News & Analysis as of

Cybersecurity Risk Management Vulnerability Assessments

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Alston & Bird

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect

Alston & Bird on

On May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take...more

Robinson+Cole Data Privacy + Security Insider

SAP NetWeaver Visual Composer Requires Urgent Patch

Robinson+Cole Data Privacy + Security Insider on

SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more

Robinson+Cole Data Privacy + Security Insider

WhatsApp Patches Vulnerability That Facilitates Remote Code Execution

Robinson+Cole Data Privacy + Security Insider on

WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Malware Analysis Report on RESURGE Malware

Robinson+Cole Data Privacy + Security Insider on

On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more

Quarles & Brady LLP

Warning! ChatGPT Exploit Used by Threat Actors in Cyber Attacks

Quarles & Brady LLP on

Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more

Bradley Arant Boult Cummings LLP

The Why Behind the HHS Proposed Security Rule Updates

Bradley Arant Boult Cummings LLP on

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more

Neal, Gerber & Eisenberg LLP

Top Twelve Trends to Monitor in the Hospitality Industry in 2025

Neal, Gerber & Eisenberg LLP on

The hospitality industry will need to focus on several key areas to ensure compliance and minimize risk in the year ahead, including data privacy and cybersecurity protections, employment and labor law compliance, and even...more

Hogan Lovells

Cybersecurity researchers discover “Bad Likert Judge,” a new AI jailbreaking technique

Hogan Lovells on

The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more

Dinsmore & Shohl LLP

New Year, New HIPAA Security Rule?

Dinsmore & Shohl LLP on

Citing the “alarming growth” of cyberattacks in recent years, the U.S. Department of Health and Human Services (“HHS”) has issued a Notice of Proposed Rulemaking to modify the Health Insurance Portability and Accountability...more

Robinson+Cole Data Privacy + Security Insider

Cl0p Exploiting Cleo Software

Robinson+Cole Data Privacy + Security Insider on

According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Business Email Compromise Scams: What They Are, and How to Avoid Them

Ogletree, Deakins, Nash, Smoak & Stewart,... on

In an increasingly digital world, the rise in cybercrime involving email scams has become a significant threat to individuals and organizations alike. These sophisticated attacks exploit human psychology and technological...more

Robinson+Cole Data Privacy + Security Insider

Microsoft Report Highlights Attacks Against Healthcare Organizations

Robinson+Cole Data Privacy + Security Insider on

On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more

Baker Donelson

Happy Hack-tober! Don't be Scared: How to Protect Your Business from RaaS Threats

Baker Donelson on

October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more

HaystackID

Critical Vulnerability in NVIDIA Toolkit Threatens Cloud AI Environments

HaystackID on

A critical vulnerability, CVE-2024-0132, has surfaced in NVIDIA’s Container Toolkit, placing a substantial portion of cloud environments at risk. Discovered by researchers at Wiz, the flaw affects both the NVIDIA Container...more

Alston & Bird

New Joint CISA – FBI – DC3 Guidance Advises On Ransomware Threats Linked to Iran-Backed Hackers: What Enterprises Need to Know

Alston & Bird on

A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more

Robinson+Cole Data Privacy + Security Insider

Scattered Spider Using RansomHub and Qilin Ransomware Against Victims

Robinson+Cole Data Privacy + Security Insider on

We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more

Robinson+Cole Data Privacy + Security Insider

CISA Warns of Three New Vulnerabilities Actively Exploited by Threat Actors

Robinson+Cole Data Privacy + Security Insider on

On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more

Ankura

Proactive Defense: A Step-by-Step Guide To Assessing Your Organization's Cyber Risk

Ankura on

In the continuously evolving landscape of cyber threats, organizations must be proactive in identifying and mitigating potential risks to their digital assets and operations. A critical step in building cyber resilience is...more

J.S. Held

Cybercrime vs. Cybersecurity: Learning the Tactics of Criminals to Protect Your Interests

J.S. Held on

Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more

Woodruff Sawyer

The Growing Cyber Risks in Fintech and How to Mitigate Them

Woodruff Sawyer on

The fintech revolution has reshaped the financial world, creating new opportunities to borrow, save, transact, and invest like never before. With no signs of slowing, fintech revenues are projected to grow sixfold from $245...more

NAVEX

Immediate vs. Slow Burn Risks: A Balanced Cybersecurity Strategy

NAVEX on

The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more

Mintz - Antitrust Viewpoints

Treasury Department Warns Financial Institutions to Prepare for AI-Age Fraud — AI: The Washington Report

Mintz - Antitrust Viewpoints on

Pursuant to President Biden’s October 2023 AI executive order, the US Department of Treasury (Treasury) released a report on cybersecurity risks in the financial services sector in March 2024. While recognizing the...more

K&L Gates LLP

Biden Administration Takes Actions to Bolster Maritime Cybersecurity in the US Maritime Domain

K&L Gates LLP on

The maritime industry is undergoing a significant transformation that involves increased use of cyber-connected systems, coinciding with increased nation-state and cybercriminal targeting of cyber systems in ports and...more

Williams Mullen

EPA Chemical Facility Anti-Terrorism Standards Lapse

Williams Mullen on

It has now been more than six months since Congress allowed the statutory authority for the Chemical Facility Anti-Terrorism Standards (CFATS) program (6 CFR Part 27) to expire on July 28, 2023. EPA recently advised all...more

164 Results
 / 
View per page
Page: of 7
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide