Small Business Security Solutions
CCI-GoogleSitesBanner-v1.png

Center for Cyber Intelligence

Blog

Explore expert insights on cybersecurity trends, best practices, and compliance strategies. Led by industry veterans, our posts offer in-depth analyses and practical guidance to help professionals and small businesses fortify their cyber defenses. We openly welcome submissions for guest blogger articles. Interested in submitting? Submit your topic here to let us know.


 
Essential Guide to Using Shodan for Small Business Vulnerability Assessments & Network Monitoring

Small businesses are continually adapting to harness new technological opportunities in the rapidly evolving digital landscape. However, this digital expansion also broadens their exposure to potential cybersecurity threats. One critical tool that small business owners can leverage to fortify their cybersecurity measures is Shodan, often referred to as the "search engine for the Internet of Things."

Read More
Chris CooleyComment
Navigating Cybersecurity for SMBs: The Strategic Advantage of Virtual CISO Services

Explore the transformative power of Virtual CISOs (vCISOs) through CCI's tailored cybersecurity services for small businesses. Our vCISO services provide expert-level security strategies, ensuring compliance and robust defense against evolving threats—all at a fraction of the cost of in-house executives. Secure your business's future with CCI’s flexible, cost-effective solutions.

Read More
Chris CooleyComment
Microsoft BlueBleed | Security Research Resources

On October 19, 2022, Security researchers at SOCRadar announced they had identified sensitive data associated with 65,000 entities become because of a misconfigured Microsoft server. This event has been dubbed “BluebBleed.” This data leak reportedly includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally Identifiable Information) data, and documents that may reveal intellectual property. The Center for Cyber Intelligence is compiling a list of resources and information to aid in Security Research investigations related to this event.

Read More
Cyber Actors Target Misconfigured SonarQube Instances to Access Proprietary Source Code of US Government Agencies and Businesses

Since April 2020, unidentified cyber actors have actively targeted vulnerable SonarQube instances to access source code repositories of US government agencies and private businesses. The actors exploit known configuration vulnerabilities, allowing them to gain access to proprietary code, exfiltrate it, and post the data publicly. The FBI has identified multiple potential computer intrusions that correlate to leaks associated with SonarQube configuration vulnerabilities.

Read More
Holiday Online Shopping Tips

The 2020 holiday season is prime time for hackers, scammers, and cyber criminals. This year, likely more Americans than ever will be online looking for the best gifts and Cyber Monday deals while trying to avoid the crowds due to the COVID-19 pandemic. Cyber criminals have been gearing up for this occasion for months now and are looking to take advantage of unsuspecting shoppers. Their primary goal is to steal personal and financial information and they will primarily use fake websites or charities.

Read More
Spoofed FBI Internet Domains Pose Cyber and Disinformation Risks

On 23 November 2020, the Federal Bureau of Investigation (FBI) issued an announcement to help the public recognize and avoid spoofed FBI-related Internet domains. The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity.

Read More
Indicators of Compromise Pertaining to Iranian Interference in the 2020 US Presidential Election

On 22 October 2020, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint Cybersecurity Advisory (Alert AA20-296B) warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. APT actors are creating fictitious media sites and spoofing legitimate media sites to spread anti-American propaganda and misinformation about voter suppression.

Read More