The Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and international partners issued an updated advisory on July 29, 2025, highlighting the evolving tactics, techniques, and procedures (TPPs) of the cybercriminal group Scattered Spider. First identified in 2023, this group is notorious for targeting large enterprises and their contracted IT help desks, […]
Cybercrime
Trump Administration Releases Cyber Executive Order Revealing Renewed Strategy for U.S. Cybersecurity
On June 6, 2025, President Trump issued an Executive Order (EO) on Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity, amending certain prior directives established by the Biden and Obama administrations. Importantly, the administration’s new directive maintains continuity of the cybersecurity goals of prior administrations and demonstrates that cybersecurity remains a bipartisan priority. However, the […]
2025 State Cybersecurity Legislation Focuses on Financial Services
Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the first state regulation to enumerate, in great detail, the elements of a cybersecurity program that a covered financial service company […]
Congressional Research Service Report Sheds Light on October Telecommunications Attack by PRC-Linked Threat Actor
In early October 2025, several media outlets reported that United States telecommunications services had been infiltrated by state affiliated threat actors linked to the People’s Republic of China (“PRC”). These reports were followed by a joint press release on October 25, 2024 by the Federal Bureau of Investigation (“FBI”) and the Cybersecurity and Infrastructure Security […]
Forthcoming UK Cyber Security and Resilience Bill to Boost the UK’s Cyber Defenses
In the July 2024 King’s Speech, the UK government announced its intention to introduce a Cyber Security and Resilience Bill (the “Bill”) to improve the UK’s cyber defenses and protect essential public services. The announcement comes as companies and countries increasingly face attacks by cyber criminals and state actors, sometimes disrupting public services and infrastructure. […]