Increasingly available Deepfake technology that can be used to impersonate employees is increasing the level of social engineering risk.
Deepfake technology is increasingly being used against corporations to carry out social...more
Vulnerability in the open-source automation server Jenkins is exploitable using a publicly released proof of concept.
On January 24, 2024, Jenkins announced the presence of vulnerability CVE-2024-23897. The vulnerability...more
Cyberattacks from China are targeting critical infrastructure including communications, energy, transportation, and water. Critical U.S. infrastructure may face a higher risk of cyberattacks from the People’s Republic of...more
Vulnerabilities in enterprise file transfer solutions can lead to elevated risk. Now would be a good time to check your organization’s managed filed transfer service....more
Industrial automation platform Rapid SCADA contains seven key vulnerabilities.
CISA recently published an advisory about seven vulnerabilities in Rapid SCADA—an open-source industrial automation platform that provides tools...more
CISA has added a new Ivanti vulnerability to its known exploited vulnerability catalogue. This vulnerability can be paired with other recently-reported vulnerabilities to permit threat actors to write malicious web shell...more
A vulnerability in Microsoft SharePoint has been flagged as being actively exploited by CISA.
A vulnerability in Microsoft SharePoint is being actively exploited according to CISA’s known exploited vulnerabilities (KEV)...more
Since December 18, 2023 public companies other than smaller reporting companies are required to report a cybersecurity incident under Item 1.05 of Form 8-K within four business days after the company determines the incident...more
Yesterday, California Governor Gavin Newsom issued an executive order regarding generative artificial intelligence (“GenAI”). The order states that California has established itself as the world leader in GenAI innovation...more
The Biden Administration released its National Cybersecurity Strategy (Strategy) in an effort to reshape U.S. policy and priorities around cybersecurity for the public and private sectors, marking a significant shift in tone...more
The field of regulators interested in the cybersecurity practices of private companies is getting crowded, with the Federal Communications Commission (FCC) becoming more and more active in this space. The FCC, which has...more
On March 11, the Word Health Organization officially characterized the coronavirus (COVID-19) outbreak as a pandemic. During the outbreak, many employers around the world are seeking to prioritize the well-being and safety of...more
3/16/2020
/ Business Continuity Plans ,
Business Interruption ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Cybersecurity ,
Data Protection ,
Emergency Management Plans ,
Infectious Diseases ,
Information Security ,
Malware ,
Policies and Procedures ,
Popular ,
Public Health ,
Risk Management
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
9/12/2018
/ Bring Your Own Device (BYOD) ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Protection ,
Electronic Data Transmissions ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Information Technology ,
Mobile Device Management ,
PaaS ,
Personal Data ,
Popular ,
Risk Management ,
SaaS ,
Security Risk Assessments ,
UK