September 20, 2022
Hello all, Happy Fall! Another week of lots of excitement in our world of cyber defense. The biggest news is that Apple somehow lost versions 19 – 25 of their operating system, going right to version 26. And several firewall…
Tag CISA
September 13, 2025
Hello all, This past week was Patch Tuesday for Microsoft and a number of other vendors, when as usual, dozens and dozens of vulnerabilities and defects were announced. The clock is now ticking for threat actors to exploit them before…
September 6, 2025
Hello all, This past week was busy, even into the weekend, with reports of hundreds of companies compromised via Salesloft Drift, Microsoft being forced to reroute traffic stemming from several Red Sea cables being cut, Google dodging a bullet in…
August 30, 2025
Hello all, The unofficial end of summer is here – Labor Day – observed by the United States and Canada, and nothing is different in the world of cyber security. Evil people are still perpetrating their vile crimes, earning themselves…
August 23, 2025
Hello all, Perhaps it is because I’m becoming jaded to all of the incessant histrionics about the latest new zero-day vulnerability, and the patches needed to fix flaws, and threat actors scoring big yet again; but there wasn’t much that…
August 16, 2025
Hello all, I knew it would be a busy week since it was Patch Tuesday, but I didn’t know it would be this busy. Hundreds of new vulnerabilities were reported that need evaluation, prioritization, and remediation. Some of the reveals…
August 9, 2025
Hello all, Hacker Summer Camp in Las Vegas has now concluded. There were quite a few new vulnerabilities and security gaps revealed, along with a nice quantity of new and interesting products. Expect that the next couple of weeks will…
July 26, 2025
Hello all, Last week I warned about a new zero-day in Microsoft SharePoint on-premises that had just become public knowledge. It escalated quickly, not necessarily with threat actor activity, but with news articles and cyber professionals everywhere urging action. With…
July 12, 2025
Hello all, Wow, another Patch Tuesday for the records! Microsoft offered up fixes for 137 flaws, with at least one zero-day in the mix. Adobe patched 58 vulnerabilities across multiple products, Ivanti plugged more holes, Fortinet patched just about everything…
June 28, 2025
Hello all, As we close out the first half of the year, there were a number of new vulnerability and defects revealed that need attention. We must stay diligent to remediate, patch, and mitigate these issues as they arise. On…
June 21, 2025
Hello all, Iranian cyber-criminals are among the world’s best and most effective. And with the middle eastern war now involving the United States, expect that many of these well-trained spies and thieves will become agents of chaos and destruction targeting…
June 14, 2025
Hello all, As expected, Microsoft and a cadre of other vendors unleashed updates this past week. I shouldn’t be surprised that the quantity appears to be increasing, but I am. With the concerted push for the past few years on…