(Select here for a video version of my introductory comments from below) Hello all, Patch Tuesday came in with only a small bang this month with 4 zero days, two of which are under active exploitation, and 55 flaws. A good number of other vendors also released fixes for defects in…
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent. Major AI vendors are rapidly incorporating DeepSeek’s efficiency into their own…
(Select here for a video version of my opening commentary) Hello all, Unless your system administrators programmed your web and email filters to block it, the news of the week has been DeepSeek AI, the gains and pitfalls of this seeming revolutionary model, and what it means for governments, the AI…
(Select here for a video version of my opening commentary) Hello all, After Microsoft’s record-breaking number of defect and flaw patches last week, I figured that this week we’d be safe from onslaught. Was I ever wrong! Oracle decided to grace us with their quarterly update consisting of over three hundred…
Hello all, Last week I wrote about the unbelievable onslaught of CVEs that we must deal with. This week Microsoft hit us with the largest list of defect updates since 2017! Other vendors that are on the same patch cadence didn’t disappoint either, with both Adobe and SAP proffering fixes for…
Hello all, It has been a busy news week with quite a few critical items, some of which are already being exploited. One item that jumped out at me was a report from Guru Baran, the co-founder of Cyber Security News. His article’s headline reads, 40,000+ CVEs Published In 2024, Marking…
Hello all, Wow, 2025! It seems surreal that we are now a quarter of a century into the new millennium. But here we are. I vividly remember the Y2K hysteria of two and a half decades ago. And lest you think it was mere hype, that’s not the case; it was…
Hello all, The end is near! No, not of the world, but of the year. And what a year it has been! There are over half a dozen links that herald and decry the past year in the cyberverse as it relates to security and gains made by both defenders and…
Hello all, Despite the upcoming winter break, the news does not sleep. There was a lot of activity in the prior week that was interesting, disturbing, and some was even delighting. So, let’s get to the cyber news. As usual, my commentary is followed by a plethora of links to other…
Hello all, Patch Tuesday didn’t disappoint this past week. Hundreds of flaws, defects, and vulnerabilities had fixes proffered by their respective vendors and developers as holiday gifts to already overworked defenders. According to Tenable, Microsoft alone has lobbed 1,009 security bugs at us so far this year – and the year…
Hello all, It has been a busy week with security related news. The Chinese hack into telecommunication providers continues to dominate, with government agencies urging everyone to use encrypted messaging and communication apps and processes due to the depth and breadth of ongoing Chinese espionage. Whitehouse Deputy National Security Adviser, Anne…
Hello all, The Internet killed Black Friday for me! (For those of you not based in the USA, Black Friday is a huge shopping day right after the Thanksgiving Day holiday). I used to collect newspaper fliers, circle store opening times, plan my driving route, map out where my quarry was…