CyberHoot Newsletter – December 2024

Posted on by

Welcome to CyberHoot’s December Newsletter!

As we wrap up an exceedingly busy year, cyber threats are showing no signs of slowing down. This month, we’re spotlighting critical security challenges and solutions to help you stay one step ahead.

From the AndroxGh0st malware targeting IoT devices to Midnight Blizzard’s spear-phishing campaign exploiting RDP files, cybercriminals continue to evolve and increase their attacks on us all. We’ll dive into the GitHub config breach exposing cloud credentials and highlight how CyberHoot’s HootPhish Challenge gamifies phishing training to empower your team and protect your business.

Try the December HootPhish Challenge and Win a Randomly Drawn HootPhish Yeti Mug

Let’s explore how you can stay protected and proactive in this ever-changing cybersecurity landscape.

AndroxGh0st Malware Hijacking IoT Devices

Discover how AndroxGh0st malware exploits IoT device vulnerabilities, creating powerful botnets for cyberattacks, and learn steps to protect your devices. Read now!

Midnight Blizzard: Spear-Phishing Campaign Using RDP Files

Learn about Midnight Blizzard’s spear-phishing campaign using malicious RDP files and discover practical tips to stay protected. Read now!

CyberHoot’s HootPhish Challenge

Learn how CyberHoot’s HootPhish Challenge gamifies phishing detection, helping users quickly and accurately identify phishing threats! Read now!

GitHub Config Breach Exposes Cloud Service Credential

Learn how to protect your Git repositories and cloud credentials following the massive global operation called EmeraldWhale. Read now!

Customer Spotlight

Liking CyberHoot? We need your help. Please leave us a review using the links below!

TrustPilot.com | G2.com | Capterra.com | Google.com | TrustRadius.com | Gartner.com

-G2

For more information on how to leave a CyberHoot review, please watch the brief video overviews below.  Note: to avoid fraudulent reviews, each review website will require to you to create and validate your identity through an email account registration process.

CyberHoot Awarded Badges From G2

Cybrary Term of the Month

Spear-Phishing

spearphishing attack

Spear-Phishing is a form of phishing attack that targets a specific person or organization, seeking access to sensitive information. Similar to phishing, this is done through spoofing emails that appear to be legitimate, but not to a bulk list of random email addresses. Whaling is similar as well, but is done by targeting high-ranking executives and attempting to gain access to their information or data.

Click here to read more!

Explore CyberHoot's Extensive 950+ Term Cybersecurity Library

Recently Added Features

General Release Notes
  • Added dark web recommendations to power platform with ability to edit recommendations and user alerts. Updated dark web script to send user alerts if enabled. Updated opt-out functionality so dark web checks still run on opted out users.
  • Fixed issue viewing embedded Terms of Service document on Autopilot.
  • Updated Autopilot to work with new user opt-out/in capabilities.
  • Updated HootPhish Challenge to include tips in results and replaced ‘unsafe’ with ‘suspicious’.
  • Added additional columns to the bounced email logs table in the Power and Autopilot platform.
  • Fixed console error when clicking retake ‘Not Required’ when saving training program.
  • Set Entra ID sync to default to skipping Unlicensed and External users.
  • Fixed issue displaying attack phish page in Autopilot Power-Up platform.
  • Added the ability to set the customer domain from Google Sync interface in Power and Autopilot.
  • Power platform updated to work with custom reporting power-up.
  • Updated Cybersecurity Summary reports to only display unacknowledged exposures in the users exposure breakdown section.
  • Updated user compliance to only mark users as non-compliant if they have overdue assignments.
  • Improved efficiency of Entra ID & Google User sync.
  • Custom reporting power-up added.
  •  

Check out our CEO Craig Taylor in SecureTalk's Podcast!

Enroll in CyberHoot’s Referral Program today and start earning a 20% share of all revenue generated for one year by those who register through your exclusive referral link. As a referral partner, not only will you receive financial rewards, but you’ll also experience the satisfaction of aiding others in becoming more security-conscious, safeguarding them against cyber threats. Don’t hesitate, sign up now at https://cyberhoot.com/referral-program/.

Referral through Autopilot’s Dashboard:

Join CyberHoot in our mission to create a more aware and better secured world! Recommend CyberHoot Autopilot to a friend, and they will enjoy a complimentary first month. For every new sign up who uses your referral link, you will receive a free month added to your account. This offer is exclusively for first-time CyberHoot registrants.

CyberHoot's Social Media

Join CyberHoot’s subreddit to stay updated in the world of cybersecurity!

Email based authentication for Training.

Instant Access

CyberHoot provides password-less access. End user frustration accessing training is gone. Click an email link for instant access!

Email Based Assignments

Automatic
Compliance

Employee reminders to manager escalations, CyberHoot delivers automated, hands-off, extremely high compliance.

Manager Escalations

Product Training

CyberHoot includes limitless product training for your IT Projects. Teach users how to use new software on their terms how they want to learn.

Micro Training

Cyber"Hoots" are 5 minutes or less ensuring your staff get trained quickly and effectively.

The Power of Open

CyberHoot is an open. Any video or PDF can train and govern your employees.

Effective

Many clients routinely achieve 90% or greater compliance to policies, training, and phish testing.

Sign Up Now
Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.