On August 28th, Mandiant issued an update to its previous Salesloft Drift advisory. Therein, Mandiant discussed that Salesloft issued a security notification on Aug. 26 regarding its Drift application. At that time, it...more
9/2/2025
/ APIs ,
Artificial Intelligence ,
Cloud Computing ,
Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Technology ,
Risk Management ,
SaaS ,
Software ,
Third-Party Service Provider ,
Threat Management
Salesloft issued a security notification on August 26 regarding its Drift application. It appears to be a broad opportunistic attack on Salesloft/Drift instances integrated with Salesforce tenants. Salesloft issued updates...more
8/28/2025
/ Artificial Intelligence ,
Cloud Computing ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Technology ,
Popular ,
Risk Management ,
SaaS ,
Salesforce ,
Software ,
Third-Party Service Provider
On May 16, 2024, the Securities and Exchange Commission (SEC) adopted sweeping amendments to Regulation S-P, which governs the privacy of nonpublic consumer personal and financial information for a broad range of financial...more
8/5/2025
/ Broker-Dealer ,
Compliance Dates ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Final Rules ,
Financial Institutions ,
Incident Response Plans ,
Investment Adviser ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC) ,
Third-Party Service Provider
On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively exploited vulnerabilities in Microsoft SharePoint Server. These vulnerabilities, known as...more
Requirements under the proposed rules would include the disclosure of:
•Material cybersecurity incidents within four business days of the determination that a material cybersecurity incident has occurred in a Form 8-K-...more
3/22/2022
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Policies and Procedures ,
Popular ,
Proposed Rules ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC)
A major vulnerability (known as Log4j or Logshell) within Java-based applications is impacting millions of applications around the world. This issue affects most industries and is very dangerous if applications are not...more
In this first session in our Cybersecurity Awareness Series, discover how to implement the “ounce of prevention, pound of cure” approach–specifically, what your organization can do to create a cybersecurity plan and...more
Not every cybersecurity threat is ransomware. Phishing is cybersecurity’s biggest threat. It’s one of the most common ways hackers can “get into” your organization, and it can result in much more than identity theft. In the...more
In the second session in our Cybersecurity Awareness Series, learn the ins and outs of preparing your organization’s staff for a potentially damaging situation–whether created by accident or by a malicious outsider–by running...more
We are now seeing a potential trend where states are incentivizing companies through the creation of safe harbors to improve their cybersecurity posture, instead of penalizing them after a breach of personal information. Utah...more
A putative consumer class action filed in California state court on Friday the 18th against Petco Animal Supplies Stores Inc. (Petco) and its wholly owned subsidiary PupBox Inc. (PupBox) alleges that between February and...more