Daily Compliance News: May 21, 2025, The I Want You Back Edition
Shout Outs and Rants: Episode 153, The CW 25 Edition
Episode 271 -- Deep Dive into Microsoft's OFAC Settlement for $3 Million
Everything Dynamic Everywhere: Managing a More Collaborative Microsoft 365
Microsoft 365 and the Age of Automation
Compliance Into The Weeds - Antitrust Issues in Microsoft Acquisition of Activision Blizzard
Everything Compliance - Episode 93 - The Activision Blizzard Edition
Microsoft Week on Innovation in Compliance -Legal Compliance for The Future with Alan Gibson
Keeping Up with M365 Software Updates
Efficiently and Defensibly Addressing Microsoft Teams Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Episode 104 -- A Deep Dive into the Microsoft FCPA Settlement
This Week in FCPA-Episode 164, week ending July 26, 2019 – the Microsoft and Facebook settle edition
Is the Patent Litigation Boom Coming to an End?
A Microsoft blog post reported that incident response researchers uncovered a remote access trojan in November 2024 (dubbed StilachiRAT) that “demonstrates sophisticated techniques to evade detection, persist in the target...more
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
CYBERSECURITY - CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits - Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
CYBERSECURITY - November's "Patch Tuesday" Includes 55 Patches - Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
CYBERSECURITY - Apple + Microsoft Release Patches for Identified Vulnerabilities - This week, both Apple and Microsoft issued patches to fix serious zeroday vulnerabilities that should be applied as soon as possible. That...more
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...more
CYBERSECURTY - U.S. CISA + Cyber Command Warns of Critical Flaw in VMware - Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure...more
CYBERSECURITY - Cisco/Talos Researchers Find Attackers Using Slack and Discord to Distribute Malware - Another example of the resiliency and creativity of cyber-attackers is outlined in a new blog by Cisco/Talos...more
In our four-part blog series on Schrems II and its impacts, we have already given the state of data transfers in light of the Schrems II decision as well as some practical tips on how to conduct a risk assessment. In sum, the...more
We often think of phony financial institution emails as a bad actor’s phishing scheme of choice to capture confidential bank account numbers or other private financial information. While those phishing emails certainly do...more
If you haven’t been paying attention to all the Microsoft warnings for the past year and your company is still running Windows 7, time’s up. After January 14, 2020, Microsoft will stop pushing out security updates to Windows...more
Department of Homeland Security Warns of Cyber-Attacks by Iran - The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more
After the killing of Qassem Soleimani on January 3, 2020, by the U.S. government, the cybersecurity news industry has been abuzz about whether Iran will engage in cyber terrorism, and if so, to what degree, as part of its...more
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more
Last week saw a lot of media coverage about “Yelp for People.” The app, called Peeple, allows users to rate friends, co-workers, and romantic partners based on a five-star rating system. Recruiters could review the ratings...more
On April 8, Microsoft officially ended all support and ceased providing updates for their Windows XP operating system. This “end of life” (EOL) announcement is not uncommon with software platforms, where continued support of...more
On April 10, 2014, Kentucky Governor Steve Beshear signed H.B. 232 into law, making Kentucky the 47th state to enact data breach notification legislation. Prior to H.B. 232, Kentucky was one of only four states—including...more