January 24, 2026
Hello all, This week’s headliners have a threepeat from Cisco and Fortinet. For three weeks in a row, they’ve managed to top the list of actively exploited items needing fixes. Way to go? And there’s lots more from plenty of…
Tag Oracle
November 29, 2025
Hello all, To my United States’ audience, welcome back after a long and hopefully uneventful weekend. I pray that it was good and restful. To all of us, welcome to December. The past week seemed to be a bit quieter,…
November 22, 2025
Hello all, You’d think that there’d be a bit less chaos a whole week after Patch Tuesday. Well, you’d be wrong. On Tuesday November 18, 2025, Cloudflare botched a routine update and took down major portions of their network and…
October 25, 2025
Hello all, A popular axiom in computing circles is, “It’s always DNS.” On Monday it became painfully real for much of the internet as Amazon Web Services (AWS) US-East-1 zone fell victim to a Domain Name Service (DNS) issue and…
October 4, 2025
Hello all, This past Saturday I attended BSides St. Petersburg, Florida, not Russia. This is a local convention, aka ‘con’, that draws around 500 cyber security minded people together to network, learn, and hear from some of the most dedicated…
September 20, 2022
Hello all, Happy Fall! Another week of lots of excitement in our world of cyber defense. The biggest news is that Apple somehow lost versions 19 – 25 of their operating system, going right to version 26. And several firewall…
July 19, 2025
Hello all, What started out as a somewhat quiet week, with only one nasty item early on from Google Chrome, escalated slowly with the last few days bringing reveals of multiple critical and high-severity vulnerabilities in products by Cisco, CrushFTP,…
June 7, 2025
Hello all, With the Patch Tuesday onslaught coming next week, I was happy to see that this was another somewhat quiet week as far as vulnerabilities and zero-day reveals are concerned. Last month I was quite wrong in my prediction…
May 31, 2025
Hello all, It seemed to me that this week was mercifully quiet on the global scale, with fewer massive holes and defects being revealed. That’s not so say that dirtbags took the week off, oh no, they already have plenty…
April 12, 2025
Hello all, This past week was Patch Tuesday for Microsoft and several other vendors. Apparently feeling that it should be Patch Week instead of just one day, Juniper and VMware chose different days to unleash required fixes. There’s lots of…
April 5, 2025
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
March 29, 2025
(For a video version of my introductory comments, click here.) Hello all, This has been an interesting week with the variety of severe vulnerabilities reported, and the types and numbers of breached or compromised organizations, some of which are massive.…