Blog
Data Privacy & Cybersecurity Blog Posts From March 2021
-
Blog: ALERT: Microsoft Exchange Vulnerabilities Used to Deploy Ransomware
Date: March 15, 2021
Title: ALERT: Microsoft Exchange Vulnerabilities Used to Deploy Ransomware
Summary: On March 11, 2021, Microsoft acknowledged that the recently disclosed Microsoft Exchange vulnerabilities were being used to facilitate ransomware attacks. The four vulnerabilities – known as vulnerabilities CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 – have been exploited by attackers to compromise systems beyond the Exchange server. ...
-
Blog: You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack
Date: March 11, 2021
Title: You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack
Summary: By now, most of you know that due to the COVID-19 pandemic and the shift to remote work, data security incidents increased both in number and severity in 2020 and show no signs of slowing down in 2021. What you may not know, however, is what to do when your business experiences a ransomware attack. This post details five steps your organization should take immediately to reduce the impact of the attack....
-
Blog: Breach Notification Requirements Proposed for Banks
Date: March 09, 2021
Title: Breach Notification Requirements Proposed for Banks
Summary: On January 12, 2021, the Office of Comptroller of the Currency, the Federal Reserve Board, the Federal Deposit Insurance Company, and the Office of Thrift Supervision published a proposed rule that would substantially enhance banking organizations’ notification obligations in response to data security incidents. It would require a banking organization to provide its primary federal regulator with prompt notification of any “computer-security incident” that rises to the level of a “notification incident.”...
-
Blog: ALERT: Zero-Day Vulnerabilities Being Exploited to Attack On-Premises Microsoft Exchange Servers
Date: March 04, 2021
Title: ALERT: Zero-Day Vulnerabilities Being Exploited to Attack On-Premises Microsoft Exchange Servers
Summary: On March 2, 2021, Microsoft released a new patch to address four zero-day exploits being used to attack on-premises Microsoft Exchange Servers. The United States Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has urged vulnerable businesses to read Microsoft’s update and apply patches to their systems as necessary....
-
Blog: Virginia’s Consumer Data Protection Act: Not Quite The CCPA
Date: March 02, 2021
Title: Virginia’s Consumer Data Protection Act: Not Quite The CCPA
Summary: Though it seems Virginia is following California’s lead by becoming the second state with its own comprehensive data privacy legislation, Virginia’s Consumer Data Protection Act (CDPA) diverges from the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) in that it is far more business-friendly and does not have the “teeth” that the CCPA does. ...