DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
As technology advances, so do the tactics of scammers. The Federal Trade Commission (FTC) recently released a data spotlight on the top text scams of 2024, revealing a significant increase in financial losses despite a...more
WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more
On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more
In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more
On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more
The hospitality industry will need to focus on several key areas to ensure compliance and minimize risk in the year ahead, including data privacy and cybersecurity protections, employment and labor law compliance, and even...more
The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more
Citing the “alarming growth” of cyberattacks in recent years, the U.S. Department of Health and Human Services (“HHS”) has issued a Notice of Proposed Rulemaking to modify the Health Insurance Portability and Accountability...more
Scammers prey on us when we are most vulnerable. Although some of us are early holiday shoppers, others wait until the last minute to complete their holiday shopping....more
According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang...more
As companies embrace digital transformation, they increasingly depend on proprietary technologies and data that requires robust cybersecurity measures to safeguard intellectual property (IP). Zifino and Foley & Lardner LLP...more
Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more
In an increasingly digital world, the rise in cybercrime involving email scams has become a significant threat to individuals and organizations alike. These sophisticated attacks exploit human psychology and technological...more
On November 13, 2024, the Financial Crimes Enforcement Network (FinCEN) issued FIN-2024-Alert004 to help financial institutions identify fraud schemes associated with the use of deepfake media created with generative...more
Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
Share on Twitter Print Share by Email Share Back to top On September 26, 2024, the Department of Commerce’s Bureau of Industry and Security (BIS) published a Notice of Proposed Rulemaking that, if finalized, would prohibit...more
October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more
A critical vulnerability, CVE-2024-0132, has surfaced in NVIDIA’s Container Toolkit, placing a substantial portion of cloud environments at risk. Discovered by researchers at Wiz, the flaw affects both the NVIDIA Container...more
A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration...more
Phishing scams can pop up anywhere, as evidenced by the U.S. Environmental Protection Agency (EPA) Office of Inspector General’s recent alert regarding fraudulent Notice of Violation letters (NOVs)....more
In the aftermath of what could be one of the most widespread global information technology outages in history, organizations are putting a renewed focus on combating old vulnerabilities that can have cascading effects. ...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more