Weekly blog articles covering current, critical cybersecurity topics to help the world become more aware and more secure.
Apple’s AirPlay protocol is under fire as newly discovered “AirBorne” vulnerabilities expose billions of devices to zero-click attacks, data theft, and network-spreading malware—highlighting urgent security gaps in both Apple and third-party ecosystems.
This newsletter summarizes cybersecurity news from May, and boy there are some big events that happened.
A new cyberattack campaign dubbed “Elusive Comet” is exploiting Zoom’s remote control feature through social engineering to infiltrate the systems of cryptocurrency traders and venture capitalists, enabling malware deployment and data theft.
Discover how HR teams can counter rising tech job scams by enhancing identity verification, interview processes, and ongoing employee monitoring to protect against fraudulent remote workers.
A new malvertising campaign is targeting Onfido users through fake Google Ads and phishing pages. Learn how the attack works and how to stay protected.
This newsletter summarizes cybersecurity news from March, and boy there are some big events that happened.
Initial Access Brokers are changing tactics, selling low-cost access to more targets. Learn how this shift increases cyber risks and what defenses to implement.
Protect yourself this tax season: Learn how hackers use tax-themed phishing emails to steal data and deploy malware.
Medusa ransomware is now using a malicious driver to bypass security tools and disable EDR systems. Learn how this advanced technique works and how to protect your organization.
Medusa ransomware is now using a malicious driver to bypass security tools and disable EDR systems. Learn how this advanced technique works and how to protect your organization.
This newsletter summarizes cybersecurity news from March, and boy there are some big events that happened.
Discover how malicious browser extensions use polymorphic techniques to impersonate legitimate add-ons, posing serious cybersecurity risks.
EncryptHub malware is a sophisticated cyber threat enabling data theft, remote access, and system compromise.
Critical Microsoft Outlook vulnerability allows attackers to bypass security using the ‘Moniker Link’ exploit.
Cybercriminals are exploiting Webflow’s trusted infrastructure using fake CAPTCHA screens to deliver phishing attacks.
This newsletter summarizes cybersecurity news from January, and boy there are some big events that happened.
Beware of a new USPS text scam using malicious PDF links to bypass security filters. Learn how cybercriminals exploit trusted platforms and how to protect yourself from phishing attacks
Discover why the U.S. Navy is restricting DeepSeek AI due to cybersecurity concerns, including data security risks, misinformation, and adversarial exploitation.
Learn why U.S. officials are urging Americans to use encrypted apps like Signal and WhatsApp to protect their privacy and security in the face of rising cyber threats.
Urgent advisory on the Fortigate SSL VPN breach: Learn how to protect your organization by transitioning to secure, scalable cloud-based remote access solutions and eliminate risks associated with legacy VPN systems.
FireScam malware disguises itself as Telegram, stealing sensitive data from Android users. Learn how to stay protected.
This newsletter summarizes cybersecurity news from January, and boy there are some big events that happened.
Learn about the DoubleClickjacking exploit, how it bypasses traditional security, and essential tips to protect your online safety.
Protect your text messages from cyber threats with these essential tips, including encryption, avoiding smishing, and securing 2FA.
Learn how over 2,000 Palo Alto Networks firewalls were hacked using critical zero-day vulnerabilities and how to stay protected
Learn how brushing scams exploit your personal data through unsolicited packages and fake reviews. Stay alert and protect your privacy.
Learn about Microsoft’s Authquake MFA flaw, how hackers bypassed authentication, and key steps to protect your accounts.
This newsletter summarizes cybersecurity news from December, and boy there are some big events that happened.
Fake Email Phishing is broken in many ways. Google researchers liken it to early fire drills that caused more harm than good. Empirical research shows users clicking more not less after fake email phish testing. End users universally complain as do IT departments when chaos breaks out after sanctioned fake email testing. Enter HootPhish, a solution that eliminates the negatives, and empowers end users to spot and avoid this scourge of modern internet email.
Discover how AndroxGh0st malware exploits IoT device vulnerabilities, creating powerful botnets for cyberattacks, and learn steps to protect your devices.
Learn about Midnight Blizzard’s spear-phishing campaign using malicious RDP files and discover practical tips to stay protected.
Learn how CyberHoot’s HootPhish Challenge gamifies phishing detection, helping users quickly and accurately identify phishing threats!
Learn how to protect your Git repositories and cloud credentials following the massive global operation called EmeraldWhale.
This newsletter summarizes cybersecurity news from November, and boy there are some big events that happened.
Explore 5 essential strategies for SaaS security, including identity management, data encryption, SSPM tools and more!
This article dives into the Meta lawsuit for the 2019 breach that exposed 600 million unencrypted passwords in plain text.
Learn how social media accounts pose a cybersecurity risk and how SSPM can protect your business through multiple different ways!
This newsletter summarizes cybersecurity news from October, and boy there are some big events that happened.
Learn how to protect yourself from evolving Session Hijacking threats with expert tips on secure connections, encryption, 2FA, and more.
Learn expert tips to spot phishing links and protect yourself from cyber threats, including how to check URLs, avoid scams, and stay secure online.
Explore the shift toward passwordless and keyless authentication, its benefits for cybersecurity, and how businesses can prepare for this future
Learn about the cybersecurity risks of using in-flight Wi-Fi and discover essential tips to protect your data while traveling, from VPNs to device updates.
This newsletter summarizes cybersecurity news from August, and boy there are some big events that happened.
Learn about critical vulnerabilities in Veeam Backup & Replication and SonicWall SonicOS, including active exploits. Apply patches and follow key security measures to protect your systems.
Learn how to protect your business from the new Rust-based Cicada 3301 ransomware. Discover key strategies to safeguard your data and prevent ransomware attacks.
CyberHoot has been shown to improve customer retention for MSPs. It lowers the cost of supporting clients through fewer security incidents, better product training, and educational phish testing. We know it works because MSPs tell us emails to support asking “Is this a Phish?” or “Is this an Attack?” go away. Start a 30 day free trial and month-to-month forever afterwards.
Learn how to protect your business from zero-day exploits like those recently used by Chinese hackers targeting U.S. internet providers. Discover key cybersecurity strategies to stay ahead of emerging threats.
Learn how to protect your organization from the new Qilin ransomware attack, which exploits VPN vulnerabilities. Discover essential tips for strengthening your cybersecurity defenses and preventing ransomware threats
Discover the extensive impact of the NPD breach that exposed 3 billion personal records, underscoring significant privacy risks and highlighting essential steps for safeguarding personal information against identity theft and cyber fraud.
Discover prevention techniques for the top 10 common cyber attacks. Learn how to identify the attacks through scenarios and then take steps to mitigate the damage and protect your business and data from harm.
