News & Analysis as of

Vulnerability Assessments Hackers

Alston & Bird

New Joint CISA – FBI – DC3 Guidance Advises On Ransomware Threats Linked to Iran-Backed Hackers: What Enterprises Need to Know

Alston & Bird on

A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more

Robinson+Cole Data Privacy + Security Insider

Scattered Spider Using RansomHub and Qilin Ransomware Against Victims

We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more

Robinson+Cole Data Privacy + Security Insider

CISA Warns of Three New Vulnerabilities Actively Exploited by Threat Actors

On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #401 – Cyberattack Against TikTok Targeted Brands and Celebrities

TikTok has reported that it is responding to a cyber attack targeting a limited number of known brands and celebrity accounts. The BBC has identified that Paris Hilton’s account as being targeted, but TikTok says it was not...more

Ballard Spahr LLP

XZ Utils Supply Chain Attack Sheds Light on Vulnerabilities in Widely Adopted Open Source System

Ballard Spahr LLP on

In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more

NAVEX

Immediate vs. Slow Burn Risks: A Balanced Cybersecurity Strategy

NAVEX on

The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more

NAVEX

The True Cost of Cybersecurity Failure – When Technology (and People) Fail

NAVEX on

Picture this: your company's systems are frozen, your data is held hostage and panicked customers flood your phone lines. A simple mistake, an unpatched vulnerability – even when your team was doing all the right things. It...more

Nossaman LLP

Critical Infrastructure Organizations Warned to Upgrade Systems and Software

Nossaman LLP on

In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more

Robinson+Cole Data Privacy + Security Insider

Ransomware Hitting U.S. Companies at Increasing Rate

Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022. They found that threat actors are using multi-extortion tactics to get paid...more

Robinson+Cole Data Privacy + Security Insider

Mercedes-Benz Source Code Potentially Compromised in GitHub Token Exposure

Mercedes-Benz reportedly suffered a security incident that exposed confidential source code on an Enterprise Git server. The incident occurred due to a compromised GitHub exposed by an employee. Although the incident occurred...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #386 – What? Gen Z is Bigger Cybersecurity Risk than Boomers

OK boomers—instead of being on the end of an “OK boomer” comment, now you have some ammunition. Boomers have been reported to be less of a cybersecurity vulnerability to the workforce than Gen Z. An article by Karina Zapata...more

Ankura

Ankura Cyber Threat Investigations FLASH Wrap-Up [Report]: December 2023

Ankura on

The Ankura Cyber Threat Investigations and Expert Services (CTIX) FLASH Wrap-Up is a collection of high-level cyber intelligence summaries pertaining to current or emerging cyber events in December 2023, originally published...more

Ankura

Ankura CTIX FLASH Update - December 5, 2023

Ankura on

Bluetooth Compromise Coined "BLUFFS" Allows Attackers to Conduct Adversary-in-the-Middle Attacks - Researchers at EURECOM have developed six (6) new attack packages called “BLUFFS” that break the encryption of Bluetooth...more

Ankura

Ankura CTIX FLASH Update - December 2023

Ankura on

Malicious Android Apps Used to Target Iranian Banks - An ongoing Android malware campaign targeting users of Iranian financial institutions has expanded to include new abilities to target an even greater number of people...more

Robinson+Cole Data Privacy + Security Insider

Red Cross Creates Rules for Civilian Hackers in Conflict Zones

The International Committee of the Red Cross (ICRC) has taken a new step to regulate the activities of civilian hackers in conflict zones. To address the rise in the involvement of civilian hackers in inter-state conflicts,...more

Robinson+Cole Data Privacy + Security Insider

Urgent Joint Cybersecurity Advisory on Atlassian Vulnerability Issued

The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515. According to the Alert, “this critical vulnerability...more

Robinson+Cole Data Privacy + Security Insider

HC3 Warns Healthcare Organizations of NoEscape Ransomware

On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Two Industrial Control Systems Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS)....more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - July 2023 - #2

Robinson & Cole LLP on

CYBERSECURITY - Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP - Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - July 2023

Robinson & Cole LLP on

CYBERSECURITY - Unpatched Fortinet Vulnerability Being Exploited by Threat Actors - According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a...more

Robinson+Cole Data Privacy + Security Insider

Unpatched Fortinet Vulnerability Being Exploited by Threat Actors

According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched...more

Latham & Watkins LLP

Cyber Security Incidents als Herausforderung für die Rechtsabteilung - wichtigste Punkte, die Unternehmensjuristen über die...

Latham & Watkins LLP on

Hackerangriffe, Datendiebstahl, Ransomware, Datenpannen und sonstige Cybersecurity Incidents werden immer mehr zu einem zentralen Unternehmensrisiko. Dabei wird oft übersehen, dass dieses Thema nicht nur in technischer,...more

Robinson+Cole Data Privacy + Security Insider

Joint Advisory on MOVEit Transfer Vulnerability Published

CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The CLOP ransomware organization has been reportedly exploiting an SQL injection...more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Three Advisories for Industrial Control Systems

On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more

Jenner & Block

Evolving Caremark Duties Related to Cybersecurity Risks

Jenner & Block on

In the recent case Construction Industry Laborers Pension Fund on behalf of SolarWinds Corporation, et. al v. Mike Bingle, et al. (2022), the Delaware Chancery Court considered whether the directors of SolarWinds Corporation,...more

239 Results
 / 
View per page
Page: of 10

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide