Hello all, Unlike the prior week, there was a lot to report on this week, starting with a brand-new way to extract your information from wireless networks, three-year old Cisco zero-day exploit, and more. The good guys had some nice…
Hello all, With most of the nation now firmly embraced in Winter’s ferocious icy grip, including longtime bastion of warmth, Florida, now engulfed in frigid air, it is a good time to find a toasty place to sit back and…
Hello all, This week’s headliners have a threepeat from Cisco and Fortinet. For three weeks in a row, they’ve managed to top the list of actively exploited items needing fixes. Way to go? And there’s lots more from plenty of…
Hello all, As if the growing menace of the React2Shell vulnerability undergoing massive ramp-up of active attack and exploitation wasn’t enough, this past week was Patch Tuesday for the likes of Adobe, Microsoft and SAP. But wait there was more!…
Hello all, What started out as a quiet week was rudely interrupted on Wednesday by a major vulnerability reveal in React Server Components. More on that in a moment. Headline NEWS: In Ransomware, Malware, and Vulnerabilities News: In Other News…
Hello all, A popular axiom in computing circles is, “It’s always DNS.” On Monday it became painfully real for much of the internet as Amazon Web Services (AWS) US-East-1 zone fell victim to a Domain Name Service (DNS) issue and…
Hello all, This was not a good week for some of the major players in the industry. Microsoft had portions, if not their entire network, go down several times, Oracle E-Business suite came under attack, SonicWall’s recent breach got worse,…
Hello all, This past Saturday I attended BSides St. Petersburg, Florida, not Russia. This is a local convention, aka ‘con’, that draws around 500 cyber security minded people together to network, learn, and hear from some of the most dedicated…
Hello all, As we close out the first half of the year, there were a number of new vulnerability and defects revealed that need attention. We must stay diligent to remediate, patch, and mitigate these issues as they arise. On…
Hello all, Iranian cyber-criminals are among the world’s best and most effective. And with the middle eastern war now involving the United States, expect that many of these well-trained spies and thieves will become agents of chaos and destruction targeting…
Hello all, As expected, Microsoft and a cadre of other vendors unleashed updates this past week. I shouldn’t be surprised that the quantity appears to be increasing, but I am. With the concerted push for the past few years on…
Hello all, It was a busy news week with a nice smattering of good news of indictments and takedowns of threat actors and their infrastructure. Pwn2Own Berlin concluded with 29 zero-days being utilized. Some have already been patched, others are…