Uncategorized

New Joint CISA – FBI – DC3 Guidance Advises On Ransomware Threats Linked to Iran-Backed Hackers: What Enterprises Need to Know

September 5, 2024 By Kim Peretti and Zain Haq

A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3) warns of increased collaboration between Pioneer Kitten, an Iranian state-backed threat actor, and various ransomware groups. The advisory highlights how Iranian threat actors are leveraging relationships with affiliates […]

United States Cybersecurity and Infrastructure Security Agency Issues Joint International Guidance for Event Logging and Threat Detection

August 30, 2024 By Kim Peretti, Lance Taubin and Zain Haq

On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging and threat detection best practices. The guidance was published in response to the increased prevalence of threat actors employing Living of the Land (LOTL) […]

CISA and JCDC Conduct First-Ever Public-Private AI Security Incident Tabletop Exercise

August 6, 2024 By Daniel Felz and Kim Peretti

On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) collaborated with the Joint Cyber Defense Collaborative (JCDC) to hold the federal government’s first tabletop exercise for “AI security incidents. JCDC led the exercise and, true to JCDC’s public-private partnership model, included over 50 participants from various government agencies and private-sector companies. For those […]

State AGs and Other Stakeholders Weigh In On Proposed COPPA Rule Update

March 14, 2024 By Karen Sanzaro and Hyun Jai Oh

The Federal Trade Commission (FTC) received over 270 comments to its notice of proposed rulemaking (NPRM) for the amendments to the Children’s Online Privacy Protection Rule (COPPA Rule) during the public comment period that ended on March 11, 2024. The NPRM reflects the FTC’s continued effort to modernize the COPPA Rule, which implements the Children’s […]

Washington AG’s Office Updates FAQs for My Health My Data Act

January 24, 2024 By Dorian Simmons and Hyun Jai Oh

The Office of the Attorney General of Washington (the “AG”) has updated the Frequently Asked Questions (the “FAQs”) for the Washington My Health My Data Act (the “Act” or “Washington Act”) to provide guidance on the AG’s position concerning whether businesses must publish standalone consumer health data privacy policies under the Act. The update, first […]