CyberHoot Newsletter – Volume XIV

Twitter Steganography Risks

Steganography is the interesting but potentially dangerous technique of hiding data or malware code secretly within an ordinary, non-secret file or message to avoid detection. The use of steganography can be combined with encryption as an extra step for hiding or protecting data. Steganography can be used to conceal almost any type of digital content, including text, image, video, or audio content; the data to be hidden can be hidden inside almost any other type of digital content.

Why NFTs Are The Future

The popular musician Grimes sold animations she made with her brother Mac on a website called ‘Nifty Gateway’. Some were one-of-a-kind, while others were limited editions, all were bought in 20 minutes generating revenues of over $6 million. Despite the steep price tags, anybody can watch or copy typical  animations. However, this is no normal animation.  It comes with a scarcity similar to a physical painting in an art gallery.  Classic supply and demand has been turned on its head with these new digital certificates, also know as NFT’s or Non-fungible tokens.

US Treasury Bans Ransomware Payments

The US Treasury Department’s Office of Foreign Assets Control (OFAC) warned organizations on 10/1/2020 that making ransomware payments is now illegal. These payments violate US economic sanctions banning the support of terrorists, cybercriminal groups, and state-sponsored hackers. The edict limits how ransomware victims, insurers, and incident responders can recover from these incidents. If they pay the ransom, they may get fined by OFAC. If they don’t pay the ransom and critical data is released online, they may get fined (HIPAA, PCI, privileged legal documents) for breaching confidentiality.

Apple’s New Privacy Initiative

Apple’s tracking-optional iOS 14.5 update provides privacy-preserving features, giving users the ability to opt-out of being followed around the Internet via “trackers” in their apps.  iOS 14.5 redirects all website checks through its own proxy servers allowing Apple to block suspicious requests. Apple’s released this as a part of their strategy to protect user privacy and prevent leaking IP addresses to Google and Facebook. Facebook makes 98% of its revenue from advertising.  An unknown portion of that advertising revenue will be impacted by these changes in Apple’s privacy initiative.

FTC Warns of ‘Romance Scammers’

The Federal Trade Commission (FTC) issued a warning about ‘Romance Scams’. Catfishing is an increasingly common technique used on social media and dating sites to attack victims through fake personalities, attractive pictures, and accounts. Romance Scams or catfishing play on people’s emotions, most often for fraudulent financial gain or identity theft. Catfishing exploits users that are willing to ignore warning signs that an online friend or acquaintance may not be who they claim to be.

Canada Rules Clearview AI’s Technology Illegal

Clearview AI has created one of the broadest and most powerful facial recognition databases in the world. Their application allows a user (law enforcement we hope) to upload a photo of an individual into the application. Once the photo is analyzed within the app, it shows the requestor all the public photos of that same individual found in their database of more than 3 billion images; along with links to where those images may rest online (often in social media sites but many other places as well). The application has been used by more than 600 law enforcement agencies since 2019, to help solve shoplifting, identity theft, credit card fraud, murder, and even child sexual exploitation cases. Canada recently ruled that this technology encroached on citizen privacy rights and deemed it illegal for all uses.

Customer Spotlight

"We have a broad range of skills at the City of Portsmouth, NH and CyberHoot enables all our users to understand the threats and to address them without panicking. Sometimes our users blame themselves for things, but they now know it isn't their fault. They now know what to do! I use to have to assist end-users every day with cybersecurity concerns but now I don't have to. CyberHoot is a vital component of the City's cybersecurity program and we won't stop using it, it's that important!"
Alan Brady
IT Manager | City of Portsmouth

Cybrary Term of the Month

Non-Fungible Tokens (NFTs) are unique, easily verifiable digital assets that can represent items such as GIFs, images, videos, music albums, and more. Anything that exists online can be purchased as an NFT, theoretically. An NFT is a type of cryptographic token and not interchangeable. This means that each one of these ‘tokens’ is unique, nobody can have the same one as you. In cryptocurrency, you have the ability to pay for products or services, where NFTs you can only trade ‘token for token’. An easy way to understand NFTs is through trading cards, you can trade them with people, but a Babe Ruth baseball card is different from a Nolan Ryan card. In bitcoin and other currencies, that currency is identical throughout the world. 

American Cyber Awards Start Up of the Year 2020
Email based authentication for Training.

Instant Access

CyberHoot provides password-less access. Zero time wasted searching for websites, resetting passwords, and delayed login. Click an email link for instant training access!

Email Based Assignments

Email Automation

Everything you need to learn cybersecurity skills is handled through email including training assignments, reminders, management compliance reports, and "My CyberHoot".

Manager Escalations

Manager Escalation

CyberHoot automates non-compliance through manager email notifications. Compliance status of employees for managers is enabled so you always know where you stand.

Micro Training

Cyber"Hoots" are most often 5 minutes or less. This ensures your staff get trained quickly with the most effective solution.

The Power of Open

CyberHoot is an open cybersecurity training Platform. Any video or PDF can be used to train and govern your employees.


In a survey of 100 CyberHoot users, 60% would be "Disappointed" or "Very Disappointed" if CyberHoot Training was stopped.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.