Cisco scores a perfect CVSS 10 with critical flaw in its wireless system Ultra-Reliable Wireless Backhaul doesn't live up to its name Patches07 Nov 2024 | 16
NIST turns to IT consultants to clear National Vulnerability Database backlog Aims to get CVE logjam cleared by the end of FY 24 CSO03 Jun 2024 | 5
GitHub Enterprise Server patches 10-outta-10 critical hole On the bright side, someone made up to $30,000+ for finding it Patches22 May 2024 | 3
Okta October breach affected 134 orgs, biz admits Infosec in brief Plus: CVSS 4.0 is here, this week's critical vulns, and 'incident' hit loan broker promises no late fees. Generous Security06 Nov 2023 | 6
Stop what you’re doing and patch this critical Confluence flaw, warns Atlassian Risk of ‘significant data loss’ for on-prem customers Patches31 Oct 2023 | 2
Boris Johnson pleads ignorance, which just might work Infosec in brief Also: More high-profile MOVEit victims; CVSS 4.0 coming soon; and a long list of critical vulnerabilities Security17 Jul 2023 | 79
New York county still dealing with ransomware eight months after attack security in brief Also: iSpoof no more, Edmodo fined more than it can pay, UK is #1 (in CC theft), and the week's critical vulns Security29 May 2023 | 8
Google settles location tracking lawsuit for only $39.9M in brief Also, more OEM Android malware, Google's bug reports (mostly) ditch CVEs, and this week's critical vulns Security22 May 2023 | 7
Cisco squashes critical bugs in small biz switches You'll want to patch these as proof-of-concept exploit code is out there already Patches18 May 2023 |
Google adds account sync for Authenticator, without E2EE in brief Also: Your Salesforce Community site might be leaking; a new CPU side-channel; and this week's critical vunls Security01 May 2023 | 7
That 3CX supply chain attack keeps getting worse: Other vendors hit In Brief Also, Finland sentences CEO of breach company to prison (kind of), and this week's laundry list of critical vulns CSO24 Apr 2023 | 9
Update now: Google emits emergency fix for zero-day Chrome vulnerability In brief Also: Tech players spin up white hat protection, this week's critical bugs, and more Security17 Apr 2023 | 2
40% of IT security pros say they've been told not to report a data leak In Brief Plus: KFC, Pizza Hut owner spills more beans on ransomware hit... latest critical flaws... and more Cyber-crime11 Apr 2023 | 16
School principal resigns after writing $100,000 check to Elon Musk impersonator In Brief ALSO: DJI forgets the 'B' in 'BCC,' and this week's critical known exploits Security03 Apr 2023 | 90
Where are the women in cyber security? On the dark side, study suggests In Brief Also, Royal ransomware metastasizes to other critical sectors, and this week's critical vulnerabilities Security06 Mar 2023 | 44
GoDaddy joins the dots and realizes it's been under attack for three years In brief Also: Russia may legalize hacking; Oakland declares ransomware emergency; the CVEs you should know about this week Security20 Feb 2023 | 19
LockBit's Royal Mail ransom deadline flies by. No data released in brief Also: Russian wiper malware authors turn to data theft, plus this week's critical vulns Cyber-crime13 Feb 2023 | 9
That critical vulnerability might not be the first you should patch Startup Rezilion suggests enterprises should change prioritization strategies Security30 May 2022 | 5
Western Digital tells EdgeRover users to patch app again Critical vulnerability may have allowed an attacker to escalate local privileges Security21 Mar 2022 | 3
US govt: Here are another 15 security bugs under attack right now Best plug HiveNightmare if you haven't already, unless you like new admins Security11 Feb 2022 | 10
Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores Exploit, vulnerability discussion online can offer useful signals Security19 Jan 2022 | 2