Framing the WISP as a strategic risk control Beyond compliance, accountants need a WISP to systematically manage cyber risk, protect client data, and insulate their…

In one of the most striking cybersecurity headlines of 2025, a teenager has been arrested over his alleged role in a high-impact cyberattack on MGM…

What happened: a software “poisoning” attack on NPM In early September 2025, security researchers uncovered a coordinated attack on the NPM ecosystem — the central…

Reports in September 2025 indicated that U.S. Immigration and Customs Enforcement (ICE) has reactivated a $2 million contract with Israeli spyware firm Paragon Solutions, granting…

What is CVE-2025-53770? CVE-2025-53770 is a critical security vulnerability in Microsoft’s on-premises SharePoint Server family. Trend Micro+3NVD+3Microsoft+3 The flaw allows an attacker to run arbitrary…

Radiology Associates of Richmond (RAR), a prominent medical imaging provider in Virginia, recently confirmed a significant cybersecurity incident that exposed sensitive personal and health information…

Cybersecurity outlet Cybernews announced the exposure of 16 billion login credentials collected from 30 datasets, claiming this was one of the largest credential compilations ever…

In June 2025, Erie Indemnity Company (doing business as Erie Insurance) abruptly disclosed a serious information security incident that knocked core systems offline, impacted customer…

In October 2024, Oklahoma City Abstract & Title Co. (OCA) disclosed that it had experienced a data security incident affecting personal and sensitive records. The…

Why accountants are legally required to maintain a WISP If you operate as a tax professional or CPA, you aren’t just “encouraged” to have a…

How the Attack Happened (What We Know So Far) On February 27, 2024, an unknown actor is believed to have exfiltrated files from VeriSource Services’…

The class action settlement in Pan v. Atlas Real Estate Group, LLC has officially extended its claim deadline to May 28, 2025, giving affected individuals…

In February 2025, plaintiff Andrew Willoughby filed a class action in Virginia federal court alleging that Capital One’s failure to secure its systems exposed thousands…

Incident Timeline & Disclosure On March 25, 2025, Atlas CPAs & Advisors PLLC (“Atlas”) filed a data breach notice with the Massachusetts Attorney General, acknowledging…

A strong training program can protect your business from attacks. Here are five key steps to create an effective cybersecurity training plan Start with a…

We want to alert you to a new scam targeting business owners like you. Fraudsters are sending physical ransom letters in the mail, claiming to…

There are reports of a potential ChatGPT data breach where millions of login credentials may have been leaked. While OpenAI is investigating, it’s a good…

WISP maintenance: not “set and forget” Many firms treat WISP as a startup task — write it, store it, forget it. That’s a trap. The…

While you and your team enjoy the productivity benefits of AI tools like ChatGPT, Perplexity and NotebookLM… Cyber criminals are using AI to hack into…

That is, done by humans. Data entry in excel sheets, and the like. A little bit of automation can buy back your team’s time. 20+…