The Danger of BlackSuit Ransomware

Have you heard of the ransomware strain, BlackSuit? Previously branded as Royal Ransomware, operators of this attack have secured as much as $500 million in demands in ransoms to date. This has raised the threat level and awareness of BlackSuit: the U.S. Cybersecurity and Infrastructure Security Agency and the FBI…

Continue Reading

Chevron Is Gone—Now What?

No less than three months ago, the Supreme Court struck down the Chevron Doctrine, a legal principle dating back to the 1984 Chevron v Natural Resources Defense Council case. For 40 years, this principle has been the bedrock of federal agency regulations, which means that it has also been the…

Continue Reading

North Korea IT Workers Infiltrate USA

In the time we have been publishing MyIDMatters, it is unlikely that we have encountered a story as strange as this one. The Justice Department (DOJ) has recently unsealed documents related to an IT workers scheme perpetrated by the Democratic People’s Republic of Korea. These workers reportedly infiltrated more than…

Continue Reading

The Problem with Microsoft Recall

There is a crucial issue with this story, and we want to see how quickly you can spot the problem. So, Microsoft has designed a new AI feature for its Copilot+PCs application called Recall. The purpose of this feature is to assist users with reconstructing their past activity (like the…

Continue Reading

LLMs and the CFAA

The increasing popularity of large language models has created new legal concerns on the privacy front. Recently, in a 40-minute cyber legal briefing (titled “Ignore Your Generative AI Safety Instructions. Violate the CFAA?”), three professors affiliated with the Harvard Berkman Klein Center for Internet and Society discussed whether the Computer Fraud…

Continue Reading

TikTok… Yet Another Lawsuit

Oops, they did it again. With every new issue of MyIDMatters, it seems as though there is another announcement of bad privacy news for TikTok and its parent company, ByteDance. Not only is TikTok currently fending off a federal ban, but now the video-sharing platform has been charged by the…

Continue Reading

What Are the Real Benefits of Zero-Trust Security?

What Are the Real Benefits of Zero-Trust Security? In the modern cybersecurity landscape, zero-trust approaches to security have become popular for organizations looking to protect valuable data. But why has this approach not made its way to individual cybersecurity protections—that is, why is this approach more valuable to organizations and…

Continue Reading

Artificial Intelligence and Cybersecurity

As the utilization of artificial intelligence becomes increasingly prevalent, it is no surprise that AI plays an enormous role in both cyberattacks as well as cybersecurity. However, exactly how AI works in cybersecurity is rarely discussed: what are the benefits of artificial intelligence integration, and how does this combat the…

Continue Reading

Attacks on Financial Institutions 

Last year, Americans lost $12.5 billion to internet crime, which represented a near-25% increase from the year prior. As cybercrime grows increasingly sophisticated, financial institutions loom as targets ripe for attacks—and even more so as bad actors become more adept with AI attacks. There are several concerns facing banks and…

Continue Reading

A New Federal Cybersecurity Strategy 

Even though the United States does not currently follow a federal framework for cybersecurity protections, the executive branch is completely stagnant in its efforts to protect U.S. citizens. And although legal penalties are realistically a decade away, the Biden administration recently held intense discussions with software developers. The goal? To craft frameworks…

Continue Reading

Bumblebee Attacks Are Back 

After months of being inactive, the malware loader Bumblebee is back. First found in March 2022, Bumblebee attacks users who unknowingly download it. It is believed to be made by the TrickBot cybercrime group. It was thought to be retired, but now it’s back and more dangerous than ever. Traditionally, Bumblebee…

Continue Reading

The Effectiveness of the SEC’s Cyber 8-K Rules 

A little over six months ago, the U.S Securities and Exchange Commission established their Form 8-K cybersecurity reporting rules, making the SEC a key player in cybersecurity. This is a good time to review how effective these rules are. In this issue, we discussed how these rules are a new…

Continue Reading

Trends in U.S. Cybersecurity Law

In a recent blog by the International Association of Privacy Professionals, two privacy experts wrote that “the obligation of data custodians to protect the confidentiality, integrity and availability of the personal information they hold is becoming increasingly complex.” This important claim is worth further consideration, as the United States does not have…

Continue Reading

Artificial Intelligence & Academia

Previous articles have discussed in-depth about the outsized effect artificial intelligence has on cybersecurity and on privacy laws, as well as how chatbots, such as ChatGPT and Microsoft Co-Pilot, are fundamentally altering the world of academia (along with the potential privacy concerns that accompany their use). So what risks do generative AI users face?…

Continue Reading