According to Security Week’s recent article, “Stolen Logins Are Fueling Everything from Ransomware to Nation-State Cyberattacks,” cybersecurity firm Ontinue’s 2H 2025 Threat Intelligence Report, showcases that “Attackers aren’t breaking in anymore, they’re logging in.”
According to Ontinue’s Report, in the second half of 2025, “identity became the primary attack surface.” This means…
California Governor Gavin Newsom issued a new executive order aimed at tightening California’s procurement rules for artificial intelligence (AI) vendors and “raising the bar” for companies that want to sell AI tools to the state. The administration says the goal is to ensure contractors meet strong standards and can demonstrate responsible policies that prevent misuse,…
Minnesota Governor Tim Walz issued an emergency executive order on April 7, 2026, dispatching the Minnesota National Guard after Winona County requested assistance following a cyber attack disrupting its “critical systems and digital services.” The attack occurred on April 6, 2026, and is “significantly impairing the county’s ability to deliver vital emergency and municipal services.”…
While California’s wiretapping statute, the California Invasion of Privacy Act (CIPA), tends to dominate the conversation about the recent rise in wiretapping litigation, plaintiffs are also turning to other states’ wiretapping laws to target web tracking and session-replay tools. The U.S. Court of Appeals for the Third Circuit recently held that a website visitor could…
Critical infrastructure operators at the water treatment plant in Minot, North Dakota, were forced to resort to manual processes when its Supervisory Control and Data Acquisition (SCADA) system became inoperable as a result of a March 14, 2026, ransomware attack. The attackers are unidentified, but it comes in the wake of the war in Iran,…
Iran has always been a formidable cyber threat to the United States, but after the war in Iran commenced, the attacks are coming frequently and in full force. According to the Joint Cybersecurity Advisory issued on April 7, 2026, by the FBI, CISA, NSA, EPA, DOE, and Cyber Command, Iranian-based hackers are targeting operational technology…
Carfax, Inc. faced an early loss in a closely-watched privacy case under the federal Driver’s Privacy Protection Act (DPPA), after a judge in Maryland refused to throw out a proposed class action alleging the company sold drivers’ personal information sourced from crash and vehicle records. The plaintiff alleges that Carfax obtained his DPPA-protected personal information…
According to Security.org, “every 4.9 seconds, someone becomes a victim of identity theft in the United States” and the Federal Trade Commission receives over 6.4 million reports of identity theft and fraud every year.
Identity theft incidents continue to climb, with the average amount lost reaching $400 per person. The highest number of cases are…
Mandiant recently issued its M-Trends 2026 Report, a must read for all cybersecurity professionals. The report provides several conclusions and insights, including that both nation states and run of the mill financially motivated threat actors are “integrating AI to accelerate the attack lifecycle.” These threat actors are “increasingly relying on large language models (LLMs) as…
On March 20, 2026, Oklahoma Governor Kevin Stitt signed into law Enrolled Senate Bill No. 546, a comprehensive privacy law that will go into effect on January 1, 2027—this makes Oklahoma the 21st state to enact a comprehensive privacy law. The bill follows the common model used in many state privacy statutes: it grants…
