Daily Compliance News: May 21, 2025, The I Want You Back Edition
Shout Outs and Rants: Episode 153, The CW 25 Edition
Episode 271 -- Deep Dive into Microsoft's OFAC Settlement for $3 Million
Everything Dynamic Everywhere: Managing a More Collaborative Microsoft 365
Microsoft 365 and the Age of Automation
Compliance Into The Weeds - Antitrust Issues in Microsoft Acquisition of Activision Blizzard
Everything Compliance - Episode 93 - The Activision Blizzard Edition
Microsoft Week on Innovation in Compliance -Legal Compliance for The Future with Alan Gibson
Keeping Up with M365 Software Updates
Efficiently and Defensibly Addressing Microsoft Teams Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Episode 104 -- A Deep Dive into the Microsoft FCPA Settlement
This Week in FCPA-Episode 164, week ending July 26, 2019 – the Microsoft and Facebook settle edition
Is the Patent Litigation Boom Coming to an End?
A Microsoft blog post reported that incident response researchers uncovered a remote access trojan in November 2024 (dubbed StilachiRAT) that “demonstrates sophisticated techniques to evade detection, persist in the target...more
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
Thursday, Microsoft announced its new line of Copilot Plus PCs would launch next week without the anticipated Recall feature. Originally part of Microsoft’s Copilot Plus suite, Recall was designed to take and store...more
CYBERSECURITY - CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits - Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
CYBERSECURITY - November's "Patch Tuesday" Includes 55 Patches - Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
CYBERSECURITY - Apple + Microsoft Release Patches for Identified Vulnerabilities - This week, both Apple and Microsoft issued patches to fix serious zeroday vulnerabilities that should be applied as soon as possible. That...more
CYBERSECURITY - Extortion Doesn’t Work for EA Sports Hackers - According to The Record, Electronic Arts Sports (EA) was the victim of a cyber hacking in June, when hackers posted on an underground hacking forum that they...more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...more
Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against...more
CYBERSECURTY - U.S. CISA + Cyber Command Warns of Critical Flaw in VMware - Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure...more
CYBERSECURITY - Cisco/Talos Researchers Find Attackers Using Slack and Discord to Distribute Malware - Another example of the resiliency and creativity of cyber-attackers is outlined in a new blog by Cisco/Talos...more
CYBERSECURITY - Microsoft Releases Additional Resources for Exchange Flaws and CISA Issues Alert - As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is...more
As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is estimated to affect at least 30,000 companies based in the United States....more
I continue to be amazed in my day-to-day virtual conversations by how many people are unaware of one of the most devastating compromises ever to happen—the recent compromise of Microsoft’s Exchange versions 2013-2019....more
We often think of phony financial institution emails as a bad actor’s phishing scheme of choice to capture confidential bank account numbers or other private financial information. While those phishing emails certainly do...more
U.S. Judge Halts Trump's TikTok Ban, Hours Before It was Set to Start - "John Hall, an attorney for TikTok, said that the app, with some 100 million American users, is a 'modern day version of the town square' and shutting...more
A new study by Check Point Research shows that cyber criminals are using well-known brands to lure victims into clicking on nefarious links, providing personal information or credentials, or getting users to transfer money....more
If you haven’t been paying attention to all the Microsoft warnings for the past year and your company is still running Windows 7, time’s up. After January 14, 2020, Microsoft will stop pushing out security updates to Windows...more
Department of Homeland Security Warns of Cyber-Attacks by Iran - The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more