Hello all, Along with the usual Microsoft Patch Tuesday scramble, this week brought an explosion of updates and vulnerability reveals from a lot of other vendors and products, ranging from ASUS to VMware – almost to Z. Headline NEWS: In…
Hello all, Last week was “World Password Week”. However, this year many tech giants chose, to replace “password” with “passkey”. In fact, on what was World Password Day, Microsoft announced that all new Microsoft accounts will now be passwordless, use…
Hello all, I was expecting a quieter week, but I was surprised by how many serious vulnerabilities were revealed, and about the drama surrounding MITRE and their CVE contract, spawning at least two new numbering authority prospects in response. I…
Hello all, This past week was Patch Tuesday for Microsoft and several other vendors. Apparently feeling that it should be Patch Week instead of just one day, Juniper and VMware chose different days to unleash required fixes. There’s lots of…
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
(For a video version of the introduction below, click here) Hello all, Patch Tuesday from Microsoft and others came in with the March winds and left us a bit of a mess. Microsoft has six zero-days and six critical updates.…
(Click here for a video version of the introduction) Hello all, Microsoft continued to have some sporadic issues this past week, but nowhere near as widespread as they had the prior weekend. Hopefully, by the time this makes it to…
(For a video version of the introduction below, go to my LinkedIn post.) Hello all, This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of…
(Select here for a video version of my introductory comments from below) Hello all, Patch Tuesday came in with only a small bang this month with 4 zero days, two of which are under active exploitation, and 55 flaws. A…
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent.…
(Select here for a video version of my opening commentary) Hello all, Unless your system administrators programmed your web and email filters to block it, the news of the week has been DeepSeek AI, the gains and pitfalls of this…
Hello all, Patch Tuesday didn’t disappoint this past week. Hundreds of flaws, defects, and vulnerabilities had fixes proffered by their respective vendors and developers as holiday gifts to already overworked defenders. According to Tenable, Microsoft alone has lobbed 1,009 security…