CyberHoot
212 FOLLOWERS
CyberHoot is the easiest security awareness training platform. CyberHoot offers training, phish testing, and policy compliance. Weekly blog articles covering current, critical cybersecurity topics to help the world become more aware and more secure.
CyberHoot
15h ago
Passwordless Authentication + Enhanced Online Security = Passkeys
In today’s online world, the trusty password is facing an existential crisis. With cyber threats evolving at an alarming rate, relying solely on passwords for online security is like leaving the front door of your house not just unlocked, but wide open, overnight! As technology advances, so must our approach to protecting our online selves. This article explores the growing adoption of Passkeys, why they are more secure, and who’s using them.
The Problem with Passwords
Let’s face it: passwords are inherently flawed. They’re of ..read more
CyberHoot
15h ago
“CyberHoot’s Newsletter has been on a brief hiatus as we focused on critical product improvements, finished 2024 strategic planning, and addressed performance improvements. This newsletter is chock full of cyber news, contains a new section on recently added features, and a video interview of Craig on crazy hacking stories he’s experienced. We hope you enjoy this newsletter and stay tuned for monthly newsletters throughout 2024.” – – Craig
March 2024
The Evolution of Phishing: SMS and Voice-Based Attacks
The Latest Trends in Phishing Attacks: Phishing attacks are evolving to ..read more
CyberHoot
1w ago
Lessons Learned from the Change Healthcare Breach
A recent cyberattack has put “a substantial proportion of people in America’s” healthcare records at risk of exposure. Change Healthcare, which is part of UnitedHealth Group, got hit by a ransomware attack on February 21. This caused hospitals and pharmacies all over the United States to revert to paper records. For days and weeks as they were unable to verify medical claims. This incident is not an isolated event. It is a wake-up call on the importance of fostering a strong cybersecurity culture in every company. The stakes for c ..read more
CyberHoot
2w ago
Understanding, Defending, and Defeating a Stealthy Cyber Threat
In today’s ever-changing world of cybersecurity, it feels like there’s always something new to watch out for. Staying knowledgeable is crucial to keeping ourselves safe. One of the latest threats causing a stir is Latrodectus. It’s not only hard to say, it’s also hard to detect; it’s clever, sneaky, and poses a real threat to both people and businesses. In this article we dive into the world of Latrodectus, uncover how it operates, and most importantly, learn how to avoid it entirely.
What is Latrodectus?
Latrodectus is a sophis ..read more
CyberHoot
3w ago
Protecting Against Deceptive Cyber Threats
In the vast interconnected world we live in, where any single click can lead to malware and compromise, being aware, is being secure. Recently, a cunning attack has re-surfaced: ads masquerading as a NordVPN software product promotion on Bing. CyberHoot originally reported Malvertising attacks like this back in Oct. 2023. Learning what happened here, and in previous attacks, will help protect you from similar online threats you face.
Understanding the Threat
The ad in question lured users with promises of NordVPN services, a reputable Virtual ..read more
CyberHoot
1M ago
Government Targeted Phobos Ransomware Attacks Warning by CISA
Phobos Overview
Phobos Delivery Methods
Ransomware Event Damages
Top 10 Mitigations to Prevent Ransomware Attacks
Phobos Conclusions
Overview:
The Cybersecurity and Infrastructure Security Agency (CISA) drafted a report on the Phobos ransomware which has been targeting state and local governments of late. Phobos ransomware, is a sophisticated ransomware that leverages is spread via phishing emails and open RDP ports. It’s available in multiple versions on the dark web forsale. Once infected, it delivers devastating attacks ..read more
CyberHoot
1M ago
In the ever-evolving landscape of cybersecurity threats, phishing remains one of the most prevalent and effective threats we face. Cybercriminals use it to infiltrate systems and steal sensitive information. However, as organizations build their defenses against traditional email-based phishing attacks, cybercriminals are adapting their tactics. The emergence of a new phishing kit that leverages SMS and voice communication channels has companies scrambling.
The Emergence of SMS and Voice-Based Phishing
Recent reports have highlighted the development of a sophisticated phishing kit designed ..read more
CyberHoot
1M ago
In today’s digital landscape, where cyber threats loom large and data breaches are rampant, ensuring robust cybersecurity measures is vital for businesses of all sizes. However, implementing effective cybersecurity practices can often seem daunting and complex. Fortunately, there are five relatively straightforward steps that organizations can take to significantly enhance their cybersecurity defenses.
1.) Train Employees using an LMS:
One of the weakest links in any cybersecurity strategy is human error. In fact, 90% of breaches can be tied back to human error. Employees may inadvertently ..read more
CyberHoot
2M ago
In the world of cybersecurity, the role of superusers – those with elevated privileges within an organization’s network – is crucial yet vulnerable. While much attention has been given to protecting these accounts in large enterprises, small to medium-sized businesses (SMBs) and managed service providers (MSPs) supporting companies of 100 users or less often face unique challenges in this regard.
Traditionally, the management of superuser access has been divided between Privileged Access Management (PAM) and Identity Management (IdM) solutions. However, for SMBs and MSPs, bridging the gap b ..read more
CyberHoot
2M ago
In today’s digital landscape, deepfake cybercrime presents a pressing threat demanding attention from SMBs and MSPs. The recent incident in Hong Kong unveils the concerning reality of this dangerous technology.
Understanding Deepfake Technology
Deepfakes, powered by AI algorithms, create convincing multimedia content, making individuals appear to say or do things they never did. These sophisticated manipulations often blend elements from various sources seamlessly, rendering them difficult to detect with the naked eye. For SMBs and MSPs, understanding the intricacies of deepfake technology ..read more