Introduction - On July 19, 2025, Microsoft announced two new vulnerabilities that are actively being exploited (CVE-2025-49704 and CVE-2025-49706) and that relate to on-premises Microsoft SharePoint instances that are exposed...more
The New York State Department of Health has issued an urgent cybersecurity advisory (the Advisory) warning of increased threat levels and a higher likelihood of cybersecurity attacks from Iranian state-backed actors following...more
On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more
6/24/2025
/ China ,
Compliance ,
Data Privacy ,
Data Security ,
Data Transfers ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Executive Orders ,
Foreign Entities ,
National Security ,
New Regulations ,
Personal Data
On June 6, 2025, President Trump issued an Executive Order (EO) on Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity, amending certain prior directives established by the Biden and Obama administrations....more
On March 13, 2025, the Federal Communications Commission’s (“FCC”) Chairman Brendan Carr announced the creation of a Council on National Security (the “Council”) with Adam Chan serving as the Director. This new Council will...more
On January 14, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released the AI Cybersecurity Collaboration Playbook (the “Playbook”) to provide guidance to organizations within the AI community (including AI...more
In the final week of the Biden Administration’s term in office, former President Biden issued two high profile executive orders that could have significant ramifications for the cybersecurity and technology industries. The...more
On January 3, 2025, the Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced sanctions on a Chinese-based cybersecurity company, Integrity Technology Group, Inc. (“Integrity Tech”). These sanctions...more
On November 14, 2024, the Department of Homeland Security (“DHS”) announced a set of voluntary recommendations called the “Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure”...more
11/20/2024
/ Artificial Intelligence ,
Automation Systems ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Management ,
Department of Homeland Security (DHS) ,
Machine Learning ,
National Security ,
Risk Assessment ,
Risk Management
In early October 2025, several media outlets reported that United States telecommunications services had been infiltrated by state affiliated threat actors linked to the People’s Republic of China (“PRC”). These reports were...more
On October 24, 2024, President Biden signed the first-ever National Security Memorandum (“NSM”) focused on artificial intelligence (“AI”), pursuant to subsection 4.8 of Executive Order 14110. The NSM provides guidance on...more
On Thursday, August 8, 2024, the United States Department of Justice (“DOJ”) announced that it had charged a Nashville man for his alleged role in assisting the Democratic People’s Republic of Korea (“DPRK” or “North Korea”)...more
Our Securities and Privacy, Cyber & Data Strategy teams unpack the Department of Justice’s (DOJ) process for companies seeking to delay Form 8-K disclosures under the Securities and Exchange Commission’s (SEC) cybersecurity...more
On September 27, 2023, The U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japanese National Police Agency (NPA), and...more
On April 13, 2021, a federal district court granted a motion to partially unseal an FBI application and search warrant following the successful conclusion of an FBI operation to eradicate malicious web shells placed on...more