CyberHoot Newsletter - January 2022

Increase MRR While Reducing Costs At Your MSP

An important part of running a successful Managed Service Provider (MSP) is ensuring you’re managing your monthly recurring revenue (MRR) and your expenses. One way MSPs can lower costs and sometimes improve MRR is through Security Awareness Training (SAT). CyberHoot directly benefits MSPs by reducing incidents, decreasing help desk tickets, and improving MSP value and thus client retention.

The Hidden Benefits of Awareness Training for MSPs

Data breaches cost Small to Medium-sized Businesses (SMBs) an average of $108,000 in 2021. Cybersecurity incident and related costs have been rising for years. Security Awareness Training, or SAT, can help. In fact, 71% of security professionals say that better security awareness training for users would have helped minimize or prevent breaches, while only 60% of MSPs offer it as part of their managed services offering.

Google Docs’ Comment Phishing Exploit

Google Doc’s, a cloud-based word processing solution has been responsible for a recent wave of phishing attacks generated by its “Comments” feature. Attackers use the commenting feature to send malicious links to anyone’s email inbox. What’s worse, the comment appears to come from anyone the hacker wants to be, such as your best friend (according to social media). Hackers can send you a malicious link from Google’s comments feature, bypassing spam filters, and landing directly in your inbox.

Copyright Infringement Instagram Scam

Cybercriminals are always looking for new ways to infiltrate your devices. Recently, they’ve been using the attack vector of Copyright Infringement as bait in Phishing Emails. Pretending to be from Instagram, they try and scare users into believing they have a copyright complaint against them and give the users an easy way to appeal the complaint. Visiting the malicious link can lead to credential theft or web browser attack.

Pirated Movies Containing Malware

Cybersecurity researchers discovered a new form of malware hacking into computers embedded within the latest Spiderman movie download. The movie launched only in theaters leading many to look for other ways to watch the movie. Unsuspecting ‘leaked movie file’ downloaders are in for a nasty surprise as their download comes with powerful malware.

Malicious ‘Fleeceware’ App Downloaded 600M Times

Google has tried to eliminate malicious apps from its Android platform on the Google Play Store, but certain apps slide by Google’s security team, like Fleeceware. Fleeceware is a malicious application that tricks users into paying excessive amounts of money for simple apps with functionality that’s available free elsewhere. These apps have been installed nearly 600 million times on over 100 million devices, according to a Sophos report.

Customer Spotlight

"I like the simplicity and flexibility of the solution. CyberHoot is there to guide me, but it doesn't take too much time away from primary responsibilities. A lot of what we have done is uncover and solve for blindspots within our organization. We didn't know where the potential risks were and CyberHoot quickly helped identify them and created a roadmap to address them quickly."

Jason Russo

CEO | Maven Analyics

Cybrary Term of the Month

Network Segmentation

Network Segmentation is creating sub-networks within a corporate, enterprise, or another large network. When done correctly, network segmentation helps containment malware and other threat actors who might breach your network. This can also be very beneficial to the efficiency of a network’s performance. Network segmentation is a prescribed requirement for networks containing Payment Card Industry data (PCI). Network segmentation is an important cybersecurity protective measure that is usually part of any robust defense-in-depth cybersecurity program.