720-891-1663

AMD Has a Problem – And So May You

Here is the short version. AMD partner Asus disclosed a microcode bug before AMD has a patch developed. They posted a beta BIOS update that has since been removed. Remember that the BIOS gets loaded before the operating system, so any OS security tools are likely useless in blocking this. The good news is that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Patching is Hard; Procrastinating is Dangerous

A week after Fortinet announced a patch for a zero-day, there are still thousands of systems worldwide vulnerable. A week ago Shadowserver identified 52,000 networks at risk. Now that is down to 48,000 and change. In other words, not much patching is going on even though the media has been sounding the alarm all week. […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Homeland Security Nominee Bashes CISA, Says it Should be Smaller, More Nimble

Conceptually, that is hard to argue with. But, as businesses of all sizes and government agencies at all levels are being hacked daily, is the ‘less is more’ philosophy correct. One thing she went after is CISA’s work on misinformation and disinformation. This is a frequent complaint of some right wingers and to some extent, […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Bites for January 17, 2025

Is TikTok for Sale? Maybe! Mark Cuban says the number being floated around is more than $300 billion. It is unclear if this is for TikTok US or TikTok worldwide. And maybe Musk might buy it. Given how well he did with his purchase of Twitter, if he does buy it for $300 billion, Cuban […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Washington is Very Busy Before Jan 20th

It is interesting how “productive” the folks in DC can be when they want to. But I ask what have you been doing for the last four years. Getting my whining out of the way, there is a lot of stuff happening in this last week of the outgoing administration. The Federal Trade Commission handed […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Cybersecurity 2025 is no Better Than Cybersecurity 20**

We are definitely starting with a bang. First Apple patched a flaw that affects the system integrity of macOS. Using a third-party kernel extension Microsoft discovered a vulnerability in Apple’s System Integrity Protection, a feature that if functioning correctly, will reduce the risk from operations that affect system integrity. The flaw could enable hackers to […]

Continue reading → [DISPLAY_ACURAX_ICONS]