April 5, 2025
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
Tag Breach
March 29, 2025
(For a video version of my introductory comments, click here.) Hello all, This has been an interesting week with the variety of severe vulnerabilities reported, and the types and numbers of breached or compromised organizations, some of which are massive.…
March 22, 2025
(For a video version of the introduction below, click here) Hello all, Unlike last week’s patch-release frenzy, things dropped back to our normal harried pace this week. We did receive warnings about some pretty nasty defects from the likes of…
March 15, 2025
(For a video version of the introduction below, click here) Hello all, Patch Tuesday from Microsoft and others came in with the March winds and left us a bit of a mess. Microsoft has six zero-days and six critical updates.…
March 8, 2025
(Click here for a video version of the introduction) Hello all, Microsoft continued to have some sporadic issues this past week, but nowhere near as widespread as they had the prior weekend. Hopefully, by the time this makes it to…
February 22, 2025
(For a video version of the introduction below, go to my LinkedIn post.) Hello all, This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of…
February 15, 2025
(Select here for a video version of my introductory comments from below) Hello all, Patch Tuesday came in with only a small bang this month with 4 zero days, two of which are under active exploitation, and 55 flaws. A…
February 8, 2025
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent.…
January 18, 2025
Hello all, Last week I wrote about the unbelievable onslaught of CVEs that we must deal with. This week Microsoft hit us with the largest list of defect updates since 2017! Other vendors that are on the same patch cadence…
January 11, 2025
Hello all, It has been a busy news week with quite a few critical items, some of which are already being exploited. One item that jumped out at me was a report from Guru Baran, the co-founder of Cyber Security…
January 4, 2024
Hello all, Wow, 2025! It seems surreal that we are now a quarter of a century into the new millennium. But here we are. I vividly remember the Y2K hysteria of two and a half decades ago. And lest you…
December 21, 2024
Hello all, Despite the upcoming winter break, the news does not sleep. There was a lot of activity in the prior week that was interesting, disturbing, and some was even delighting. So, let’s get to the cyber news. As usual,…