An attack against Salesforce between August 8 and August 18 targeting data through its Salesloft Drift app “is more extensive than at first thought.” The attack targeted numerous Salesforce customers “systematically...more
On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory entitled “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage...more
Researchers at Arizona State University and Citizen Lab have discovered that three families of Android VPN applications, used by millions of people worldwide, are related and owned by companies or individuals located in...more
In this line of work, I am often asked if law enforcement is ever successful in finding and punishing the threat actors who have wreaked havoc on U.S. businesses and stolen millions of dollars in ransomware attacks. I am so...more
8/14/2025
/ Criminal Investigations ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Digital Assets ,
FBI ,
Investigations ,
Law Enforcement ,
Ransomware
Threat actors continue to exploit ToolShell to gain unauthorized access to on-premises SharePoint servers. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report...more
On July 24, 2025, during a public meeting following public comment, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial changes include new compliance obligations for...more
On July 29, 2025, the Cybersecurity & Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security...more
We have repeatedly warned our readers about the risks associated with TikTok. We are reminding our readers that the popular Temu app raises the same concerns....more
Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively...more
If you own an electric vehicle, keep an eye on cybersecurity issues that may affect your car and its accessories. You wouldn’t think that an electric vehicle charger could include a vulnerability that allows threat actors to...more
According to Cybersecurity Dive, “Americans lost $16.6 billion to cyber fraud and internet crimes last year (2024), up 33% from the previous year. Phishing, spoofing and extortion topped the list of complaints, but investment...more
The SafePay ransomware group has been active since fall 2024 and has increased its activity this spring and summer. According to NCC Group, SafePay hit the most victims of any threat actor in May 2025—it is linked to 248...more
Malwarebytes recently reported that it has found scammers hijacking websites of name brands, including banks, software companies, and social media platforms to trick victims into calling a fraudulent telephone number instead...more
On June 27, 2025, the Federal Bureau of Investigation (FBI) issued a warning on X to the airline and transportation sectors that the notorious cyber criminal ring Scattered Spider is attacking those sectors....more
On June 30, 2025, a Joint Advisory was issued by the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Department of Defense Cyber Crime Center issued...more
When assessing cybersecurity risk in your organization, it is important to understand your users and their behavior. A new study by Keepnet sheds light on new hire behavior concerning phishing susceptibility. According to its...more
We are seeing an increase in cybersquatting incidents. What is cybersquatting and how can it affect you?
According to Sentinel One, cybersquatting, or domain squatting, “involves the registration, selling, or use of an...more
Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more
Smishing schemes involving Departments of Motor Vehicles nationwide have increased. Scammers are sending SMS text messages falsely claiming to be from the DMV that “are designed to deceive recipients into clicking malicious...more
Google recently issued its June Android Security Bulletin that is designed to patch 34 vulnerabilities, all of which Google designates as high-severity defects. The most serious flaw the patch is designed to fix in the...more
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
5/30/2025
/ Artificial Intelligence ,
CIPA ,
Class Action ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Privacy Laws ,
Ransomware ,
State Data Privacy Laws ,
Web Tracking
Never underestimate an operating system update from any mobile phone manufacturer. This week, Apple issued iOS 18.5 which provides enhancements to the user experience, but also fixes bugs and flaws....more
Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been responsible for the recent attack on Marks & Spencer in the U.K. A security...more
On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a...more