March 28, 2026
Hello all, Whether it was because threat actors were attending RSAC in San Francisco this week, or because those that would be reporting cyber-attacks and such a were away, there seemed to me to be a lower number of reports…
Tag Exfiltration
March 14, 2026
Hello all, Last week I’d noted that I was surprised that there had been no evident cyber-retaliatory attacks by Iranian threat actors. Welp, on Wednesday a threat group named Handala claimed a successful attack on Stryker, a USA based global…
March 7, 2026
Hello all, What a difference one week can make! Top of mind for many is the Iran conflict and the implications as it relates to cyber warfare. In a surprising first, Chairman of the Joint Chiefs of Staff, General…
February 28, 2026
Hello all, Unlike the prior week, there was a lot to report on this week, starting with a brand-new way to extract your information from wireless networks, three-year old Cisco zero-day exploit, and more. The good guys had some nice…
February 21, 2026
Hello all, This week was somewhat light with almost no pants-of-fire alerts. There was one that needs quick attention, a Google Chrome zero-day that’s under active attack, and there were several CISA alerts that should be prioritized due to ongoing…
February 7, 2026
Hello all, The week started out rather ordinary with the usual level of malevolence and chaos inflicted on the world by cybercriminals, along with the usual proclamations of falling skies due to AI. And then my system got hit with…
January 31, 2026
Hello all, With most of the nation now firmly embraced in Winter’s ferocious icy grip, including longtime bastion of warmth, Florida, now engulfed in frigid air, it is a good time to find a toasty place to sit back and…
January 24, 2026
Hello all, This week’s headliners have a threepeat from Cisco and Fortinet. For three weeks in a row, they’ve managed to top the list of actively exploited items needing fixes. Way to go? And there’s lots more from plenty of…
January 3, 2026
Hello all, Welcome to 2026. So far it has been relatively quiet, unless you’re using a specific brand of Chinese network equipment, or SmarterMail. Otherwise, it has been a steady stream of new malware, exploits, and breaches to start the…
December 27, 2025
Hello all, Christmas has passed, and the New Year is just around the corner. Based on what I’ve seen, It seems that threat actors and pen testers may have taken a bit of time off. There was significantly less news…
December 20, 2025
Hello all, For those of you in the Northern Hemisphere, Winter starts tomorrow! And it is also the shortest day of the year. Now if your system clocks rely on the National Institute of Standards (NIST) timeservers located in Boulder,…
December 13, 2025
Hello all, As if the growing menace of the React2Shell vulnerability undergoing massive ramp-up of active attack and exploitation wasn’t enough, this past week was Patch Tuesday for the likes of Adobe, Microsoft and SAP. But wait there was more!…