NIST has updated its widely used Cybersecurity Framework to provide key updates and practical resources for organizations to manage and discuss cybersecurity risk. The updated framework, which remains voluntary, is designed...more
The National Crime Agency fought back against Lockbit this week, affecting the groups administrative environment.
Coordinating with the FBI and international partners, the National Crime Agency (NCA) took control of...more
Informants can net $15 million for information about leaders behind the ALPHV/Blackcat Ransomware.
The U.S. Department of State is offering rewards of up to $10 million for information leading to key leaders in the...more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
New vulnerability found in the boot process for Linux systems configured to boot over the network.
A high severity vulnerability could allow attackers to take over a Linux system. The vulnerability is in the shim software...more
Increasingly available Deepfake technology that can be used to impersonate employees is increasing the level of social engineering risk.
Deepfake technology is increasingly being used against corporations to carry out social...more
Vulnerability in the open-source automation server Jenkins is exploitable using a publicly released proof of concept.
On January 24, 2024, Jenkins announced the presence of vulnerability CVE-2024-23897. The vulnerability...more
Cyberattacks from China are targeting critical infrastructure including communications, energy, transportation, and water. Critical U.S. infrastructure may face a higher risk of cyberattacks from the People’s Republic of...more
Vulnerabilities in enterprise file transfer solutions can lead to elevated risk. Now would be a good time to check your organization’s managed filed transfer service....more
Industrial automation platform Rapid SCADA contains seven key vulnerabilities.
CISA recently published an advisory about seven vulnerabilities in Rapid SCADA—an open-source industrial automation platform that provides tools...more
CISA has added a new Ivanti vulnerability to its known exploited vulnerability catalogue. This vulnerability can be paired with other recently-reported vulnerabilities to permit threat actors to write malicious web shell...more
A vulnerability in Microsoft SharePoint has been flagged as being actively exploited by CISA.
A vulnerability in Microsoft SharePoint is being actively exploited according to CISA’s known exploited vulnerabilities (KEV)...more
Since December 18, 2023 public companies other than smaller reporting companies are required to report a cybersecurity incident under Item 1.05 of Form 8-K within four business days after the company determines the incident...more
Yesterday, California Governor Gavin Newsom issued an executive order regarding generative artificial intelligence (“GenAI”). The order states that California has established itself as the world leader in GenAI innovation...more
On August 24, 2023, twelve international data protection and privacy regulators from the Americas, Europe, Africa, and APAC announced their “global expectations of social media platforms and other sites to safeguard against...more
The Biden Administration released its National Cybersecurity Strategy (Strategy) in an effort to reshape U.S. policy and priorities around cybersecurity for the public and private sectors, marking a significant shift in tone...more
The field of regulators interested in the cybersecurity practices of private companies is getting crowded, with the Federal Communications Commission (FCC) becoming more and more active in this space. The FCC, which has...more
On March 11, the Word Health Organization officially characterized the coronavirus (COVID-19) outbreak as a pandemic. During the outbreak, many employers around the world are seeking to prioritize the well-being and safety of...more
3/16/2020
/ Business Continuity Plans ,
Business Interruption ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Cybersecurity ,
Data Protection ,
Emergency Management Plans ,
Infectious Diseases ,
Information Security ,
Malware ,
Policies and Procedures ,
Popular ,
Public Health ,
Risk Management
This is the eleventh installment in Hogan Lovells’ series on the California Consumer Privacy Act.
Much of the focus on the California Consumer Protection Act (“CCPA”) has been on the new rights that it affords California...more
Investing in the life sciences industry without an understanding of the key regulatory factors that could determine a product’s success or failure could cost you millions of dollars....more
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
9/12/2018
/ Bring Your Own Device (BYOD) ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Protection ,
Electronic Data Transmissions ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Information Technology ,
Mobile Device Management ,
PaaS ,
Personal Data ,
Popular ,
Risk Management ,
SaaS ,
Security Risk Assessments ,
UK