Hello all, Another week, another Cisco headline about a zero-day, which was then eclipsed, by Fortinet with multiple products needing immediate patching due to critical defects. And of course, there’s Microsoft and the cadre of vendors that published fixes and…
Hello all, Christmas has passed, and the New Year is just around the corner. Based on what I’ve seen, It seems that threat actors and pen testers may have taken a bit of time off. There was significantly less news…
Hello all, It was a busy week for cyber vulnerabilities. Microsoft and a host of others unleashed their Patch Tuesday lists, CISA alerted on Adobe and F5, and Fortinet plugged severe holes, as did Ivanti and Veeam. Headline NEWS: In…
Hello all, This past week was busy, even into the weekend, with reports of hundreds of companies compromised via Salesloft Drift, Microsoft being forced to reroute traffic stemming from several Red Sea cables being cut, Google dodging a bullet in…
Hello all, The unofficial end of summer is here – Labor Day – observed by the United States and Canada, and nothing is different in the world of cyber security. Evil people are still perpetrating their vile crimes, earning themselves…
Hello all, Perhaps it is because I’m becoming jaded to all of the incessant histrionics about the latest new zero-day vulnerability, and the patches needed to fix flaws, and threat actors scoring big yet again; but there wasn’t much that…
Hello all, I knew it would be a busy week since it was Patch Tuesday, but I didn’t know it would be this busy. Hundreds of new vulnerabilities were reported that need evaluation, prioritization, and remediation. Some of the reveals…
Hello all, Most of last week was quiet with a steady rumble of Microsoft sourced phishing emails growing in popularity, and then toward the latter part of the week Arctic Wolf and Huntress warned about a concerning increase in successful…
Hello all, Last week I warned about a new zero-day in Microsoft SharePoint on-premises that had just become public knowledge. It escalated quickly, not necessarily with threat actor activity, but with news articles and cyber professionals everywhere urging action. With…
Hello all, What started out as a somewhat quiet week, with only one nasty item early on from Google Chrome, escalated slowly with the last few days bringing reveals of multiple critical and high-severity vulnerabilities in products by Cisco, CrushFTP,…
Hello all, The United States of America turned 249 on Friday. Hopefully, all of our US based readers still have all of their digits and have recovered most of their hearing from the celebratory fireworks, both public and private. Speaking…
Hello all, It seemed to me that this week was mercifully quiet on the global scale, with fewer massive holes and defects being revealed. That’s not so say that dirtbags took the week off, oh no, they already have plenty…