Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
Category: Commentaries and Analyses
Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals
Joseph J. Lazzarotti of JacksonLewis writes: In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to better prepare for and respond to data security incidents. The recommendation reflects a growing recognition across professional…
Chinese Ghost Hackers Hit Hospitals And Factories In America And U.K.
Davey Winder reports: There are two types of scumbag in the cybercrime world: those who pick on vulnerable individuals to perpetrate their fraud, and those who target healthcare in search of illicit financial gains. The latter are, thankfully, much rarer than the former. However, hospitals have been on the ransomware and hacking radar before now,…
Breaches Within Breaches: Contractual Obligations After a Security Incident
Roma Patel writes: We often cover consumer class action complaints against companies regarding the privacy and security of personal information. However, litigation can also arise from alleged breach of contract between two companies. This week, we will analyze a medical diagnostic testing laboratory’s April 2025 complaint against its managed services provider for its alleged failure…
Former CISA director Chris Krebs vows to fight back against Trump-ordered federal investigation
Zack Whittaker reports: Former top Trump cybersecurity official Chris Krebs told The Wall Street Journal in an interview on Wednesday that he vowed to fight back against a federal investigation ordered into him by President Trump. Krebs said in the interview that he will resign from his position at cybersecurity firm SentinelOne in order to challenge the federal investigation, which…
CISA warns of increased breach risks following Oracle Cloud leak
Sergiu Gatlan reports: On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. CISA said, “the nature of the reported activity presents potential risk to organizations and individuals, particularly where credential material may be exposed, reused across separate,…