Cynthia Brumfield

A recent conflict between Rapid7 and JetBrains over how to disclose vulnerabilities was marred by blame, confusion and conflicting philosophies.

The ransomware group AlphV reported a victim to the SEC for failing to report a cybersecurity incident, placing government regulators in a precarious position.

The rise of hacktivism in a world mired in two significant wars blurs the lines between military and citizen combatants, and holding them accountable won't be easy.

Several recent incidents in the U.S. system for reporting vulnerabilities highlight the importance of accurate, comprehensive bug reports for defenders

Experts say the sensitive data law firms hold and their lagging attention to cybersecurity make them prime targets.

At this year’s Billington Summit, experts highlighted the risks and benefits that AI poses for national security and the cybersecurity sector.

The promise and threat of AI, government policy and surprising revelations about the Viasat hack were among the major takeaways from Black Hat and DEF CON.

At DEF CON, EFF security researcher Cooper Quintin discussed a mysterious group called Dark Caracal that has proven effective despite making many mistakes.

The Biden administration’s executive order to restrict government use of commercial spyware put the spyware industry on notice, but experts say global collaboration will be needed to truly limit the spread of these invasive toolkits.

Oregon is the first U.S. state to have legalized psilocybin for adult use. However, a new bill proposing data collection from psilocybin users could expose vulnerable populations to cybersecurity and legal risks and create a template for other states to emulate.

At this year’s S4 conference in Miami Beach, top industrial control system experts offered various solutions that could replace the increasingly obsolete security through obscurity method for protecting ICS.

Cyberthreats and AI-enabled disinformation loom over the upcoming 2024 elections

The country of Vanuatu is the latest victim in a string of crippling ransomware attacks on small countries this year. Experts say various motives underlie these incidents but disagree on whether this trend reflects a shift in threat actors away from well-resourced Western nations.

Back-to-back security conferences detailed the latest threats posed by malicious nation-states on the one hand and cybercriminals on the other. One takeaway is that cybercrime volumes are more massive and more persistent than the higher profile advanced persistent threats.

At the Federal Trade Commission’s annual PrivacyCon this week, a top regulator and outside experts zeroed in on digital risks posed by the nascent virtual reality industry.