CyberHoot’s Cybersecurity Newsletter: Nov. 2025 – Technology Security Information

Welcome to CyberHoot’s November Cybersecurity Newsletter!

Cybersecurity never stands still, and neither can we. This month, we’re tackling the cutting-edge trends reshaping how we secure our digital lives and defend against these emerging threats.

We start with Microsoft’s important move toward a passwordless world, as Passkeys come to Windows 11, promising simpler, more efficient, and more secure logins. Then we cover a story where hackers are tricking end users into hacking themselves through clever social engineering tactics. Next we highlight the often-overlooked risk of brand impersonation and the importance of taking down infringing domains before they are weaponized in phishing campaigns targeting your customers. Finally, we dig into OpenAI’s latest findings on how cybercriminals are weaponizing AI to automate scams and supercharge financial fraud.

Read on, stay current, and keep your organization Cyber(Hoot) Smart.

Got Questions? Let’s Talk.
If you’d like to dive deeper into anything we’ve covered, or talk cybersecurity strategy, compliance, or training, our CTO Chuck Taylor is making time for one-on-one sessions with our subscribers.

It’s a rare chance to pick the brain of a seasoned cybersecurity leader. You can schedule a session directly below.

Schedule a meeting here!

Microsoft Integrates Passkeys into Windows: is this the start of a Passwordless Future?

Microsoft is integrating Passkeys into Windows 11, making passwordless logins simple, secure, and phishing-resistant for users and businesses alike.

When You Become the Hacker: How Modern Attacks Trick You Into Hacking Yourself

Hackers are tricking users into hacking themselves. Learn how these attacks work and how to spot them before it’s too late.

Brand Impersonation: How to Remove Fraudulent, Typo-squatted Domains and Websites

Fraudulent and typo-squatted domains are growing threats that enable phishing and brand impersonation. Learn how domain takedowns protect your organization and customers from online fraud.

The AI Threat Awakens: What OpenAI’s Latest Report Reveals About Cybercrime

OpenAI’s latest threat report reveals how hackers and scam networks are using AI to supercharge phishing, fraud, and social engineering.

Customer Spotlight

Liking CyberHoot? We need your help. Please leave us a review using the links below!

–G2

For more information on how to leave a CyberHoot review, please watch the brief video overviews below. Note: to avoid fraudulent reviews, each review website will require to you to create and validate your identity through an email account registration process.

CyberHoot Awarded Badges from G2

Cybersecurity Term of the Month:

End-to-End Encryption (E2EE)

End-to-End Encryption (E2EE) is a method of securing digital communications so that only the sender and the intended recipient can read the data. Messages, files, or calls are encrypted on the sender’s device and stay encrypted while traveling across networks and servers. They can only be decrypted on the recipient’s device using unique cryptographic keys. Even service providers, hackers, or government agencies that intercept the data cannot access its contents without the recipient’s key.

Click here to read more!

Explore CyberHoot’s Extensive 1000+ Term Cybersecurity Library

Recently Added Features

General Release Notes

Updated the 31 days infographics.
Created ‘Train with friends‘ system for my cyber rankings where users can send friends requests to see each others training activity.
Added results email to HootPhish assignments.
Added ability to change language for HootPhish Challenges.
Updated certificate titles to remove “SECURITY” for consistency across all awareness trainings.
Updated user Hoot Rank images.
Added new customer setting to disable the leaderboard on the My Cyber Ranks page.
Updated Send Test AttackPhish to let admins select a template and preview its details.
Renamed “Effective End” to “Due Date” in Manager Compliance Report under the Outstanding Assignments tab.

Power Platform Release Notes

Updated user CSV upload to allow updating managers for synced users.
Added CSV export for User Active and Archived History tabs.
Added the ability to send test dark web emails.
Renamed ‘Customer’ to ‘Tenant’ in front end, reports, and emails.
Added Start Date and Overall Score to the User Active and Archived tables, and updated the export file name for user export CSV.
Removed Quality Checks tab from Manager Compliance Report and add Quality Checks download button for admins.
Removed policy level messaging from Power and updated all places where messaging is used to instead use the current set custom message.
Added Policy Type Column and Update Due Date in Outstanding Assignments Report.
Updated send email name to use customer name when branding override is enabled.

Autopilot Platform Release Notes

Added logging to MSP table for Power-Up enable/disable actions.
Added Export to CSV button to User Training History table.
Updated Power-ups stats card and page to display enabled customer percentages and additional information.
Updated Limit Trainings To Weekdays option to be checked by default for new customers.
Added due date column to users training history table.
Added CSV export option in Training History table to download all active user assignments with per-assignment compliance status and overall compliance.
Renamed ‘Customer’ to ‘Tenant’ and ‘Organizations’ to ‘Sites’ everywhere.
Added programs to CustomHoots power-up.
Added groups to CustomHoots.
Added the ability to create groups from within the CustomHoots forms.
Added edit, delete and archive actions to the CustomHoots dashboard tables.
Updated CustomHoots groups so the groups page can be accessed from the users and CustomHoots pages.
Updated Training History table export file name to include the user name.
Added customer overall compliance and risk scores to tenant dashboard and tenant view.
Added the ability to create multiple custom reports at the partner level.
Added ‘advanced settings’ to Autopilot HootPhish Challenge. Admins can now choose difficulty, same email template for all and same indicators for all when creating a challenge.
Removed warnings about changes only affecting future assignments in CustomMessaging in Autopilot (this issue is resolved and moving forward CustomMessaging changes are effective on all assignments immediately).
Added phishing difficulty to users create/edit form.

Check out Craig Taylor, Co-Founder & CEO of CyberHoot, Featured on The Cyber Show Podcast!

New Feature Alert: AI Support ChatBot

CyberHoot’s new ChatBot Self-Service Support is now live, providing 24×7 assistance directly inside the Admin Interface and on our CyberHoot website. Located at the bottom right of your screen, this intelligent support tool helps you find answers instantly, troubleshoot issues, and access resources without waiting for an email response.

If you need additional help, you can always reach our support team at [email protected].

Enroll in CyberHoot’s Referral Program today and start earning a 20% share of all revenue generated for one year by those who register through your exclusive referral link. As a referral partner, not only will you receive financial rewards, but you’ll also experience the satisfaction of aiding others in becoming more security-conscious, safeguarding them against cyber threats. Don’t hesitate, sign up now at https://cyberhoot.com/referral-program/.

Referral through Autopilot’s Dashboard:

Join CyberHoot in our mission to create a more aware and better secured world! Recommend CyberHoot Autopilot to a friend, and they will enjoy a complimentary first month. For every new sign up who uses your referral link, you will receive a free month added to your account. This offer is exclusively for first-time CyberHoot registrants.

CyberHoot has Free Cybersecurity Training for Individuals

Know someone who had a close call recently with a cyber attack, phishing email, or social engineering phone call? Recommend CyberHoot’s free cybersecurity training. They’ll receive six (6) videos (each video is 3-4min.) and one of our positive reinforcement, hyper-realistic, phishing simulations. All for free.

Registration: https://cyberhoot.com/individuals