🧐 MTC/🚨 BOLO - Court Filing Systems Under Siege: The Cybersecurity Crisis Every Lawyer Must Address!

/ The Tech-Savvy Lawyer.Page/

🔐 The Uncomfortable Truth About Court Filing Security 📊

Federal court filing systems are under attack! Are your client’s information protected?!

The federal judiciary's electronic case management system (CM/ECF) and PACER have been described as "unsustainable due to cyber risks". This isn't hyperbole – it's the official assessment from federal court officials who acknowledge that these systems, which legal professionals use daily for document uploads and case management, face "unrelenting security threats of extraordinary gravity".

Recent breaches have exposed sealed court documents, including confidential informant identities, arrest warrants, and national security information. Russian state-linked actors are suspected in these intrusions, which exploited security flaws that have been known since 2020. The attacks were described by one federal judiciary insider as being like "taking candy from a baby".

Human Error: The Persistent Vulnerability 🎯

Programs like #ILTACON2025’s "Anatomy of a Cyberattack" demonstrations that draw packed conference rooms highlight a critical truth: 50% of law firms now identify phishing as their top security threat, surpassing ransomware for the first time. This shift signals that cybercriminals have evolved from automated malware to sophisticated human-operated attacks that exploit our psychological weaknesses rather than just technical ones.

Consider these sobering statistics: 29% of law firms experienced security breaches in 2023, with 49% of data breaches involving stolen credentials. Most concerning is that only 58% of law firms provide regular cybersecurity training to employees, leaving the majority vulnerable to the very human errors that sophisticated attackers are designed to exploit.

What Lawyers Must Do Immediately 🛡️

Model rules require lawyers be aware of electronic court filing “insecurities”!

First, acknowledge that your court filings are not secure by default. The federal court system has implemented emergency procedures that require highly sensitive documents to be filed on paper or on secure devices, rather than through electronic systems. This should serve as a wake-up call about the vulnerabilities inherent in digital filing processes.

Second, implement multi-factor authentication everywhere. Despite its critical importance, 77% of law firms still don't use two-factor authentication. The federal courts only began requiring this basic security measure in May 2025 – decades after the technology became standard elsewhere.

Third, encrypt everything. Only half of law firms use file encryption, and just 40% employ email encryption. Given that legal professionals handle some of society's most sensitive information, these numbers represent a profound failure of professional responsibility.

Beyond Basic Defenses 🔍

Credential stuffing attacks exploit password reuse across platforms. When professionals use the same password for their court filing accounts and personal services, a breach anywhere becomes a breach everywhere. Implement unique, complex passwords for all systems, supported by password managers.

Cloud misconfiguration presents another critical vulnerability. Many law firms assume their technology providers have enabled security features by default, but the reality is that two-factor authentication and other protections often require explicit activation. Don't assume – verify and enable every available security feature.

Third-party vendor risks cannot be ignored. Only 35% of law firms have formal policies for managing vendor cybersecurity risks, yet these partnerships often provide attackers with indirect access to sensitive systems.

The Compliance Imperative 📋

The regulatory landscape is tightening rapidly. SEC rules now require public companies to disclose material cybersecurity incidents within four business days. While this doesn't directly apply to all law firms, it signals the direction of regulatory expectations. Client trust and professional liability exposure make cybersecurity failures increasingly expensive propositions.

Recent class-action lawsuits against law firms for inadequate data protection demonstrate that clients are no longer accepting security failures as inevitable business risks. The average cost of a legal industry data breach reached $7.13 million in 2020, making prevention significantly more cost-effective than remediation.

Final Thoughts: A Call to Professional Action ⚖️

Lawyers are a first-line defender of their client’s protected information.

The cybersecurity sessions are standing room only because lawyers are finally recognizing what cybersecurity professionals have known for years: the threat landscape has fundamentally changed. Nation-state actors, organized crime groups, and sophisticated cybercriminals view law firms as high-value targets containing treasure troves of confidential information.

The federal court system's acknowledgment that its filing systems require complete overhaul should prompt every legal professional to audit their own digital security practices. If the federal judiciary, with its vast resources and expertise, struggles with these challenges, individual practitioners and firms face even greater risks.

The legal profession's ethical obligations to protect client confidentiality extend into the digital realm. See ABA Model Rules 1.1, 1.1(8), and 1.6. This isn't about becoming cybersecurity experts – it's about implementing reasonable safeguards commensurate with the risks we face. When human error remains the biggest vulnerability, the solution lies in better training, stronger systems, and a cultural shift that treats cybersecurity as a core professional competency rather than an optional technical consideration.

The standing-room-only cybersecurity sessions reflect a profession in transition. The question isn't whether lawyers need to take cybersecurity seriously – recent breaches have answered that definitively. The question is whether we'll act before the next breach makes the decision for us. 🚨

🚨 BOLO CYBERSECURITY ALERT: LunaSpy Android Spyware Threatens All Users—Protect Your Law Practice Now!

/ The Tech-Savvy Lawyer.Page/

Android users must be aware of potential threats to their data!

CRITICAL THREAT ALERT 🚨 A sophisticated new Android spyware campaign dubbed LunaSpy has been active since February 2025, broadly targeting Android users via messaging apps—anyone installing its fake “antivirus” could be compromised, including legal professionals. LunaSpy spreads through Telegram, WhatsApp, Signal, and other platforms by sending messages like “Hi, install this program here,” tricking victims into granting extensive device permissions after fake security scans report fabricated threats.

Once installed, LunaSpy’s capabilities pose severe risks: it steals passwords from browsers and messaging apps, intercepts text messages (including two-factor codes), records audio and video via microphones and cameras, captures screen contents (e.g., client documents, case notes), and tracks real-time location (e.g., revealing meetings and court visits). Kaspersky researchers have linked over 150 command-and-control servers to LunaSpy’s global network, enabling continuous data exfiltration and remote command execution.

While any Android user is at risk, lawyers face heightened consequences if infected. A breach of attorney-client communications or privileged documents can trigger:

Immediate Action Steps for all Android-using legal professionals and their staff:

users are the first line of defense when it comes to preventing computer viruses on their tech!

  1. Audit and remove any unverified security or banking apps; restrict installations to Google Play only.

  2. Deploy Mobile Device Management (MDM): enforce app blacklists, remote wipe, and automated patching.

  3. Enable full-disk encryption and secure lock screens with complex passcodes or biometrics.

  4. Train staff on social engineering tactics—recognize unsolicited install prompts or links in messages.

  5. Use end-to-end encrypted desktop-based messaging for privileged communications, limiting mobile use.

  6. Establish an incident response plan: include immediate device quarantine, forensic analysis, and regulatory notification procedures.

LunaSpy is not a hypothetical risk—it’s actively compromising Android devices around the globe. Although the campaign targets the general public, legal professionals handling sensitive client data are particularly vulnerable to cascading professional, legal, and ethical consequences if infected. With over 150 active command servers and ongoing code enhancements, the threat will only escalate. Every day without these safeguards increases your exposure—act now to secure mobile devices, train teams, and reinforce your firm’s cybersecurity posture.

🚨 BOLO: Critical Chrome Zero-Day Security Alert for Legal Professionals 🚨

/ The Tech-Savvy Lawyer.Page/

URGENT: Chrome Zero-Day CVE-2025-6558 Impacts Law Firms

🚨

URGENT: Chrome Zero-Day CVE-2025-6558 Impacts Law Firms 🚨

Critical browser flaw affects Windows & Apple devices. Attackers escape Chrome's sandbox via malicious web pages. ACTIVELY EXPLOITED.

Lawyers its generally a good idea to keep your software up-to-date in order to prevent security risks!

🔍 WHAT THIS MEANS IN PLAIN TERMS:
Your browser normally acts like a protective barrier between dangerous websites and your computer's files. This vulnerability is like a secret door that bypasses that protection. When you visit a compromised website, even legitimate sites that have been hacked, criminals can potentially access your client files, emails, and sensitive data without you knowing. The attack happens silently in the background while you browse normally.

⚠️ ACTION REQUIRED:

  • Update Chrome to v138+ immediately

  • Update Safari on Apple devices

  • Review cybersecurity protocols

🚨Legal Risks:
✓ Client confidentiality breaches
✓ ABA ethical violations
✓ Malpractice liability
✓ Trust account exposure

Don't wait - update NOW!

BOLO: LexisNexis Data Breach: What Legal Professionals Need to Know Now—and Why All Lexis Products Deserve Scrutiny!

/ The Tech-Savvy Lawyer.Page/

LAWYERS NEED TO BE BOTH TECH-SAVVY AND Cyber-SavvY!

On December 25, 2024, LexisNexis Risk Solutions (LNRS)—a major data broker and subsidiary of LexisNexissuffered a significant data breach that exposed the personal information of over 364,000 individuals. This incident, which went undetected until April 2025, highlights urgent concerns for legal professionals who rely on LexisNexis and its related products for research, analytics, and client management.

What Happened in the LexisNexis Breach?

Attackers accessed sensitive data through a third-party software development platform (GitHub), not LexisNexis’s internal systems. The compromised information includes names, contact details, Social Security numbers, driver’s license numbers, and dates of birth. Although LexisNexis asserts that no financial or credit card data was involved and that its main systems remain secure, the breach raises red flags about the security of data handled across all Lexis-branded platforms.

Why Should You Worry About Other Lexis Products?

LexisNexis Risk Solutions is just one division under the LexisNexis and RELX umbrella, which offers a suite of legal, analytics, and data products widely used by law firms, courts, and corporate legal departments. The breach demonstrates that vulnerabilities may not be limited to one product or platform; third-party integrations, development tools, and shared infrastructure can all present risks. If you use LexisNexis for legal research, client intake, or case management, your clients’ confidential data could be at risk—even if the breach did not directly affect your specific product.

Ethical Implications: ABA Model Rules of Professional Conduct

ALL LawyerS NEED TO BE PREPARED TO FighT Data LeakS!

The American Bar Association’s Model Rules of Professional Conduct require lawyers to safeguard client information and maintain competence in technology. Rule 1.6(c) mandates that attorneys “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Rule 1.1 further obligates lawyers to keep abreast of changes in law and its practice, including the benefits and risks associated with relevant technology.

In light of the LexisNexis breach, lawyers must:

  • Assess the security of all third-party vendors, including legal research and data analytics providers.

  • Promptly notify clients if their data may have been compromised, as required by ethical and sometimes statutory obligations.

  • Implement additional safeguards, such as multi-factor authentication and regular vendor risk assessments.

  • Stay informed about ongoing investigations and legal actions stemming from the breach.

What Should Legal Professionals Do Next?

  • Review your firm’s use of LexisNexis and related products.

  • Ask vendors for updated security protocols and breach response plans.

  • Consider offering affected clients identity protection services.

  • Update internal policies to reflect heightened risks associated with third-party platforms.

The Bottom Line

The LexisNexis breach is a wake-up call for the legal profession. Even if your primary Lexis product was not directly affected, the interconnected nature of modern legal technology means your clients’ data could still be at risk. Proactive risk management and ethical vigilance are now more critical than ever.

🚨 BOLO: Android Ad Fraud Malware and Your ABA Ethical Duties – What Every Lawyer Must Know in 2025 🚨

/ The Tech-Savvy Lawyer.Page/

Defend Client Data from Malware!

The discovery of the “Kaleidoscope” ad fraud malware targeting Android devices is a wake-up call for legal professionals. This threat, which bombards users with unskippable ads and exploits app permissions, is not just an annoyance - it is a direct risk to client confidentiality, law firm operations, and compliance with the ABA Model Rules of Professional Conduct. Lawyers must recognize that cybersecurity is not optional; it is an ethical mandate under the ABA Model Rules, including Rules 1.1, 1.3, 1.4, 1.6, 5.1, and 5.3.

Why the ABA Model Rules Matter

  • Rule 1.6 (Confidentiality): Lawyers must make reasonable efforts to prevent unauthorized disclosure of client information. A compromised device can leak confidential data, violating this core duty.

  • Rule 1.1 (Competence): Competence now includes understanding and managing technological risks. Lawyers must stay abreast of threats like Kaleidoscope and take appropriate precautions.

  • Rule 1.3 (Diligence): Prompt action is required to investigate and remediate breaches, protecting client interests.

  • Rule 1.4 (Communication): Lawyers must communicate risks and safeguards to clients, including the potential for data breaches and the steps being taken to secure information.

  • Rules 5.1 & 5.3 (Supervision): Law firm leaders must ensure all personnel, including non-lawyers, adhere to cybersecurity protocols.

Practical Steps for Lawyers – Backed by Ethics and The Tech-Savvy Lawyer.Page

Lawyers: Secure Your Practice Now!

  • Download Only from Trusted Sources: Only install apps from the Google Play Store, leveraging its built-in protections. Avoid third-party stores, the main source of Kaleidoscope infections.

  • Review App Permissions: Be vigilant about apps requesting broad permissions, such as “Display over other apps.” These can enable malware to hijack your device.

  • Secure Devices: Use strong, unique passwords, enable multi-factor authentication, and encrypt devices-simple but essential steps emphasized by our blog posts on VPNs and ABA guidance.

  • Update Regularly: Keep your operating system and apps up to date to patch vulnerabilities.

  • Educate and Audit: Train your team about mobile threats and run regular security audits, as highlighted in Cybersecurity Awareness Month posts on The Tech-Savvy Lawyer.Page.

  • Incident Response: Have a plan for responding to breaches, as required by ABA Formal Opinion 483 and best practices.

  • Communicate with Clients: Discuss with clients how their information is protected and notify them promptly in the event of a breach, as required by Rule 1.4 and ABA opinions.

  • Label Confidential Communications: Mark sensitive communications as “privileged” or “confidential,” per ABA guidance.

Advanced Strategies

Lawyers need to have security measures in place to protect client data!

  • Leverage AI-Powered Security: Use advanced tools for real-time threat detection, as recommended by The Tech-Savvy Lawyer.Page.

  • VPN and Secure Networks: Avoid public Wi-Fi. But if/when you do be sure to use VPNs (see The Tech-Savvy Lawyer.Page articles on VPNs) to protect data in transit.

  • Regular Backups: Back up data to mitigate ransomware and other attacks.

By following these steps, lawyers fulfill their ethical duties, protect client data, and safeguard their practice against evolving threats like Kaleidoscope.

🚨 BOLO: Zoom Remote Access Attacks – Critical Security Alert for Legal Professionals 🚨

/ The Tech-Savvy Lawyer.Page/

Zoom Attack Exposes Lawyers to Major Cyber Risk: Why Vigilance Is Now an Ethical Imperative!

Lawyers need to be able to Spot fake Zoom invites—protect your client data now!

A sophisticated cyberattack targeting Zoom users has recently emerged, with direct implications for lawyers and legal professionals. The attack, detailed by Malwarebytes, involves a crime group dubbed ELUSIVE COMET that lures victims into Zoom meetings and tricks them into granting remote access. This enables the installation of malware and theft of sensitive data, including financial assets and confidential client information, e.g., PII.

How the Attack Works

  • Attackers pose as reputable contacts (e.g., media invitations) and set up Zoom calls.

  • During the meeting, the attacker often sends a remote control request with their camera off, disguising their screen name as “Zoom” to appear legitimate.

  • If the victim approves, the attacker gains full control of the victim’s system, installs malware, and can access files, emails, and even financial accounts.

Why Lawyers Must Be Extra Cautious

Ethical Duties Under ABA Model Rules

You need to be careful who you let into your zoom conferences!

  • Competence (Rule 1.1): Lawyers must provide competent representation, which now explicitly includes technological competence. Comment 8 to Rule 1.1 states:
    To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.

  • Confidentiality (Rule 1.6): Attorneys are ethically obligated to protect client information from unauthorized disclosure. Allowing remote access to your device can expose privileged communications, work product, and sensitive client data to malicious actors.

  • Failing to maintain technological competence or safeguard client data can result in ethical violations, malpractice claims, and reputational harm.

Best Practices to Prevent Zoom-Based Attacks

  • Never accept remote control requests from unknown or unverified participants.

  • Use Zoom via your web browser when possible, as the browser version does not support remote control, reducing risk.

  • Enable meeting passwords and waiting rooms to control access.

  • Restrict screen sharing and disable remote control features unless absolutely necessary.

  • Verify all meeting invitations-scrutinize the sender’s identity, and be wary of unsolicited requests, especially those involving media opportunities or unfamiliar contacts.

  • Keep Zoom and all security software updated to address known vulnerabilities.

  • Educate staff and colleagues about the risks and proper protocols for virtual meetings.

What to Do If You Suspect a Breach

You control access—deny hackers, defend your practice.

  • Disconnect from the internet immediately to limit further access.

  • Contact your IT or cybersecurity team and initiate your incident response plan.

  • Notify affected clients and relevant authorities as required by law and ethical rules.

  • Document the incident and steps taken for compliance and potential reporting obligations.

  • Review and update your security protocols to prevent future incidents.

Let’s be careful out there - it could cost you your job or, worse yet, your bar license if you don’t!

Happy Lawyering!!!

🚨BOLO🚨: All Gmail Users at Risk: Sophisticated Replay Attack Exploits Google Infrastructure, Posing Major Threat to Legal Professionals!

/ The Tech-Savvy Lawyer.Page/

Protect your law firm's Gmail accounts from phishing and cyberattacks.

Gmail users, especially those in the legal field, face a new, highly sophisticated phishing campaign that leverages Google’s own infrastructure to convincingly impersonate official communications and steal sensitive credentials. According to Pieter Arntz of Malewarebytes, this replay attack, first identified by Nick Johnson, lead developer of the Ethereum Name Service, demonstrates how attackers can bypass traditional security filters and trick even experienced professionals into compromising their Google accounts.

The attack begins with a realistic security alert, allegedly from Google, referencing a subpoena for account information. The email contains a link to a page hosted on sites.google.com, which is a legitimate Google domain but can be created by anyone with a Google account. The page is a near-perfect replica of the official Google support portal. Unsuspecting recipients who click “Upload additional documents” or “View case” are redirected to a fake Google sign-in page designed to harvest their credentials

What makes this campaign particularly dangerous is its use of DKIM (DomainKeys Identified Mail), an email authentication protocol. Attackers exploit DKIM by forwarding legitimate, DKIM-signed security alerts that embed the phishing message within the OAuth app name. Because the email body remains unchanged, the DKIM signature stays valid-even when replayed-allowing these phishing emails to pass through most security filters and appear authentic to recipients.

Legal professionals are prime targets because a compromised Google account can expose Gmail, Drive, Calendar, Contacts, and even third-party services accessed via Google authentication. The consequences can include identity theft, unauthorized access to confidential client information, and reputational harm.

Key Red Flags for Legal Practitioners:

Gmail phishing warning: Legal professional safeguard YOUR CLIENT’S sensitive case files online!

  • Official Google support or sign-in pages should be hosted on support.google.com or accounts.google.com, not sites.google.com.

  • Examine email headers carefully; a mismatch between the sender and the signed domain is suspicious.

  • Never click links in unsolicited emails or provide credentials on unfamiliar pages.

  • Avoid using Google or Facebook accounts to log in to other services; create dedicated accounts for each service.

The attack is repeatable and difficult to mitigate, as malicious pages on sites.google.com are hard to report and remove quickly. Google initially dismissed the issue as “Working as Intended,” but after review, it has committed to addressing the OAuth bug.

Action Steps:

  • Educate your staff about this specific phishing method.

  • Implement multi-factor authentication (MFA) on all Google accounts.

  • Regularly audit account activity and access permissions.

  • Report suspicious emails and phishing attempts to your IT or security team immediately.

Staying vigilant and following these best practices can help protect your firm’s sensitive data and maintain client trust in an evolving threat landscape.

🚨 BOLO: Critical Windows OS Update - Lawyers, Secure Your Data Now! 🛡️

/ The Tech-Savvy Lawyer.Page/

Lawyers make sure your computer’s operating system is secure and up-to-date!

Attention legal professionals: Microsoft's February 2025 Patch is crucial. This update fixes 55 security flaws, including four zero-day vulnerabilities. Two of these have been actively exploited, potentially compromising client data. One flaw allows file deletion, while another grants system privileges to attackers. Protect your practice and client information by updating immediately. The ABA Model Rules of Professional Conduct requires it! See Rule 1.1[8].

Navigate to Start > Settings > Windows Update and select "Check for Windows updates.”

Remember, maintaining technological competence is an ethical duty. Stay vigilant and prioritize cybersecurity to safeguard your legal practice. 💼🔒

🚨 BOLO: Apple's Latest Update Activates AI - Lawyers, Protect Your Clients' Data! 🚨

/ The Tech-Savvy Lawyer.Page/

Attention tech-savvy lawyers! 📱💼 Apple's recent iOS and macOS updates have automatically enabled Apple Intelligence, raising significant concerns about client confidentiality and data privacy. As legal professionals, we must remain vigilant in protecting our clients' sensitive information. Here's what you need to know:

The Stealth Activation 🕵️‍♂️

In the last 24 hours, Apple released iOS 18.3, iPadOS 18.3, and macOS Sequoia 15.3, which automatically activate Apple Intelligence on compatible devices. This AI-powered suite offers various features, including rewriting text, generating images, and summarizing emails. While these capabilities may seem enticing, they pose potential risks to client confidentiality. 🚨

Privacy Concerns 🔒

Apple claims that Apple Intelligence uses on-device processing to enhance privacy. However, the system still requires 7GB of local storage and may analyze user interactions to refine its functionality. This level of data access and analysis raises red flags for lawyers bound by ethical obligations to protect client information.

Ethical Obligations ⚖️

Check your apple setting if you want to turn off “Apple Intelligence”!

The ABA Model Rules of Professional Conduct, particularly Rule 1.6, emphasize the duty of confidentiality. This rule extends to all forms of client data, including information stored on devices or accessed remotely. As tech-savvy lawyers, we must exercise reasonable care to prevent unauthorized disclosure of client information.

Potential Risks 🚫

Using AI-powered features without fully understanding their implications could lead to inadvertent breaches of client confidentiality. As we've discussed in our previous blog post, "My Two Cents: With AI Creeping Into Our Computers, Tablets, and Smartphones, Lawyers Need to Be Diligent About The Software They Use," lawyers must be cautious about adopting new technologies without proper vetting.

Lawyers MUST maintain reasonable competency in the use of technology! 🚨 ABA MRPC 1.1 [8] 🚨

Lawyers MUST maintain reasonable competency in the use of technology! 🚨 ABA MRPC 1.1 [8] 🚨

Steps to Take 🛡️

  1. Disable Apple Intelligence: Navigate to Settings > Apple Intelligence & Siri to turn off specific features or disable the entire suite.

  2. Educate Your Team: Ensure all staff members are aware of the potential risks associated with AI-powered features.

  3. Review Privacy Policies: Carefully examine Apple's privacy policies and terms of service related to Apple Intelligence.

  4. Implement Additional Safeguards: Consider using encrypted communication tools and secure cloud storage solutions for client data.

Final Thoughts 🧐

As we navigate this rapidly evolving technological landscape, it's essential to balance innovation with ethical obligations. Lawyers can thrive as tech-savvy professionals by embracing technology to enhance their practice while safeguarding client trust. Remember, maintaining reasonable competency in the use of technology is not just advisable—it’s an ethical duty. See Comment, #8, to ABA Model Rule, #1.1.

Subscribe to The Tech-Savvy Lawyer.Page for updates on this developing situation, news on the evolving impact of AI on the practice of law. Together, we can navigate the complexities of legal technology while upholding our professional responsibilities.

Stay safe, stay informed, and stay tech-savvy! 🚀📚💻

Happy Lawyering!