Photo of Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices.

The exploit (CVE-2022-27518) affects Citrix ADC, an application delivery controller, and Citrix Gateway, a remote access tool. Both devices are standard in mid-to-large enterprise networks. Analysts at the National

According to NBC News and Reuters, the United States Secret Service confirmed that hackers from APT41, a criminal cyber-hacking group linked to the Chinese Communist Party, stole “at least $20 million in U.S. Covid Relief benefits, including Small Business Administration loans and unemployment insurance funds in over a dozen states.”

According to the report

The Federal Communications Commission (FCC) will categorically ban devices over national security concerns for the first time in history. Per a new order, the FCC will prohibit the import and sale of devices produced by Huawei and ZTE, and restrict the use of several other Chinese-produced devices for government and critical infrastructure purposes. Huawei

The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information on a new variant of ransomware called Venus (also known as GOODGAME).

According to IC3, the threat actors “are known to target publicly exposed Remote Desktop Services to encrypt Windows devices.” The ransomware then “will attempt

Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new, unique phishing scam that has been successful. The scam is believed to have been carried out by the Luna Moth/Silent Ransom Group and is targeting businesses in the legal and retail sectors. Unit 42 predicts that the scam is “expanding in scope.”

As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t any yet. The California Privacy Rights Agency (CPPA), the newly-created body with administrative authority over the CPRA’s implementation, has yet to release its finalized regulations. The CPRA takes effect on January 1, 2023, and covered