Tech manufacturers must eliminate default passwords, says cyberdefense agency CISA
Cybersecurity best practices can't rely on decisions by single users or organizations
Use Rust or C#, abandon C++: Five Eyes agencies warn about memory safety in programming languages
Software developers need to step up their secure-by-design game, and fast
The US, UK and 16 other countries sign agreement for safe AI development
The potential for AI to turn rogue is a major concern among developers and lawmakers
US cyberdefense agencies NSA and CISA disclose top 10 security misconfigurations
Common misconfigurations provide cyber-criminals with easy access and exploitability opportunities
AVrecon botnet operated unnoticed for two years, infecting 70,000 Linux-based routers
The malicious network craftily avoided detection for two years at least
Buffer overflow-type memory bugs remain the most dangerous vulnerabilities out there
Everyone likes to write outside proper memory addresses, the US government says
US government is providing more time to certify software security
Vendors and federal agencies will have to comply with the new certification rules, eventually
Hackers used legitimate remote help-desk tools to scam multiple US federal agencies
Widespread campaign tricked federal employees into "refunding" bad actors fake charges
CISA joins the NSA in advising legacy Windows users to patch against BlueKeep vulnerability
BlueKeep could lead to another WannaCry-like attack
