1. ShinyHunters Exploit Oracle PeopleSoft Zero-Day to Breach Universities (CVE-2026-35273) A critical, unauthenticated remote code execution flaw (CVSS 9.8) in Oracle PeopleSoft PeopleTools was exploited in the wild as a zero-day between May 27 and June 9, roughly two weeks before Oracle’s out-of-band advisory. Mandiant attributed the campaign to the financially motivated group UNC6240 (ShinyHunters), […]
Incident Response: How to Survive Ransomware
Incident response (IR): iAn organization’s structured approach to detecting, managing, and recovering from cybersecurity threats and data breaches aims to limit attack damage, minimize business disruption, and prevent future incidents. The owner of a family-run building supply company in a Kentucky town of about nine thousand got to the store a little before seven. She […]
A Virtual Security Chief (vCISO) You Can Actually Afford
What is a virtual vCISO is, and why it may be the smartest line item a small organization adds this year A few months ago, I sat across the table in the break room from the owner of a family-run manufacturing shop in central Kentucky. He had forty employees, a payroll system, a customer database, […]
MFA Prompt Bombing: What It Is, Why It Works, and How to Stop It
MFA prompt bombing is a growing threat, but multifactor authentication remains one of your best defenses. Here is what changed and what to do about it. In September 2022, a contractor working for Uber got a notification on his phone. Then another. Then another. Forty push notifications in thirty minutes, each one asking him to […]
IoT Security: The Device You Forgot Is the One That Gets You Hacked
Why do you need to worry about IoT security? Your office is full of computers you never think about, and that’s a problem. Yes, IoT security is a real thing. Last month, a county clerk in central Kentucky called our office with a problem. Her building’s HVAC system had been acting up for weeks, cycling […]
Cyber Security Spring Cleaning: 10 Quick Things You Can Do to Stay Cyber Safe
He didn’t think he was taking about Cyber Security, but he gave me a good idea for cyber security. A hardware store owner in Danville told me last week that he spends one Saturday every April cleaning out his shop, tossing the stuff that piled up over winter, fixing the door latch he kept meaning […]