1 Billion Records Exposed in Chinese Data Leak
Secure your business with CyberHoot Today!!! Sign Up Now China has landed in the middle of one of the largest data breaches of all time after a government developer wrote …
Biometric Authentication Ring Gaining Traction
Secure your business with CyberHoot Today!!! Sign Up Now Token Ring the new company (not the old networking token ring technology), just received Series C investment that will accelerate growth …
Ransomware Insurance: Prescriptive and Restrictive
Secure your business with CyberHoot Today!!! Sign Up Now Insurers are drafting more restrictive and prescriptive insurance policy requirements designed to reduce the number of claims and better protect themselves …
Security Advisory: Adobe Vulnerabilities Allow Code Execution
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red June 15th, 2022: CyberHoot has learned of multiple Adobe Product vulnerabilities, where the most severe of which could allow for arbitrary code …
Smartphones Tracked Through Bluetooth Signals
Secure your business with CyberHoot Today!!! Sign Up Now A group of engineers at the University of California San Diego has shown for the first time that the Bluetooth signals …
Security Advisory: Android UNISOC Chip Vulnerability
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red June 7th, 2022: CyberHoot has learned of multiple critical Android vulnerabilities, affecting millions of Android smartphones, that have been patched today. Critical …
SaaS Application Access Creates Security Concerns
Secure your business with CyberHoot Today!!! Sign Up Now Software as a Service (SaaS) applications have transformed businesses over the last decade with enormous value. The pandemic forced many businesses …
Security Advisory: Microsoft Office ‘Follina’ Vulnerability
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red May 31st, 2022: CyberHoot has learned of a Remote Code Execution (RCE) bug that can be exploited in Microsoft Office files. Security researcher …
Emotet Has Reemerged as Top Malware in Circulation
Secure your business with CyberHoot Today!!! Sign Up Now The HP Wolf Security threat research team has identified a 2700% increase in Emotet infections in the first quarter of 2022, …
Security Advisory: SonicWall Authentication Vulnerability
May 16th, 2022: CyberHoot has investigated a SonicWall advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. …
Text Message Scams: A Growing Trend
Secure your business with CyberHoot Today!!! Sign Up Now Anyone who owns a cellphone has likely received an unexpected text message from a number they don’t recognize containing a link …
New Deadbolt Ransomware Targeting Small Businesses
Secure your business with CyberHoot Today!!! Sign Up Now In January 2021, reports emerged of a backup-targeting ransomware strain called Deadbolt aimed at small businesses, hobbyists, and serious home users. …
Pirated Movies Containing Malware
ReasonLabs, a provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into computers with the mask of the latest Spiderman movie. The movie is …
Malicious ‘Fleeceware’ App Downloaded 600M Times
Google has tried to eliminate malicious apps from its Android platform on the Google Play Store, but certain apps slide by Google’s security team, like Fleeceware. Fleeceware is a malicious application that …
Employee SSNs Exposed in California Pizza Kitchen Breach
California Pizza Kitchen (CPK) founded in Beverly Hills, California in 1985, has more than 250 locations across 32 states. CPK experienced a data breach exposing the full names and Social …
CyberHoot’s 3-2-1 Backup Guide
As the number of areas where data is stored increases, the concept of following a 3-2-1 Backup Strategy is often forgotten. While you can’t prevent every compromise of your company’s …
Monero – The New Crypto For Hackers
Cybercriminals had a wake-up call after the FBI successfully breached a cryptocurrency wallet held by the Colonial Pipeline hackers by following the money trail on bitcoin’s public blockchain. The FBI …
Cybersecurity Awareness Month Vlog Series 2021
Each day this month, we published a short (3–5 minute) interview CyberHoot’s Co-Owner Craig Taylor had with Mindwhirl outlining necessary topics to help improve people’s cybersecurity hygiene. Check CyberHoot’s VLOG and social media …
Preventing Identity Theft – Day 23 of CSAM
Today is Day 23 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
U.S. Water and Wastewater Systems Cyber Breach
The Cybersecurity and Infrastructure Agency (CISA) released an alert of an ongoing cyber threat to the U.S. Water and Wastewater Systems, also highlighting five incidents that occurred between March 2019 …
Risk Assessments Importance – Day 19 of Cybersecurity Awareness Month
Today is Day 19 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Social Media Risks – Day 17 of Cybersecurity Awareness Month
Today is Day 17 of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
Gift Card Fraud
The cybersecurity world is continually inundated with the new strains of ransomware taking down large and small businesses alike. Unfortunately, this has brought attention away from other cyber-related attacks, like …
Cybersecurity Advisory – Urgent iOS Update
October 13th, 2021: CyberHoot received notification of a Zero-Day Vulnerability on Apple’s iPhone and iPad very latest iOS version 15 which shipped pre-installed on the latest iPhones released in Oct. …
Apple AirTag Attack
In April of 2021, Apple unveiled the AirTag, a tracking device that can be put on nearly anything so users don’t lose their valuables. Users frequently use these on their …
Outlook “Autodiscover” Leaking Passwords
Cybersecurity experts at Guardicore published a report summarizing its research results involving security concerns in Microsoft “Autodiscover” feature. Their report states they were able to collect over a 372,072 domain …
Japanese Crypto Exchange Robbed of $100,000,000
Recently, cryptocurrency exchanges, the place where you can buy and sell cryptocurrencies on the Internet, have been under active and successful attack. In one case, a Chinese cryptocurrency exchange called …
Microsoft Edge’s ‘Super Duper Secure Mode’
Microsoft’s Edge Vulnerability Research Team recently published details on a new feature in development called “Super Duper Secure Mode” (SDSM). SDSM is designed to improve security without notable performance losses. …
BazarCaller – Vishing Gang
BazarCaller is a new cybercrime gang that uses Vishing to trick its victims into handing over information or access to a device. Vishing is the malicious practice of making phone …
Microsoft Patch Tuesday
On the second Tuesday of each month since 2003, Microsoft has released security-related updates to Windows (desktop and server), Office, and related products. Updates and patches aren’t only released on …
CISA’s Top Vulnerabilities in 2020 and 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) teamed up with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau …
Ransomware, Backups, and Testing your Plan
The news headlines seem to be filled with ransomware attacks of late. Business owners are taking note and asking their Managed Service Providers (MSPs) and IT departments to improve their …
Microsoft’s PrintNightmare Vulnerability
Microsoft’s released an Out-Of-Band (OOB) emergency patch, affecting windows systems’ print-spooler subsystem. These printing issues are being called PrintNightmare by the media. The vulnerabilities are being tracked in CVE-2021-1675 and …
Nextdoor App Security
A new social media service, Nextdoor, is gaining steam as we come out of the COVID-19 pandemic. The platform is used to share trusted information about one’s neighborhood, to give …
How Secure Are Payment Apps?
Cash is King, for now. The use of electronic payment applications has been steadily growing, according to a recent survey by the US Federal Reserve, cash payments accounted for only …
Bipartisan Cybersecurity Bill Impending
Lawmakers on Capitol Hill are scrambling to introduce legislation addressing overwhelming spikes in ransomware and other cyberattacks on critical organizations like Colonial Pipeline and JBS. Until recently, the US federal …
FBI Recovers Colonial Bitcoin Payment
In May of 2021, the United States’ largest pipeline, Colonial Pipeline, halted operations due to a ransomware attack. At the time, Colonial Pipeline carried 45% of the fuel used on the …
JBS Ransomware Attack Shows Importance of Backups
[Update on JBS Ransomware attack: June 10, 2021 CyberHoot learned that backups and a strong disaster recovery plan weren’t responsible for a quick ransomware recovery at JBS meats as was …
Ransomware Shuts Down Largest U.S. Pipeline
The United States’ largest pipeline, Colonial Pipeline, halted operations due to a ransomware attack. Colonial Pipeline carries 45% of the fuel used on the U.S. East Coast, running from Texas …
Apple AirDrop Vulnerability
Security researchers in Germany have put out a press release about research findings to be presented at Usenix 2021. They presented findings proving that “Apple AirDrop shares more than files”. …
What Was 2020’s Most Expensive Cybercrime?
Reading the latest FBI report might convince you that Business Email Compromise was the largest cybercrime in 2020. Ransomware proves them wrong by a factor of at least 5 if not more. Both are scourges that SMBs need to protect themselves from. Become more aware to become more secure.
Israel Launches ‘Stuxnet 3.0’ On Iran
Iran announced that a blackout occurred at its uranium enrichment facility in Natanz. Iran blamed Israel for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges. Israel …
Booking.com Fined Following Vishing Attack
Summary Message: Working out your Breach Notification during a Breach is a recipe for disaster. Back in December of 2018, Booking.com experienced a breach, where the company was exploited through …
Instagram Scams: How To Avoid Them
Since Instagram’s official launch in 2010, it’s seen more than 1 billion accounts opened with users sharing close to 100 million photos every day. Instagram’s popularity skyrocketed since its launch …
Twitter Steganography Risks
Steganography is the interesting but potentially dangerous technique of hiding data or malware code secretly within an ordinary, non-secret file or message to avoid detection. The use of steganography can …
Why NFTs Are The Future
The popular musician Grimes sold some animations she made with her brother Mac on a website called ‘Nifty Gateway’. Some were one-offs, while others were authentic limited editions, all were …
US Treasury Bans Ransomware Payments
Oct.1st, 2020: The US Treasury Department’s Office of Foreign Assets Control (OFAC) warned organizations that making ransomware payments is illegal. These payments violate US economic sanctions banning the support of …
FTC Warns of ‘Romance Scammers’
For people searching for love online, it has become a little difficult due to scammers’ hell-bent on catfishing vulnerable people. The Federal Trade Commission (FTC) issued a warning about such …
Canada Rules Clearview AI’s Illegal
Clearview AI has created one of the broadest and most powerful facial recognition databases in the world. Their application allows a user (law enforcement we hope) to upload a photo of …
Emotet Operation Takedown
In January of 2021, law enforcement and judicial authorities across the globe disrupted one of the most notable botnets of the past decade: Emotet. Investigators have taken control of its …