Cybersecurity Information Sharing Act of 2015 Allowed to Sunset
October 8, 2025
From Covington and Burling’s Inside Privacy blog: The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provided protections for
From Covington and Burling’s Inside Privacy blog: The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provided protections for
The Wall Street Journal reports: A deluge of data-breach lawsuits has a growing number of U.S. judges insisting victims show
Alamdar Hamdani of Bracewell LLP writes: Transcript: Fifteen years ago, I was part of a DOJ team working to bring
From the U.S. Department of Justice, September 16, 2025: Fitzpatrick will be serving his prison sentence at FCI Danbury.
The Register reports that coming soon, entities in China will have only one hour from discovery to report a serious
Consumer Alerts
WIRED reports: Cybercriminals have a new way of sending millions of scam text messages to people. Typically when fraudsters send waves
Updated September 1, 2025: Google issued a warning to all Gmail users, but then responded to headlines suggesting that there
Miscellaneous News
It started with cybercrime but has expanded to real world violence. Both the FBI and the NCA have issued warnings
The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch and hunt promptly: Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14. The vulnerability allows unauthenticated attackers to execute code remotely over HTTP without user interaction. In plain terms: if your EBS environment is reachable on the network, and especially if it’s internet facing,
IT Pro reports two men have been arrested in connection with the attack on Kido schools in which individuals calling themselves Radiant Group first posted pictures, names, and details of nursery school kids and threatened to dump all 8,000, and then deleted the data and apologized. The UK’s Metropolitan Police have arrested two teenagers for the recent data breach of the Kido chain of children’s nurseries. The two men, both aged 17, were arrested yesterday in Bishop’s Stortford, Hertfordshire, as part of
Security Week reports: Red Hat on Thursday confirmed that one of its GitLab instances was hacked after a threat actor claimed to have stolen sensitive data belonging to the company and its customers. It was initially reported that the hackers had targeted a GitHub instance, but the enterprise software giant clarified that it was actually a GitLab instance, specifically one used by the Red Hat Consulting team. The hackers, calling themselves Crimson Collective, claimed to have stolen 570 Gb of
Bleeping Computer reports: ParkMobile has finally wrapped up a class action lawsuit over the platform’s 2021 data breach that hit 22 million users. But there’s a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. In-app $0.25 credit can be used 4 times! Great news! If you were affected by ParkMobile’s 2021 data breach, there’s serious money to be made: a whopping dollar. The popular
IT Pro reports two men have been arrested in connection with the attack on Kido schools in which individuals calling
Reuters reports an update on the attack on a prominent Japanese brewery: Qilin, a ransomware group with a track record
Becker’s Health IT reports: The Health Information Sharing and Analysis Center, a nonprofit organization that works to share threat intelligence, issued an
Insurance Business Magazine reports: The cyber insurance sector in 2025 is witnessing a shift in risk dynamics as large organisations
Cybernews reports: The Farmers Insurance Group is notifying 1,111,386 people that their personal information was exposed in a recent cyberattack
The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch