CyberHoot

August 7, 2024

CyberHoot Newsletter – June and July 2024

July - 2024

Understanding the CrowdStrike Global Outage

Learn about the CrowdStrike global outage, its potential causes, and essential risk mitigation strategies to protect your organization from similar cyber threats. Read now!

Cybersecurity Perspective on the Ticketmaster-Taylor Swift Incident

A unique ransomware scheme is seeking to extort money from Ticketmaster to prevent the release of printable tickets and concert chaos. Read now!

How MFA Failures and Rising Ransomware Costs are Threatening Cybersecurity

Discover how MFA failures are contributing to a 500% surge in ransomware costs and learn how adopting Passkeys can enhance your cybersecurity defenses. Read now!

Critical Advisory: OpenSSH Remote Code Execution Vulnerability

Learn about the critical OpenSSH vulnerability CVE-2023-38408 that allows remote code execution via the ssh-agent’s forwarding feature. Discover immediate steps to protect your systems, including upgrading to OpenSSH 9.3p2, restricting PKCS#11 providers, and enhancing security measures. Read now!

The Evolving Kill Chain (On-Premise vs. SaaS)

Learn how to protect your business from the evolving SaaS kill chain by understanding the stages of cyber attacks, or kill chain links, and the nuances of on-premise vs. SaaS models of the kill-chain. Read now!

June - 2024

Hackers Exploiting Legitimate Websites

Learn how hackers exploit legitimate websites to launch sophisticated attacks and discover ways to protect yourself from these evolving cybersecurity threats. Read now!

Understanding Credential Stuffing Attacks

Learn how Okta is addressing credential stuffing attacks and what steps users can take to protect their accounts from this growing cybersecurity threat. Read now!

Advanced Phishing Tactics: A Hacker’s Playbook

This article explores the latest phishing tactics, including Cloudflare Workers, HTML smuggling, and AI-generated emails, and how to protect yourself against these advanced threats. Read now!

Customer Spotlight

Liking CyberHoot? We need your help. Please leave us a review using the links below!

TrustPilot.com | G2.com | Capterra.com | Google.com | TrustRadius.com | Gartner.com

-TrustPilot

For more information on how to leave a CyberHoot review, please watch the brief video overviews below. Note: to avoid fraudulent reviews, each review website will require to you to create and validate your identity through an email account registration process.

CyberHoot Awarded Badge From G2

Cybrary Term of the Month

Credential Stuffing

Credential Stuffing is the autonomous injection of stolen username and password credentials in a web authentication function in the hopes of gaining unauthorized access to user accounts. Once an account login succeeds, the attacks quickly takes over the account. At this point the hacker may perform fraudulent financial transactions, in the case of an email account they will scrape the accounts sent and deleted items folders for every last email address available to them. They will likely target these individuals with new phishing attacks pretending to be the trusted party whose account has been hacked into.

Click here to read more!

Recently Added Features

General Release Notes

July:

Added the ability to configure which sections to include in the scheduled customer compliance summary report in power platform.
Updated the switch customer popup in power platform to be a paging table view when customer count is more than 10.
Made release notes button viewable by customer admins.
Updated assignments to only assign to users if assignment is < 100 days old.
Made usernames clickable to see user compliance status on admin level.
Added ability to restart all active trainings at the user level (admin).
Updated reactivate subscription button to allow the user to add a payment method.
Added applied coupons to the subscription page.
Updated Automatic mode in Power to allow for monthly phishing intervals.
Added ability to have client administrators on Autopilot.
Fixed issue where some HootPhish emails were displaying content horizontally instead of vertically.

June:

Added the ability for admins to manually send “Welcome Emails” from the interface in Autopilot and Power.
Allow user opt-outs based on customer settings and updated assignment emails with a link to allow users to opt out of training.
Updated manual “Welcome Email” message.
Updated weekly Dark Web Check email to send to Super Admins and Customer Admins.
Updated the user exposures section in pdf reports to condense non-exposed users pages into a single list.
Added the ability to configure which sections to include in the scheduled customer compliance summary report in power platform.
Made release notes button viewable by customer admins.
Updated the switch customer popup in power platform to be a paging table view when customer count is more than 10.
Fixed issue where some HootPhish emails were displaying content horizontally instead of vertically.

Check our CyberHoot's CEO Craig Taylor on My Career Podcast!

Enroll in CyberHoot’s Referral Program today and start earning a 20% share of all revenue generated for one year by those who register through your exclusive referral link. As a referral partner, not only will you receive financial rewards, but you’ll also experience the satisfaction of aiding others in becoming more security-conscious, safeguarding them against cyber threats. Don’t hesitate, sign up now at https://cyberhoot.com/referral-program/.

Referral through Autopilot’s Dashboard:

Join CyberHoot in our mission to create a more aware and better secured world! Recommend CyberHoot Autopilot to a friend, and they will enjoy a complimentary first month. For every new sign up who uses your referral link, you will receive a free month added to your account. This offer is exclusively for first-time CyberHoot registrants.

CyberHoot's Social Media

Join CyberHoot’s subreddit to stay updated in the world of cybersecurity!