Understanding Credential Stuffing Attacks
Learn how Okta is addressing credential stuffing attacks and what steps users can take to protect their accounts from this growing cybersecurity threat.
FireTail Podcast: CyberHoot CEO Craig Taylor
Business Ninja’s interviewed CyberHoot’s co-Founder Craig Taylor. This interview outlines CyberHoot’s unique and positive outcome approach to cybersecurity program development at your company. Our Co-Founder details what’s working and what’s broken in the emergency Cybersecurity industry. Business owners need to watch to learn what they should be doing to protect their businesses from compromise. Doing so provides much needed peace of mind.
Advanced Phishing Tactics: A Hacker’s Playbook
Discover the latest phishing tactics targeting unsuspecting victims, including Cloudflare Workers, HTML smuggling, and AI-generated emails. Learn how cybercriminals bypass security measures and how you can protect yourself from these sophisticated attacks. Stay informed and stay safe in the ever-evolving world of cybersecurity.
CyberHoot’s Power Platform: 2024 Release Notes
CyberHoot’s Power platform includes the most comprehensive set of cybersecurity program development features available on the market today. From our Govenance Policy module and templates to 1000s of videos on Product training and cybersecurity, to our innovative and patent-pending educational, and hype-realistic phishing simulations, the power platform has everything you need to succeed in teaching employees Cyber Literacy. Best of all, it also includes 100% automation for videos, phishing, and user management. Spend less time on cybersecurity and more time on your business with our power platform.
Mega-Breach: The Impact of 26 Billion Leaked Credentials
CyberNews broke a story detailing a collection of more than 26 Billion credentials and other private data in what security researchers are called a Mega-Breach.
Peer-to-Peer (P2P) Payment Scams (Part 2)
Hackers (and jilted lovers) are transferring money to themselves using your phone’s cash app (Paypal, Zelle, Cash App) to transfer funds out of your bank account.
AI in Cybersecurity: Enhancing Threat Detection and Response
In the dynamic realm of cybersecurity, Artificial Intelligence (AI) stands as a game-changer, especially for Managed Service Providers (MSPs) and Small to Medium-sized Businesses (SMBs). This blog delves into how AI is reshaping threat detection and response, offering a new edge to cybersecurity strategies.
Top 10 Cybersecurity Trends and Strategies in 2024
2024 is off to a great start, however, Small to Medium sized Businesses need to proactively address their cybersecurity program development as soon as possible. 2023 was a banner year for hacker attacks and this has only encouraged more and more hackers to enter the fray. The time is ripe for everyone to batten down the hatches and training and test their employees to build their cyber literacy skills.
Navigating AI Assistant Cybersecurity Risks
AI Digital Assistants in platforms like Microsoft Teams and Zoom raise data privacy concerns, risking exposure of regulated, intellectual, or personal information. Despite claims of de-identifying sensitive data, significant risks like exposing proprietary information remain underappreciated.
Passkeys: The Path to a Passwordless Future
Passkeys provide better authentication for end users than traditional passwords which they seek to replace. They are based upon public and private cryptography, are resilient to phishing and hacker password database theft (since the private keys aren’t stored on the server or website), and represent an easier mechanism to identify users into online systems.
DNA Double-Helix Hacker Heist: A Wake-Up Call for Cybersecurity Vigilance
A recent breach at 23andme resulted in the theft of immutable and irreplaceable data – our DNA! Companies with such critical data must take every precaution to limit the data they have become caretakers of, from theft my malicious actors. In this case, 23andme has lost our DNA! This needs to be a serious criminal offence that is punished with significant consequences.
The Nuts and Bolts of a WISP
A Written Information Security Plan is not meant to a bureaucratic policy collecting dust on the book shelf, but rather a living breathing document to guide companies on the safe collection, storage, manipulation, and destruction of non-public personal information on their employees, clients, or business services.
CISCO Critical Advisory Alert – Patch Now
CISCO has announced and released patches for a critical bug in their product that could allow Internet hackers to create accounts remotely on CISCO devices via the HTTP management application. Patches have been released and workarounds documented for unpatched systems no longer supported. Take action to patch now.
Ghosts in the Machine: Spook-tacular Cybersecurity Basics for October
In the spooky season of October, Cybersecurity Awareness Month reminds us of the real threats lurking in the digital realm. CyberHoot sheds light on three cybersecurity fundamentals: Password Protection, Phishing Awareness, and Safe Browsing Practices. Fortify your digital domain with strong password practices, stay vigilant to phishing schemes, and navigate the web safely. Embrace the cybersecurity training and phishing testing offered by CyberHoot to morph into a digital wizard against the sinister specter of cyber threats. Venture to cyberhoot.com and make cybersecurity awareness a fun-filled endeavor!
Cybersecurity Awareness: Bridging the Gap Between Knowledge and Action
October marks the observance of Cybersecurity Awareness Month, a pivotal time for businesses and individuals to bolster their understanding and actions towards cybersecurity. This means it is time for you to put action to words and get your staff trained up on the cyber threats they face. Cyber Literacy is a critical skill for the 21st century. Are you doing your part to educate your employees on the threats they face and how to avoid them?
Cyber Literacy ROI: Investing in Employee Training Makes Strong Financial Sense
Investing in Employee Cyber Literacy to build better human firewall skills makes strong financial sense. A string of recent breaches has put this in stark perspective for all companies. This article presents a case for the financial Return On Investment of employee awareness training and phish testing as delivered automatically by CyberHoot.
Save Your Staff with Cyber Literacy Skills. Use CyberHoot for Free During Cybersecurity Awareness Month
CyberHoot is offering any MSP free enrollment of any and all clients into CyberHoot for free until the end of October (31st), 2023. Enroll your prospects or existing customers in our platform and launch expedited Cybersecurity awareness training in the Month of Oct. using our fully automated system. We will credit you any users or clients enrolled for the entire month of Oct. Must be a new client to CyberHoot. If after the month ends you want to remove them, you absolutely may without penalty.
The Fabulous Five: How CyberHoot Makes Managed Service Providers Shine Brighter
CyberHoot has been shown to improve customer retention for MSPs. It lowers the cost of supporting clients through fewer security incidents, better product training, and educational phish testing. We know it works because MSPs tell us emails to support asking “Is this a Phish?” or “Is this an Attack?” go away. Start a 30 day free trial and month-to-month forever afterwards.
White House Recognizes the Importance of Cybersecurity Education with Proposed Funding
The White House recognizes the importance of cybersecurity literacy by proposed to fund K-12 education of school teachers and administrators and possibly also students.
Business Ninja Interview of CyberHoot Co-Founder
Business Ninja’s interviewed CyberHoot’s co-Founder Craig Taylor. This interview outlines CyberHoot’s unique and positive outcome approach to cybersecurity program development at your company. Our Co-Founder details what’s working and what’s broken in the emergency Cybersecurity industry. Business owners need to watch to learn what they should be doing to protect their businesses from compromise. Doing so provides much needed peace of mind.
A Cybersecurity Comedy: Protecting Businesses One Laugh at a Time!
Cybersecurity too often seems like a stress inducing serial murder show. While it is serious business, adding a dose of humor will make it more memorable.
11 Reasons to Upgrade Aging Hardware and/or Software
There are many reasons to consider upgrading aging hardware and software including better efficiency, reliability, performance, happier staff, security, and more.
CyberHoot Newsletter – July 2022
Restaurant Cloud-based POS Systems Hacked Multiple POS systems used by restaurants all over the world (MenuDrive, HarborTouch, and InTouchPOS) have been hacked enabling hackers to collect credit card details on …
CyberHoot Newsletter – June 2022
Ransomware Insurance: Prescriptive and Restrictive Insurers are drafting more restrictive and prescriptive insurance policy requirements designed to reduce the number of claims and better protect themselves and the companies they …
CyberHoot Newsletter – October 2021
Outlook “Autodiscover” Leaking Passwords Cybersecurity experts at Guardicore published a report on security concerns in Microsoft’s “Autodiscover” feature. In 4 months time, they collected over 372,072 domain credentials and ~100k in …
97% Top International Airports Fail Cybersecurity Test
A few weeks ago a report was published by a cybersecurity firm, ImmuniWeb. This report revealed that only three of the world’s top 100 international airports passed their basic high …
Trello Exposes Personally Identifiable Information
Trello, the platform used by many businesses for organizing to-do lists and coordinating team tasks has recently exposed the personally identifiable information (PII) data of its users. The finding was …
Jeff Bezos and the WhatsApp Security Flaw
Knowing how to protect yourself and your critical accounts from compromise is becoming ever more important. Learn what can happened to and setup 2FA into all of your online critical accounts.
CyberHoot Newsletter – Volume 3
In this monthly Newsletter, we provide you a look at the previous month of Cybersecurity news with some analysis, some new Cybersecurity terms, and more…
Network Based Intrusion Detection System (NIDS)
A Network Based Intrusion Detection System (NIDS), or Network Based IDS, is security hardware that is placed strategically to monitor critical network traffic. Traditional Network Based IDS analyzes passing network …
HowTo Add CyberHoot Users
This support HowTo video outlines at a high level, the three different methods you can use to add users to CyberHoot’s Power/Partner platform. Watch this video on YouTube For more …
Critical Microsoft Vulnerabilities
Infrequently, Microsoft released critical vulnerability alerts and patches that are so important to know about, that you should stop what you’re doing and review them and plan to patch as soon as possible. This is one of those times.
Root Cause Analysis
A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.
CyberHoot Newsletter – Volume 1
The Department of Homeland security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a National Terrorism Advisory Bulletin on Jan. 4th, 2020. This agency only issues such warnings when there is a credible, specific and impending terrorism threat against the United States. In this case, their warning focused primarily upon cybersecurity attacks against US government and business entities in retribution for the killing of Iranian IRGC-Quds Force commander Qassem Soleimani. Iran has a history of cyber-attacks against US Businesses and government entities. Companies should be on high alert and remind employees to be especially vigilant in email phishing attacks amongst other cybersecurity best practices.
Nation State Hackers
Nation State hackers are the best of the best. Their attacks are evolving and are not often seen or discussed in the day-to-day world because attribution of an attack to …
Deepfakes: Hackers Newest Trick
Technology is always improving and hackers are always finding novel ways to exploit those advances. Cyber security analysts believe new attacks are on the way next year with some powerful …
RYUK Ransomware infects 110 Healthcare Facilities
This past Thanksgiving weekend, 110 healthcare facilities were infected by a ransomware attack on their IT provider. Virtual Care Provider Inc. (VCPI), provides security, data hosting and access management services …
Google Chrome Zero Day in the Wild
CyberHoot has learned there is a new Zero-Day vulnerability in Chrome actively being exploited in the Wild. Your computer can be compromised just by visiting a malicious website. That is …
MSP Attacks increasing but their Ability to Defend is Lacking
The FBI issued a stern warning in February 2019. They witnessed multiple Managed Service Providers successfully attacked by advanced hacking tools and organizations. This article details what’s happened since then. …