Client Update – MS Exchange Server Mass-Hack
4/28/21
By: John Ghose
In March 2021, government and private sector sources estimated that 30,000 U.S. organizations, and 100,000 organizations worldwide, were hacked by a Chinese state-sponsored group known as Hafnium. The mass-hack exploited previously unknown “zero-day” vulnerabilities of Microsoft Exchange …
Businesses Beware of the Parallax RAT Trap
7/7/20
By: Peter Dooley
One of the newest and most potentially harmful malware campaigns, the appropriately named Parallax RAT, has been wreaking havoc on businesses of all sizes during this already trying time of increased remote work. RAT stands for “remote …
Cybersecurity Forensic Reports and the Work Product Doctrine
6/3/20
By: Michael Kouskoutis
When responding to a data security incident, it is typical for a company’s attorneys to retain a computer forensics firm on behalf of the company to help investigate what occurred. Because the forensic firm’s work is performed …
The State of Cyber Threats in 2020 and Ongoing Risks to Small and Medium-Size Companies
5/13/20
By: Renata Hoddinott
As we approach mid-year 2020, we look back on trends in data breaches and the landscape of cyber threats compared to 2019 as we continue to advise our clients before, during, and after a cyber incident. Risk-Based …
Cyber Attack on HHS is a Reminder for Businesses to Remain Vigilant About Cybersecurity During the COVID-19 Pandemic
3/17/20
By: Renata Hoddinott
Amidst all the information and news flooding the internet regarding COVID-19, another troubling headline emerged this morning: an unknown actor launched a cyber attack on the Department of Health and Human Services (HHS) on Sunday. The attack …
States are Busy on the Cyber Front
2/19/20
By: Amy C. Bender
2020 is off to a busy start, with several states taking action on cybersecurity legislation and issuing other legal updates. Highlights include:
California – California’s Attorney General has issued revised proposed regulations regarding the California Consumer …
Latest Study in Cybersecurity Awareness and End User Behaviors
9/5/19
By: Michael Kouskoutis
Cybersecurity awareness company Proofpoint recently published its fourth-annual Beyond the Phish report, which analyzes end-user behavior and employee knowledge on cybersecurity. Gathering from over 130 million data points across 14 categories, 16 industries and over 20 departments, …
New Cybersecurity Trend: Data Security and Disposal Laws
2/7/19
By: David Cole & Amy Bender
Tales of data breaches flood our news reports these days. By now, you hopefully are aware that all 50 states have laws requiring persons and organizations that own or maintain computerized data that includes …
Lessons Learned from the SEC’s Order in the Yahoo! Data Breach Enforcement Action
5/22/18
By: Jennifer Lee
On April 24, 2018, the SEC issued an order in the enforcement action against Altaba Inc., formerly Yahoo! Inc., and imposed a $35 million fine relating to the 2014 data breach which affected more than 500 million …
Cybersecurity in Georgia Hits a Roadblock
5/14/18
By: Ze’eva Kushner
On May 8, 2018, Georgia’s Governor Nathan Deal made a controversial decision to veto a cybersecurity bill. Issued in the wake of the massive data breach of Atlanta-based Equifax, among other data breaches across the country, the …
Cybersecurity Deadlines Approaching for Banking, Insurance, and Financial Services Companies
2/8/18
By: David A. Cole
Businesses that are subject to the New York Department of Financial Services (“DFS”) cybersecurity regulations should be aware of upcoming compliance deadlines. Don’t be fooled—these regulations may apply to your business even if you’re not located …
Enhanced Privacy and Data Security Law on Tap for North Carolina
2/8/18
By: Paul H. Derrick
A bi-partisan privacy and data security bill will soon be rolled out in North Carolina, and its impact will be significant. North Carolina Attorney General Josh Stein and State Representative Jason Saine are co-authoring “The Act …