There is a new and highly effective strategy that criminal hackers are using to gather sensitive customer data from Internet Service Providers (ISPs), phone companies, and social media firms. This strategy involves compromising email accounts tied to police departments and government agencies and then sending unauthorized “Emergency Data Requests” for subscriber data. Learn more…
In a world of deepfakes and misinformation, people take online content at face value, never checking sources to validate assertions. When skimming headlines, it’s easy to fall victim to fake news and disinformation. News sources may fact-check articles to debunk spurious health, current events, or political claims. Sadly, even fact-checking news sources have shown biases. Learn the S.I.F.T. approach to validating content you read online to avoid being duped.
Korean security analysts have confirmed malware is being distributed via video game ‘cheat’ baits on YouTube. Players are tricked into downloading video game cheats that promise to give them strategic advantages in online video games. However, once downloaded and installed on a player’s machine, the hacker code steals valuable data from the machine or worse, installs crypto-mining or other malware onto these often very powerful gaming machines.
An analysis of data from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% of those medical devices contain security weaknesses that could put them at risk of exploitation that could harm patients or even kill them. Researchers identified more than 40 known vulnerabilities. Hospitals seem ill prepared to address these issues.
In Mid-February 2022, institutions central to Ukraine’s military and economy were hit with a wave of Distributed Denial-of-Service (DDoS) attacks. The targets were vital to Ukraine, including the Armed Forces, the Ministry of Defense, Oschadbank (the State Savings Bank), and Privatbank, the country’s largest commercial bank, servicing nearly 20 million customers. Oschadbank and Privatbank are considered “systemically important” to Ukraine’s financial market stability.
Overview of the New Assignment-Based Phishing Module
HowTo: Set Up Assignment-Based Phishing Module
Cybrary Term of the Month
Network Access Control (NAC) is the act of keeping unauthorized devices (and their users) out of your private network. Organizations that give certain devices unmanaged devices access to your network via network access control but only if these devices meet organizational security compliance checks. Those checks can include: Patch status; AV, EDR, or anti-malware present and functioning; Grant or deny permissions (aid with zero-trust model); require 2FA to pass NAC security checks.
The increasingly approved use of non-company devices accessing corporate networks requires businesses to pay special attention to network security, including who and what is allowed access and to where and to what data. Network security protects the functionality of the network, ensuring that only authorized users and devices have access to it, that those devices are clean, and that the users are who they say they are.
CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!
Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and "My CyberHoot".
CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.
Cyber"Hoots" are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.
The Power of Open
CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.
In a survey of 100 CyberHoot users, 60% would be "Disappointed" or "Very Disappointed" if CyberHoot Training was stopped.