Microsoft vulnerability leaves over 60,000 email servers vulnerable to Hafnium attack. CISA Advisory provides guidance on how to protect email systems.
Image Credit: Schäferle from Pixabay. ***Updated March 13, 2021 - CISA has identified seven webshells associated with this activity. This is not an all-inclusive of webshells that are being leveraged by actors. CISA recommends organizations review the following malware analysis reports (MARs) for detailed analysis of the seven webshells, along with TTPs and IOCs. AR21-072A: MAR-10328877.r1.v1: China Chopper WebshellAR21-072B: MAR-10328923.r1.v1: China Chopper WebshellAR21-072C: MAR-103291...
Virginia Governor Signs Comprehensive Data Privacy Law
Image Credit: Kjrstie from Pixabay. Following hot on the footsteps of the California Privacy Rights Act, Virginia Gov. Ralph Northam (D) signed the Consumer Data Protection Act on Tuesday, making Virginia the second state in the U.S. to pass a comprehensive data privacy law. Below, please see our comparison of the the California Consumer Privacy Act and the Virginia Consumer Data Protection Act. CCPA-VCDPA ChartDownload California Consumer Privacy Act(CCPA)California Privacy Rights Act(...
Reasonable Security: Implementing Appropriate Safeguards in the Remote Workplace
Photo by Franck on Unsplash In 2020, with large portions of the global workforce abruptly sent home indefinitely, IT departments nationwide scurried to equip workers of unprepared companies to work remotely. This presented an issue. Many businesses, particularly small businesses, barely have the minimum network defenses set up to prevent hacks and attacks in the centralized office. When suddenly everyone must become their own IT manager at home, there are even greater variances between sec...
California Privacy Rights Act | December 2020 | ISSA-LA
Permalink to video here: https://youtu.be/b1trKdnqGgw Metaverse Law recently spoke at ISSA-LA's December 2020 Virtual Chapter Meeting. The meeting occurred on Wednesday, December 16, 2020, and the topic of discussion was the new California Privacy Rights Act (CPRA). Are you ready?...
Deidentified Health Info under HIPAA: Deconstructing Dinerstein v. Google, LLC
Image Credit: DarkoStojanovic from Pixabay. HIPAA LawsuitPrivacy Compliance Health data is an increasingly fraught area of privacy. Outside of sectoral health privacy laws like HIPAA, many regulations such as the GDPR and the California Privacy Rights Act (CPRA) rightly treat health or biometric information as a sensitive or special category of data deserving of more protections than many other types of data. The amount of electronic heath data collected by companies is also increasing...
California Privacy Rights Act Highlights With Lily Li and DPO Advisor
Permalink to video here: https://vimeo.com/484360790 Mike: Hi everyone, if you've been following data privacy at all, you've probably already heard of California's new landmark privacy law, the California Consumer Privacy Act, or CCPA as it is widely known. The CCPA was the biggest data privacy shakeup in United States history. However, on November 3rd, California passed the California Privacy Rights Act or the CPRA, which adds teeth to the CCPA and further strengthens the rights for Calif...
EU-US Data Transfers After Schrems II: European Commission Publishes New Draft Standard Contractual Clauses
Image Credit: GregMontani from Pixabay. **Update: On June 4, 2021, the European Commission formally adopted the new standard contractual clauses (“SCCs”) for international personal data transfers. Businesses will have a grace period of 18 months from the effective date of the European Commission's decision to update all existing SCCs for transfers outside the European Union with the new SCCs. In the meantime, businesses will be allowed to keep using the old SCCs for “new” data transfers ov...
EU-US Data Transfers After Schrems II: European Commission Publishes New Draft Standard Contractual Clauses
**Update: On June 4, 2021, the European Commission formally adopted the new standard contractual clauses (“SCCs”) for international personal data transfers. Businesses will have a grace period of 18 months from the effective date of the European Commission’s decision to update all existing SCCs for transfers outside the European Union with the new SCCs. In the meantime, businesses will be allowed to keep using the old SCCs for “new” data transfers over a transition period of three months from t...






