Cynthia Brumfield

Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com.

Feds seize $2.3 million in cryptocurrency wallet reportedly used in Colonial Pipeline ransomware attack

Feds seize $2.3 million in cryptocurrency wallet reportedly used in Colonial Pipeline ransomware attack

The successful seizure could encourage other victims to better cooperate with federal agencies and cause ransomware gangs to rethink their operations.

TSA’s pipeline cybersecurity directive is just a first step experts say

TSA’s pipeline cybersecurity directive is just a first step experts say

The new, hastily announced security directive requires US pipeline companies to appoint a cybersecurity coordinator and report possible breaches within 12 hours.

How the post-pandemic world will challenge CISOs

How the post-pandemic world will challenge CISOs

More permanent remote workers, requirements for protecting health data, and a more dangerous threat landscape await security teams as the COVID crisis ends.

SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing

SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing

Strong two-way communication between government and the private sector combined with a clear national breach notification policy will put a dent in cybercrime, experts say.

Biden administration releases ambitious cybersecurity executive order

Biden administration releases ambitious cybersecurity executive order

Though lacking in definitional clarity, this new executive order might be more effective than past federal efforts, especially in the wake of the Colonial Pipeline attack.

Colonial Pipeline shutdown highlights need for better OT cybersecurity practices

Colonial Pipeline shutdown highlights need for better OT cybersecurity practices

Experts weigh in on what the Colonial attack teaches critical infrastructure providers about preparation and incident response.

Task force proposes framework for combatting ransomware

Task force proposes framework for combatting ransomware

A diverse coalition of experts from business and the public sector present 48 recommendations for solving the ransomware crisis, including international cooperation and regulating cryptocurrencies.

Biden administration releases 100-day plan to address electric system cybersecurity risks

Biden administration releases 100-day plan to address electric system cybersecurity risks

The plan focuses largely on supply chain risks to the electric grid, requests input on the DOE's role in coordinating cybersecurity efforts.

US sanctions Russian government, security firms for SolarWinds breach, election interference

US sanctions Russian government, security firms for SolarWinds breach, election interference

The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.

States enact safe harbor laws against cyberattacks, but demand adoption of cybersecurity frameworks

States enact safe harbor laws against cyberattacks, but demand adoption of cybersecurity frameworks

Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.

US government calls for better information sharing in wake of SolarWinds, Exchange attacks

US government calls for better information sharing in wake of SolarWinds, Exchange attacks

The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.

Why the Microsoft Exchange Server attack isn’t going away soon

Why the Microsoft Exchange Server attack isn’t going away soon

For some victims, patching and proper forensics will be difficult, plus new threat actors are now exploiting the same Exchange Server vulnerabilities.

Virginia data protection bill signed into law

Virginia data protection bill signed into law

The state is the second in the nation to enact a consumer data protection law along the lines of the EU's GDPR. Here's what businesses need to know about Virginia's CDPA.

Cyber Diplomacy Act aims to elevate America's global cybersecurity standing

Cyber Diplomacy Act aims to elevate America's global cybersecurity standing

The new bill has bipartisan support to improve the US's ability to prevent and respond to cyberattacks and correct missteps of the Trump administration.

New York issues cyber insurance framework as ransomware, SolarWinds costs mount

New York issues cyber insurance framework as ransomware, SolarWinds costs mount

The state looks to protect one of its core industries, which is threatened by mounting and potentially "unsustainable" losses due to the SolarWinds and ransomware attacks.

Egregor ransomware group explained: And how to defend against it

Egregor ransomware group explained: And how to defend against it

Egregor is one of the most rapidly growing ransomware families. It employs "double ransom" techniques to threaten reputational damage and increase pressure to pay.

Oldsmar cyberattack raises importance of water utility assessments, training

Oldsmar cyberattack raises importance of water utility assessments, training

The attempt to poison a city's water supply by remotely accessing its ICS underscores the need for cybersecurity assistance at under-resourced critical infrastructure facilities.

Biden administration brings expertise, new attitude to cybersecurity

Biden administration brings expertise, new attitude to cybersecurity

The US president promises a reckoning for SolarWinds hackers and places cybersecurity at the top of the administration's agenda.

Sprite Spider emerging as one of the most destructive ransomware threat actors

Sprite Spider emerging as one of the most destructive ransomware threat actors

Having flown under the radar for several years, the Sprite Spider group is using a ransomware code suite that is effective and hard to detect.

Load More