CyberHoot Newsletter – November 2021

‘Tis The Season To Be Smished

The holiday shopping season means big business for retailers around the world, but it unfortunately also means big business for hackers. The reasoning is, people tend to be on the lookout for various package delivery emails, lowering their guard when potential phishing emails arrive. Hackers know this and are already on the move with their holiday scams.

CyberHoot’s 3-2-1 Backup Guide

As the number of areas where data is stored increases, the concept of following a 3-2-1 Backup Strategy is often forgotten. While you can’t prevent every compromise of your company’s data, you can have a backup plan that protects you from data-loss events.

Monero – The New Crypto For Hackers

The FBI successfully breached a bitcoin cryptocurrency wallet held by Colonial Pipeline hackers by tracing its public blockchain and recovered 85% of the ransom payment. With Bitcoin now ‘traceable’ some hackers are retooling ransomware to use a privacy-enhanced cryptocurrency called Monero Coin.

U.S. Water and Wastewater Systems Cyber Breach

The Cybersecurity and Infrastructure Agency (CISA) released an alert on cyber threats to U.S. water treatment systems. They highlighted five incidents between 2019 and 2021. These facilities provide clean water to communities around the country.

Gift Card Fraud

Hackers success with ransomware has shifted our focus away from other common cybersecurity attacks, including Gift Card scams. However, these other scams have not gone away entirely. The US DoJ announced this week an indictment of four gift card scammers who held 5000+ fraudulently obtained gift cards.

Apple AirTag Attack

Apple’s AirTag is a tracking device that can track nearly any valuable so users don’t lose them. Tags are frequently put on their Keys, Cars, and Pets. Apple’s ‘Find My’ iPhone App can help track them. Unfortunately, cybersecurity experts have now documented privacy abuses of hackers using airtags to track people and more.

Customer Spotlight

"We are thrilled with the training we receive from Cyberhoot. It is informative and adds value both professionally and personally. And...the training videos are fun to watch and well made!"
mary kamelle
Mary Kamelle
Marketing Manager | Mortgage Equity Partners

Meet Our Newest vCISO

"Raf Boquetti has over 15 years of cybersecurity responsibilities including end-to-end architecture, implementation, maintenance, leadership, and service delivery including Endpoint Protection, Network Security, Identity and Access Management, as well as many other cybersecurity technologies. During his cybersecurity career, Raf has worked at Computer Sciences Corporation supporting several Fortune 500 businesses, and more recently, Deloitte, Touche, and Tohmatsu Limited supporting their network of member firms as their Intrusion Detection & Prevention Service Manager. Raf has joined CyberHoot as one of our virtual Chief Information Security Officers and is excited to share his knowledge, diligence, and expertise assisting and protecting CyberHoot's vCISO clients."
Rafael Boquetti
vCISO | CyberHoot

Each day in October, CyberHoot published a short interview with its Co-founder Craig Taylor.  These interviews were conducted by our partner Mindwhirl and were designed to improve people’s cybersecurity awareness during October’s Cybersecurity Awareness Month. Check out CyberHoot’s VLOG and social media pages (links below) to see what we published, and dive into specific videos to hear some sound advice for any SMB or MSP owner.

Day 1-15

Day 16-31

Cybersecurity Awareness Month Samples

multi factor authentication


In addition to these VLOGs, CyberHoot posted valuable infographics, outlining various vital security topics to help users in their personal and professional life. If you would like to download your own personal Cybersecurity Awareness Month graphics, visit to get your 31 days of infographics!

Also, check out our Vlog partner Mindwhirl’s blog to stay on top of your marketing and cybersecurity news!

Cybrary Term of the Month

An Out-Of-Band (OOB) Patch is a security update released outside of a normal patching release window. Microsoft, for example, releases patches on the second Tuesday of each month, called Patch Tuesday. Any Microsoft update or security patch released outside the second Tuesday of the month is considered an OOB patch. 

The typical reason Microsoft releases an OOB patch is the widespread, in-the-wild, exploitation of a software vulnerability by hackers. A zero-day exploit will often become an OOB patch. All OOB patches should be taken seriously; your organization should take action immediately to review and plan your remediation. 

Email based authentication for Training.

Instant Access

CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!

Email Based Assignments

Email Simplicity

Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and "My CyberHoot".

Manager Escalations

Automated Compliance

CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.

Micro Training

Cyber"Hoots" are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.

The Power of Open

CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.


In a survey of 100 CyberHoot users, 60% would be "Disappointed" or "Very Disappointed" if CyberHoot Training was stopped.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.