No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more
WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more
On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more
A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more
In the continuously evolving landscape of cyber threats, organizations must be proactive in identifying and mitigating potential risks to their digital assets and operations. A critical step in building cyber resilience is...more
Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more
The fintech revolution has reshaped the financial world, creating new opportunities to borrow, save, transact, and invest like never before. With no signs of slowing, fintech revenues are projected to grow sixfold from $245...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
Pursuant to President Biden’s October 2023 AI executive order, the US Department of Treasury (Treasury) released a report on cybersecurity risks in the financial services sector in March 2024. While recognizing the...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022. They found that threat actors are using multi-extortion tactics to get paid...more
OK boomers—instead of being on the end of an “OK boomer” comment, now you have some ammunition. Boomers have been reported to be less of a cybersecurity vulnerability to the workforce than Gen Z. An article by Karina Zapata...more
Resilience issued its Midyear 2023 Claims Report, which is well worth the read. In addition to commenting on the impact of the MOVEit incident, some of the key findings include...more
The International Committee of the Red Cross (ICRC) has taken a new step to regulate the activities of civilian hackers in conflict zones. To address the rise in the involvement of civilian hackers in inter-state conflicts,...more
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS)....more
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that can lead to a security...more