pfSense switches to Linux (April Fools?), Flipper panic in Oz, Tales from the Krypt, Funding to secure the Internet, Abusing SSH on Windows, Blinding EDR, more hotel hacking, Quantum Bleed, and more!

Cloudflare announced that users of its Application Security Advanced offering will receive an improved web application firewall designed to defend applications that run large language models.

U.S. defense industry were noted by the National Security Agency to have been targeted by intrusions leveraging vulnerabilities impacting Ivanti Connect Secure VPN appliances.

CISA urged enterprises to weigh the risks of continued use of previously compromised Ivanti VPN appliances.

For the second time this year, U.S. authorities neutralize a botnet of SOHO routers run by nation-state threat actors.

In the Security News: Bricked Xmas, If you can hack a wrench, PixieFail and disclosure woes, exposing Bigpanzi (more Android supply chain issues, 20 years of OpenWRT, Jamming, traffic lights, and batteries don’t work that well in the extreme cold. All that and more on this episode of Paul’s Security Weekly!

The Exploit Prediction Scoring System is Awesome, or so some say, Reflections on InfoSec, Why some people don’t trust science, SSH-Snake, Back in the Driver’s seat, I Hacked My Internet Service Provider, States & Congress wrestle with cybersecurity, Combining AI with human brain cells, analyzing linux-firmware, detecting BLE SPAM, and The I in...

Understanding how CyberRatings, NaaS, and SASE combine to make network security easier to buy and deploy. MEF is an industry association, providing standards, certifications, and facilitating community discussions. MEF has teamed up with CyberRatings.org to establish a certification program for SASE services, making it easier for buyers to understa...