Some of it, to be fair, is through word of mouth. With tech being such a broad field and vulnerabilities being discovered left and right, us tech professionals need as much help compiling all of that information into digestible chunks, which is why some of us listen to security podcasts or read The Register daily. Hackers have that same level of information – it really comes down to whether or not we can protect against it. Some risks we have to accept in order to keep the business going, and not everyone is up to date on the latest and greatest patches – there’s a number of data acquisitions that go back to bad patch management. Doesn’t take a genius to be informed and to keep that information in their back pocket for later.