A new wave of AI-powered scams is targeting companies by impersonating their most trusted leaders – the CEO, the CFO, and other senior executives. Cybercriminals are now using generative AI tools to create hyper-realistic video and audio deepfakes of company executives to trick lower-level employees into handing over millions of dollars in cash, critical data, and other business assets. While these kinds of scams aren’t necessarily new, AI language and image models are making the scams increasingly effective and more prevalent, according to a recent Wall Street Journal article. The August 18, 2025, article, entitled “AI Drives Rise in CEO Impersonator Scams,” can be found here.Continue Reading The Growing Threat of AI Deepfake Attacks
SEC Charges Company Over Disclosures Concerning Ransomware Attack
On March 9, 2023, the SEC announced that it had settled charges that data management software company Blackbaud, Inc. had settled charges that the company’s cybersecurity disclosure policies and procedures violated the agency’s public company disclosure reporting requirements and that the company had made misleading disclosures about a 2020 ransomware attack that impacted more that 13,000 of its customers. The company, which neither admitted or denied the charges, agreed to a cease-and-desist order and to pay a $3 million penalty. The action, which follows a similar proceeding involving cybersecurity disclosures and procedures, highlights the agency’s focus on cybersecurity-related disclosures.Continue Reading SEC Charges Company Over Disclosures Concerning Ransomware Attack
Guest Post: OFAC Warns Against Paying Cyber Ransoms to Sanctioned Entities
Ransomware attacks are on the increase, putting the target organizations in the uncomfortable position of having to decide whether or not to pay the demanded ransom. As if that were not tough enough, an October 1, 2020 advisory statement by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) warns that companies paying ransoms under these circumstances may risk violating OFAC regulations and could be subject to penalties. In the following guest post, Bill Boeck takes a look at the OFAC advisory and its implications. Bill is Lockton’s Global Cyber Product and Claims leader and U.S. Financial Lines Claims Practice Leader. A version of this article previously was published as a Lockton client alert. I would like to thank Bill for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Bill’s article.
Continue Reading Guest Post: OFAC Warns Against Paying Cyber Ransoms to Sanctioned Entities
Guest Post: The Bitcoin Plague Spreads to Retail
In recent days, a number of leading retailers have announced that they are initiating processes to allow consumers to complete purchase transactions using bitcoin or other cryptocurrencies. In the following guest post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, takes a look at these developments in the retail industry. A version of this article originally appeared on Securities Docket. I would like to thank John for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is John’s article.
*********************Continue Reading Guest Post: The Bitcoin Plague Spreads to Retail
Guest Post: Ransomware Payment: Legality, Logistics, Mitigation, and Insurance
Readers undoubtedly are aware of the recent outbreak of ransomware incidents and the problems they present. The threat of ransomware attacks poses a host of issues, among the most significant of which is whether or not ransomware victims should go ahead and make the demanded ransomware payment as the quickest way to try to recover captured systems. In the following blog post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, takes a comprehensive look that problems involved with making payments in response to a ransomware attack. A version of this article originally appeared on CybersecurityDocket.
I would like to thank John for his willingness to publish his article on my site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit an article. Here is John’s guest post.
Continue Reading Guest Post: Ransomware Payment: Legality, Logistics, Mitigation, and Insurance