April 26, 2025
Hello all, Surprisingly, it was a quiet week as far as major vulnerabilities and reveals are concerned. I suspect that the juicy stuff is being held back so that it can be revealed at the RSA conference that starts on…
Tag Remediation
April 19, 2025
Hello all, I was expecting a quieter week, but I was surprised by how many serious vulnerabilities were revealed, and about the drama surrounding MITRE and their CVE contract, spawning at least two new numbering authority prospects in response. I…
April 12, 2025
Hello all, This past week was Patch Tuesday for Microsoft and several other vendors. Apparently feeling that it should be Patch Week instead of just one day, Juniper and VMware chose different days to unleash required fixes. There’s lots of…
April 5, 2025
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
March 22, 2025
(For a video version of the introduction below, click here) Hello all, Unlike last week’s patch-release frenzy, things dropped back to our normal harried pace this week. We did receive warnings about some pretty nasty defects from the likes of…
March 1, 2025
For a video version of the introduction below, click here. Hello all, This past Saturday, much of the world experienced Microsoft service disruptions. Big Redmond has now restored services, blaming the failure on a code change saying that they’ve “reverted…
February 22, 2025
(For a video version of the introduction below, go to my LinkedIn post.) Hello all, This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of…
February 15, 2025
(Select here for a video version of my introductory comments from below) Hello all, Patch Tuesday came in with only a small bang this month with 4 zero days, two of which are under active exploitation, and 55 flaws. A…
January 11, 2025
Hello all, It has been a busy news week with quite a few critical items, some of which are already being exploited. One item that jumped out at me was a report from Guru Baran, the co-founder of Cyber Security…
January 4, 2024
Hello all, Wow, 2025! It seems surreal that we are now a quarter of a century into the new millennium. But here we are. I vividly remember the Y2K hysteria of two and a half decades ago. And lest you…
December 28, 2024
Hello all, The end is near! No, not of the world, but of the year. And what a year it has been! There are over half a dozen links that herald and decry the past year in the cyberverse as…
December 21, 2024
Hello all, Despite the upcoming winter break, the news does not sleep. There was a lot of activity in the prior week that was interesting, disturbing, and some was even delighting. So, let’s get to the cyber news. As usual,…