Last year, Americans lost $12.5 billion to internet crime, which represented a near-25% increase from the year prior. As cybercrime grows increasingly sophisticated, financial institutions loom as targets ripe for attacks—and even more so as bad actors become more adept with AI attacks. There are several concerns facing banks and…
Even though the United States does not currently follow a federal framework for cybersecurity protections, the executive branch is completely stagnant in its efforts to protect U.S. citizens. And although legal penalties are realistically a decade away, the Biden administration recently held intense discussions with software developers. The goal? To craft frameworks…
After months of being inactive, the malware loader Bumblebee is back. First found in March 2022, Bumblebee attacks users who unknowingly download it. It is believed to be made by the TrickBot cybercrime group. It was thought to be retired, but now it’s back and more dangerous than ever. Traditionally, Bumblebee…
A little over six months ago, the U.S Securities and Exchange Commission established their Form 8-K cybersecurity reporting rules, making the SEC a key player in cybersecurity. This is a good time to review how effective these rules are. In this issue, we discussed how these rules are a new…
In a recent blog by the International Association of Privacy Professionals, two privacy experts wrote that “the obligation of data custodians to protect the confidentiality, integrity and availability of the personal information they hold is becoming increasingly complex.” This important claim is worth further consideration, as the United States does not have…
Previous articles have discussed in-depth about the outsized effect artificial intelligence has on cybersecurity and on privacy laws, as well as how chatbots, such as ChatGPT and Microsoft Co-Pilot, are fundamentally altering the world of academia (along with the potential privacy concerns that accompany their use). So what risks do generative AI users face?…
Consumers of every stripe are told that deploying home cybersecurity protection measures is an important component of good cyber hygiene. But despite the importance of cybersecurity protection, we rarely stop to ask ourselves: What do we need our cybersecurity to protect? As a result, most home cybersecurity protection is grounded…
Although many of us accept the fact that our personal data can be accessed by third-party actors, we are often unaware of the role data brokers play in the dissemination of this information. These shadow actors contribute to a $214 billion industry that affects tens of millions of Americans by…
It seems like every newsletter update contains yet another enactment of a new state privacy law. And while this is great news for consumers, it can sometimes be difficult to keep track of whether your state has strong privacy laws. Recently, a new ranking of the best and worst states…
As we transition out of the first quarter of 2024, now is a good time to review the anticipated cybersecurity threats for the year. So far, we have already witnessed the rise of AI-enabled threats as well as new geopolitically motivated attacks that utilize AI tools. However, important questions remain:…
In previous newsletters, we have analyzed the possible privacy violations committed by ChatGPT’s parent company, OpenAI. Specifically, we noted that the company may have violated EU privacy laws. Potential privacy concerns were not properly assessed and addressed… the language model collects your account information, data from your device and browser…
Imagine the following scenario: you receive an email from an old acquaintance that you did not expect. Your friend has attached a document they want you to examine; however, what you do not realize is that your friend’s email has been compromised. Shortly after receiving and opening the email, you…
Recently, the Department of Justice announced that a “December 2023 court-authorized operation disrupted a botnet of hundreds of U.S.-based small office/home office (SOHO) routers hijacked by People’s Republic of China (PRC) state-sponsored hackers.” This operation required the DOJ to delete the botnet coding from the routers in question and block…
When it comes to choosing organizations to share your personal data with, it can often feel like your options are few and far between. This is because many of the services we use (such as healthcare) require the consenting exchange of personal data. However, just because your data must be…