Explore expert insights on cybersecurity trends, best practices, and compliance strategies. Led by industry veterans, our posts offer in-depth analyses and practical guidance to help professionals and small businesses fortify their cyber defenses. We openly welcome submissions for guest blogger articles. Interested in submitting? Submit your topic here to let us know.
Small businesses are continually adapting to harness new technological opportunities in the rapidly evolving digital landscape. However, this digital expansion also broadens their exposure to potential cybersecurity threats. One critical tool that small business owners can leverage to fortify their cybersecurity measures is Shodan, often referred to as the "search engine for the Internet of Things."
Read MoreExplore the transformative power of Virtual CISOs (vCISOs) through CCI's tailored cybersecurity services for small businesses. Our vCISO services provide expert-level security strategies, ensuring compliance and robust defense against evolving threats—all at a fraction of the cost of in-house executives. Secure your business's future with CCI’s flexible, cost-effective solutions.
Read MoreOn October 19, 2022, Security researchers at SOCRadar announced they had identified sensitive data associated with 65,000 entities become because of a misconfigured Microsoft server. This event has been dubbed “BluebBleed.” This data leak reportedly includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally Identifiable Information) data, and documents that may reveal intellectual property. The Center for Cyber Intelligence is compiling a list of resources and information to aid in Security Research investigations related to this event.
Read MoreSince April 2020, unidentified cyber actors have actively targeted vulnerable SonarQube instances to access source code repositories of US government agencies and private businesses. The actors exploit known configuration vulnerabilities, allowing them to gain access to proprietary code, exfiltrate it, and post the data publicly. The FBI has identified multiple potential computer intrusions that correlate to leaks associated with SonarQube configuration vulnerabilities.
Read MoreThe 2020 holiday season is prime time for hackers, scammers, and cyber criminals. This year, likely more Americans than ever will be online looking for the best gifts and Cyber Monday deals while trying to avoid the crowds due to the COVID-19 pandemic. Cyber criminals have been gearing up for this occasion for months now and are looking to take advantage of unsuspecting shoppers. Their primary goal is to steal personal and financial information and they will primarily use fake websites or charities.
Read MoreOn 20 November, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published an FBI Flash (Alert MU-000140-MW) disclosing a number of IOCs associated with Ragnar Locker Ransomware.
Read MoreOn 23 November 2020, the Federal Bureau of Investigation (FBI) issued an announcement to help the public recognize and avoid spoofed FBI-related Internet domains. The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity.
Read MoreOn 22 October 2020, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint Cybersecurity Advisory (Alert AA20-296B) warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. APT actors are creating fictitious media sites and spoofing legitimate media sites to spread anti-American propaganda and misinformation about voter suppression.
Read MoreIn this publication, we propose that threat intelligence analysts tend to shy away from utilizing language that enables the generation of a quantifiable assessment, based on professional observations. Learn why.
Read More