April 5, 2025
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
Tag Chrome
March 29, 2025
(For a video version of my introductory comments, click here.) Hello all, This has been an interesting week with the variety of severe vulnerabilities reported, and the types and numbers of breached or compromised organizations, some of which are massive.…
March 22, 2025
(For a video version of the introduction below, click here) Hello all, Unlike last week’s patch-release frenzy, things dropped back to our normal harried pace this week. We did receive warnings about some pretty nasty defects from the likes of…
February 8, 2025
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent.…
February 1, 2025
(Select here for a video version of my opening commentary) Hello all, Unless your system administrators programmed your web and email filters to block it, the news of the week has been DeepSeek AI, the gains and pitfalls of this…
January 25, 2025
(Select here for a video version of my opening commentary) Hello all, After Microsoft’s record-breaking number of defect and flaw patches last week, I figured that this week we’d be safe from onslaught. Was I ever wrong! Oracle decided to…
January 11, 2025
Hello all, It has been a busy news week with quite a few critical items, some of which are already being exploited. One item that jumped out at me was a report from Guru Baran, the co-founder of Cyber Security…
December 21, 2024
Hello all, Despite the upcoming winter break, the news does not sleep. There was a lot of activity in the prior week that was interesting, disturbing, and some was even delighting. So, let’s get to the cyber news. As usual,…
December 14, 2024
Hello all, Patch Tuesday didn’t disappoint this past week. Hundreds of flaws, defects, and vulnerabilities had fixes proffered by their respective vendors and developers as holiday gifts to already overworked defenders. According to Tenable, Microsoft alone has lobbed 1,009 security…
December 7, 2024
Hello all, It has been a busy week with security related news. The Chinese hack into telecommunication providers continues to dominate, with government agencies urging everyone to use encrypted messaging and communication apps and processes due to the depth and…
November 23, 2024
Hello all, I was rather pleased to notice that there are at least twelve links in this week’s edition that talk about wins by the defenders, and even some by our AI friends. Some of the larger news items to…
November 16, 2024
Hello all, Tuesday saw the monthly cavalcade of patches to fix bugs, defects and flaws from a good number of vendors. Additionally, this past week saw a significant quantity of non-scheduled warnings and updates. If you’re thinking that there seems…