No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
2022 DSIR Deeper Dive: NFTs
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
While the balance of security, privacy, and public safety has always been a concern, recent cyberattacks have highlighted conflicting guidance by United States government officials, creating potential pitfalls for businesses....more
According to statements by the Cybersecurity and Infrastructure Security Agency (CISA), the People’s Republic of China-backed (PRC) hacking group Salt Typhoon, which attacked telecommunications providers last month, is still...more
On December 4, 2024, four of the five members of the Five Eyes intelligence-sharing group (the United States, Australia, Canada, and New Zealand) law enforcement and cyber security agencies (Agencies) published a joint guide...more
On November 20, 2024, the director of the National Security Agency, General Timothy Haugh, urged the private sector to take swift, collective action to share key details about breaches they have suffered at the hands of...more
New Linux Remote Access Trojan "Krasue" Targets Thai Telecom Sector - A newly discovered Remote Access Trojan (RAT) for Linux has been seen targeting telecommunications firms in Thailand as reported by Group-IB. Named RAT...more
Before we jump into February developments — trigger warning if you are a Russian hacker — for those keeping track of breach notification requirements, the National Credit Union Administration (NCUA) Board approved a final...more
PayPal Discloses December 2022 Security Incident Involving Credential Stuffing Attacks - PayPal has begun sending out notification letters to individuals impacted by a security incident that occurred in early December...more
The Twilio and Cloudfare smishing attacks [view related post] provide a timely reminder of how sophisticated smishing attacks are and how they can affect businesses and their customers. But threat actors don’t just attack...more
There has been a flurry of reporting in the past few days on the T-Mobile customer data compromise, with allegations that the compromise affected up to 100 million customers. ...more
During the COVID-19 pandemic, teleworking has become both a requirement and a preference to facilitate a safe and healthy workplace. However, remote-based work settings may pose intentional and unintentional threats to...more
As concerns about the coronavirus (COVID-19) continue to grow, many companies are planning to have more employees work from home. While these measures are aimed at keeping employees healthy and safe, it’s also important to...more
On May 15, 2019, President Trump issued an executive order (EO), "Executive Order on Securing the Information and Communications Technology and Services Supply Chain," prohibiting certain transactions involving...more
A scary combination of rising bond yields (across the 3% Rubicon!) and a warning from Caterpillar (which called its expectation-beating performance for Q1 the “high watermark for the year”) helped propel stocks significantly...more
Verizon's Protected Health Information Data Breach Report Concludes that Insiders Are Greatest Threat to Health Care Entities - Verizon recently issued its Protected Health Information Data Breach Report, which is always...more
There is a global malware campaign that is targeting mobile devices across the world. It is called Dark Caracal, which is believed to be sourced in Beirut by the Lebanese General Security Directorate. ...more
You drop your smartphone and now there are a million cracks and you can hardly read your texts. Getting the screen replaced by the manufacturer of the phone is usually expensive and sometimes it is so expensive that it makes...more
University of Michigan researchers have discovered that hundreds of applications in Google Play turn Android phones into a server that allow the user to connect the phone directly to a PC and leave open insecure ports...more
Yahoo’s troubles for failing to timely disclose security breaches provides rare insight into quantifying the financial and other costs to a company’s shareholders and leadership when a security breach occurs and is...more
Class action filings during the fall of 2016 continued to be dominated by Telephone Consumer Protection Act (“TCPA”) cases. As of October 1, 2016, nearly 150 cases have been filed; these filings are both daily in frequency...more
TalkTalk, a major UK telecoms company, has been fined £400,000 for a data breach after they were hacked. This is a record fine given by the ICO (the UK’s data protection authority). Significantly the fine was imposed after a...more
The dream of hack-proof communication just got a little closer to reality. On August 16, 2016, China launched the world’s first “quantum satellite,” a project the Chinese government hopes will enable it to build a...more
In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more
The October blog post will be broken up into two parts. This October 15th post will comment on the TPP Agreement signed today and well as President Xi Jinping’s recent trip to the US and my impressions from Beijing, China...more
It is being reported that 95% of all Android smartphones are vulnerable to being hacked with a text message, which is being called the “heartbleed for mobile.” According to security experts, the vulnerability exploits the...more
The House of Representatives passed the Protecting Cyber Networks Act (H.R.1560) (“PCNA”) yesterday, amidst growing pressure from industry to enact legislation that would help companies harden key infrastructure and respond...more