Is Risk Assessment a Snake-Oil Discipline?
I’ve been thinking a lot recently about the usefulness of risk assessment. A while back I had an interesting conversation...
Read more →News Archive
View All →
Hackers lurked in Treasury OCC’s systems since June 2023 breach
Unknown attackers who breached the Treasury’s Office of the Comptroller of the Currency (OCC) in June 2023 gained access to...
Read more →
WhatsApp for Windows Flaw Could Let Hackers Sneak In Malicious Files
A recent security advisory from Facebook Security highlights a spoofing vulnerability tracked as CVE-2025-30401 affecting WhatsApp for Windows. The flaw...
Read more →
Tax deadline threat: QuickBooks phishing scam exploits Google Ads
The pressure of the looming tax filing deadline (April 15th in the US) can make anyone rush online tasks. Cybercriminals...
Read more →
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
Apr 08, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has released security updates to address a critical security flaw impacting FortiSwitch...
Read more →
Performing a “Cold-Boot” Proof of Concept Without Princeton’s Bit-Unlocker
Most in the information security community have heard of the “cold-boot” attack against encryption products that was recently released by...
Read more →
Windows 10 KB5055518 update fixes random text when printing
Microsoft has released the KB5055518 cumulative update for Windows 10 22H2 and Windows 10 21H2, with nine changes or fixes....
Read more →
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
Apr 08, 2025Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon...
Read more →
EU decisions on Apple, Meta due in coming weeks
An EU decision on whether Apple and Meta have breached landmark tech rules aimed at curbing their market power will...
Read more →
A GTD Approach to Organizing and Reading Your Feeds
The fundamental problem when managing feeds is input management. Most of us simply have too many feeds to read in...
Read more →
How AI Agents can help AppSec teams keep up with AI-generated code vulnerabilities
While AppSec teams are stuck with legacy scanners and backlogs, developers and hackers have adopted AI tools to accelerate their...
Read more →
Windows 11 KB5055523 & KB5055528 cumulative updates released
Microsoft has released Windows 11 KB5055523 and KB5055528 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Today’s updates are mandatory as...
Read more →