🖥️ HIPAA-Covered Entity Strikes Back With Lawsuit: Landmark Case Signals New Era in Healthcare Data Protection

In a legal move that could reshape healthcare data protection standards, Molecular Testing Labs (MTL) has filed suit against its MSP following a significant data breach. The Vancouver, Washington-based laboratory discovered on March 12, 2025, that patient data had been compromised in a cyberattack on Ntirety, its Business Associate.

❓Who’s Driving Compliance?

Get ready for tomorrow’s Get NIST-y live chat as we talk to Michael Cannady from Liongard! It’s all about the myth of rollbacks, de facto enforcement, and where MSPs/vCISOs fit into the evolution of compliance. Read on to learn more, and get your questions ready for our expert panel!

🤔 Reader Poll!

🌙 Shadow IT and the Hidden Compliance Threats in the Channel

Shadow IT isn’t just an inconvenience — it’s a direct threat to compliance, security, and operational efficiency in the IT channel. By shining a light on these hidden risks and adopting proactive detection and management strategies, MSPs and IT pros can turn shadow IT from a liability into a manageable challenge.

Join us for live chat and lively compliance discussions (yes, they happen!) on our regular webinar series, GET NIST-Y!

⚠️ Threat Updates

🔴 Windows Flaw CVE-2025-24054 Actively Exploited to Steal NTLM Credentials (4/22/25)

A recently disclosed Windows vulnerability, CVE-2025-24054, is now under active exploitation, with attackers leveraging it to steal NTLM hashes and user passwords through phishing campaigns. Since March 19, threat actors have distributed malicious ZIP archives which trigger Windows Explorer to initiate an SMB authentication request to a remote server — leaking the user's NTLM hash without user interaction. » More Info

🔴 Cyberattack Disrupts City of Abilene, Texas Operations (4/22/25)

The city of Abilene, Texas, experienced a significant cyberattack beginning April 18, forcing officials to take critical systems offline to contain the incident. The attack rendered parts of the city’s internal network unresponsive and prompted immediate activation of incident response plans. While emergency services and water utilities remain operational, other online services have slowed, and restoration efforts are ongoing. » More Info

🗨️ Parting Words

“The Internet is the first thing that humanity has built that humanity doesn’t understand, the largest experiment in anarchy that we have ever had.”– Eric Schmidt (Technology Executive)

Are you a vCISO or MSP looking to streamline compliance management? We invite you to try Blacksmith, the channel’s fastest-growing tool for Compliance-as-a-Service!