Hello all, It was a busy news week with a nice smattering of good news of indictments and takedowns of threat actors and their infrastructure. Pwn2Own Berlin concluded with 29 zero-days being utilized. Some have already been patched, others are…
Hello all, After a slow start to the week, we closed it out with a few very serious vulnerabilities made public by Cisco, SonicWall, and Ubiquiti. This coming week is Patch Tuesday and if historic numbers are a valid guide,…
Hello all, Surprisingly, it was a quiet week as far as major vulnerabilities and reveals are concerned. I suspect that the juicy stuff is being held back so that it can be revealed at the RSA conference that starts on…
Hello all, I was expecting a quieter week, but I was surprised by how many serious vulnerabilities were revealed, and about the drama surrounding MITRE and their CVE contract, spawning at least two new numbering authority prospects in response. I…
(For a video version of the introduction below, click here) Hello all, Patch Tuesday from Microsoft and others came in with the March winds and left us a bit of a mess. Microsoft has six zero-days and six critical updates.…
(Click here for a video version of the introduction) Hello all, Microsoft continued to have some sporadic issues this past week, but nowhere near as widespread as they had the prior weekend. Hopefully, by the time this makes it to…
(Select here for a video version of my opening commentary) Hello all, After Microsoft’s record-breaking number of defect and flaw patches last week, I figured that this week we’d be safe from onslaught. Was I ever wrong! Oracle decided to…
Hello all, Last week I wrote about the unbelievable onslaught of CVEs that we must deal with. This week Microsoft hit us with the largest list of defect updates since 2017! Other vendors that are on the same patch cadence…
Hello all, Patch Tuesday didn’t disappoint this past week. Hundreds of flaws, defects, and vulnerabilities had fixes proffered by their respective vendors and developers as holiday gifts to already overworked defenders. According to Tenable, Microsoft alone has lobbed 1,009 security…
Hello all, The Internet killed Black Friday for me! (For those of you not based in the USA, Black Friday is a huge shopping day right after the Thanksgiving Day holiday). I used to collect newspaper fliers, circle store opening…
Hello all, I was rather pleased to notice that there are at least twelve links in this week’s edition that talk about wins by the defenders, and even some by our AI friends. Some of the larger news items to…
Hello all, This past week has some nice wins from the cyber-defenders; 41 arrests of evil people, with more coming, over 22,000 malicious servers taken offline, the person responsible for the Snowflake breach behind bars, and scores of Nigerian scammers…