Does the Veterans Affairs Administration really do all it can for Veterans? I have a tale to tell about this one folks. Sophos released a report on the current state of ransomware for education, it's not encouraging. Ivanti has a bug that should be patched for mobile security customers. The FBI used a FISA database improperly, interesting. Cofense has some new data on phishing as a threat, guess what it's still a thing. And some thoughts on the 4 day rule from the SEC for disclosure of breach activity.