Hello all, Unlike the prior week, there was a lot to report on this week, starting with a brand-new way to extract your information from wireless networks, three-year old Cisco zero-day exploit, and more. The good guys had some nice…
Hello all, Last week I excoriated Amazon for their spectacular day-long failure. This past week, Microsoft decided it was their turn and because of a self-inflicted Domain Name System (DNS) issue, major portions of their network were inaccessible. At least…
Hello all, This past Saturday I attended BSides St. Petersburg, Florida, not Russia. This is a local convention, aka ‘con’, that draws around 500 cyber security minded people together to network, learn, and hear from some of the most dedicated…
Hello all, This past week was Patch Tuesday for Microsoft and a number of other vendors, when as usual, dozens and dozens of vulnerabilities and defects were announced. The clock is now ticking for threat actors to exploit them before…
Hello all, Last week I warned about a new zero-day in Microsoft SharePoint on-premises that had just become public knowledge. It escalated quickly, not necessarily with threat actor activity, but with news articles and cyber professionals everywhere urging action. With…
Hello all, What started out as a somewhat quiet week, with only one nasty item early on from Google Chrome, escalated slowly with the last few days bringing reveals of multiple critical and high-severity vulnerabilities in products by Cisco, CrushFTP,…
Hello all, Wow, another Patch Tuesday for the records! Microsoft offered up fixes for 137 flaws, with at least one zero-day in the mix. Adobe patched 58 vulnerabilities across multiple products, Ivanti plugged more holes, Fortinet patched just about everything…
Hello all, The United States of America turned 249 on Friday. Hopefully, all of our US based readers still have all of their digits and have recovered most of their hearing from the celebratory fireworks, both public and private. Speaking…
Hello all, It seemed to me that this week was mercifully quiet on the global scale, with fewer massive holes and defects being revealed. That’s not so say that dirtbags took the week off, oh no, they already have plenty…
Hello all, It was a busy news week with a nice smattering of good news of indictments and takedowns of threat actors and their infrastructure. Pwn2Own Berlin concluded with 29 zero-days being utilized. Some have already been patched, others are…
Hello all, Along with the usual Microsoft Patch Tuesday scramble, this week brought an explosion of updates and vulnerability reveals from a lot of other vendors and products, ranging from ASUS to VMware – almost to Z. Headline NEWS: In…
Hello all, After a slow start to the week, we closed it out with a few very serious vulnerabilities made public by Cisco, SonicWall, and Ubiquiti. This coming week is Patch Tuesday and if historic numbers are a valid guide,…