The New York Division of Financial Services (NYDFS) recently issued new cybersecurity guidance to assist covered entities in understanding and responding to the heightened risks posed by third party service providers (TPSP). NYDFS emphasized that covered entities must acknowledge and account for these risks and offer assistance in addressing them.
Based upon NYDFS’ enforcement activities
The use of AI tools is revolutionizing our society. The efficiency it presents is like nothing we have ever experienced. That said, there are risks worth considering.
“AI poses risks including job loss, deepfakes, biased algorithms, privacy violations, weapons automation and social manipulation. Some experts and leaders are calling for stronger regulation and ethical
OpenAI recently published research summarizing how criminal and nation-state adversaries are using large language models (LLMs) to attack companies and create malware and phishing campaigns. In addition, the use of deepfakes has increased, including audio and video spoofs used for fraud campaigns.
Although “most organizations are aware of the danger,” they “lag behind in [implementing]
Continuing the weekly blog posts about lawyers using AI and getting in trouble, the Massachusetts Office of Bar Counsel recently issued an article entitled “Two Years of Fake Cases and the Courts are Ratcheting Up the Sanctions,” summarizing the problems encountered by courts when confronted with lawyers citing fake cases, and the
Dating sure has changed since I was in the market decades ago. Some of us can’t imagine online dating, let alone dating a bot. Get over it—it’s now reality.
According to Vantage Point, a counseling company located in Texas, it surveyed 1,012 adults and a whopping 28% of them admitted to having “at least one
Oracle has confirmed that the threat actor group Cl0p is actively exploiting a zero-day vulnerability in the Oracle E-Business Suite product, versions 12.2.3-12.2.14. On October 4, 2025, Oracle advised its customers in a security advisory that the supplied patch should be applied “as soon as possible.” According to Oracle, “this vulnerability is remotely exploitable without
On September 30, 2025, the Office for Civil Rights of the Department of Health and Human Services (OCR) announced a settlement with Cadia Healthcare Facilities, a provider of rehabilitation, skilled nursing and long-term care services located in Delaware “for potential violations…of HIPAA Privacy and Breach Notification Rules.”
U.S. District Judge Amit P. Mehta sanctioned an attorney who filed a brief containing erroneous citations in every case cited after the attorney admitted to relying on generative AI to write the brief. The attorney had used the tools Grammarly, ProWriting Aid, and Lexis’ cite-checking tool. The attorney was ordered to pay sanctions, including opposing
Passwords are the key to your digital kingdom. Passwords, also known as “credentials,” provide the user with access to all information and data that the user has been authorized to access, whether in a personal or professional capacity. It is one thing to have a weak password for your personal accounts, but quite another to
According to NextGov, it obtained a screenshot of an incident overview presentation that confirmed confirmed “a ‘widespread cybersecurity incident’ at the Federal Emergency Management Agency [that] allowed hackers to make off with employee data from both the disaster management office and U.S. Customs and Border Protection.”
The incident reportedly started on June 22, 2025