Articles of interest from the week of April 18, 2022

Report: Many SMBs Wouldn’t Survive a Ransomware Attack

Some 75% of SMBs polled in a recent survey said they’d be able to survive only three to seven days following a ransomware attack. A successful ransomware attack can devastate any size organization. But small- and mid-sized businesses are often more vulnerable as they have more limited financial and technical resources to help them recover. This new report also reveals why SMBs may not be able to withstand an attack and offers advice on how they can better protect themselves. (By Lance Whitney, TechRepublic)

More Than Half of Initial Infections in Cyberattacks Come Via Exploits, Supply Chain Compromises

According to a new report on incident response (IR) investigations, the data found that companies have tuned their detection capabilities to find the most dangerous attacks quickly, with ransomware detected within five days on average; non-ransomware attacks remained active for 36 days in 2021, down from 45 days in 2020. But the quicker detection of ransomware attacks may not necessarily be positive, instead being due to the activation of the payload, says Steven Stone, senior director of adversary operations for Mandiant. (By Robert Lemos, Dark Reading)

Data Breach Disclosures Surge 14% in Q1 2022

The number of publicly reported data breaches in the US increased by double digits year-on-year in the first three months of 2022, according to the Identity Theft Resource Center (ITRC). (By Phil Muncaster, Infosecurity Magazine)

LinkedIn the Most Impersonated Brand for Phishing Attacks

Researchers have found that LinkedIn forgeries made up over half of all phishing attacks in Q1 2022. (By Josh Breaker-rolfey, IT Security Guru)

CISA Warns of Attackers Now Exploiting Windows Print Spooler Bug

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. This high severity vulnerability (tracked as CVE-2022-22718) impacts all versions of Windows per Microsoft's advisory and it was patched during the February 2022 Patch Tuesday. The only information Microsoft shared about this security flaw is that threat actors can exploit it locally in low-complexity attacks without user interaction. (By Sergiu Gatlan, BleepingComputer)