CyberHoot
Microsoft’s Authquake MFA Flaw
Learn about Microsoft’s Authquake MFA flaw, how hackers bypassed authentication, and key steps to protect your accounts.
CyberHoot Newsletter – December 2024
This newsletter summarizes cybersecurity news from December, and boy there are some big events that happened.
Fake Email Phishing: More Harmful than Helpful
Fake Email Phishing is broken in many ways. Google researchers liken it to early fire drills that caused more harm than good. Empirical research shows users clicking more not less after fake email phish testing. End users universally complain as do IT departments when chaos breaks out after sanctioned fake email testing. Enter HootPhish, a solution that eliminates the negatives, and empowers end users to spot and avoid this scourge of modern internet email.
Over 2,000 Palo Alto Networks Firewalls Hacked via Zero-Day Vulnerabilities
Learn how over 2,000 Palo Alto Networks firewalls were hacked using critical zero-day vulnerabilities and how to stay protected
AndroxGh0st Malware Hijacking IoT Devices
Discover how AndroxGh0st malware exploits IoT device vulnerabilities, creating powerful botnets for cyberattacks, and learn steps to protect your devices.
Midnight Blizzard: Spear-Phishing Campaign Using RDP Files
Learn about Midnight Blizzard's spear-phishing campaign using malicious RDP files and discover practical tips to stay protected.
CyberHoot’s HootPhish Challenge
Learn how CyberHoot's HootPhish Challenge gamifies phishing detection, helping users quickly and accurately identify phishing threats!
GitHub Config Breach Exposes Cloud Service Credential
Learn how to protect your Git repositories and cloud credentials following the massive global operation called EmeraldWhale.
HowTo: Avanan Allow-Listing in Google Workspace
This HowTo article shows how to allow-list Avanan in Google Workspace.
HowTo: Avanan Allow-Listing in Microsoft O365
This HowTo article shows how to allow-list Avanan in Microsoft O365.