
Key insights from analyzing data breaches and cyber-attacks of 2018 - zinssmeister
https://www.templarbit.com/blog/2019/01/10/we-analyzed-data-breaches-and-cyber-attacks-of-2018-here-are-the-key-insights/
======
tptacek
I don't think these kinds of surveys are (1) accurate or (2) particularly
useful, but the gold standard for this kind of stuff is the Verizon DBIR:

[https://enterprise.verizon.com/resources/reports/dbir/](https://enterprise.verizon.com/resources/reports/dbir/)

~~~
TeMPOraL
For CISOs wanting to learn from past attacks, is there anything you would
recommend as either accurate or useful (or both)?

------
ericalexander0
[https://www.reddit.com/r/securitybreach/](https://www.reddit.com/r/securitybreach/)

Sub-reddit for cataloging breaches with detail relevant to defenders.

------
refunperson
The article notes that the number of "AI/ML hacking tools" has grown -- is
there documented use of malicious actors using AI as part of campaigns? I've
seen researchers publish tools that would likely fall into this space, but I'm
curious if there's any known usage of these or other tools for malicious ends.

