The Truth About VPNs and the Rise of Quantum Decryption
During Risk Assessments, and working with clients, I routinely run into situations where users think everything they are doing on their laptop is confidential because they are using a VPN. After some discussion, it often turns out that they are using a browser-based VPN. That is a big problem. When users and IT think they have protection, and they are acting as if they do, this opens up a very serious gap. READ MORE...
$380M lawsuit claims intruder got Clorox's passwords from Cognizant simply by asking
Clorox is suing its service desk provider, Cognizant, for $380 million in a California state court, alleging the IT support crew "enabled a cybercriminal to gain a foothold in Clorox's network" by handing over staffers' passwords to attackers after they simply requested them. Clorox filed a complaint yesterday alleging breach of contract and negligence, among other things, and claimed Cognizant's "failures" ultimately led to a "catastrophic cyberattack" against the bleach maker in 2023. READ MORE...
3 China Nation-State Actors Target SharePoint Bugs
At least three China-backed threat groups were going after two of four newly disclosed SharePoint vulnerabilities on July 7, a day before Microsoft patched them and said there was no evidence of anyone exploiting them yet. In a July 22 blog post, Microsoft said it found that Linen Typhoon, Violet Typhoon, and Storm-2603 had in fact started using the two flaws (CVE-2025-49706 and CVE-2025-49704) as zero-days, based on its investigation into ongoing attacks on SharePoint Servers worldwide. READ MORE...
Ports are getting smarter and more hackable
A new policy brief from NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is increasingly under attack by threat actors tied to Russia, Iran, and China. These ports are essential to national economies and serve as key hubs in NATO's logistics network. Many remain under civilian control with limited integration into military cybersecurity strategies, leaving serious gaps in defence coordination. READ MORE...
Ransomware attacks in education jump 23% year over year
Ransomware attacks against schools, colleges and universities rose 23% year over year in the first half of 2025, according to a report from Comparitech, a cybersecurity and online privacy product review website. The six months saw 130 confirmed and unconfirmed ransomware attacks against educational institutions, with an average ransom demand of $556,000. Education was the fourth-most-targeted sector during the first half of 2025, behind business, government and healthcare. READ MORE...
High-Severity Flaws Patched in Chrome, Firefox
Google and Mozilla on Tuesday announced a fresh round of updates for Chrome and Firefox, including patches for several high-severity memory safety vulnerabilities. The newly announced Chrome 138 refresh is the third since the browser version was promoted to the stable channel. The previous updates Google rolled out resolved two exploited zero-days, namely CVE-2025-6558 and CVE-2025-6554. READ MORE...
Critical Vulnerabilities Patched in Sophos Firewall
Sophos this week announced the rollout of patches for five vulnerabilities in Sophos Firewall that could lead to remote code execution (RCE). The first issue, tracked as CVE-2025-6704 (CVSS score of 9.8), is a critical arbitrary file writing flaw in the Secure PDF eXchange (SPX) feature of the appliance that could allow remote, unauthenticated attackers to execute arbitrary code. The second defect, tracked as CVE-2025-7624 (CVSS score of 9.8), is an SQL injection issue. READ MORE...
Dwindling federal cyber support for critical infrastructure raises alarms
As the U.S. government prepares to decrease its cybersecurity support for critical infrastructure operators, the organizations that defend those networks are preparing for more vulnerabilities, more hacks and more damage. President Donald Trump's quest to reduce the federal role in infrastructure cyber resilience will exacerbate already alarming cybersecurity weaknesses throughout the nation's hospitals, ports, railways and other vital systems, according to industry leaders and cyber experts. READ MORE...
Humans can be tracked with unique 'fingerprint' based on how their bodies block Wi-Fi signals
Researchers in Italy have developed a way to create a biometric identifier for people based on the way the human body interferes with Wi-Fi signal propagation. The scientists claim this identifier, a pattern derived from Wi-Fi Channel State Information, can re-identify a person in other locations most of the time when a Wi-Fi signal can be measured. Observers could therefore track a person as they pass through signals sent by different Wi-Fi networks - even if they're not carrying a phone. READ MORE...
- ...in 1903, Ford Motor Company sells its very first automobile.
- ...in 1961, actor Woody Harrelson ("Cheers", "The Messenger") is born in Midland, TX.
- ...in 1962, the communications satellite Telstar relays the first publicly transmitted, live trans-Atlantic television program. featuring Walter Cronkite.
- ...in 1976, chess player Judit Polgar, who became a Grandmaster at age 15 and was the game's #1 rated woman player for over 25 years, is born in Budapest, Hungary.
