Hello all, For those of you in the Northern Hemisphere, Winter starts tomorrow! And it is also the shortest day of the year. Now if your system clocks rely on the National Institute of Standards (NIST) timeservers located in Boulder, Colorado, then your day is 4.8 microseconds longer than the rest…
Hello all, As if the growing menace of the React2Shell vulnerability undergoing massive ramp-up of active attack and exploitation wasn’t enough, this past week was Patch Tuesday for the likes of Adobe, Microsoft and SAP. But wait there was more! Apple, Apache, Fortinet, Google, Ivanti and WatchGuard all had items come…
Hello all, What started out as a quiet week was rudely interrupted on Wednesday by a major vulnerability reveal in React Server Components. More on that in a moment. Headline NEWS: In Ransomware, Malware, and Vulnerabilities News: In Other News Events of Note and Interest: Musings: The amount of AI agentic…
Hello all, To my United States’ audience, welcome back after a long and hopefully uneventful weekend. I pray that it was good and restful. To all of us, welcome to December. The past week seemed to be a bit quieter, thankfully. However, there was still plenty of news to report on…
Hello all, You’d think that there’d be a bit less chaos a whole week after Patch Tuesday. Well, you’d be wrong. On Tuesday November 18, 2025, Cloudflare botched a routine update and took down major portions of their network and as a result a large swath of the internet. One of…
Hello all, This week had so many critical and high value vulnerabilities that it didn’t make sense to list them all in the headline news section, so make sure that you check out the full list of links to see if something that you support is impacted. Microsoft patched 63 defects,…
Hello All, I’ve been on vacation this week and away from the studio, so this video is going to be quite different from the usual report. Here are some notable items from last week to be aware of. And there’s lots more at the full listing of links below. Make sure…
Hello all, Last week I excoriated Amazon for their spectacular day-long failure. This past week, Microsoft decided it was their turn and because of a self-inflicted Domain Name System (DNS) issue, major portions of their network were inaccessible. At least they were kind enough to wait until Wednesday, unlike AWS which…
Hello all, A popular axiom in computing circles is, “It’s always DNS.” On Monday it became painfully real for much of the internet as Amazon Web Services (AWS) US-East-1 zone fell victim to a Domain Name Service (DNS) issue and took much of the internet down with it. Admins and consumers…
Hello all, It was a busy week for cyber vulnerabilities. Microsoft and a host of others unleashed their Patch Tuesday lists, CISA alerted on Adobe and F5, and Fortinet plugged severe holes, as did Ivanti and Veeam. Headline NEWS: In Ransomware, Malware, and Vulnerabilities News: In Other News Events of Note…
Hello all, This was not a good week for some of the major players in the industry. Microsoft had portions, if not their entire network, go down several times, Oracle E-Business suite came under attack, SonicWall’s recent breach got worse, Salesforce extortion is astronomic, and dozens of other high-profile companies were…
Hello all, This past Saturday I attended BSides St. Petersburg, Florida, not Russia. This is a local convention, aka ‘con’, that draws around 500 cyber security minded people together to network, learn, and hear from some of the most dedicated and brilliant minds in our industry. I’m blessed to live in…