Steve Zurier

Cisco patches 48 bugs across firewall products; notes two more SD-WAN flaws exploited

• network-security
• patchconfiguration-management
• threat-intelligence
• threat-management
• vulnerability-management

Cisco patches 48 bugs across firewall products; notes two more SD-WAN flaws exploited

Steve Zurier March 5, 2026

Internet-facing edge devices are now major targets for attackers as the war in the Middle East unfolds....

Read More Read more about Cisco patches 48 bugs across firewall products; notes two more SD-WAN flaws exploited

VMware Aria Operations flaw added to list of exploited vulnerabilities

• patchconfiguration-management
• threat-intelligence
• threat-management
• vulnerability-management

VMware Aria Operations flaw added to list of exploited vulnerabilities

Steve Zurier March 4, 2026

Broadcom patched the flaw on Feb. 24, but CISA added VMware vulnerability after exploitation.

Read More Read more about VMware Aria Operations flaw added to list of exploited vulnerabilities

Ransomware attack exposes 1.2 million University of Hawaii Cancer Center records

• malware
• Privacy
• ransomware

Ransomware attack exposes 1.2 million University of Hawaii Cancer Center records

Steve Zurier March 3, 2026

Information included Social Security, driver's license and voter records dating to the 1990s.

Read More Read more about Ransomware attack exposes 1.2 million University of Hawaii Cancer Center records

Iran cyberattacks likely in expanding conflict, experts say

• threat-intelligence
• threat-management

Iran cyberattacks likely in expanding conflict, experts say

Steve Zurier March 2, 2026

Security pros say critical infrastructure in the U.S. and Israel are potential targets.

Read More Read more about Iran cyberattacks likely in expanding conflict, experts say

UAT-10027 targets US education, healthcare sectors via DOH technique

• malware
• network-security
• ransomware
• security-operations
• soc

UAT-10027 targets US education, healthcare sectors via DOH technique

Steve Zurier February 27, 2026

Once the threat actor establishes persistence, it can return and expanding access.

Read More Read more about UAT-10027 targets US education, healthcare sectors via DOH technique

Five Eyes warn teams to patch Cisco Catalyst SD-WAN controllers

• network-security
• patchconfiguration-management
• threat-intelligence
• threat-management
• vulnerability-management

Five Eyes warn teams to patch Cisco Catalyst SD-WAN controllers

Steve Zurier February 26, 2026

By exploiting one Cisco SD-WAN controller, attackers can push policy changes to every corner of the enterprise....

Read More Read more about Five Eyes warn teams to patch Cisco Catalyst SD-WAN controllers

Google disrupts decade-long China-linked UNC2814 espionage campaign

• ransomware
• threat-intelligence
• threat-management

Google disrupts decade-long China-linked UNC2814 espionage campaign

Steve Zurier February 25, 2026

GTIG points out that this campaign had no overlaps with other PRC activities, such as Salt Typhoon....

Read More Read more about Google disrupts decade-long China-linked UNC2814 espionage campaign

North Korea’s Lazarus Group targets US, Middle East healthcare sectors

• identity
• malware
• ransomware
• threat-intelligence
• threat-management

North Korea’s Lazarus Group targets US, Middle East healthcare sectors

Steve Zurier February 24, 2026

Threat actor focuses on identity-based attacks followed by a ransomware drop.

Read More Read more about North Korea’s Lazarus Group targets US, Middle East healthcare sectors

Threat group leverages LLMs to compromise 600 FortiGate firewalls

• identity
• ssomfa
• threat-intelligence
• threat-management

Threat group leverages LLMs to compromise 600 FortiGate firewalls

Steve Zurier February 23, 2026

Amazon Threat Intelligence said the attacks happened over five weeks in 55 countries.

Read More Read more about Threat group leverages LLMs to compromise 600 FortiGate firewalls