Search Results for: ransomware

CISA Releases Warning of Destructive Malware Targeting Ukrainian Organizations

January 18, 2022 By Kim Peretti and Lance Taubin

On January 16, 2022, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a warning regarding destructive malware targeting Ukrainian organizations, including Ukrainian government agencies. The malware was found in multiple government, non-profit, and information technology organizations, all based in Ukraine. CISA’s warning comes on the heels of a separate targeted attack […]

EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR

January 10, 2022 By Paul Greaves and Wim Nauwelaerts

On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a public consultation on a draft set of guidelines in 2021. The finalized Guidelines are a practice-oriented, and case-based set of examples that leverage the experiences […]

NYDFS Issues Guidance on Multi-Factor Authentication

December 14, 2021 By Kim Peretti, Kate Hanniford and Kristen Bartolotta

The New York Department of Financial Services (NYDFS) continues to refine its position regarding the importance of and requirements regarding Multi-Factor Authentication (MFA), as evidenced most recently with the release of new guidance. This new guidance is consistent with its June guidance, in which NYDFS clarified its expectation that NYDFS-regulated covered entities subject to 500.12 […]

The Cybersecurity Incident Reporting Requirements Fail in the Latest Version of the National Defense Authorization Act

December 9, 2021 By Kim Peretti and Lance Taubin

On December 7, 2021, the House of Representatives passed the National Defense Authorization Act for Fiscal Year 2022 (NDAA), which notably excluded any cybersecurity incident reporting requirements. In September, the House approved a previous version of the bill that included a mandatory breach notification provision that would have required the Department of Homeland Security’s Cybersecurity […]

Department of Justice Announces New Cryptocurrency Enforcement Team

October 7, 2021 By Kim Peretti

by Kim Peretti and Kristen Bartolotta On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the creation of a National Cryptocurrency Enforcement Team (NCET). This team was created to tackle complex investigations and prosecutions of criminal misuses of cryptocurrency, particularly crimes committed by virtual exchanges and money laundering infrastructure actors. Because of the […]