No Password Required: CISO at RSA and Champion of a Passwordless Future
Does INTERPOL contact private citizens to request personal or financial information?
The Privacy Insider Podcast Episode 18: From Craigslist to Philanthropy, It’s All About the Golden Rule with Craig Newmark
Podcast - The Role of Managed Service Providers with Stuart Itkin
Cybersecurity in Video Games & Esports
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Overview of Cybersecurity in Government Contracts
Cyber Threats
2022 DSIR Deeper Dive: NFTs
What to Do When a Phishing Attack Happens to You - The Consumer Finance Podcast
Hybrid Workforces and Compliance with Sheila Limmroth
[Podcast] Cybersecurity Best Practices
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
Phishing: Cybersecurity’s Biggest Threat
[Podcast] Fight the Phish!
Jenny Radcliffe on People Hacking
Debra Geroux and Scott Wrobel on Responding to Data Breaches
No Password Required: A Pen Tester at Rapid7 With a Passion for LEGO Bricks, Star Wars, and Sometimes LEGO Star Wars
#WorkforceWednesday: Extended Remote Work, Return-to-Work Manager Training, Case to Watch - Employment Law This Week®
In our May 2025 blog post, Study Finds Average Cost of Data Breaches Significantly Increased Globally in 2024, we highlighted the key findings of the Ponemon Institute’s Cost of a Data Breach Report 2024. The Ponemon...more
As Tax Day rapidly approaches, the IRS recently released it’s annual “Dirty Dozen” list of tax scams (https://www.irs.gov/newsroom/dirty-dozen-tax-scams-for-2026-irs-reminds-taxpayers-to-watch-out-for-dangerous-threats). ...more
As the world becomes increasingly digital, we are more connected than ever. But this development has also brought new and more intricate threats that could hurt the economy and society. The United Arab Emirates is known for...more
How AI-Powered Attacks, Supply Chain Vulnerabilities, and Regulatory Pressures Are Shaping Cybersecurity Today In today’s digital-first world, cybersecurity has never been more crucial. Organizations across every industry...more
Historically, our data has reflected both continuity and change, fluctuating between radical shifts and the steady continuation of known risks. This year offers both—hence our title, "The Risk Remains (Mostly) the Same."...more
On this episode of Culture & Compliance Chronicles, Amanda Raad and Nitish Upadhyaya from Ropes & Gray’s Insights Lab, and Richard Bistrong of Front-Line Anti-Bribery, are joined by neuropsychologist Sarah Zheng to explore...more
Brand owners will soon have a rare opportunity to own their brand name as a domain extension. The Internet Corporation for Assigned Names and Numbers (ICANN) is preparing to accept applications for “dotBrand” generic...more
As 2026 unfolds, the global cyber threat landscape is rapidly evolving — driven by accelerating attacker sophistication, geopolitical pressures, and, above all, the rise of artificial intelligence as both a tool and a target....more
On March 10th, the FBI issued an alert warning of an emerging scheme whereby criminals impersonating city and county officials solicit fraudulent payments for city / county planning and zoning permits....more
Cybersecurity firm Darktrace recently issued its Annual Threat Report, which offered some startling statistics and findings. The Threat Report provides a “comprehensive assessment of the global cyber threat landscape and the...more
ShinyHunters continues to wreak havoc against well-known brands; most recently, Wynn Resorts. Wynn Resorts has confirmed that “an unauthorized third party acquired certain employee data.” It is believed that the threat actor...more
A newly filed putative class action in the Western District of Texas targets Bumble, Inc., over an alleged “massive and preventable” cyberattack in or around January 2026, in which attackers allegedly accessed highly...more
Sophisticated vishing (voice phishing) attacks continue to target and victimize company call centers and help desks. Recently, a large ad tech company reported that customer information had been compromised as a result of a...more
A recent white paper issued by SocRadar, entitled “Operation DoppelBrand: Weaponizing Fortune 500 Brands for Credential Theft and Remote Access,” provides a stark outline of how a threat actor known as GS7 has been “targeting...more
As we enter the 2026 tax filing season, organizations face a heightened risk of cyberattacks targeting employee information. Tax season is a busy time for cybercriminals, who ramp up efforts to trick businesses and...more
For small and medium-sized businesses, social media platforms like Facebook and Instagram are essential marketing tools. However, account takeovers by hackers pose a serious and growing threat that every business owner should...more
Owners of federal trademark registrations have become a popular target for scams. They need to protect themselves from others who try to use information in the trademark registration for their own financial advantage. ...more
Security professionals rely on the implementation of multifactor authentication (MFA) to defend against phishing attacks and intrusions. Unfortunately, we can’t completely rely on MFA to protect us as threat actors (more...more
On January 28, 2026, the Federal Bureau of Investigation (FBI) announced the launch of Operation Winter SHIELD, a coordinated initiative designed to promote adoption of core defensive measures that are shown to mitigate...more
An email phishing scheme is circulating that targets development applicants by impersonating local planning staff and demanding payment of an “Application Approval Fee” invoice. The messages claim that paying the invoice is a...more
We continue to alert our readers to the uptick and successful use of vishing attacks against companies. Threat actors continue to be creative in developing strategies to use vishing to gain access into systems....more
The New York Department of Financial Services (“DFS”) has issued the below notice to regulated entities and individuals to use caution before responding to outreach from individuals falsely claiming to represent DFS....more
On January 22, the NYDFS issued an alert informing regulated entities about an email phishing scam falsely claiming to represent the regulator. The alert warned that scammers may have sent emails urging recipients to open...more
Rob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and...more
As we have warned before, threat actors using QR codes in attacks against victims continue to rise. To illustrate the risk, on January 8, 2026, the FBI issued a FLASH alert, entitled “North Korean Kimsuky Actors Leverage...more