Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.
The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.
NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage.
Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.
A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
The software giant found no evidence that attackers gained extensive access to services or customer data.
Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.
Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.
If past cyberattacks are any indication, success begets imitation. In the wake of last week's hack of Florida water utility, other water utilities and users of remote desktop software would be wise to shore up defenses, experts say.
Vulnerability disclosure started off slow but caught up by the end of the year, according to a new report.
The intrusion also shows how redundancy and detection can minimize damage and reduce impact to the population.
An open source plug-in purportedly introduced tracking and malicious download code to infect nearly 2 million users, reports say.
An international program that pays out hefty sums for the discovery of software vulnerabilities could spur greater scrutiny of applications and lead to better security.