NIST vulnerability bottleneck underscores fragility of software security
A sudden halt to the ranking of vulnerability severity has left government agencies and some companies without an approved source of ranking and prioritization.
CISA cyber reporting mandate faces tough road
A coalition of organizations has asked CISA to extend the public comment period on new cyberattack reporting rules proposed in response to CIRCIA.
AlphV’s bid to report its victim to the SEC could backfire
The ransomware group AlphV reported a victim to the SEC for failing to report a cybersecurity incident, placing government regulators in a precarious position.
AI’s peril and promise for policymakers and cyber defenders
At this year’s Billington Summit, experts highlighted the risks and benefits that AI poses for national security and the cybersecurity sector.
Top cyber takeaways from the Intelligence and National Security Summit
Concerns about China and generative AI dominated the cybersecurity discussions at the tenth edition of the Intelligence and National Security Alliance’s annual gathering, which drew hundreds of security professionals, spies and government experts.
Spyware vendors stagger as the U.S. and allies land a punch
The Biden administration’s executive order to restrict government use of commercial spyware put the spyware industry on notice, but experts say global collaboration will be needed to truly limit the spread of these invasive toolkits.
Fungi fallout? Ore. psilocybin data bill draws cybersecurity scrutiny
Oregon is the first U.S. state to have legalized psilocybin for adult use. However, a new bill proposing data collection from psilocybin users could expose vulnerable populations to cybersecurity and legal risks and create a template for other states to emulate.
Russia-Ukraine cyber conflict splits APT groups, raises threat level
The global cyberthreat landscape has changed since Russia’s invasion of Ukraine but not necessarily in the ways predicted.
New strategies, “soul-searching” needed to secure critical infrastructure
At this year’s S4 conference in Miami Beach, top industrial control system experts offered various solutions that could replace the increasingly obsolete security through obscurity method for protecting ICS.
Cyberthreats, AI-enabled disinformation loom over 2024 elections
Cyberthreats and AI-enabled disinformation loom over the upcoming 2024 elections