Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - Cybersecurity Today and Tomorrow with Patrick Hynds
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
The recent indictment of Maksim Silnikau, a Belarusian and Ukrainian national, is a clear reminder that cybercriminals are becoming more sophisticated and bold....more
Anecdotally, we know that cybercriminals hailing from Russia are a significant risk to U.S.-based and world companies and governmental entities. With two convicted Russian cybercriminals being released this week in the...more
TeamViewer, which provides remote connectivity products and services, announced that it detected a cybersecurity event on its internal IT system on June 26, 2024. TeamViewer stated that it did not affect the TeamViewer...more
Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more
Boeing has confirmed that its parts and distribution site has been attacked by LockBit ransomware, which is believed to be Russian based. Boeing has said that the attack has not affected flight safety. Boeing is investigating...more
On October 4, 2023, the Joint Panel on Multidistrict Litigation (JPML) issued a Transfer Order consolidating certain actions relating to a vulnerability in Progress Software’s MOVEit file transfer software which was exploited...more
Cyberattacks on the energy sector have been rapidly growing since 2017, and we saw an all-time high of cyberattack events on the sector in 2022. The energy sector is particularly vulnerable due to these types of attacks due...more
In today’s world of cyber threats, many companies have fallen victim to ransomware attacks. Corporate boards and senior executives face serious issues when their companies are attacked. The payment of ransom is not only...more
CYBERSECURITY - Clop Claims Zero-Day Attacks Against 130 Organizations - Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in...more
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing...more
Companies are increasingly choosing not to pay ransom for ransomware and extortionware due to the growing associated risks. In fact, a recent report by crypto-crime analyst firm Chainalysis found that payments to threat...more
Colombian Energy Provider Empresas Públicas de Medellín Suffers ALPHV Ransomware Attack - Empresas Públicas de Medellín (EPM), one of Colombia's largest public energy, water, gas, sanitation, and telecommunication...more
The Financial Crimes Enforcement Network’s most recent financial trend analysis report on ransomware-related Bank Secrecy Act filings for 2021 reveals an increased number of ransomware attacks and that a substantial number of...more
The U.S. government issued guidance on October 14, 2022, emphasizing that the United States is “prepared to use its broad targeting authorities against non-U.S. persons” who continue to trade with Russia sanctions targets,...more
Killnet, a Russian-speaking hacking group that emerged shortly after Russia invaded Ukraine, took responsibility last week for deploying a denial-of-service attack that temporarily took several U.S. states’ websites offline....more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
The Delaware Chancery Court’s recent opinion in Construction Industry Laborers Pension Fund et al. v. Bingle et al., C.A. No. 2021-0494-SG (Del. Ch.) dismissing claims asserted against members of SolarWinds Corporation’s...more
Hackers caused a massive traffic jam in Moscow by exploiting the ride-sharing app Yandex Taxi and using it to summon dozens of taxis to a single location. While Yandex has not confirmed the attacker’s identity, the hacktivist...more
"EvilProxy" Provides Low-Skill Threat Actors Access to Advanced Phishing Techniques - A new Phishing-as-a-Service (PaaS) platform dubbed "EvilProxy" has been discovered by Resecurity researchers. PaaS platforms allow...more
Russian intelligence agencies have hacked dozens of civilian organizations in the U.S. and other Ukraine-allied nations since February. While this activity has garnered a great deal of attention due to the conflict in...more
Editor’s Note: On July 27, 2022, HaystackID shared an educational webcast on the topic of Committee on Foreign Investment in the United States (CFIUS) compliance. CFIUS is a U.S. government interagency committee with the...more
After the Russian invasion of Ukraine, the world of business will never be the same again. Deputy Attorney General (DAG) Lisa Monaco recently said that the world’s “geopolitical landscape is more challenging and complex than...more
In a recent Private Industry Notification to the higher education sector, the FBI warned that U.S. college and university credentials are being advertised “for sale on online criminal marketplaces and publically [sic]...more
CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite...more
The Russian invasion of Ukraine has prompted renewed concerns from many cyber insurance policyholders as to the insurability of nation-state sponsored cyber attacks. In a previous Woodruff Sawyer blog post, we have outlined...more