Ever since the enactment of the Illinois Biometric Information Privacy Act (BIPA), we have been watching the development of laws around the collection, use, disclosure and retention of biometric information. In general, BIPA and other biometric information privacy laws enacted since BIPA, require any company that is collecting biometric information, such as fingerprints, voice recognition,

This week, the New York State Department of Financial Services (NYDFS) issued the Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response. The Report begins with the statement that “The next great financial crisis could come from a cyber-attack,” And goes on to describe how the SolarWinds attack affected financial institutions and NYDFS’s response

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recently released a free tool that will assist organizations with identifying indicators of compromise following threat activity in Microsoft 365 and Azure Environments.

The new CISA Hunt and Incident Response Program (CHIRP) tool, “is a forensics collection tool that CISA developed to help network

On April 6, 2021, DocuSign issued an Alert notifying users of a new malicious hacking tool that is mimicking DocuSign to drop malware into victims’ systems. According to the Alert, the document building tool, dubbed “EtterSilent,” “creates Microsoft Office documents containing malicious macros or attempts to exploit a known Microsoft Office vulnerability (CVE-2017-8570) to download

State and local governments have been hammered with business email compromise (BEC) attacks over the past few years and the onslaught does not appear to be abating.

Last week, the Federal Bureau of Investigation (FBI) issued a Private Industry Notification to state, local, tribal, and territorial governments that they are being targeted by BEC attackers.

Speaking of security education and training, the National Cybersecurity Center this week launched a new initiative to offer cyber-hygiene and IT security sessions to elected state government officials and their staff for FREE. The training sessions are getting a financial boost from Google and bipartisan support from Secretaries of State Frank LaRose (R-Ohio) and

Although many students are returning to in-class learning, many others are still in a hybrid situation or fully remote at their own request. The rapid transition from in-school to the at-home learning setting has necessitated the use of classroom management software to manage online learning programs. The software of one of those companies, Netop Vision

Cyber-hygiene and prevention are sometimes hard to fit in when there are so many vulnerabilities, zero-day attacks and third-party incidents that keep us busy every day. During the pandemic, many companies put their Incident Response Plans and tabletop exercises on the back burner as they were migrating an entire workforce from office to home, and