News & Analysis as of May 31, 2025

Cyber Attacks

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

U.S. Retailers Bracing for Scattered Spider Attacks

Robinson+Cole Data Privacy + Security Insider on 5/29/2025

Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been responsible for the recent attack on Marks & Spencer in the U.K. A security...more

DSIR: Deeper Dive into the Data

BakerHostetler on 5/23/2025

Every year, BakerHostetler collects, analyzes and compares key metrics on the incident response matters we handled in the prior year. The Data Security Incident Response (DSIR) Report presents key findings and trends, along...more

Ascension Notifies 430,000 Patients of Data Breach

Robinson+Cole Data Privacy + Security Insider on 5/16/2025

Healthcare system Ascension has notified 437,329 patients of a data breach exposing “demographic information, such as name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers, as...more

Privacy Tip #443 – Fake AI Tools Used to Install Noodlophile

Robinson+Cole Data Privacy + Security Insider on 5/15/2025

Threat actors are leveraging the publicity around AI tools to trick users into downloading the malware known as Noodlophile through social media sites. Researchers from Morphisec have observed threat actors, believed to...more

Cyber Threat Escalates: PowerSchool Cybercriminal Returns to Extort Individual Schools Months After Massive Data Breach...

Fisher Phillips on 5/12/2025

When PowerSchool announced in January that it fell victim to a massive data breach at the end of 2024, it assured the thousands of schools and over 50 million students who use the education software that the matter had been...more

Ransomware Unveiled: How the LockBit Breach Exposes the Digital Extortion Economy

HaystackID on 5/9/2025

xThe cybersecurity community has witnessed a significant development with the recent compromise of LockBit’s operational infrastructure, providing extraordinary visibility into one of the most sophisticated...more

Fiduciary Duty in the Digital Age: Cybersecurity Best Practices for ERISA Plans

Woodruff Sawyer on 5/9/2025

Cybercriminals look for two things when seeking a victim—access and opportunity. ERISA retirement plans offer both. Cybercriminals exploit weaknesses in systems, software, or human behavior to find opportunities for easy...more

SAP NetWeaver Visual Composer Requires Urgent Patch

Robinson+Cole Data Privacy + Security Insider on 5/2/2025

SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more

Inside CyberCX’s 2025 DFIR Report: MFA Failures and Espionage Risks Revealed

HaystackID on 4/30/2025

The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America, and Europe, the report...more

Privacy Tip #441 – Identity Theft Statistics Increasing in 2025

Robinson+Cole Data Privacy + Security Insider on 4/25/2025

Unfortunately, identity theft continues to increase, and according to Identitytheft.org, the statistics are going to get worse in 2025. Some of the statistics cited by Identitytheft.org include: 1.4 million complaints of...more

Decoded - Technology Law Insights, V 6, Issue 4, April 2025

Spilman Thomas & Battle, PLLC on 4/24/2025

Welcome to our fourth issue of 2025 of Decoded - our technology law insights e-newsletter. We hope you enjoy this issue and thank you for reading. Sector by Sector: How Data Breaches are Wrecking Bottom Lines - “Data...more

OCC provides an update on its security breach given institutional risk

Orrick, Herrington & Sutcliffe LLP on 4/21/2025

On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more

CISA Issues Alert on Potential Legacy Oracle Cloud Compromise

Robinson+Cole Data Privacy + Security Insider on 4/17/2025

BleepingComputer has confirmed the rumor that Oracle has suffered a compromise affecting its legacy environment, including the compromise of old customer credentials (originally denied by Oracle). Oracle notified some...more

Cybersecurity in Business Ownership: What Your Start-Up Should Know

Mandelbaum Barrett PC on 4/16/2025

Cybersecurity is no longer a luxury; it’s a necessity. For start-ups and established businesses alike, protecting sensitive information and maintaining customer trust relies heavily on strong cybersecurity measures. With...more

Sophisticated Crypto Theft Targeting High-Net-Worth Individuals

Holland & Knight LLP on 4/16/2025

A recent court case has unveiled a new level of sophistication in attacks targeting high-net-worth cryptocurrency holders. In a meticulously orchestrated scheme, hackers managed to steal more than $40 million in bitcoin from...more

Cyber 101: Understand the Basics of Cyber Liability Insurance

Woodruff Sawyer on 4/15/2025

Cyber risk has grown demonstrably in frequency and severity in the past 10 years—and, in tandem, the cyber insurance policy has grown in breadth and complexity. This past year, a record number of organizations fell victim to...more

OCC announces major information security incident

Orrick, Herrington & Sutcliffe LLP on 4/14/2025

On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more

No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion

Carlton Fields on 4/14/2025

On this episode, we sit down with Trevor Hilligoss, director of security research and the research and innovation division of SpyCloud Labs. From his beginnings in the Army Criminal Investigation Division to his leadership...more

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on 4/11/2025

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

WhatsApp Patches Vulnerability That Facilitates Remote Code Execution

Robinson+Cole Data Privacy + Security Insider on 4/11/2025

WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on 4/11/2025

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Innovation or Insecurity? Rethinking Cybersecurity in the Age of AI

Morris, Manning & Martin, LLP on 4/8/2025

In boardrooms, C-suites, and conference rooms across the country, the rapid pace of AI innovation is capturing the imagination of business leaders. Yet, amid this enthusiasm, there is a concerning trend, namely that many...more

CISA Issues Malware Analysis Report on RESURGE Malware

Robinson+Cole Data Privacy + Security Insider on 4/3/2025

On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more

Dating App Breach Exposes 900K Users: A Wake-Up Call for Cybersecurity

HaystackID on 4/2/2025

In a critical revelation within the realm of digital privacy, a significant data breach was uncovered involving key players in the dating app industry. Approximately 1.5 million explicit images from users of BDSM People,...more

Phishing Attacks – Anyone Can Get Pwned

Robinson+Cole Data Privacy + Security Insider on 3/28/2025

HaveIBeenPwned is a website that allows users to check whether their data has been involved in data breaches. The website’s creator, Troy Hunt, was the subject of a phishing attack earlier this week....more

2,074 Results

View per page

Page: of 83

Cybersecurity › Data Breach › Cyber Attacks

"My best business intelligence, in one easy email…"