CyberHoot Newsletter – April 2022

Fake Emergency Search Warrants Becoming a Problem

There is a new and highly effective strategy that criminal hackers are using to gather sensitive customer data from Internet Service Providers (ISPs), phone companies, and social media firms. This strategy involves compromising email accounts tied to police departments and government agencies and then sending unauthorized “Emergency Data Requests” for subscriber data. Learn more…

Deadbolt Ransomware

Traditional ransomware encrypts your data and won’t release it back to you until you pay their ransom. Good backups can be restored to avoid such a payment, unless your backup NAS is also encrypted by the ransomware attack. That’s what Deadbolt ransomware does; targets vulnerable NAS solutions and encrypts them.

Finding The Facts in a World of Misinformation

In a world of deepfakes and misinformation, people take online content at face value, never checking sources to validate assertions. When skimming headlines, it’s easy to fall victim to fake news and disinformation. News sources may fact-check articles to debunk spurious health, current events, or political claims. Sadly, even fact-checking news sources have shown biases. Learn the S.I.F.T. approach to validating content you read online to avoid being duped. 

Video Game Cheaters Targeted by Malware

Korean security analysts have confirmed malware is being distributed via video game ‘cheat’ baits on YouTube. Players are tricked into downloading video game cheats that promise to give them strategic advantages in online video games.  However, once downloaded and installed on a player’s machine, the hacker code steals valuable data from the machine or worse, installs crypto-mining or other malware onto these often very powerful gaming machines.

What to Do with Critical Medical Device Vulnerabilities

An analysis of data from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% of those medical devices contain security weaknesses that could put them at risk of exploitation that could harm patients or even kill them. Researchers identified more than 40 known vulnerabilities. Hospitals seem ill prepared to address these issues.

Ukrainian Distributed Denial of Service (DDoS) Attack

In Mid-February 2022, institutions central to Ukraine’s military and economy were hit with a wave of Distributed Denial-of-Service (DDoS) attacks. The targets were vital to Ukraine, including the Armed Forces, the Ministry of Defense, Oschadbank (the State Savings Bank), and Privatbank, the country’s largest commercial bank, servicing nearly 20 million customers. Oschadbank and Privatbank are considered “systemically important” to Ukraine’s financial market stability.

Customer Spotlight

"I work for an MSP and the cyberhoot service really separates us from our competitors, especially the vCISO services. We have multiple clients using CyberHoot and we are adding it to our security stack pitch. I have not found anything from CyberHoot to dislike!"
Dan Tranchina
Director of Project Management | CMIT Cherry Hill

Overview of the New Assignment-Based Phishing Module

HowTo: Set Up Assignment-Based Phishing Module

Cybrary Term of the Month

Network Access Control (NAC) is the act of keeping unauthorized devices (and their users) out of your private network. Organizations that give certain devices unmanaged devices access to your network via network access control but only if these devices meet organizational security compliance checks. Those checks can include: Patch status; AVEDR, or anti-malware present and functioning; Grant or deny permissions (aid with zero-trust model); require 2FA to pass NAC security checks.

The increasingly approved use of non-company devices accessing corporate networks requires businesses to pay special attention to network security, including who and what is allowed access and to where and to what data. Network security protects the functionality of the network, ensuring that only authorized users and devices have access to it, that those devices are clean, and that the users are who they say they are. 

Email based authentication for Training.

Instant Access

CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!

Email Based Assignments

Email Automation

Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and "My CyberHoot".

Manager Escalations

Manager Escalation

CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.

Micro Training

Cyber"Hoots" are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.

The Power of Open

CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.

Effective

In a survey of 100 CyberHoot users, 60% would be "Disappointed" or "Very Disappointed" if CyberHoot Training was stopped.

Secure your business with CyberHoot Today!!!

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.