Hello all, Iranian cyber-criminals are among the world’s best and most effective. And with the middle eastern war now involving the United States, expect that many of these well-trained spies and thieves will become agents of chaos and destruction targeting…
Hello all, As expected, Microsoft and a cadre of other vendors unleashed updates this past week. I shouldn’t be surprised that the quantity appears to be increasing, but I am. With the concerted push for the past few years on…
Hello all, Last week was “World Password Week”. However, this year many tech giants chose, to replace “password” with “passkey”. In fact, on what was World Password Day, Microsoft announced that all new Microsoft accounts will now be passwordless, use…
Hello all, I was expecting a quieter week, but I was surprised by how many serious vulnerabilities were revealed, and about the drama surrounding MITRE and their CVE contract, spawning at least two new numbering authority prospects in response. I…
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
(Click here for a video version of the introduction) Hello all, Microsoft continued to have some sporadic issues this past week, but nowhere near as widespread as they had the prior weekend. Hopefully, by the time this makes it to…
For a video version of the introduction below, click here. Hello all, This past Saturday, much of the world experienced Microsoft service disruptions. Big Redmond has now restored services, blaming the failure on a code change saying that they’ve “reverted…
(For a video version of the introduction below, go to my LinkedIn post.) Hello all, This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of…
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent.…
(Select here for a video version of my opening commentary) Hello all, After Microsoft’s record-breaking number of defect and flaw patches last week, I figured that this week we’d be safe from onslaught. Was I ever wrong! Oracle decided to…
Hello all, It has been a busy news week with quite a few critical items, some of which are already being exploited. One item that jumped out at me was a report from Guru Baran, the co-founder of Cyber Security…
Hello all, Patch Tuesday didn’t disappoint this past week. Hundreds of flaws, defects, and vulnerabilities had fixes proffered by their respective vendors and developers as holiday gifts to already overworked defenders. According to Tenable, Microsoft alone has lobbed 1,009 security…