That awkward moment when a stranger tells you you've been hacked
Our Take
Even though we’re a small company, our CINS Threat Intelligence feed is used all over the world. And because of that, sometimes people reach out and ask us why they’re network is on our list and considered malicious.
That’s when we have to break the news to them that something on their network is scanning or attempting to exploit other networks on the internet. In other words, they’re on the list because something on their network has been compromised.
So, do we think 63% is too high? No, probably not.
Mandiant: 63% of breaches were discovered externally in 2022
https://www.techtarget.com/searchsecurity/news/365535068/Mandiant-63-of-breaches-were-discovered-externally-in-2022
This is our CINS Army Brief for April 2023, curating the most interesting cyber news from the previous month. Learn more and subscribe here.
- Lack of security employees makes SMBs sitting ducks for cyber attacks
https://www.helpnetsecurity.com/2023/04/04/smbs-security-posture/ - Embracing zero-trust: a look at the NSA’s recommended IAM best practices for administrators
https://www.csoonline.com/article/3694668/embracing-zero-trust-a-look-at-the-nsa-s-recommended-best-practices-for-administrators.html - 96% of CISOs without necessary support to maintain cyber security
https://www.itpro.com/security/cyber-attacks/96-of-cisos-without-necessary-support-to-maintain-cyber-security - Reactive cybersecurity prevails in US healthcare
https://www.scmagazine.com/brief/vulnerability-management/reactive-cybersecurity-prevails-in-us-healthcare - CISA Releases Advice for Defending Smart Cities
https://www.govtech.com/security/cisa-releases-advice-for-defending-smart-cities - Can this new prototype put an end to cyberattacks?
https://www.techradar.com/news/can-this-new-prototype-put-an-end-to-cyberattacks - Industrial security vendors partner to share intelligence about critical infrastructure threats
https://cyberscoop.com/emerging-threat-open-sharing-industrial-cybersecurity/ - Wargaming an effective data breach playbook
https://www.helpnetsecurity.com/2023/04/18/effective-data-breach-playbook/ - Do the productivity gains from generative AI outweigh the security risks?
https://www.computerworld.com/article/3694349/do-the-productivity-gains-from-generative-ai-outweigh-the-security-risks.html - Used Routers Often Come Loaded With Corporate Secrets
https://www.wired.com/story/used-enterprise-router-company-secrets/ - These medical IoT devices carry the biggest security risks
https://www.zdnet.com/article/these-medical-iot-devices-carry-biggest-security-risks/ - Education sector sees 34% increase in IoT attacks
https://www.scmagazine.com/news/device-security/education-sector-34-increase-iot-attacks - New QBot email attacks use PDF and WSF combo to install malware
https://www.bleepingcomputer.com/news/security/new-qbot-email-attacks-use-pdf-and-wsf-combo-to-install-malware/ - Company boards are bracing for new SEC cybersecurity regulations
https://www.axios.com/2023/04/07/company-boards-sec-cybersecurity - What is the true potential impact of artificial intelligence on cybersecurity?
https://www.csoonline.com/article/3692868/what-is-artificial-intelligence-s-true-potential-impact-on-cybersecurity.html - How machine learning can help crack the IT security problem
https://venturebeat.com/security/how-machine-learning-can-help-crack-the-it-security-problem/ - Hackers steal crypto assets by defeating 2FA with rogue browser extension
https://www.csoonline.com/article/3692535/hackers-steal-crypto-assets-by-defeating-2fa-with-rogue-browser-extension.html - Rogue QuickBooks, PayPal accounts used in novel phishing attacks
https://www.scmagazine.com/news/email-security/rogue-quickbooks-paypal-phishing - 5 strategies to manage cybersecurity risks in mergers and acquisitions
https://www.csoonline.com/article/3692433/5-strategies-to-manage-cybersecurity-risks-in-mergers-and-acquisitions.html
