We have previously suggested that conducting cybersecurity tabletop exercises are an important part of testing your incident response program and response to different scenarios....more
Dragos issued its Industrial Ransomware Analysis for Q2 on August 14, 2024. The analysis shows that ransomware attacks significantly increased in Q2, with many ransomware groups disrupted by law enforcement rebranding...more
Everyone thinks they can spot a phishing email. If true, we would not see so many security incidents, data breaches, and ransomware attacks. The statistics are overwhelming that phishing emails are a significant cause of data...more
8/22/2024
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Innovative Technology ,
Machine Learning ,
Personally Identifiable Information ,
Phishing Scams ,
Risk Management ,
Threat Management
Nebraska recently filed suit against TikTok, and the details of the harms associated with using TikTok by children are outlined in the complaint. Although the complaint seeks redress only for Nebraskans, the allegations are...more
We have previously outlined the risks of using TikTok, the federal and state governments’ ban on it, and the national security risks it presents.
In doing so, we primarily focused on data privacy and security threats to...more
On July 29, 2024, the American Bar Association issued ABA Formal Opinion 512 titled “Generative Artificial Intelligence Tools.”
The opinion addresses the ethical considerations lawyers are required to consider when using...more
8/14/2024
/ American Bar Association (ABA) ,
Artificial Intelligence ,
Automation Systems ,
Client Communication ,
Client Services ,
Contract Management ,
Governance Standards ,
Innovative Technology ,
Legal Ethics ,
Legal Operations ,
Legal Project Management ,
Legal Technology ,
Litigation Strategies ,
Machine Learning
Information technology professionals—beware of SharpRhino—a malware variant attributed to threat actor cybercriminals associated with Hunters International. It is being reported that Hunters International is the “10th most...more
On May 17, 2024, Colorado Governor Jared Polis signed, “with reservations,” Senate Bill 42-205, “Concerning Consumer Protections in Interactions with Artificial Intelligence Systems” (the Act). The first of its kind in the...more
8/9/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Bias ,
Colorado ,
Discrimination ,
Machine Learning ,
Risk Assessment ,
Risk Mitigation ,
Risk-Based Approaches ,
State Legislatures
On August 1, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced the appointment of its first CISA Chief Artificial Intelligence Officer. The appointee, Lisa Einstein, served as CISA’s Senior Advisor...more
HealthEquity, an administrator of workplace benefits for more than 15 million people, is notifying 4.3 million individuals, starting on August 9, 2024, that their personal information was compromised. The compromised data...more
Anecdotally, we know that cybercriminals hailing from Russia are a significant risk to U.S.-based and world companies and governmental entities. With two convicted Russian cybercriminals being released this week in the...more
It is heartwarming that 16 prisoners, including innocent ex-Marine Paul Whelan and Wall Street Journal reporter Evan Gershkovich, have been freed from their wrongful imprisonment in Russia in exchange for 24 convicted Russian...more
The city of Columbus, Ohio, announced on May 29, 2024, that it was forced to take its systems offline due to a ransomware attack. According to its notice, the attack was perpetrated by “an established, sophisticated threat...more
It is sometimes hard to identify a scam, especially when it involves payment with a check. We are all wary of promises to pay electronically and to provide our bank account numbers for direct access to our bank account (well,...more
On July 10, 2024, the U.S. District Court for the Eastern District of Wisconsin granted plaintiffs’ Motion for Final Approval of a $12.2 million proposed settlement by Advocate Aurora Health to settle allegations against the...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims.
New reports from Microsoft and others indicate that in the second quarter of...more
7/25/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Microsoft ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
If you are a customer of CrowdStrike, you are working on recovering from the outage that occurred on July 19, 2024. As if that isn’t enough disruption, CrowdStrike is warning customers that threat actors are taking advantage...more
7/25/2024
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Infrastructure ,
Internet ,
Phishing Scams ,
Risk Management ,
Websites
Bleeping Computer has reported that Rite Aid has disclosed a data breach affecting 2.2 million individuals.
According to the report, Rite Aid stated in its filing with the Maine Attorney General that “We determined by...more
On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
7/12/2024
/ Consent ,
Consumer Privacy Rights ,
COPPA ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Notification Requirements ,
Personal Data ,
Privacy Policy ,
Rhode Island ,
State Privacy Laws
Security research firm Halcyon recently reported that it “encountered” a new ransomware organization dubbed Volcano Demon several times in the past few weeks....more
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more
July is Military Consumer Month. This month, we celebrate democracy and the past service of our veterans and those presently in service for protecting us and our democracy. Thank you so very much....more
The Health Sector Cybersecurity Coordination Center (HC3) provides timely updates to the health care sector on cybersecurity threats and mitigation. In the last several weeks, HC3 has issued two alerts worth paying close...more
TeamViewer, which provides remote connectivity products and services, announced that it detected a cybersecurity event on its internal IT system on June 26, 2024. TeamViewer stated that it did not affect the TeamViewer...more