North Korean Hackers Posing as IT Freelancers
Secure your business with CyberHoot Today!!! Sign Up Now According to a joint advisory from the U.S. Department of State, the Department of the Treasury, and the Federal Bureau of …
Security Advisory: VMware Vulnerabilities Gives System Control to Hackers
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red May 19th, 2022: CyberHoot has learned of a number of VMware software vulnerabilities tracked as CVE-2022-22954 (Base score: 9.8/10) and CVE-2022-22960 (Base score: …
Emotet Has Reemerged as Top Malware in Circulation
Secure your business with CyberHoot Today!!! Sign Up Now The HP Wolf Security threat research team has identified a 2700% increase in Emotet infections in the first quarter of 2022, …
Security Advisory: SonicWall Authentication Vulnerability
May 16th, 2022: CyberHoot has investigated a SonicWall advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. …
FIDO’s Passwordless Sign-Ins
Secure your business with CyberHoot Today!!! Sign Up Now In early May 2022, Google, Apple, and Microsoft announced plans to support a common passwordless sign-in standard created by the Fast …
Google Assisting in Personally Identifiable Information Removal
Secure your business with CyberHoot Today!!! Sign Up Now In late April 2022, Google announced they’ve enabled new options for removing Personally Identifiable Information (PII) from Google Searches. Google is …
Text Message Scams: A Growing Trend
Secure your business with CyberHoot Today!!! Sign Up Now Anyone who owns a cellphone has likely received an unexpected text message from a number they don’t recognize containing a link …
Security Advisory: Critical Cryptographic Java Vulnerability
April 22nd, 2022: CyberHoot has investigated a Java Product vulnerability tracked as CVE-2022-21449 that allows accounts to be remotely exploitable without authentication. In other words, this vulnerability can be exploited …
7 Cybersecurity Trends in 2022 and Beyond
Secure your business with CyberHoot Today!!! Sign Up Now Cybersecurity remains a top concern for businesses and individuals alike. With each year passing, new technologies emerge to protect you from …
Fake Emergency Search Warrants Becoming a Problem
Secure your business with CyberHoot Today!!! Sign Up Now There is a concerning and highly effective strategy that criminal hackers are now using to harvest sensitive customer data from Internet …
6 Reasons to Adopt Cybersecurity Awareness Training
Secure your business with CyberHoot Today!!! Sign Up Now Cybersecurity awareness training should be a part of every company’s onboarding routine for all workers. Whether they are in-office or remote …
New Deadbolt Ransomware Targeting Small Businesses
Secure your business with CyberHoot Today!!! Sign Up Now In January 2021, reports emerged of a backup-targeting ransomware strain called Deadbolt aimed at small businesses, hobbyists, and serious home users. …
Security Advisory: Okta Breached
March 22nd, 2022: CyberHoot is investigating a potential breach at Okta, developers of a cloud-based identity and access management solution used by thousands of companies world-wide. Okta is currently investigating, …
Finding The Facts in a World of Misinformation
Secure your business with CyberHoot Today!!! Sign Up Now Co-Authored by Craig Taylor, CEO CyberHoot In a world of deepfakes and misinformation, too many people are tricked by things they …
Video Game Cheaters Targeted by Malware
Secure your business with CyberHoot Today!!! Sign Up Now Korean security analysts have spotted a malware distribution campaign that uses video game ‘cheat’ baits on YouTube to trick players into …
What to Do with Critical Medical Device Vulnerabilities
Secure your business with CyberHoot Today!!! Sign Up Now An analysis of data from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% …
Ukrainian Distributed Denial of Service (DDoS) Attack
Secure your business with CyberHoot Today!!! Sign Up Now In Mid-February 2022, institutions central to Ukraine’s military and economy were hit with a wave of Distributed Denial-of-Service (DDoS) attacks. The …
Post-Breach Notification Guide
Secure your business with CyberHoot Today!!! Sign Up Now Co-Authored by Craig Taylor In an ever-changing online world, data breaches continue to increase in frequency and impact. Cybersecurity threats come …
Security Advisory: PHP Security Flaw
February 18th, 2022: If you’re using PHP in your network, check that you’re using the latest versions, currently 7.4.28 or 8.1.3. Released yesterday [2022-02-17], this version fixes various memory mismanagement …
Cybernews Interviews CyberHoot Co-Owner, Craig Taylor
Secure your business with CyberHoot Today!!! Sign Up Now Malicious attackers have always been a part of the cyber world. And with working from home becoming the new normal, hackers …
LinkedIn Phishing Slink Attack
Secure your business with CyberHoot Today!!! Sign Up Now Hackers have found a new way to trick unsuspecting users into clicking on phishing links. Attackers use a marketing feature on …
Managing a Cybersecurity Incident
Secure your business with CyberHoot Today!!! Sign Up Now Co-Authored by Craig Taylor In an ever-changing cybersecurity world, data breaches continue to increase in frequency and impact. Cybersecurity threats come …
Security Advisory: Elementor WordPress Plugin
February 2nd, 2022: CyberHoot has investigated a WordPress vulnerability tracked as CVE-2022-0320, whereby a security flaw can lead to data leakage and more importantly remote code execution. The security gap …
Silk Fibers Used to Generate “Unbreachable” Secure Keys
Secure your business with CyberHoot Today!!! Sign Up Now A group of researchers at South Korea’s Gwangju Institute of Science and Technology (GIST) have used natural silk fibers from domesticated …
Security Advisory: Critical Linux Vulnerability
January 27th, 2022: CyberHoot has investigated a Linux vulnerability tracked as CVE-2021-4034 that is part of most Linux distributions, leads to escalation of privileges up to root, and is trivial …
Increase MRR While Reducing Costs At Your MSP
Secure your business with CyberHoot Today!!! Sign Up Now An important part of running a successful Managed Service Provider (MSP) is ensuring you’re increasing your monthly recurring revenue (MRR). One way …
MalSmoke Attack: Atera RMM Tool At Risk
January 7th, 2022: CyberHoot has investigated a new form of malware known as Malsmoke. This malware is taking advantage of a vulnerability in the way Microsoft digitally signs a specific …
The Hidden Benefits of Awareness Training for MSPs
As a Managed Service Provider (MSP), you know your customers are serious about defending against cyberattacks. That’s part of the reason why they hired you. Data breaches are all too …
Advisory: Wormable Windows HTTP Bug
January 12th, 2022: Today Microsoft sent a notification of a critical risk to those who use Windows devices. The critical bug is CVE-2022-21907, also known as HTTP Protocol Stack Remote …
Google Docs’ Comment Phishing Exploit
A wave of phishing attacks has been generated within Google’s cloud-based word processing solution (Google Docs) and its “Comments” feature. Attackers use the commenting feature to send malicious links to …
Copyright Infringement Instagram Scam
Learn how spot and ignore copyright infringement threats from hackers claiming you stole their art.
Pirated Movies Containing Malware
ReasonLabs, a provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into computers with the mask of the latest Spiderman movie. The movie is …
Malicious ‘Fleeceware’ App Downloaded 600M Times
Google has tried to eliminate malicious apps from its Android platform on the Google Play Store, but certain apps slide by Google’s security team, like Fleeceware. Fleeceware is a malicious application that …
Software as a Service (SaaS) Risks and Challenges
Software as a Service (SaaS) applications have transformed businesses over the last decade with enormous value. SaaS solutions have enabled and empowered businesses to continue operating during the pandemic with …
Vulnerability Advisory: Apache Log Binary (Log4J)
Dec 22nd 2022: UPDATES to Log4j, Log4Shell vulnerability details CISA has just released a new advisory: https://www.cisa.gov/uscert/ncas/alerts/aa21-356a I cannot remember, in a 25+ year cybersecurity career, having to deal with …
Job Scam Attack: Fake Offers and Checks
The pandemic has created new opportunities for social engineering attacks on unsuspecting users. One method of attack has been successful enough to force the FBI to release a warning. Cybercriminals …
GoDaddy Password Breach Affects Over A Million Users
The US Securities and Exchange Commission (SEC) has published a “Security Incident” submitted by web services giant, GoDaddy. GoDaddy says that in November 2021, it realized that there were cybercriminals in …
Be Wary of ‘Black Friday’ Scams
Finally, we’ve made it through the majority of 2021 and into the Holiday season, allowing us to celebrate by getting together with family and friends and perhaps do a little …
Employee SSNs Exposed in California Pizza Kitchen Breach
California Pizza Kitchen (CPK) founded in Beverly Hills, California in 1985, has more than 250 locations across 32 states. CPK experienced a data breach exposing the full names and Social …
‘Tis The Season To Be Smished
The holiday shopping season means big business for retailers around the world, but it unfortunately also means big business for hackers. The reasoning is, people tend to be on the …
CyberHoot’s 3-2-1 Backup Guide
As the number of areas where data is stored increases, the concept of following a 3-2-1 Backup Strategy is often forgotten. While you can’t prevent every compromise of your company’s …
Monero – The New Crypto For Hackers
Cybercriminals had a wake-up call after the FBI successfully breached a cryptocurrency wallet held by the Colonial Pipeline hackers by following the money trail on bitcoin’s public blockchain. The FBI …
Cybersecurity Awareness Month Vlog Series 2021
Each day this month, we published a short (3–5 minute) interview CyberHoot’s Co-Owner Craig Taylor had with Mindwhirl outlining necessary topics to help improve people’s cybersecurity hygiene. Check CyberHoot’s VLOG and social media …
U.S. Water and Wastewater Systems Cyber Breach
The Cybersecurity and Infrastructure Agency (CISA) released an alert of an ongoing cyber threat to the U.S. Water and Wastewater Systems, also highlighting five incidents that occurred between March 2019 …
Gift Card Fraud
The cybersecurity world is continually inundated with the new strains of ransomware taking down large and small businesses alike. Unfortunately, this has brought attention away from other cyber-related attacks, like …
Cybersecurity Advisory – Urgent iOS Update
October 13th, 2021: CyberHoot received notification of a Zero-Day Vulnerability on Apple’s iPhone and iPad very latest iOS version 15 which shipped pre-installed on the latest iPhones released in Oct. …
Apple AirTag Attack
In April of 2021, Apple unveiled the AirTag, a tracking device that can be put on nearly anything so users don’t lose their valuables. Users frequently use these on their …
Outlook “Autodiscover” Leaking Passwords
Cybersecurity experts at Guardicore published a report summarizing its research results involving security concerns in Microsoft “Autodiscover” feature. Their report states they were able to collect over a 372,072 domain …
WhatsApp Security Improvement: Encrypted Backups
WhatsApp, a Facebook-owned company, is a mobile application that allows users to send text messages, voice calls, and share documents with other WhatsApp users. You may wonder why the app …
Apple ‘FORCEDENTRY’ Zero-Day – Patch Now!
The Citizen Lab, a Canadian privacy and cybersecurity activist group, announced a zero-day security hole in Apple’s iPhone, iPad, and Mac operating systems. The lab gave the attack the nickname …