AI-enabled technology enhances threat actors’ ability to engage in advanced and difficult-to-detect forms of social engineering to deceive employees and circumvent companies’ security controls. Companies may consider new...more
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector.
Last week, the Cybersecurity and...more
A new study finds that a majority of employees may sidestep their company’s security policies to be more productive, including policies related to workplace AI. It may come as little surprise that employees try to find ways...more
Five individuals who are alleged to be members of the Scattered Spider cybercrime group have been charged with multiple crimes after a federal investigation into an advanced social engineering attacks that targeted at least...more
CL0P is adopting “quadruple extortion” tactics. If your organization has received a ransomware demand, CL0P may be a familiar name. In 2023, CL0P was the third most prolific ransomware gang, after Lockbit and ALPHV....more
The California Privacy Protection Agency recently released updated draft regulations regarding cybersecurity audits under the California Consumer Privacy Act.
On November 8, 2023, the California Privacy Protection Agency...more
Russia-linked threat actor Fancy Bear is conducting a wave of phishing campaigns impersonating entities across Europe, Americas, and Asia, focusing on Ukraine-related targets....more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
New vulnerability found in the boot process for Linux systems configured to boot over the network.
A high severity vulnerability could allow attackers to take over a Linux system. The vulnerability is in the shim software...more
Vulnerability in the open-source automation server Jenkins is exploitable using a publicly released proof of concept.
On January 24, 2024, Jenkins announced the presence of vulnerability CVE-2024-23897. The vulnerability...more
Vulnerabilities in enterprise file transfer solutions can lead to elevated risk. Now would be a good time to check your organization’s managed filed transfer service....more
Industrial automation platform Rapid SCADA contains seven key vulnerabilities.
CISA recently published an advisory about seven vulnerabilities in Rapid SCADA—an open-source industrial automation platform that provides tools...more
CISA has added a new Ivanti vulnerability to its known exploited vulnerability catalogue. This vulnerability can be paired with other recently-reported vulnerabilities to permit threat actors to write malicious web shell...more
A vulnerability in Microsoft SharePoint has been flagged as being actively exploited by CISA.
A vulnerability in Microsoft SharePoint is being actively exploited according to CISA’s known exploited vulnerabilities (KEV)...more
This is the eleventh installment in Hogan Lovells’ series on the California Consumer Privacy Act.
Much of the focus on the California Consumer Protection Act (“CCPA”) has been on the new rights that it affords California...more
Investing in the life sciences industry without an understanding of the key regulatory factors that could determine a product’s success or failure could cost you millions of dollars....more