A new report by Wired states that customer data from “more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.” According to the report, travelers’ information and booking...more
On May 27, 2026, Connecticut Governor Ned Lamont signed Senate Bill 5 (“the Bill”) into law, creating a broad framework for artificial intelligence oversight in the state. The Bill reaches beyond any single category of AI use...more
6/5/2026
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Compliance Dates ,
Connecticut ,
Data Privacy ,
Disclosure Requirements ,
Employer Responsibilities ,
Machine Learning ,
New Legislation ,
Notice Requirements ,
Regulatory Oversight ,
Regulatory Requirements ,
State and Local Government ,
Transparency
If you are a Signal user, be on the alert for a new phishing campaign that attempts to steal recovery keys used to access cloud backups. If successful, the attackers could have access to entire message archives,...more
6/5/2026
/ Cloud Computing ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Fraud ,
Personal Data ,
Personal Information ,
Phishing Scams
I am a big fan of Verizon’s yearly Data Breach Investigations Report. I follow it closely, as it confirms what we are seeing in the field, and provides validation for defense strategies employed to protect against attacks....more
5/28/2026
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
Incident Response Plans ,
Ransomware ,
Risk Management ,
Social Engineering ,
Third-Party Service Provider ,
Vulnerability Assessments
Verizon recently published its 2026 Data Breach Investigations Report, which is full of helpful information for cybersecurity professionals to implement strategies for protection of systems....more
As you can tell, I am obsessed with Verizon’s Data Breach Investigations Report. It is worthy of full immersion, and I am picking it apart with precision. I always spend a lot of time delving into it as it informs and...more
5/28/2026
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
Data Security ,
Emerging Technologies ,
Intellectual Property Protection ,
Machine Learning ,
Risk Management
The Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of Homeland Security, is responsible for cybersecurity and infrastructure security throughout the federal government, to improve...more
On May 19, 2026, the Federal Trade Commission (FTC) announced that it will begin enforcing the Take It Down Act (TIDA) immediately. TIDA was made law in May 2025 and requires platforms to remove non-consensual intimate...more
5/22/2026
/ Artificial Intelligence ,
Consent ,
Consumer Privacy Rights ,
Deep Fake ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Minors ,
New Legislation ,
Online Platforms ,
Online Safety for Children ,
Reporting Requirements
According to HaveIBeenPwned, ShinyHunters targeted fashion brand Zara in a cyber-attack and claimed that it had stolen 197,000 unique email addresses, product SKUs, order IDs, and the originating market. The incident...more
Another recent victim of ShinyHunters is Instructure, the supplier of the Canvas learning management system, which disrupted the login portals of 330 colleges and universities during the critical college exam schedule....more
5/18/2026
/ Colleges ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Personal Data ,
Social Engineering ,
Universities
Global medical device company Medtronic recently confirmed that it had been attacked by the threat actor group, ShinyHunters. According to Bleeping Computer, Medtronic is “the largest medical device maker in the world by...more
The Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have confirmed that threat actors are using FIRESTARTER malware to maintain persistence on Cisco network devices,...more
5/8/2026
/ Cisco ,
Corporate Counsel ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Incident Response Plans ,
Information Security ,
Malware ,
Risk Management ,
Software ,
Threat Management
In the category of how technology can be fun, yet dangerous, a 19 year old college student alleges that the dating app Meete took a video she innocently posted on TikTok of her high school graduation, then “overlayed it with...more
According to Cisco Talus researchers, phishing is the primary method threat actors use to gain unauthorized access to networks, accounting for more than one-third of all incidents in the first quarter of 2026. This increase...more
5/1/2026
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Government Agencies ,
Healthcare ,
Incident Response Plans ,
Machine Learning ,
Multi-Factor Authentication ,
Phishing Scams ,
Risk Management ,
Risk Mitigation
Multiple class action cases have been filed against Tempus AI alleging that, during its acquisition of Ambry Genetics, the company improperly collected and disclosed genetic information without obtaining prior written consent...more
5/1/2026
/ Acquisitions ,
Artificial Intelligence ,
Class Action ,
Consent ,
Data Privacy ,
Data Protection ,
Data Security ,
Databases ,
Genetic Testing ,
Illinois ,
Pharmaceutical Industry ,
State Privacy Laws
The Federal Trade Commission (FTC) recently reported that, in 2025, social media scams were the costliest of all scams against consumers, with a whopping $2.1 billion lost. Thirty percent of those who reported losing funds in...more
On April 15, 2026, the Department of Justice (DOJ) announced that two U.S. nationals, Kejia Wang and Zhenxing Wang, were sentenced for facilitating a North Korean IT worker scheme that compromised over 80 U.S. identities,...more
4/24/2026
/ Artificial Intelligence ,
Criminal Prosecution ,
Cybersecurity ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Foreign Adversaries ,
Fraud ,
ITAR ,
National Security ,
North Korea ,
Social Engineering
A new, yet old, scheme has been quite successful and users should beware. If you get an account change message from Apple, be on high alert that it is fake and malicious....more
4/23/2026
/ Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Email ,
Fake Websites ,
Fraud ,
Fraud Prevention ,
Identity Theft ,
Information Security ,
Malware ,
Phishing Scams ,
Spoofing
March was a busy month for former Black Basta affiliates who are using old social engineering techniques to target executives in the manufacturing, professional, scientific, and technical services industries. According to...more
I have very fond memories of using a Eurail pass back in the day while backpacking through Europe as a student. I was saddened to see that Eurail was the victim of a data breach in December 2025 when attackers obtained access...more
Iran has always been a formidable cyber threat to the United States, but after the war in Iran commenced, the attacks are coming frequently and in full force. According to the Joint Cybersecurity Advisory issued on April 7,...more
Critical infrastructure operators at the water treatment plant in Minot, North Dakota, were forced to resort to manual processes when its Supervisory Control and Data Acquisition (SCADA) system became inoperable as a result...more
Minnesota Governor Tim Walz issued an emergency executive order on April 7, 2026, dispatching the Minnesota National Guard after Winona County requested assistance following a cyber attack disrupting its “critical systems and...more
According to Security Week’s recent article, “Stolen Logins Are Fueling Everything from Ransomware to Nation-State Cyberattacks,” cybersecurity firm Ontinue’s 2H 2025 Threat Intelligence Report, showcases that “Attackers...more
The Federal Bureau of Investigation (FBI) recently released a FLASH warning highlighting malicious cyber activity conducted by threat actors operating on behalf of Iran’s Ministry of Intelligence and Security. According to...more