Hello all, It has been another busy week. The biggest headline news item is that my birthday is on Sunday. No, actually it is the Instructure Canvas hack by Shiny Hunters. These dirtbags managed to download a massive trove of data from nearly 9,000 schools. This hit right as students…
Hello all, Another week, and another report replete with vulnerabilities, bugs, fails, defects, holes, exfiltration, compromises, phishing, breaches, hacking and exploitation. Of course there are also plenty of links to articles about patches, fixes, takedowns, arrests, sentencing, and legislation, all related to cyber security and our digital world. Artificial intelligence continues…
Hello all, While there were plenty of cyber related news articles to read this week, there weren’t many new major vulnerability announcements. But there were a few. Google patched for two high-risk defects, Microsoft had to release an emergency update for .NET for Windows, Linux, and macOS, and Oracle blessed us…
Hello all, Since the month started on Wednesday, it has seemed like a long time since there was a major release of patches and updates. Never fear, your wait is over! Adobe, Apache, Cisco, Microsoft, PHP, SAP, Splunk and more released updates to fix holes, defects, and vulnerabilities this past…
Hello all, Artemis II splashed down on Friday off the US Pacific coast after making a successful orbit around the moon – very cool! In the world of cyber, Anthropic’s latest AI, Claude Mythos, continues to rattle experts and tantalize evil people worldwide with its unprecedented ability to find and exploit…
Hello all, I wish you a Happy Easter and Passover. I pray that it is a peaceful and enjoyable one. If you’ve been affected by the Iran conflict, I truly feel for you. There have been some serious cyber disruptions this past week with Iran damaging Amazon and Oracle datacenters in…
Hello all, Whether it was because threat actors were attending RSAC in San Francisco this week, or because those that would be reporting cyber-attacks and such a were away, there seemed to me to be a lower number of reports of vulnerabilities and successful attacks. If it was due to RSAC,…
Hello all, The Iran war is still dominating the news, but surprisingly, after the successful attack on Stryker Corporation, there have been no reports of other large-scale successful cyber-attacks attributed to Iranian threat actors. That’s not to say they haven’t tried, a Nuclear Reactor in Poland was apparently targeted, but the…
Hello all, Last week I’d noted that I was surprised that there had been no evident cyber-retaliatory attacks by Iranian threat actors. Welp, on Wednesday a threat group named Handala claimed a successful attack on Stryker, a USA based global medical equipment company with $25.1 billion in revenue in 2025. According…
Hello all, What a difference one week can make! Top of mind for many is the Iran conflict and the implications as it relates to cyber warfare. In a surprising first, Chairman of the Joint Chiefs of Staff, General Dan Caine, openly talked about cyber operations as part of operation…
Hello all, Unlike the prior week, there was a lot to report on this week, starting with a brand-new way to extract your information from wireless networks, three-year old Cisco zero-day exploit, and more. The good guys had some nice wins with the sentencing of a dirtbag, sanctions on another, disruption…
Hello all, This week was somewhat light with almost no pants-of-fire alerts. There was one that needs quick attention, a Google Chrome zero-day that’s under active attack, and there were several CISA alerts that should be prioritized due to ongoing and accelerated threat actor activity. Headline NEWS: In Ransomware, Malware, and…