responsible for a quick ransomware recovery at JBS meats as was …
FBI: Watch Out For Fake Job Listings
Fake Job listings are collecting PII by the thousands of applicants. Be wary of offers too good to be true. Demand in person or video-based interviews and ask lots of questions.
Decentralized Finance (DeFi) In A Nutshell
A phrase that has been making waves in the financial world is Decentralized Finance (aka: DeFi). DeFi uses cryptocurrency and blockchain technology to manage financial transactions outside the control of …
Pipeline Breach Prompts Texas To Require Cybersecurity Training
May 17, 2021: Following the Ransomware Attack on the Colonial Pipeline, Texas Governor Greg Abbott took action and announced that he was signing a new cybersecurity law that penalizes those …
Ransomware Shuts Down Largest U.S. Pipeline
The United States’ largest pipeline, Colonial Pipeline, halted operations due to a ransomware attack. Colonial Pipeline carries 45% of the fuel used on the U.S. East Coast, running from Texas …
Apple Zero-Day – Cybersecurity Advisory
May 4th, 2021: Apple has released IOS updates for 4 critical issues that impact all Mac, iOS, iPad, and Watch products. “Processing maliciously crafted web content may lead to arbitrary …
Apple AirDrop Vulnerability
Security researchers in Germany have put out a press release about research findings to be presented at Usenix 2021. They presented findings proving that “Apple AirDrop shares more than files”. …
What Was 2020’s Most Expensive Cybercrime?
Reading the latest FBI report might convince you that Business Email Compromise was the largest cybercrime in 2020. Ransomware proves them wrong by a factor of at least 5 if not more. Both are scourges that SMBs need to protect themselves from. Become more aware to become more secure.
Israel Launches ‘Stuxnet 3.0’ On Iran
Iran announced that a blackout occurred at its uranium enrichment facility in Natanz. Iran blamed Israel for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges. Israel …
Booking.com Fined Following Vishing Attack
Summary Message: Working out your Breach Notification during a Breach is a recipe for disaster. Back in December of 2018, Booking.com experienced a breach, where the company was exploited through …