News & Analysis as of

Cybersecurity Vulnerability Assessments

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Alston & Bird

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect

Alston & Bird on

On May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take...more

Robinson+Cole Data Privacy + Security Insider

SAP NetWeaver Visual Composer Requires Urgent Patch

Robinson+Cole Data Privacy + Security Insider on

SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more

Troutman Pepper Locke

The FTC Shines Its Spotlight on the Top Text Scams of 2024

Troutman Pepper Locke on

As technology advances, so do the tactics of scammers. The Federal Trade Commission (FTC) recently released a data spotlight on the top text scams of 2024, revealing a significant increase in financial losses despite a...more

Robinson+Cole Data Privacy + Security Insider

WhatsApp Patches Vulnerability That Facilitates Remote Code Execution

Robinson+Cole Data Privacy + Security Insider on

WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Malware Analysis Report on RESURGE Malware

Robinson+Cole Data Privacy + Security Insider on

On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more

Quarles & Brady LLP

Warning! ChatGPT Exploit Used by Threat Actors in Cyber Attacks

Quarles & Brady LLP on

Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more

Bradley Arant Boult Cummings LLP

The Why Behind the HHS Proposed Security Rule Updates

Bradley Arant Boult Cummings LLP on

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more

Neal, Gerber & Eisenberg LLP

Top Twelve Trends to Monitor in the Hospitality Industry in 2025

Neal, Gerber & Eisenberg LLP on

The hospitality industry will need to focus on several key areas to ensure compliance and minimize risk in the year ahead, including data privacy and cybersecurity protections, employment and labor law compliance, and even...more

Hogan Lovells

Cybersecurity researchers discover “Bad Likert Judge,” a new AI jailbreaking technique

Hogan Lovells on

The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more

Dinsmore & Shohl LLP

New Year, New HIPAA Security Rule?

Dinsmore & Shohl LLP on

Citing the “alarming growth” of cyberattacks in recent years, the U.S. Department of Health and Human Services (“HHS”) has issued a Notice of Proposed Rulemaking to modify the Health Insurance Portability and Accountability...more

Robinson+Cole Data Privacy + Security Insider

Cl0p Exploiting Cleo Software

Robinson+Cole Data Privacy + Security Insider on

According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang...more

Foley & Lardner LLP

Protecting IP in a Cyber-Threatened World: Insights from Zifino and Foley & Lardner

Foley & Lardner LLP on

As companies embrace digital transformation, they increasingly depend on proprietary technologies and data that requires robust cybersecurity measures to safeguard intellectual property (IP). Zifino and Foley & Lardner LLP...more

Foley & Lardner LLP

OCR Says HIPAA Audits Will Resume: OIG Makes Recommendations for Enhancement

Foley & Lardner LLP on

Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Business Email Compromise Scams: What They Are, and How to Avoid Them

Ogletree, Deakins, Nash, Smoak & Stewart,... on

In an increasingly digital world, the rise in cybercrime involving email scams has become a significant threat to individuals and organizations alike. These sophisticated attacks exploit human psychology and technological...more

Robinson+Cole Data Privacy + Security Insider

Scary Halloween News: Jumpy Pisces Using Play Ransomware to Attack Organizations

Robinson+Cole Data Privacy + Security Insider on

Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware...more

Robinson+Cole Data Privacy + Security Insider

Microsoft Report Highlights Attacks Against Healthcare Organizations

Robinson+Cole Data Privacy + Security Insider on

On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more

Baker Donelson

Happy Hack-tober! Don't be Scared: How to Protect Your Business from RaaS Threats

Baker Donelson on

October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more

HaystackID

Critical Vulnerability in NVIDIA Toolkit Threatens Cloud AI Environments

HaystackID on

A critical vulnerability, CVE-2024-0132, has surfaced in NVIDIA’s Container Toolkit, placing a substantial portion of cloud environments at risk. Discovered by researchers at Wiz, the flaw affects both the NVIDIA Container...more

Alston & Bird

New Joint CISA – FBI – DC3 Guidance Advises On Ransomware Threats Linked to Iran-Backed Hackers: What Enterprises Need to Know

Alston & Bird on

A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more

Robinson+Cole Data Privacy + Security Insider

Scattered Spider Using RansomHub and Qilin Ransomware Against Victims

Robinson+Cole Data Privacy + Security Insider on

We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more

Robinson+Cole Data Privacy + Security Insider

CISA Warns of Three New Vulnerabilities Actively Exploited by Threat Actors

Robinson+Cole Data Privacy + Security Insider on

On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more

Ankura

Proactive Defense: A Step-by-Step Guide To Assessing Your Organization's Cyber Risk

Ankura on

In the continuously evolving landscape of cyber threats, organizations must be proactive in identifying and mitigating potential risks to their digital assets and operations. A critical step in building cyber resilience is...more

J.S. Held

Cybercrime vs. Cybersecurity: Learning the Tactics of Criminals to Protect Your Interests

J.S. Held on

Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more

425 Results
 / 
View per page
Page: of 17
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide