Hello all, What started out as a somewhat quiet week, with only one nasty item early on from Google Chrome, escalated slowly with the last few days bringing reveals of multiple critical and high-severity vulnerabilities in products by Cisco, CrushFTP,…
Hello all, Wow, another Patch Tuesday for the records! Microsoft offered up fixes for 137 flaws, with at least one zero-day in the mix. Adobe patched 58 vulnerabilities across multiple products, Ivanti plugged more holes, Fortinet patched just about everything…
Hello all, As we close out the first half of the year, there were a number of new vulnerability and defects revealed that need attention. We must stay diligent to remediate, patch, and mitigate these issues as they arise. On…
Hello all, It was a busy news week with a nice smattering of good news of indictments and takedowns of threat actors and their infrastructure. Pwn2Own Berlin concluded with 29 zero-days being utilized. Some have already been patched, others are…
Hello all, After a slow start to the week, we closed it out with a few very serious vulnerabilities made public by Cisco, SonicWall, and Ubiquiti. This coming week is Patch Tuesday and if historic numbers are a valid guide,…
Hello all, This past week was Patch Tuesday for Microsoft and several other vendors. Apparently feeling that it should be Patch Week instead of just one day, Juniper and VMware chose different days to unleash required fixes. There’s lots of…
(For a video version of my introductory comments, click here.) Hello all, This has been an interesting week with the variety of severe vulnerabilities reported, and the types and numbers of breached or compromised organizations, some of which are massive.…
(For a video version of the introduction below, click here) Hello all, Unlike last week’s patch-release frenzy, things dropped back to our normal harried pace this week. We did receive warnings about some pretty nasty defects from the likes of…
(For a video version of the introduction below, click here) Hello all, Patch Tuesday from Microsoft and others came in with the March winds and left us a bit of a mess. Microsoft has six zero-days and six critical updates.…
(Select here for a video version of my introductory comments from below) Hello all, Patch Tuesday came in with only a small bang this month with 4 zero days, two of which are under active exploitation, and 55 flaws. A…
(For a video of the introduction below, click here) Hello all, Last week didn’t bring us too many surprises. DeepSeek’s AI model is proving to be effective, but their security and AI guardrails have been demonstrated to be practically nonexistent.…
(Select here for a video version of my opening commentary) Hello all, Unless your system administrators programmed your web and email filters to block it, the news of the week has been DeepSeek AI, the gains and pitfalls of this…