On May 1, 2025, the U.S. Department of Justice (DOJ) announced a settlement under the False Claims Act (FCA) involving defense contractors Raytheon Company (Raytheon), RTX Corporation (RTX), and Nightwing Group—the successor owner to one of Raytheon’s cybersecurity business lines (collectively “the Companies”). The Companies agreed to pay $8.4 million to resolve allegations of noncompliance […]
DOJ Settles False Claims Act Case with MORSECORP Over Cybersecurity Program
On March 26, 2025, the United States Department of Justice (DOJ) announced that it had reached an agreement with MORSECORP Inc. (MORSE) to settle alleged violations of the False Claims Act (FCA), specifically regarding MORSE’s cybersecurity program. The DOJ and MORSE—a government contractor that provides services to both the Departments of the Army and Air […]
Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today
Today, on May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take effect. Although the Second Amendment was originally adopted in November of 2023, NYDFS established a multi-year rollout of the Second Amendment’s requirements, […]
Last Minute Biden Cybersecurity and Artificial Intelligence Executive Orders Survive Initial Trump Revocations
In the final week of the Biden Administration’s term in office, former President Biden issued two high profile executive orders that could have significant ramifications for the cybersecurity and technology industries. The first, issued on January 14, 2025, is an “Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure” (the “AI Infrastructure Order”). […]
Congressional Research Service Report Sheds Light on October Telecommunications Attack by PRC-Linked Threat Actor
In early October 2025, several media outlets reported that United States telecommunications services had been infiltrated by state affiliated threat actors linked to the People’s Republic of China (“PRC”). These reports were followed by a joint press release on October 25, 2024 by the Federal Bureau of Investigation (“FBI”) and the Cybersecurity and Infrastructure Security […]