Data Privacy & Cybersecurity PracticeAs outlined by the Securities and Exchange Commission (SEC) in its proposed changes to rules regarding disclosure of cybersecurity incidents, there has been a steady increase in cyberattacks, some of which have had devasting effects on businesses, consumers, and investors. The SEC proposal is premised on the belief that investors would benefit from more timely and consistent disclosure about material cybersecurity incidents and greater availability and comparability of disclosure by public companies.
Read more »Tag: cyberattack
-
SEC Proposes Rules to Increase Reporting About Cybersecurity Incidents Posted on: July 27, 2022 In: Data Privacy & Cybersecurity
-
The “Follina” Vulnerability: Microsoft Support Diagnostic Tool Alert for Zero Day Exploit CVE-2022-30190 Posted on: June 27, 2022 In: Data Privacy & CybersecurityOn May 30, 2022, Microsoft issued an alert regarding a vulnerability in its Microsoft Support Diagnostic Tool that can be exploited using Microsoft Office documents and results in the unauthorized installation of programs or access to data.The vulnerability evades common protections associated with Microsoft Office documents, requires minimal user interaction, and can be used by a remote attacker to execute arbitrary code, escalate privileges to fully take over a machine, or deploy additional malware.
Read more »
-
North Carolina Prohibits Ransom Payments by State and Local Government Agencies Posted on: June 24, 2022 In: Data Privacy & CybersecurityNorth Carolina made national headlines recently as the first state to prohibit state agencies and local government entities from paying a ransom following an attack. But N.C. Gen. Stat. § 143-800 goes one step further, prohibiting those entities from even communicating with a threat actor following an attack.
Read more »
Blog Search
Featured Posts
- February 10, 2023 Historic Hermès Jury Verdict Paves Way for Digital Trademark Rights
- January 13, 2023 Sports Law: A Year in Review & What to Watch for in 2023
- January 06, 2023 Federal Trade Commission Cracks Down on Non-Compete Agreements
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA
- November 01, 2022 A CROWNing Achievement for Massachusetts
- October 18, 2022 White House Issues Executive Order on EU-U.S. Data Privacy Framework
- September 09, 2022 Fifty Years of Progress: The Legal History of Title IX
Blog Tags
alabama
arkansas
audit
biometric data
blockchain
breach notification
california
canada
ccpa
cisa
client notification
colorado
congress
connecticut
consumer data
consumer notification
consumer rights
coronavirus
covid-19
cppa
cpra
cryptocurrency
cyberattack
cyber insurance
cybersecurity
cyber threat
cyberwarfare
data breach
data privacy
data protection
data security
delaware
email
employment
equifax
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
federal trade commission
financial fraud kill chain
fincen
fraud
ftc
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
irs
legislation
legislative alert
malware
maryland
massachusetts
microsoft
microsoft exchange servers
microsoft office 365
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist
nist security controls
ofac
opt out
personal data
personal information
phishing
privacy law
privacy protection patchwork
protected health information
ransomware
regulations
reporting requirements
sec
social engineering
social media
statute
strengthening american cybersecurity act
supreme court
tax returns
treasury department
utah
vcdpa
virginia
w2
washington
wire transfers
workplace policy