CYBERSECURITY -
Joint Advisory on MOVEit Transfer Vulnerability Published -
CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The...more
Montana Governor Greg Gianforte has signed SB 351, the Genetic Information Privacy Act (GINA), which “requires an entity to provide consumer information regarding the collection, use, and disclosure of genetic data; providing...more
EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected 2.1 million people....more
Tennessee, Montana, Iowa, and Indiana have each recently passed a consumer privacy statute in recent weeks. These laws follow the same trend started by California’s Consumer Privacy Act by granting consumers the right to know...more
Researchers at Meta, the owner of Facebook released a report this week that indicated that, since March 2023, Meta “has blocked and shared with our industry peers more than 1,000 malicious links from being shared across our...more
CYBERSECURITY -
FDD Suggests Space Systems be Designated as Critical Infrastructure -
The Foundation for Defense of Democracies (FDD) issued a Report late last week entitled Time to Designate Space Systems as Critical...more
Many companies are exploring the use of generative artificial intelligence technology (“AI”) in day-to-day operations. Some companies prohibit the use of AI until they get their heads around the risks. Others are allowing the...more
CYBERSECURITY -
Clop Claims Zero-Day Attacks Against 130 Organizations -
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in...more
3/31/2023
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Hackers ,
Ransomware ,
Russia
CYBERSECURITY FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MSISAC) recently released a joint cybersecurity advisory, warning organizations about...more
3/24/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
TikTok ,
Vulnerability Assessments
CYBERSECURITY -
World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak -
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
2/9/2023
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Information Technology ,
Popular ,
Social Engineering ,
Vulnerability Assessments
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global Cybersecurity Outlook 23 Insight Report (published in collaboration with Accenture), although...more
2/3/2023
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Popular ,
Risk Mitigation ,
Vulnerability Assessments ,
World Economic Forum
The Federal Trade Commission (FTC) announced on February 1, 2023 that it has settled, for $1.5M, its first enforcement action under its Health Breach Notification Rule against GoodRx Holdings, Inc., a telehealth and...more
2/3/2023
/ Data Management ,
Data Privacy ,
Data-Sharing ,
Enforcement Actions ,
Federal Breach Notification Standard ,
Federal Trade Commission (FTC) ,
Healthcare ,
PHI ,
Prescription Drugs ,
Settlement Agreements ,
Targeted Digital Advertising ,
Telehealth
While plaintiffs’ attorneys were initially focused late last year on suing health care entities for using Pixel and other tracking technology to share information about website users with social media platforms such as Meta...more
1/27/2023
/ Chick-Fil-A ,
Class Action ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
Facebook ,
Fast-Food Industry ,
Statutory Violations ,
Targeted Digital Advertising ,
Tracking Systems ,
Video Privacy Protection Act ,
Web Tracking
CYBERSECURITY -
235 Million Twitter User Email Addresses Posted on Hacking Forum -
Israeli cybersecurity firm Hudson Rock has reported that the email addresses of more than 235 million Twitter users have been stolen and...more
CYBERSECURITY -
LastPass Updates Disclosure of Security Incident -
There are pros and cons to using a password manager. The biggest pro is that it helps keep all of our passwords organized and safe. The biggest con is...more
1/9/2023
/ Artificial Intelligence ,
COPPA ,
Cybersecurity ,
Data Privacy ,
EPIC ,
Federal Trade Commission (FTC) ,
Influencers ,
Microchip Technology ,
Robotics ,
Scams ,
Securities and Exchange Commission (SEC) ,
Unfair or Deceptive Trade Practices
Colorado Attorney General Phil Weiser’s office recently published an updated version of the draft rules governing the Colorado Privacy Act, which goes into effect on July 1, 2023. The updates build upon the original draft...more
CYBERSECURITY -
Nineteen States Have Banned TikTok on Government-Issued Devices -
Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
12/23/2022
/ China ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Diagnostic Tests ,
Hackers ,
Healthcare ,
Infectious Diseases ,
Scams ,
TikTok ,
Vulnerability Assessments
CYBERSECURITY -
Health Care Organizations Warned of Venus Ransomware -
The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information...more
11/23/2022
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Identity Theft ,
Instagram ,
Popular ,
Ransomware ,
Spyware ,
Vulnerability Assessments
DATA PRIVACY -
Businesses Struggle to Comply with CPRA without Final Regulations -
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t...more
DATA PRIVACY -
Businesses Struggle to Comply with CPRA without Final Regulations -
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t...more
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t any yet. The California Privacy Rights Agency (CPPA), the newly- created body with...more
11/10/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements
CYBERSECURITY -
Joint Advisory Outlines Attacks by Daixin Team -
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning...more
11/4/2022
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Employee Monitoring ,
EU-US Privacy Shield ,
Popular ,
Ransomware ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health...more
11/4/2022
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
FBI ,
Healthcare ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Joint Statements ,
Public Health ,
Ransomware ,
Vulnerability Assessments
Last week, the California Privacy Protection Agency (CPPA) released updated California Privacy Rights Act (CPRA) draft regulations and a summary of the changes. The regulations remain in the proposal stage and it is unclear...more
10/28/2022
/ California ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Information ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Standards ,
State Privacy Laws
CYBERSECURITY -
CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors -
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
10/26/2022
/ Artificial Intelligence ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Drones ,
Employee Monitoring ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personal Data