Daily Compliance News: May 21, 2025, The I Want You Back Edition
Shout Outs and Rants: Episode 153, The CW 25 Edition
Episode 271 -- Deep Dive into Microsoft's OFAC Settlement for $3 Million
Everything Dynamic Everywhere: Managing a More Collaborative Microsoft 365
Microsoft 365 and the Age of Automation
Compliance Into The Weeds - Antitrust Issues in Microsoft Acquisition of Activision Blizzard
Everything Compliance - Episode 93 - The Activision Blizzard Edition
Microsoft Week on Innovation in Compliance -Legal Compliance for The Future with Alan Gibson
Keeping Up with M365 Software Updates
Efficiently and Defensibly Addressing Microsoft Teams Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Episode 104 -- A Deep Dive into the Microsoft FCPA Settlement
This Week in FCPA-Episode 164, week ending July 26, 2019 – the Microsoft and Facebook settle edition
Is the Patent Litigation Boom Coming to an End?
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
CYBERSECURITY - CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits - Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft...more
CYBERSECURITY - November's "Patch Tuesday" Includes 55 Patches - Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
CYBERSECURITY - Extortion Doesn’t Work for EA Sports Hackers - According to The Record, Electronic Arts Sports (EA) was the victim of a cyber hacking in June, when hackers posted on an underground hacking forum that they...more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...more
Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against...more
CYBERSECURTY - U.S. CISA + Cyber Command Warns of Critical Flaw in VMware - Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure...more
A cyberattack over the weekend forced the shutdown of one of America’s largest pipelines for refined gas and jet fuel. Operator Colonial Pipeline revealed late Friday that it had “shut down its 5,500 miles of pipeline, which...more
CYBERSECURITY - Microsoft Releases Additional Resources for Exchange Flaws and CISA Issues Alert - As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is...more
U.S. Judge Halts Trump's TikTok Ban, Hours Before It was Set to Start - "John Hall, an attorney for TikTok, said that the app, with some 100 million American users, is a 'modern day version of the town square' and shutting...more
TikTok Will Partner with Oracle in the United States After Microsoft Loses Bid - "TikTok and Oracle will become business partners in the United States — a deal meant to satisfy the Trump administration's national security...more
- Utah Pathology Services, based in Salt Lake City, has reported a data breach involving approximately 112,000 patients. According to the medical practice’s “Notice of Data Incident,” the practice learned June 30 that “an...more
CYBERSECURITY - Chinese and Russian Hackers Targeting COVID-19 Vaccine Makers in U.S. Crosshairs - Last week, authorities from the United States, the United Kingdom and Canada accused a well-known hacker group tied to...more
A new study by Check Point Research shows that cyber criminals are using well-known brands to lure victims into clicking on nefarious links, providing personal information or credentials, or getting users to transfer money....more
-The DOJ has announced charges against four members of China’s military related to the 2017 cyberattack on credit-reporting agency Equifax, the breach that revealed “trade secrets and the personal data of about 145 million...more
Department of Homeland Security Warns of Cyber-Attacks by Iran - The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more
After the killing of Qassem Soleimani on January 3, 2020, by the U.S. government, the cybersecurity news industry has been abuzz about whether Iran will engage in cyber terrorism, and if so, to what degree, as part of its...more
Security researchers Intezer and IBM X-Force have identified a new ransomware that is seriously vicious. It’s PureLocker—named because it is programmed in PureBasic language, which is apparently unusual. ...more
Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two-year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card...more