720-891-1663

Patching is Hard; Procrastinating is Dangerous

A week after Fortinet announced a patch for a zero-day, there are still thousands of systems worldwide vulnerable. A week ago Shadowserver identified 52,000 networks at risk. Now that is down to 48,000 and change. In other words, not much patching is going on even though the media has been sounding the alarm all week. […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending February 2, 2024

Myanmar Cyber Crime Bosses Handed to China You may remember that a couple of weeks ago I reported that the Myanmar government turned over control of the part of the country where Crime bosses were running various social engineering scams and human trafficking to the rebels who threatened to shut them down. Now there are […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending July 29, 2022

TSA Updates Cybersecurity Guidelines for Pipeline Operators After the Colonial Pipeline meltdown last year, TSA, who regulates pipeline cybersecurity (don’t ask), issued a set of regulations for pipeline operators to follow. Given that TSA had less than a dozen people in their cybersecurity department and zero industrial IoT expertise, it is not a surprise that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security Vendors Say Azure Takes Months to Fix Bugs

The cloud is not magic. Nor does it fix all vulnerabilities. Cases in point. Two security vendors are accusing Microsoft of unnecessarily putting customers’ data at risk. The vendors, Orca Security and Tenable, are not bit players with a grudge, so you have to, at least, listen to them. According to the source: In a […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Think the Cloud’s Not Secure? On-Prem Probably Worse

Security company Imperva says that almost all companies have internal databases with known vulnerabilities. The average vulnerable database has 26 publicly disclosed flaws. More than half of them are rated Critical or high severity. They collected this data over the past FIVE YEARS. While being internal does make it slightly harder for the hackers to […]

Continue reading → [DISPLAY_ACURAX_ICONS]