Q1 2025 Security Trends Report
Below are links to items presented. State Sponsored Breaches and Embedding: Phishing, Spear-Phishing, Whaling, Vishing, Quishing, and Smishing Password Hacking, Account Takeovers and MFA bypass: …
Tag Incident Response
April 5, 2025
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
March 29, 2025
(For a video version of my introductory comments, click here.) Hello all, This has been an interesting week with the variety of severe vulnerabilities reported, and the types and numbers of breached or compromised organizations, some of which are massive.…
March 22, 2025
(For a video version of the introduction below, click here) Hello all, Unlike last week’s patch-release frenzy, things dropped back to our normal harried pace this week. We did receive warnings about some pretty nasty defects from the likes of…
March 8, 2025
(Click here for a video version of the introduction) Hello all, Microsoft continued to have some sporadic issues this past week, but nowhere near as widespread as they had the prior weekend. Hopefully, by the time this makes it to…
February 22, 2025
(For a video version of the introduction below, go to my LinkedIn post.) Hello all, This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of…
February 8, 2025
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent.…
February 1, 2025
(Select here for a video version of my opening commentary) Hello all, Unless your system administrators programmed your web and email filters to block it, the news of the week has been DeepSeek AI, the gains and pitfalls of this…
January 4, 2024
Hello all, Wow, 2025! It seems surreal that we are now a quarter of a century into the new millennium. But here we are. I vividly remember the Y2K hysteria of two and a half decades ago. And lest you…
December 21, 2024
Hello all, Despite the upcoming winter break, the news does not sleep. There was a lot of activity in the prior week that was interesting, disturbing, and some was even delighting. So, let’s get to the cyber news. As usual,…
December 14, 2024
Hello all, Patch Tuesday didn’t disappoint this past week. Hundreds of flaws, defects, and vulnerabilities had fixes proffered by their respective vendors and developers as holiday gifts to already overworked defenders. According to Tenable, Microsoft alone has lobbed 1,009 security…
November 30, 2024
Hello all, The Internet killed Black Friday for me! (For those of you not based in the USA, Black Friday is a huge shopping day right after the Thanksgiving Day holiday). I used to collect newspaper fliers, circle store opening…