American software company
POPULARITY
Categories
In Season 2, Episode 1 of The Citrix Session, XenTegra's Andy Whiteside, Bill Sutton, and Randy Price are joined by Citrix's Mathew Varghese to discuss Citrix DaaS Flex and how it's transforming desktop modernization. The conversation explores persona-based computing, simplified cloud adoption, infrastructure management, security responsibilities, and how organizations can optimize costs while delivering the right user experience for every employee. Learn how Citrix is rethinking Desktop-as-a-Service by combining managed infrastructure, intelligent workload sizing, and operational simplicity into a modern platform built for today's digital workspace.
Mike Rosado interviews Raleigh-based illustrator and designer Ian Wenstrand about his highly detailed, vibrant illustrations blending cityscapes, technology, and imaginative world-building. Wenstrand describes drawing constantly as a kid, studying studio art at University of the Cumberlands (recruited to swim), and moving from production artist retouching roles into graphic design before illustration work organically became steady freelance. He self-published a children's book inspired by artists like Graeme Base and cross-section illustrators, then gained momentum through public art opportunities including a 2018–2019 Citrix window mural and later a major Film NC tourism brochure project featuring five regional illustrations packed with 50+ movie Easter eggs. He outlines his process (two sketch phases in Procreate, then Photoshop for color), time demands, work-life balance with two kids, and the importance of tight contracts to prevent scope creep. Wenstrand shares influences (IC4 Design, Moebius, sci-fi film aesthetics), discusses collaborative "Easter egg" client input, and explains why he avoids using AI, adding an AI clause to contracts and valuing the human creative process. Host: Mike Rosado (mrcraleigh.com) (instagram.com/ekimodasor) Post Production: Max Trujillo (instagram.com/trujillomedia) Sponsors: MRC (mrcraleigh.com) and Burny Wild's (burnywilds.com)
A poisoned software package compromised OpenAI employee devices before security teams could stop it. The company behind critical Ozempic injection components has been offline for weeks after a ransomware attack. And Change Healthcare is now facing another major lawsuit tied to the 2024 breach that crippled healthcare payments nationwide. Three stories. One message: Your business is now exposed to companies you don't control. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three cyber incidents that reveal how third-party trust has become one of the biggest operational risks in business today. This Week's Cybersecurity Breakdown 1. OpenAI, TanStack & the npm Supply Chain Worm A software supply chain attack spread through trusted developer ecosystems at massive speed: 42 npm packages poisoned in six minutes Malware stole GitHub tokens, AWS credentials, and CI/CD secrets OpenAI confirmed two employee devices were compromised ChatGPT Desktop, Codex App, Codex CLI, and Atlas certificates rotated Demonstrates how modern attacks now spread through trusted development infrastructure 2. West Pharmaceutical Ransomware Attack A cyberattack against a company most people have never heard of — but nearly everyone depends on: West Pharmaceutical components are used in roughly 43 billion injectable drug deliveries annually Includes Ozempic, Wegovy, insulin pens, vaccines, and hospital injectables Systems taken offline globally after ransomware deployment Manufacturing disruptions continue weeks later 3. Allied World v. Change Healthcare — The Financial Fallout Begins The legal consequences of the Change Healthcare breach are escalating: Cyber insurer Allied World filed suit seeking more than $1 million in damages Avesis operations were disrupted for roughly 90 days Root cause traced to a low-level Citrix account with no MFA Credentials were reportedly circulating on Telegram prior to the breach The Bottom Line The modern business attack surface is no longer just your company. It's: your software vendors your healthcare clearinghouses your package repositories your pharmaceutical suppliers Every trusted relationship is now a potential point of failure. And when those companies get breached, your business absorbs the consequences. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of ransomware, supply chain attacks, AI threats, and executive-level cybersecurity strategy.
Today’s headline news for Canadian IT solution providers: Acronis has launched Cyber Frame, a new hyperconverged infrastructure (HCI) and infrastructure-as-a-service (IaaS) platform built specifically for managed service providers. The platform allows MSPs to build and deliver infrastructure services with native integration into Acronis’ cyber protection and remote monitoring and management (RMM) tools. Acronis says it is designed to give service providers an alternative to legacy virtualization and hyperscaler cost pressures, offering better margin control and options for both fully hosted and partner-hosted deployments. Citrix has introduced Citrix Platform Flex, a new persona-based secure access model intended to help organizations move away from static, one-size-fits-all IT delivery. The new platform is built to align IT resources more closely with evolving business needs, delivering secure access, managed services, and observability with more flexible and predictable pricing. It acknowledges that different worker profiles require vastly different access parameters in a modern hybrid environment. Upwind has launched its new AI Agentic Pack, adding agent-driven capabilities to its cloud security platform. The tools are designed to help security teams investigate threats, validate active exposures, and prioritize remediation, leaning into the growing industry trend of using autonomous agents to compress the window between threat discovery and response. Nerdio vice president of MSP sales Will Ominsky warned in a Redmond Channel Partner interview today that MSPs who figure out how to monetize AI by the end of 2026 will grab massive market share. He noted that partners who only experiment with AI internally—without building client-facing, revenue-generating AI practices—will be left behind in the coming wave of SMB adoption. Boomi and Red Hat have announced a strategic collaboration to deliver an integrated stack for deploying agentic AI at scale. The partnership combines Boomi’s Agentstudio with Red Hat AI, providing organizations with a framework to orchestrate AI workflows securely without losing control of their data governance or allowing cloud consumption costs to spiral. The U.S. Department of Homeland Security is reportedly scrutinizing Instructure after a massive ransomware attack disrupted its Canvas online learning platform. The breach highlights the growing vulnerability of critical SaaS infrastructure and the widespread supply chain impact when platforms are targeted during peak usage periods, such as university finals week. Canadian cybersecurity provider Plurilock has announced CAD $1.13 million in new critical services contracts. The wins reflect continued momentum for the AI-native security firm as it expands its footprint across both public and private sector environments, capitalizing on the growing need for identity-centric security. [powerpresss] Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Thursday, May 14, 2026, and here’s what’s happening in the channel today. Acronis has launched Cyber Frame, a new hyperconverged infrastructure and infrastructure-as-a-service platform built specifically for managed service providers. The launch comes at a critical time for the channel, as many service providers are actively seeking alternatives to legacy virtualization platforms following recent industry shakeups and pricing model changes. Cyber Frame allows MSPs to build and deliver infrastructure services with native, seamless integration into Acronis’ existing cyber protection and remote monitoring and management tools. Rather than dealing with the unpredictable costs of hyperscale public clouds or the complexity of managing disparate vendor stacks, MSPs can use Cyber Frame to consolidate their service delivery. Acronis says the platform is designed to give service providers significantly better margin control and simplified management. It offers flexible deployment options, allowing partners to choose between a fully hosted model managed by Acronis, or a partner-hosted deployment running on the MSP’s own hardware in their local data center. By combining compute, storage, networking, and security into a single unified platform, Acronis is positioning Cyber Frame as a way for MSPs to scale their infrastructure offerings profitably while maintaining the tight security posture that modern SMB clients demand. Citrix has introduced Citrix Platform Flex, a new persona-based secure access model intended to help organizations move away from static, one-size-fits-all IT delivery. In today’s hybrid work environment, the access requirements for a call center employee, a traveling executive, and a remote software engineer are vastly different. Citrix built Platform Flex to recognize these distinctions, allowing IT teams to align resources, security controls, and application delivery specifically to the varying needs of different worker profiles. The new platform delivers secure application access, managed services, and comprehensive observability under a model designed for more flexible and predictable pricing. By shifting away from rigid licensing structures that often force companies to over-provision resources for basic users, Citrix aims to help enterprises optimize their cloud and infrastructure spending. Platform Flex also incorporates advanced analytics and security policies that adapt in real-time based on user behavior and location. For channel partners, this persona-driven approach provides a clear framework to help enterprise customers rationalize their IT investments, simplify the management of distributed workforces, and ensure that security protocols do not impede productivity for end users who require high-performance access to specialized applications. Upwind has launched its new AI Agentic Pack, adding autonomous, agent-driven capabilities to its cloud security platform. As cloud environments grow increasingly complex and security operations centers face unprecedented alert fatigue, the cybersecurity industry is rapidly shifting toward agentic AI to help manage the load. Upwind’s new tools are specifically designed to help security teams autonomously investigate threats, validate whether theoretical vulnerabilities are actually exposed to active exploitation, and prioritize remediation efforts based on real-world risk. Instead of simply generating more alerts for human analysts to sift through, the Agentic Pack leverages artificial intelligence to actively investigate the root cause of an incident, map the attack path across cloud infrastructure, and propose actionable fixes. This launch leans heavily into the growing necessity of using autonomous agents to drastically compress the window between threat discovery and response. With malicious actors utilizing AI to accelerate their attacks, defenders require matching speed to counter them. For managed security service providers, Upwind’s agentic capabilities offer a pathway to scale their operations, handle a higher volume of telemetry without adding headcount, and provide faster threat containment for their clients. In brief: Nerdio vice president of MSP sales Will Ominsky warned in a Redmond Channel Partner interview today that MSPs who figure out how to monetize AI by the end of 2026 will grab massive market share. Boomi and Red Hat have announced a strategic collaboration to deliver an integrated stack for deploying agentic AI at scale. The U.S. Department of Homeland Security is reportedly scrutinizing Instructure after a massive ransomware attack disrupted its Canvas online learning platform. And Canadian cybersecurity provider Plurilock has announced 1.13 million dollars in new critical services contracts. Later today on in the channel, we’re talking eCrime Reports and Threat Intelligence with Camerous Tousley and Pedro Kertzman of ESET. And if you missed it yesterday, check out my conversation with Auvik’s Steve Petryschuk on the gap between MSPs’ expectation around AI, and the reality they have realized to date. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.
On the podcast this week, I cover Patch Tuesday news, a worrying Linux vulnerability, an interesting survey result about employees thoughts on selling credentials and much more! Reference Links: https://www.rorymon.com/blog/citrix-flex-platform-announced-patch-tuesday-roundup-critical-linux-zero-day/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
TeamPCP Update https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20008%20-%2026-Day%20Pause%20Ends%20with%20Three%20Concurrent%20Compromises%20%28Checkmarx%20KICS%2C%20Bitwarden%20CLI%20Cascade%2C%20xinference%20PyPI%29%2C%20CanisterSprawl%20npm%20Worm%20Identified%2C%20and%20Tier%201%20Coverage%20Returns/32926 https://socket.dev/blog/73-open-vsx-sleeper-extensions-glassworm https://checkmarx.com/blog/checkmarx-security-update-april-26/ 89 vulnerabilities in XAPI / Citrix XenServer https://shittrix.moksha.dk/#rationale Phantom RPC https://securelist.com/phantomrpc-rpc-vulnerability/119428/ Pi-Hole Vulnerability CVE-2026-41489 https://github.com/pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4 Linux Kernel Problem CVE-2026-41651 https://nvd.nist.gov/vuln/detail/CVE-2026-41651
Today’s headline news for Canadian IT solution providers: Canadian cyberattacks surge. Canadian enterprise cyberattacks jumped 80 percent over the past year, with the average organization hit by 342 incidents – up from 191 the previous year – and 52 percent reporting an actual breach, according to new research from CDW Canada and IDC. Cloud infection rates hit a record 53 percent, up from 41 percent the year before. Security spending is at a five-year high at an average 20 percent of IT budgets, yet breaches continue to climb – what CDW Canada’s CTO calls a “security maturity paradox.” Microsoft’s AI bundle overhaul lands Friday. Microsoft is launching two new products on May 1: Microsoft 365 E7, a new enterprise bundle above E5 that includes agentic AI capabilities, and Microsoft Agent 365, a packaged AI agent offering for business customers. Microsoft is also updating its Frontier Badge and Frontier Distributor partner designations to align with the new agentic AI-focused lineup. OpenAI goes channel. OpenAI has hired Colleen Kapase, a veteran channel executive with senior roles at Google Cloud, Snowflake, VMware, and Citrix, as VP of Strategic Global Partnerships. Her mandate is to build out OpenAI’s partner and reseller program, focused on its Codex AI coding agent and broader channel go-to-market models. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Monday, April 28, 2026, and here’s what’s happening in the channel today. Up first, A new report should be required reading for anyone in the Canadian IT channel selling security services. CDW Canada, in partnership with IDC, surveyed more than 700 Canadian IT and security professionals, and the numbers are stark. Cyberattacks on Canadian enterprises surged 80 percent in the past year, with the average organization recording 342 incidents – up from 191 the year before. More than half of respondents – 52 percent – reported an actual breach. Where the attacks are landing is the important detail for solution providers. Cloud infection rates hit a record 53 percent, up from 41 percent the previous year. Organizations are moving workloads to the cloud without necessarily securing them properly, and attackers have noticed. The uncomfortable wrinkle in the data: security budgets are at a five-year high, averaging 20 percent of total IT spend. More money going in, more breaches coming out. CDW Canada’s CTO describes it as a “security maturity paradox” – organizations are buying tools, but not necessarily deploying or managing them effectively. For MSPs and solution providers, that gap between investment and outcome is exactly the conversation your customers need to be having – and now there’s Canadian data to back it up. Second, If you’re a Microsoft partner, you’ve got roughly three days to get your head around some significant changes to the 365 product lineup – because new bundles are landing this Thursday, May 1st. Two things to know: Microsoft 365 E7, and Microsoft Agent 365. E7 is a new top-tier enterprise bundle that consolidates advanced security, compliance, and agentic AI capabilities into a single license tier above the existing E5. Microsoft Agent 365 is the company’s packaged answer to selling AI agents to business customers. There’s a structural channel piece attached to this as well. Microsoft is updating its Frontier Badge and Frontier Distributor designations to align with these new agentic AI products – so if you’re holding or working toward a Frontier badge, the criteria are shifting along with the launch. The practical reality: your customers are going to hear about this from Microsoft’s marketing engine very shortly, if they haven’t already, and they are going to ask you what it means for them and what it means for their bills. Thursday doesn’t leave a lot of runway, so the time to do your homework on these new SKUs is right now. And finally, One hire can tell you a lot about where a company is headed. OpenAI has brought on Colleen Kapase as Vice President of Strategic Global Partnerships, and if you’ve been in the IT channel for any length of time, that name is going to ring a bell. Kapase spent years in senior channel leadership roles at Google Cloud, Snowflake, VMware, and Citrix – consistently building partner ecosystems and go-to-market models that work through resellers and solution providers rather than around them. Her mandate at OpenAI is to build the company’s partner and channel operation, with a focus on Codex – OpenAI’s AI coding agent – and on creating what the company is calling an “epic” go-to-market model with partners. This matters because OpenAI has historically moved to market through hyperscaler partnerships and direct enterprise relationships. Bringing in someone with Kapase’s background signals a deliberate shift toward a real channel program – the kind that resellers and MSPs can actually participate in and build practices around. Whether that ultimately includes meaningful opportunities for Canadian partners remains to be seen – but the direction of travel is worth paying attention to. Later today on In The Channel, we take a look on the value of the GTIA's new Innovate Awards as a measuring stick for real, meaningful AI projects in the channel. And if you missed it on Friday, check out my interview with Erin Gertner on how the company's big Cisco 360 program update is landing one quarter after its debut. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening.
Every founder who has ever handed sales off too early has paid for it. Every single one.In this episode, John sits down with Lou Shipley, a Harvard Business School lecturer, board member, investor, and author of Unlikely Entrepreneurs, to dig into why sales is still the most misunderstood function in business, and why founders who treat it as a second-class citizen almost always fail. Lou draws from decades of experience running companies, building sales cultures from scratch, and teaching MBAs how to sell before they ever launch a product.From cold-calling encyclopedia buyers to opening Asia for Avid Technology to building the sales curriculum at HBS, Lou has lived every stage of the sales journey, and he's done it at the highest level.If you're a founder, a sales professional, or anyone trying to understand what it actually takes to build a company in the age of AI, this conversation will challenge everything you think you know about selling. Visit www.jbarrows.com and learn how you can Make It Happen.What You'll LearnWhy founders who delegate sales too early almost always failHow Lou built one of Harvard's most in-demand coursesThe cultural disdain of salesWhy sales is not about convincing anyone of anythingHow to use AI as a learning tool instead of an answer machineWhat the Guy Kawasaki GPT experiment revealedWhy curiosity is the most important professional skill in the AI eraWhat SaaS companies should be doing right nowHow to build a farm system for sales talent17 stories that prove anyone can build something worth buyingLou Shipley is a multi-time tech CEO, entrepreneur, and enterprise software leader with over 25 years of experience driving growth and innovation. He has led several successful startups through rapid expansion and acquisition, including Black Duck, WebLine (acquired by Cisco), Reflectent (acquired by Citrix), and VMTurbo. In addition to his executive leadership, Lou serves on multiple boards, teaches technology sales at Harvard Business School, and is a respected mentor, speaker, and commentator in the tech industry.Connect with Lou Shipley:Website: https://www.loushipley.com/LinkedIn: https://www.linkedin.com/in/loushipley/Grab a copy of Lou Shipley's book, “Unlikely Entrepreneurs: Wins, Losses, and Crucial Lessons on Building Great Companies,“ on Amazon: https://www.amazon.com/Unlikely-Entrepreneurs-Lou-Shipley/dp/1394345895/John Barrows is a sales trainer, speaker, and founder of JB Sales with over 25 years of experience in the industry. He has made hundreds of cold calls a week, led startups to acquisition, and trained high-performing teams at companies like Salesforce, LinkedIn, Amazon, and Okta. Through JB Sales, John focuses on practical sales execution—helping reps fill pipeline, close deals, and build trust with buyers in today's AI-driven sales environment.Connect with John Barrows:LinkedIn: https://www.linkedin.com/in/johnbarrows/ Instagram: https://www.instagram.com/johnmbarrows/TikTok: https://www.tiktok.com/@johnmbarrowsCheck out John's Membership: https://go.jbarrows.com/Join John's Newsletter: https://www.jbarrows.com/newsletter
On this episode, I cover some fallout from issues caused by the recent Windows Updates, the general availability of Server 2025 support on AVD, a story about Microsoft providing a security assist to Apple and much more! Reference Links: https://www.rorymon.com/blog/issues-with-april-windows-updates-server-2025-for-avd-new-citrix-netscaler-concerns/
We hope that you are enjoying Leaving Egypt. We would invite you to join the Leaving Egypt community on Substack by becoming a paid subscriber: https://leavingegyptpodcast.substack.com/subscribeIn this episode, Al Roxburgh and Jenny Sinclair meet Melanie Rieback. Melanie's faith journey is as unexpected as her professional journey. Her extraordinary story, from computer hacker to systems thinker, from a secular Jewish upbringing to the Catholic tradition, is filled with creativity and paradox. She incubates steward-ownership business models and loves the ancient liturgies of the Church. She is a leader in cutting-edge redemptive business and finance who reads Thomas Aquinas. She works with European governments as her life is shaped by Edith Stein. She retells parables to ground new economic ideas in ancient biblical wisdom. She builds bridges between the political left and the Christian right. Melanie is involved in an amazing journey of encountering the reality of God. The story of her conversion was told in another podcast (linked below). In this episode of Leaving Egypt, she reveals how her journey continues to unfold, including baptism into the Catholic Church. What stands out most about Melanie's vocation is that, even in a highly technical field, her primary question is: “Lord Jesus, where do you want me?” Her surrender, through moments of crisis and awakening, is to a powerful calling: to gather and empower people to create a more just world, for the sake of the other, in God's name.Dr. Melanie Rieback is a computer scientist and social entrepreneur, CEO and founder of a cybersecurity company - Radically Open Security - that gives all its profit to charity. She is also founder of a “Post Growth” startup incubator, Nonprofit Ventures. Inspired by Catholic Social Teaching, she is involved in the Francesco Collaborative where she mentors young entrepreneurs and practitioners the non-extractive business space. Formerly, Melanie was Assistant Professor of Computer Science at the Free University of Amsterdam, Senior Engineering Manager on XenClient at Citrix and head researcher in the CSIRT at ING Bank, where she spearheaded their Analysis Lab and the ING Core Threat Intelligence Project. Melanie has received many awards for her work as a woman in tech innovation. She was born in Cleveland, Ohio, raised in Florida and lives in Amsterdam. For Melanie Rieback:www.linkedin.com/in/mriebackwww.radicallyopensecurity.comwww.francescocollaborative.orgwww.francescoeconomy.orgRerum Novarum – Pope Leo XIIILaborem Exercens – John Paul IIA podcast interview with Melanie Rieback referred to in this episode An article by Melanie Rieback on steward ownership as a third way (in Dutch): https://wi.christenunie.nl/groen-2025/03-creatief-met-armoede (pdf download)Presentation on Steward Ownership by Melanie Rieback to the Pontifical Academy of Social Sciences as part of a workshop on Digital Rerum Novarum: Artificial Intelligence for Peace, Social Justice, and Integral Human Development in October 2025A series of lectures by Melanie Rieback on Post Growth Entrepreneurship at the University of AmsterdamFor Alan J Roxburgh:http://alanroxburgh.com/aboutFacebook: https://www.facebook.com/alan.roxburgh.127/Facebook: https://www.facebook.com/thecommonsnetworkBooks:Forming Communities of Hope in the Great Unravelling: Leadership in a Changing World (with Roy Searle)Joining God in the Great UnravellingLeadership, God's Agency and DisruptionsJoining God, Remaking Church, Changing the World: The New Shape of the Church in Our TimeFor Jenny Sinclair:Substack: https://t4cg.substack.com/s/from-jenny-sinclairWebsite: https://togetherforthecommongood.co.uk/from-jenny-sinclairLinkedIn: https://www.linkedin.com/in/jenny-sinclair-0589783b/Twitter: https://twitter.com/T4CGFacebook: https://www.facebook.com/TogetherForTheCommonGoodUKInstagram: https://www.instagram.com/t4cg_insta/ Get full access to Leaving Egypt at leavingegyptpodcast.substack.com/subscribe
On this episode, I cover the recent Windows Updates released for April Patch Tuesday, a lot more AI news, an update on a recent security breach at Rockstar Games, concerns for certain Citrix customers and much more! Reference Links: https://www.rorymon.com/blog/microsoft-paused-development-accounts-patch-tuesday-news-employees-admit-to-actively-sabotaging-ai/
In this episode of The Girl Dad Show, host Young Han sits down with Steve Bennet, founder and managing director of Bodega Partners, longtime startup CFO, investor, professor, and father and grandfather, for a powerful conversation on entrepreneurship, mentorship, and life after decades in Silicon Valley. With over 30 years of experience and involvement in more than 150 technology startups, Steve has seen the full spectrum of success and failure. From companies acquired by IBM, Comcast, and Citrix to ventures that didn't make it, he brings a rare perspective on what actually drives long-term success in business and in life. But this conversation goes beyond startups. Steve shares why teaching and mentoring students has become one of the most fulfilling parts of his career, how his perspective on success has evolved over time, and what it means to balance family life while navigating high-pressure roles in venture capital and entrepreneurship. He and Young dive into the realities of startup challenges, the incentives behind venture capital, and the difficult decisions founders face as they grow their companies. They also explore parenting through a long-term lens, why letting kids make mistakes matters, and how experience shapes the way we guide the next generation. This episode is about perspective. What changes after 30 years of building, investing, and teaching. And what actually matters at the end of it. ✨ All episodes of The Girl Dad Show are proudly sponsored by Thesis, helping founders go further, together.
Iranian-linked hackers warn of possible “irreparable” attacks on U.S. water systems. CISA pushes urgent fixes for a critical Citrix flaw. The Dutch Finance Ministry takes systems offline after a breach. Space Force may scrap next-gen GPS control software. Attackers exploit a Fortinet server bug. Lloyds exposes customer transaction data. AI and regulation reshape cyber careers. The FTC settles with a dating app over data sharing. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discusses Iran's shift to identity weaponization. Wikipedia wrestles with a wayward writer. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We will be sharing a series of interviews we held at RSAC 2026 over the next few weeks. Sam Rubin, SVP, Palo Alto Networks Unit 42 Consulting and Threat Intelligence, discussing Iran's shift to identity weaponization. If you enjoyed this conversation, tune in here to listen to the full conversation. Selected Reading Iranian Cyberthreats Test US Infrastructure Defenses (BankInfo Security) CISA tells federal agencies to patch Citrix NetScaler bug by Thursday (The Record) Dutch Ministry of Finance takes treasury systems offline amid cyber incident investigation (Security Affairs) After 16 years and $8 billion, the military's new GPS software still doesn't work (Ars Technica) Exploitation of Critical Fortinet FortiClient EMS Flaw Begins (SecurityWeek) Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers (Infosecurity Magazine) SANS Research: The Cybersecurity Talent Shortage Narrative Is Wrong. The Real Crisis Is Skills, and AI Just Rewrote the List. (Yahoo Finance) FTC Takes Action Against Match and OkCupid for Deceiving Users by Sharing Personal Data with Third Party (FTC) Business Briefing (N2K Pro) An AI Agent Was Banned From Creating Wikipedia Articles, Then Wrote Angry Blogs About Being Banned (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Iran-linked hackers claim a breach of the FBI director's personal email. ShinyHunters hit the European Commission. F5 and Citrix warn of actively exploited flaws. A WordPress plugin exposes hundreds of thousands of sites. Infinity Stealer targets macOS users. A Russian APT adopts a new iOS exploit kit. Treasury weighs a cyber insurance backstop. DHS clears suspended CISA staff. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. Bureaucrats bless a black-box behemoth. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We will be sharing a series of interviews we held at RSAC 2026 over the next few weeks. Today, Dave Bittner is joined by Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. AI-generated identities are turning the hiring process into a new entry point for attackers. The solution isn't spotting perfect fakes — it's building stronger identity verification into hiring. Tune into the full conversation here. Selected Reading Iran-linked hackers breach FBI director's personal email, publish photos and documents European Commission confirms data breach after Europa.eu hack Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now Critical Citrix NetScaler Vulnerability Exploited in the Wild - Infosecurity Magazine File read flaw in Smart Slider plugin impacts 500K WordPress sites New Infinity Stealer malware grabs macOS data via ClickFix lures Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit - SecurityWeek US Treasury Weighs Cyber Insurance Backstop - GovInfoSecurity DHS drops investigation into former acting CISA chief's failed polygraph exam - Nextgov/FCW Federal Cyber Experts Thought Microsoft's Cloud Was “a Pile of Shit.” They Approved It Anyway Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
TeamPCP Update #2: Telnyx PyPi Compromise https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20002%20-%20Telnyx%20PyPI%20Compromise%2C%20Vect%20Ransomware%20Mass%20Affiliate%20Program%2C%20and%20First%20Named%20Victim%20Claim/32838 Citrix Netscaler Vulnerability Details https://labs.watchtowr.com/the-sequels-are-never-as-good-but-were-still-in-pain-citrix-netscaler-cve-2026-3055-memory-overread/ macOS Clickfix Warning https://x.com/ClassicII_MrMac/status/2036797948911141129 Windows Smart Install https://textslashplain.com/2026/03/24/windows-choose-where-to-get-apps/
Russ Branzell, President and CEO of CHIME, welcomes Cletis Earle, Field CTO for Healthcare at Citrix, for a thoughtful discussion on what it takes to build resilient, high-performing digital health environments. Drawing on his experience as both a health system executive and technology strategist, Cletis shares practical insight into how organizations can better align technology investments with clinical and operational priorities. Together, they explore how healthcare leaders are modernizing legacy systems, improving workflows, and enabling secure, seamless access to critical data.Key Takeaways:How leading health systems are unlocking measurable value from technology investments to improve care delivery and workforce efficiency.Practical approaches to modernizing applications and workflows in ways that enhance both caregiver experience and patient outcomes.Strategies for balancing security, compliance, and frictionless access to clinical systems in distributed care environments.The leadership mindset required to build resilient digital infrastructures while mentoring and developing the next generation of healthcare IT leaders.
RSAC spotlights public-private partnership gaps. DarkSword leaks to GitHub. The FCC blocks new foreign-made routers. Citrix patches a critical NetScaler flaw. DOE rolls out an energy-sector cyber strategy. CanisterWorm spreads through npm. Researchers flag suspected KACE SMA exploitation. QualDerm reports a 3.1-million-record breach. A Russian access broker gets 81 months. Intern Kevin checks in from RSAC. Maria Varmazis speaks with Jake Braun, longtime DEF CON organizer and former White House official about the DEF CON 33 Hackers' Almanack. Slow down, you vibe too fast. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Maria Varmazis speaks with today's guest Jake Braun, longtime DEF CON organizer, former White House official, and lead on DEF CON Franklin, about the DEF CON 33 Hackers' Almanack. You can read more about it here. Selected Reading Public-private partnerships vital in disrupting China's Typhoons, says RSA panel with no government speakers (The Register) Someone has publicly leaked an exploit kit that can hack millions of iPhones (TechCrunch) US bans any new consumer-grade routers not made in America (The Register) Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn (SecurityWeek) DOE Sets 5-Year Plan to Harden US Grid Against Cyberattacks (GovInfo Security) New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper (Hackread) CVE-2025-32975 (Arctic Wolf) 3.1 Million Impacted by QualDerm Data Breach (SecurityWeek) Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence (The Record) This Web Tool Sabotages AI Chatbots By Making Them Really, Really Slow (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
From W-2 to BYOVD: How a Tax Search Leads to Kernel-Mode AV/EDR Kill https://www.huntress.com/blog/w2-malvertising-to-kernel-mode-edr-kill NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300 gRPC-Go Authorization bypass via missing leading slash in :path CVE-2026-33186 https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3
Filip Verloy is a technology leader with over 25 years of experience across enterprise IT, consulting, and global vendors. Currently working on securing Agentic AI for the enterprise, he brings deep expertise in API security, infrastructure, and large-scale complex environments. Before joining Rubrik, Filip served as Global Field CTO at API security startup Noname Security and held senior architecture and solutions roles at Citrix, Dell, Riverbed, and VMware. Known for his curiosity and commitment to understanding the fundamentals behind technology, Filip challenges the “illusion of knowledge” and focuses on building secure, resilient systems from first principles.00:00 Intro02:30 Our Guest05:06 Illusion of Knowledge 07:04 Unknown-Unknowns in AI09:57 Increasing the Attack Surface12:58 Risk in the Age of Agentic AI 17:56 How do you secure that data?25:00 How do we deal with IAM in this world of Agentic AI?31:22 API Security and API Access in Agentic AI39:02 How is the model of consuming surfaces over the internet going to change? 43:00 Agentic AI Governance49:25 More about Filip
Why do small business leaders keep buying more software yet still feel like they are drowning in logins, dashboards, and unfinished work? In this episode of Tech Talks Daily, I sit down with Jesse Lipson, founder and CEO of Levitate, to unpack a frustration I hear from business owners almost daily. After years of being pitched yet another tool, many leaders now spend hours each week troubleshooting software instead of serving customers. Jesse brings a grounded perspective shaped by decades of building SaaS companies, including bootstrapping ShareFile before its acquisition by Citrix, and what stood out to me immediately was how clearly he articulates where the current software model has broken down for small businesses. We talk about why adding more apps has not translated into better outcomes, especially for teams without dedicated specialists in marketing, finance, or sales. Jesse explains how traditional software often solves only part of the problem, leaving owners to become accidental experts in accounting, marketing strategy, or customer communications just to make the tools usable. From there, our conversation shifts toward what he believes will actually matter as AI adoption matures. Rather than chasing full automation or shiny new dashboards, Jesse argues that the real opportunity lies in blending intelligence with human guidance, allowing AI to work quietly behind the scenes while people remain the face of authentic relationships. A big part of our discussion centers on trust and connection in an AI-saturated world. Jesse shares why customers have become incredibly good at spotting automated communication and why relationship-based businesses cannot afford to lose the human element. We explore how AI can act as a second brain, helping business owners remember details, follow up at the right moments, and show up more thoughtfully, without crossing the line into impersonal automation that turns customers away. His examples, from marketing emails to customer support, make it clear that technology should support better relationships rather than replace them. We also look ahead to what small businesses should realistically focus on as AI evolves. Jesse offers practical guidance on getting started, from everyday use of conversational AI, to building internal documentation that allows systems to work more effectively, and eventually moving toward agent-based workflows that can take on real operational tasks. Throughout the conversation, he keeps returning to the same idea, that AI works best when it helps people become the kind of business leaders they already want to be, more present, more consistent, and more human. If you are a founder, operator, or small business leader feeling overwhelmed by tools that promise productivity but deliver friction, this episode offers a refreshing reset. As AI becomes more capable and more embedded in daily work, the real question is not how many systems you deploy, but whether they help you build stronger, more genuine relationships, so how are you choosing to use AI to support the human side of your business rather than bury it? Useful Links Connect with Jesse Lipson Connect with Jesse on X Learn more about Levitate
In this episode, we dive deep into the critical topic of self-deception and its profound impact on leadership and personal effectiveness. Mitch shares powerful insights on how self-deception can undermine our relationships and professional success, often without us even realizing it. He explains the concept of self-betrayal and how it leads to a distorted view of ourselves and others, creating unnecessary conflicts and reducing our influence as leaders. Mitch shares a valuable advice on how to rebuild trust in relationships damaged by self-deception and how to not let it happen again. Mitch is the co-author of Arbinger's latest bestseller, The Outward Mindset. He writes frequently on the practical effects of mindset at the individual and organizational levels as well as the role of leadership in transforming organizational culture and results. He is an expert on mindset and culture change, leadership, strategy, performance management, organizational turnaround, and conflict resolution. Mitch is a sought-after speaker to organizations across a range of industries, bringing his practical experience to bear for leaders of corporations, governments, and organizations across the globe. Specific clients include NASA, Citrix, Aflac, the U.S. Army and Air Force, the Treasury Executive Institute, and Intermountain Healthcare. Mitch carries his first-hand perspective as a proven leader into his speeches and facilitation, dynamically bringing Arbinger's concepts and tools to life through his powerful stories and hands-on experience. His audiences leave inspired to improve and equipped with a practical roadmap to effect immediate change. In his role as managing partner, Mitch directs the development of Arbinger's intellectual property, training and consulting programs, and highly customized large-scale organizational change initiatives. He has been instrumental in Arbinger's rapid growth, including its expanding international presence in nearly 30 countries. Mitch received his B.A. in philosophy and is a licensed nursing administrator. Trained in fine art at the Art Students League and the National Academy, he spends much of his free time painting. His work hangs in organizations nationwide. Visit Arbinger Institute here: https://arbinger.com/ Here are some free gifts for you: Overall Approach Used in Well-Managed Strategy Studies free download: www.firmsconsulting.com/OverallApproach McKinsey & BCG winning resume free download: www.firmsconsulting.com/resumepdf Enjoying this episode? Get access to sample advanced training episodes here: www.firmsconsulting.com/promo
Critical Security Flaws Patched by Cisco and Fortinet Amidst Recent Cyber Threats In this episode of Cybersecurity Today, host David Chipley covers several pressing cybersecurity issues. Cisco has patched a maximum severity zero-day vulnerability in its Async OS software, which has been exploited by a Chinese state-linked group. Fortinet has also addressed a critical vulnerability in its 40 Seam product, which is being actively exploited in the wild. The Dutch National Police are still recovering from a Citrix breach, emphasizing the need for modern infrastructure. Meanwhile, a spear-phishing campaign targeting US organizations uses Venezuela-themed lures. The episode wraps up with a discussion on a recent study revealing that training AI to produce insecure code can lead to broader problematic behaviour. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:46 Cisco Patches Critical Async OS Bug 02:26 Fortinet Vulnerability Exploited in the Wild 04:04 Dutch National Police and Aging IT Infrastructure 05:55 Spear Phishing Campaign with Venezuelan Lure 07:54 AI Writing Buggy Code: Unexpected Consequences 10:21 Conclusion and Final Thoughts
(00:00) Thuiswerksoftware van overheid zo lek als een mandje. Citrix, de thuiswerksoftware van duizenden medewerkers binnen ministeries, gemeenten en andere overheden, heeft geen beste reputatie: volgens cybersecurityexperts is het zo lek als een mandje. Zij keken er dus ook niet van op toen het Openbaar Ministerie afgelopen zomer via juist dat programma werd gehackt. Wekenlang ging het OM offline en het kampte nog maandenlang met ernstige ICT-problemen. Waar de software handig is voor medewerkers, is die ook ideaal voor hackers. Want wie eenmaal binnen is, kan bij alle vertrouwelijke informatie en kan bovendien gaan rommelen in de systemen. Waarom wordt deze software nog gebruikt? En heeft de Nederlandse overheid haar digitale beveiliging überhaupt wel op orde? (38:54) De F-35: bescherming of afhankelijkheid? Amerika is al decennialang onze grootste militaire bondgenoot. Een belangrijk symbool voor dat bondgenootschap is de Joint Strike Fighter, nu beter bekend als de F-35, het geavanceerde Amerikaanse gevechtsvliegtuig waar Nederland er inmiddels 46 van heeft. Maar sinds de herverkiezing van Donald Trump en zijn harde taal richting Europa zijn er scheuren ontstaan in de vriendschap. Sinds de recente Amerikaanse inval in Venezuela rijzen ook de reële zorgen over een inval in Groenland, Europees grondgebied. De vraag is dan ook: Was de aankoop van de F-35 wel zo'n goed idee? Wat gebeurt er als de Amerikanen op een dag niet meer aan onze kant staan - kunnen we onze straaljagers dan nog wel gebruiken? Die vragen komen aan bod in de driedelige serie F-35: Onder Trumps vleugels, die Argos voor NPO Start maakte. Regisseur Saskia Adriaens komt erover vertellen. Presentatie: Liesbeth Staats Research thuiswerksoftware: Saar Slegers Research studiogesprek: Saskia Adriaens en Maarten van den Heuvel
(00:00) Thuiswerksoftware van overheid zo lek als een mandje. Citrix, de thuiswerksoftware van duizenden medewerkers binnen ministeries, gemeenten en andere overheden, heeft geen beste reputatie: volgens cybersecurityexperts is het zo lek als een mandje. Zij keken er dus ook niet van op toen het Openbaar Ministerie afgelopen zomer via juist dat programma werd gehackt. Wekenlang ging het OM offline en het kampte nog maandenlang met ernstige ICT-problemen. Waar de software handig is voor medewerkers, is die ook ideaal voor hackers. Want wie eenmaal binnen is, kan bij alle vertrouwelijke informatie en kan bovendien gaan rommelen in de systemen. Waarom wordt deze software nog gebruikt? En heeft de Nederlandse overheid haar digitale beveiliging überhaupt wel op orde? (38:54) De F-35: bescherming of afhankelijkheid? Amerika is al decennialang onze grootste militaire bondgenoot. Een belangrijk symbool voor dat bondgenootschap is de Joint Strike Fighter, nu beter bekend als de F-35, het geavanceerde Amerikaanse gevechtsvliegtuig waar Nederland er inmiddels 46 van heeft. Maar sinds de herverkiezing van Donald Trump en zijn harde taal richting Europa zijn er scheuren ontstaan in de vriendschap. Sinds de recente Amerikaanse inval in Venezuela rijzen ook de reële zorgen over een inval in Groenland, Europees grondgebied. De vraag is dan ook: Was de aankoop van de F-35 wel zo'n goed idee? Wat gebeurt er als de Amerikanen op een dag niet meer aan onze kant staan - kunnen we onze straaljagers dan nog wel gebruiken? Die vragen komen aan bod in de driedelige serie F-35: Onder Trumps vleugels, die Argos voor NPO Start maakte. Regisseur Saskia Adriaens komt erover vertellen. Presentatie: Liesbeth Staats Research thuiswerksoftware: Saar Slegers Research studiogesprek: Saskia Adriaens en Maarten van den Heuvel
Is your company's "AI disruption" happening with you—or quietly without you… and putting your business worth at risk? If you're leading a mid-to-large company right now, you're probably feeling two pressures at the same time: move faster with AI and don't blow up the business while you do it. Because AI isn't a future trend anymore—it's already being built, tested, and used across departments, geographies, and teams (often without a single unified view). And that creates a real leadership headache: how do you scale AI for competitive advantage while still keeping guardrails in place? In this episode, Jim Schleckser talks with Pete Foley (CEO of ModelOp) about what happens when AI spreads "like wildfire" inside an organization—and how to regain control without killing momentum. You'll walk away with: A practical way to get visibility into AI across your organization so you know what models exist, what they're doing, and where the biggest risks are hiding. A framework for putting governance and guardrails in place without slowing innovation—so you can move faster than competitors and sleep at night. A clearer path to scaling AI investments into real business outcomes (revenue, cost reduction, risk control) instead of letting models sit stuck in limbo for 9–12 months. Hit play now to learn how to build AI guardrails that protect your brand and accelerate results—so you can boost business worth before the market decides who survives the disruption. Check out: [02:10] "In five years, there'll be two kinds of companies…" — Jim frames the stakes of AI disruption and why ignoring it threatens long-term survival and business worth. [10:45] The real AI bottleneck: why models take 9–12 months to reach production — Pete explains what's slowing companies down and why that pace won't survive the next wave. [23:30] The "air traffic controller" approach to AI governance — visibility, risk assignment, guardrails, and real-time monitoring so AI can scale without chaos. About Pete Foley With more than 25 years of executive and entrepreneurial experience in enterprise software and a track record of successful business exits, Pete Foley's leadership gives ModelOp customers, partners and employees a high level of trust and confidence in the company and its future. Prior to co-founding ModelOp, Pete held several chief executive roles, including CEO of RingCube Technologies, a desktop virtualization software solution provider acquired by Citrix in 2011; CEO of PortAuthority Technologies, a provider of data leak protection systems, from 2005 through its acquisition by Websense in 2007; and CEO of Infoblox (BLOX) from 2002 through 2005. In addition, Pete was the Executive Chairman of Graphite Systems, a low latency, flash-based big data appliance that was acquired by EMC, from 2012 to 2015.
Andy Cohen, Vice President of Corporate Development at F5 Andy has built a career that proves M&A is fundamentally about relationships, not just transactions. With 30 years of experience and 60 deals closed across high-growth tech companies including Citrix, Acquia, and F5, Andy has cultivated the kind of reputation where every CEO he's worked with will take his call tomorrow. In this conversation, he reveals why zero-sum thinking kills deals, how to convince people to sell without convincing them to sell, and why walking away on principle matters more than closing at any cost. Things you will learn: Why reputation is your most valuable M&A asset The shift from zero-sum to win-enough thinking Learn Andy's approach to using due diligence as the foundation for integration strategy, cultural fit assessment, and long-term value creation. _____________
Lou Shipley has led multiple startups to breakout growth ($100M+) and major acquisitions to companies like Citrix and Synopsys. He has taught some of the most in-demand sales and GTM courses at HBS and MIT. In this episode, we dig into the core traits behind Unlikely Entrepreneurs — the title of the new book he co-authored — and why unconventional founders so often win through curiosity, ambition, and determination. Lou breaks down “the problem with the problem,” why the sled only moves as fast as the lead dog, and the essential role founders play as keepers of culture. We explore the patterns he's seen across high-growth companies, the misunderstood craft of sales, and what Fortune 500 innovators can learn from Unlikely Entrepreneurs.
Podcast DescriptionIn Episode 189 of The Citrix Session, host Bill Sutton, Director of Modern Workspace at XenTegra, is joined by Solutions Architects Stuart Donaldson and Randy Price for a deep dive into one of the most significant updates in modern Citrix authentication.This episode unpacks Microsoft Entra ID Single Sign-On inside Citrix sessions and what it means for end users, admins, and the future of passwordless access. The team breaks down why FAS has become a layer of technical debt, how Entra ID SSO removes friction for users, and what prerequisites and limitations customers need to know before adopting it.Listeners will learn: • How Entra ID SSO eliminates duplicate authentication inside Citrix sessions • Why Primary Refresh Token support is a major win for M365 user experience • What environments are supported and where FAS is still required • Operational considerations like Windows 11 requirements, VDA versions, and the impact on Auto Client Reconnect • Known issues, performance implications, and what to expect in future iterationsIf you support Citrix DAS, modern authentication, or hybrid identity environments, this episode gives you a practical, expert-level overview of what Entra ID SSO unlocks and why it matters.Technical Details can be found at: https://docs.citrix.com/en-us/citrix-daas/install-configure/session-authentication/entra-sso.html
Welcome to Episode 416 of the Microsoft Cloud IT Pro Podcast. In this week’s episode, Ben finally has a chance to sit down with Henrik Wojcik. Henrik has been a long-time listener as well as a fellow Microsoft MVP in Security and we finally had the chance to sit down and record an episode together, something we’ve talked about doing for years. As they sit down and enjoy a sunny afternoon in at Microsoft Ignite in San Francisco they discuss security in the financial sector, EU regulations (N2 and DORA), integrating Data Lake with Sentinel, optimizing log analytics, and the latest on Security Copilot and E5 licensing. They also spend some time chatting about some of their conference highlights, assisting as proctors in the hands-on labs, and the unique experience of Ignite in San Francisco. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Microsoft Ignite (with sessions on demand) Microsoft Ignite Book of News Catch up on Microsoft Security sessions and announcements from Ignite 2025 Microsoft Sentinel benefit for Microsoft 365 E5, A5, F5, and G5 customers Learn about Security Copilot inclusion in Microsoft 365 E5 subscription Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI What is Microsoft Sentinel data lake? KQL and the Microsoft Sentinel data lake Henrik F. Wojcik Henrik has worked in the IT industry since 2003. He’s always had a passion for learning new technologies and expanding his knowledge through various means such as online courses, webinars, and reading up on the latest developments in the industry. Throughout his career, he’s gained experience in various areas of IT, making him a true jack of all trades. However, his latest interests lie in the security space, modern workplace and management in Azure, with a particular focus on cyber security. He has experience working with products such as Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, Conditional Access, Microsoft Sentinel, and Microsof t Entra ID. His primary focus is on security on Azure workloads and identity (Entra ID). He prioritizes security awareness and believe that learning never stops, which is why He’s always eager to expand my knowledge and skillset. In the past, He’s also worked with various tools and technologies such as Cisco, Citrix, Dynamics AX, Exchange, ITIL, Azure, SCCM & SCOM, Scrum & Kanban, VMware, Windows Servers, and Windows Desktops. About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!
Gou Rao is CEO of NeuBird, an agentic AI Site Reliability Engineer for IT teams. They've raised $44.5 Million from Mayfield and M12. He was previously the CTO of Citrix and Portworx.(00:01) Introduction(01:07) What Does an SRE Do?(02:19) Inside a Typical Incident Flow(04:16) What Can Be Automated?(05:52) Deploying Hawkeye: Day 1 to Day 100(11:59) Earning Trust for Autonomous Agents(14:57) Versioning Agent Behavior & Chain of Thought(17:02) Building Agentic Infra Products(18:38) Access Control for Agents(20:29) Company Building in the AI Era(23:53) Competitive Edge in AI + Infra(26:35) Model Choice & Agent Reasoning Quality(29:33) Biggest Product Bet(31:22) Exciting AI Advancements(33:04) Rapid Fire Round--------Where to find Gou Rao: LinkedIn: https://www.linkedin.com/in/gouthamrao/--------Where to find Prateek Joshi: Research Column: https://www.infrastartups.comNewsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-infiniteX: https://x.com/prateekj
In this episode of The Digital Executive, host Brian Thomas sits down with Jesse Lipson, founder and CEO of Levitate, a relationship marketing platform helping small businesses build genuine, human connections at scale. A seasoned entrepreneur, Jesse previously founded ShareFile, growing it to millions of users before its acquisition by Citrix, and has since become a key leader in North Carolina's tech ecosystem.Jesse shares the inspiration behind Levitate—observing firsthand how traditional CRMs and marketing automation tools fall short for relationship-driven businesses. Instead of mass-blast, transactional communication, he saw a need for a platform built around authentic, personal outreach—the kind that drives referrals, trust, and long-term loyalty.He discusses Levitate's recent expansion into healthcare, where providers face unique challenges: limited staff, increasing competition, and the delicate balance between efficiency and personalized patient communication. Jesse explains how Levitate's software-plus-services model helps practices stay top-of-mind with patients, maintain a strong online presence, and offload time-consuming content creation so practitioners can focus on care.Looking ahead, Jesse explores how AI will shape the future of relationship-driven software. Rather than replacing personal connection, he believes AI should enhance it—helping professionals remember meaningful details, reach out at the right moments, and scale genuine communication without losing the human touch.If you liked what you heard today, please leave us a review - Apple or Spotify.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
In today's Cloud Wars Agent and Copilot Minute, I look at how screen-aware Copilots, task-based agents, and multimodal interfaces are reshaping enterprise work — and why identity, permissions, and access guardrails now matter more than ever.Highlights00:30 — Two experts, Brian Madden, Vice President and Field Technology Officer and Futurist at Citrix, and Marco Casalaina, Vice President of Products, Core AI and an AI Futurist at Microsoft, hosted a session at this year's Microsoft Ignite conference titled “Develop Your Enterprise Playbook to Prepare for the AI of Tomorrow.”00:58 — I want to share some key takeaways. Madden laid out a seven-stage roadmap for human–AI collaboration. Steps included simple prompt and paste, the first introduction to AI; next, AI as an analyst for colleagues; followed by AI watching your screen; AI using your computer for you; AI using your computer without you watching; multi-agent AI communication; and the final step: AI-orchestrated work.01:55 — Ultimately, AI needs to work where human knowledge workers work, because the world we live in today is built for humans, and the way that AI will succeed is by operating within this user space and emulating humans in practice. Users talk to AI, and AI talks to the applications and workflows on behalf of the user.02:34 — The discussion moved on to the notion of apps dissolving into data, ultimately AI talking directly to the data without going through an application. Casalaina demonstrated this by running Anthropic's Claude on Azure and giving it the skills to create a PowerPoint. It did — without using PowerPoint. It made the slides in HTML and then converted them without ever opening the PowerPoint application. Visit Cloud Wars for more.
In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Anthropic says a Chinese APT orchestrated attacks using its AI It's a day ending in -y, so of course there are shamefully bad Fortinet exploits in the wild Turns out slashing CISA was a bad idea, now it's time for a hiring spree Researchers brute force entire phone number space against Whatsapp contact discovery API DOJ figures out how to make SpaceX turn off scam compounds' Starlink service This week's episode is sponsored by Mastercard. Senior Vice President of Mastercard Cybersecurity Urooj Burney joins to talk about how the roles of fraud and cyber teams in the financial sector are starting to converge. Mastercard also recently acquired Recorded Future, and Urooj talks about how they aim to integrate cyber threat intelligence into the financial world. This episode is also available on Youtube. Show notes Full report: Disrupting the first reported AI-orchestrated cyber espionage campaign Researchers question Anthropic claim that AI-assisted attack was 90% autonomous - Ars Technica China's ‘autonomous' AI-powered hacking campaign still required a ton of human work | CyberScoop Amazon discovers APT exploiting Cisco and Citrix zero-days | AWS Security Blog CISA gives federal agencies one week to patch exploited Fortinet bug | The Record from Recorded Future News PSIRT | FortiGuard Labs CISA, eyeing China, plans hiring spree to rebuild its depleted ranks | Cybersecurity Dive This Is the Platform Google Claims Is Behind a 'Staggering' Scam Text Operation | WIRED A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers | WIRED DOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound | WIRED Multiple US citizens plead guilty to helping North Korean IT workers earn $2 million | The Record from Recorded Future News Cyberattack leaves Jaguar Land Rover short of £680 million | The Record from Recorded Future News FBI: Akira gang has received nearly $250 million in ransoms | The Record from Recorded Future News Operation Endgame: Police reveal takedowns of three key cybercrime tools | The Record from Recorded Future News Inside a Wild Bitcoin Heist: Five-Star Hotels, Cash-Stuffed Envelopes, and Vanishing Funds | WIRED
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the challenge of trying to quantify the financial and other effects of a major cyber attack. Related stories:https://decipher.sc/2025/11/12/apt-targets-cisco-and-citrix-zero-days/https://decipher.sc/2025/11/14/marks-and-spencers-profit-drop-the-financial-toll-of-cyberattacks/https://decipher.sc/2025/11/12/google-wants-to-snuff-out-lighthouse-phishing-kit/https://censys.com/blog/highway-robbery-2-0Support the show
Operation Endgame expands global takedowns. The U.S. is creating a Scam Center Strike Force. Microsoft rolls out its delayed “Prevent screen capture” feature for Teams. Proton Pass patches a clickjacking flaw. Researchers uncover previously undisclosed zero-day flaws in both Citrix and Cisco Identity Services Engine. Android-based digital picture frames contain multiple critical vulnerabilities. Lumma Stealer rebounds after last month's doxxing campaign. Our guest is Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. X marks the spot… where your passkey stops working. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. You can hear the full conversation with Garrett here. Selected Reading End of the game for cybercrime infrastructure: 1025 servers taken down - Operation Endgame's latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium (Europol) US announces ‘strike force' to counter Southeast Asian cyber scams, sanctions Myanmar armed group (The Record) Microsoft rolls out screen capture prevention for Teams users (Bleeping Computer) Proton Pass patches DOM-based clickjacking zero-day vulnerability (Cyberinsider) Amazon discovers APT exploiting Cisco and Citrix zero-days (AWS Security Blog) CISA warns feds to fully patch actively exploited Cisco flaws (Bleeping Computer) Popular Android-based photo frames download malware on boot (Bleeping Computer) Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics (Trend Micro) Elon Musk's X botched its security key switchover, locking users out (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
OWASP Top 10 2025 Release Candidate OWASP published a release candidate for the 2025 version of its Top 10 list https://owasp.org/Top10/2025/0x00_2025-Introduction/ Citrix/Cisco Exploitation Details Amazon detailed how Citrix and Cisco vulnerabilities were used by advanced actors to upload webshells https://aws.amazon.com/blogs/security/amazon-discovers-apt-exploiting-cisco-and-citrix-zero-days/ Testing Quantum Readyness A website tests your services for post-quantum computing-resistant cryptographic algorithms https://qcready.com/
In this transformative episode of Healthy Mind, Healthy Life, host Avik Chakraborty sits down with holistic life and career coach Susanna Kenyon-Moir to unpack the hidden drivers of burnout, limiting beliefs, and subconscious patterns holding us back. Susanna shares powerful insights from her journey through high-pressure corporate roles into a more aligned, soulful life. Discover how breathwork, NLP, emotional intelligence, and somatic healing can help you reclaim your energy, set boundaries, and shift from fear to action. This conversation invites every overwhelmed achiever to slow down, reconnect, and write a new story. About the Guest:Susanna Kenyon-Moir is a holistic life and career coach, NLP practitioner, and founder of Coaching by Susanna. After 15+ years in leadership roles at Salesforce, Citrix, and VMware, she pivoted to empower professionals to break free from burnout, rewire limiting beliefs, and align their lives through breathwork, emotional intelligence, and subconscious reprogramming. She guides clients worldwide to embrace clarity, purpose, and balance. Key Takeaways: Burnout is often fueled by both external pressures and deep internal patterns. Slowing down isn't weakness—it's essential for clarity, healing, and realignment. Limiting beliefs like “I'm too old” or “I can't afford change” keep high achievers stuck. Awareness, nervous system healing, and rewiring beliefs are key to bold moves. Breathwork, meditation, and somatic practices are powerful tools for releasing fear and restoring energy. Connect with Susanna:Visit coachingbysusanna.com to explore coaching, masterclasses, and retreats. Take your first step toward an aligned, empowered life. Want to be a guest on Healthy Mind, Healthy Life? DM me on PodMatch!DM Me Here: https://www.podmatch.com/hostdetailpreview/avikTune to all our 15 podcasts: https://www.podbean.com/podcast-network/healthymindbyavikSubscribe To Newsletter: https://healthymindbyavik.substack.com/Join Community: https://nas.io/healthymind Stay Tuned And Follow Us!• YouTube – https://www.youtube.com/@healthymind-healthylife• Instagram – https://www.instagram.com/healthyminds.pod• Threads – https://www.threads.net/@healthyminds.pod• Facebook – https://www.facebook.com/podcast.healthymind• LinkedIn – https://www.linkedin.com/in/reemachatterjee/ | https://www.linkedin.com/in/avikchakrabortypodcaster #podmatch #healthymind #healthymindbyavik #wellness
If you like what you hear, please subscribe, leave us a review and tell a friend!
n episode 188 of The Citrix Session, host Bill Sutton and solutions architect Randy Price dive into how healthcare IT leaders are simplifying clinician access and improving patient care through the power of Citrix, Unicon ELUX OS, and Imprivata integration.They unpack how Citrix's acquisition of Unicon delivers secure, centralized endpoint management with Scout, and how Imprivata's “tap and go” authentication enhances speed, security, and user experience. From architecture insights to real-world use cases, this episode explores why seconds matter in healthcare and how Citrix's end-to-end ecosystem empowers IT teams and clinicians alike.
Send us a text
In this episode of The Citrix Session, host Bill Sutton is joined by Randy Price and Stuart Donaldson from XenTegra to unpack the Citrix Virtual Apps and Desktops 2507 Long-Term Service Release (LTSR). Together, they break down what's new, what's changed, and why it matters—from HDX enhancements and Secure HDX encryption to Device Trust, Uber Agent integration, and reduced IT overhead through unified image management.Listeners will learn:What makes an LTSR different from current releases—and why Citrix is moving to an annual cadenceHow HDX Direct and Secure HDX improve user experience and securityThe power of Device Trust and passkeys for continuous endpoint validationHow Uber Agent and Citrix Director deliver deeper insights for IT teamsWhat's next for Citrix licensing and endpoint management with Unicon ELUXWhether you're planning your next upgrade or just staying informed, this episode offers an expert breakdown of Citrix's latest evolution.
Host Bill Sutton is joined by Todd Smith of Citrix and XenTegra Solutions Architect Randy Price to unpack Citrix's move to the License Activation Service and what it means for on-prem environments. They explain who is affected, why Citrix is modernizing licensing, and how to prepare without disruption. You will hear version requirements, air-gapped options, firewall considerations, and what happens if your license server goes down. The team also covers often-overlooked entitlements in Universal Hybrid Multi-Cloud and how a quick micro-assessment can surface value you already own.What you will learnWhat changes on April 15, 2026 and who needs to actHow LAS reduces license file headaches and improves visibilityRequired versions for CVAD, License Server, NetScaler, PVS, XenServer, and UniConHow to register and validate connectivity to Citrix CloudAir-gapped “dark mode” path and when approvals applyLocal Host Cache behavior if the license server is unreachableA practical plan: discovery, version gap analysis, upgrades, testingGuestsTodd Smith, Account Technology Strategy Manager, CitrixRandy Price, Solutions Architect, XenTegraShow notesCitrix licensing transition overview and deadlines: https://xentegra.com/resources/citrix-licensing-transition-to-las-by-april-15-2026/
In this episode of JavaScript Jabber, I sit down with Amazon product leader Gunnar Berger to dive into the fast-evolving world of vibe coding and how it's reshaping the relationship between developers and product managers. Gunnar brings a wealth of experience from his years in IT, Citrix, and now Amazon, and shares a unique perspective on how AI tools are changing the way products get built—from idea to prototype.We talk about the shifting role of product managers, how AI is compressing traditional workflows, and what it means for developers, UX designers, and even junior devs entering the industry. From rapid prototyping to AI-assisted documentation, Gunnar opens up about both the opportunities and the challenges this new paradigm introduces. Whether you're a developer, product manager, or just curious about where AI is taking us, this conversation is packed with insights you won't want to miss.Links & ResourcesGunnar Berger on LinkedInCloud CodeCursorKiro.devIf you enjoyed this episode, don't forget to rate, review, and follow JavaScript Jabber on your favorite podcast app. And of course—share it with a friend who'd love to learn more about the future of coding and product management!Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — It's 8ft skeleton season.02:18 - BHIS - Talkin' Bout [infosec] News 2025-09-0203:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets'13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we're working through it.'20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 202522:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-842425:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI35:20 - Story # 12: They weren't lovin' it - hacker cracks McDonald's security in quest for free nuggets, and it was apparently not too tricky39:29 - Identify the birds you see or hear with Merlin Bird ID40:04 - Story # 13: Detecting and countering misuse of AI: August 202551:31 - Story # 14: I'm a Stanford student. A Chinese agent tried to recruit me as a spy
The FBI shares revelations on Salt Typhoon's reach. Former NSA and FBI directors sound alarm on infrastructure cybersecurity gaps. Google is launching a new cyber “disruption unit”. A new report highlights cyber risks to the maritime industry. A Pennsylvania healthcare provider suffers a data breach affecting over six hundred thousand individuals. Citrix patches a critical vulnerability under active exploitation. The U.S. sanctions a North Korean-linked fraud network. Ransomware is rapidly evolving with generative AI. Our guest is Brandon Karpf, speaking with T-Minus host Maria Varmazis connecting three seemingly disparate stories. Who needs a tutor when you've got root access? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Brandon Karpf, friend of the show, founder of T-Minus Space Daily, and cybersecurity expert talking with T-Minus host Maria Varmazis. Brandon decided to do a stump the host play for this month's space and cybersecurity segment. Selected Reading Chinese Spies Hit More Than 80 Countries in ‘Salt Typhoon' Breach, FBI Reveals (WSJ) NSA and Others Provide Guidance to Counter China State-Sponsored Actors Targeting Critical Infrastructure Organizations (NSA) Critical Infrastructure Leaders and Former National Security Officials Address Escalating Cyber Threats at Exclusive GCIS Security Briefing (Business Wire) Google previews cyber ‘disruption unit' as U.S. government, industry weigh going heavier on offense (CyberScoop) Maritime cybersecurity is the iceberg no one sees coming (Help Net Security) Healthcare Services Group reports data breach exposing information of over 624 K individuals (Beyond Machines) Over 28,000 Citrix devices vulnerable to new exploited RCE flaw (Bleeping Computer) US sanctions fraud network used by North Korean 'remote IT workers' to seek jobs and steal money (TechCrunch) The Era of AI-Generated Ransomware Has Arrived (WIRED) Spanish police arrest student suspected of hacking school system to change grades (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234 Citrix Netscaler Vulnerabilities CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 Citrix patched three vulnerabilities in Netscaler. One is already being exploited https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424 git vulnerability exploited (CVE-2025-48384) A git vulnerability patched in early July is now being exploited https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9
Send us a textThe moment Aaron Plush was pulled from his second-grade classroom to test early Macintosh computers, his path in technology was set. This formative experience sparked a journey that would lead him through global program management roles and transformational leadership positions at major corporations like Citrix.Aaron brings a refreshingly authentic approach to the complex world of project management and organizational transformation. His methodology begins with something surprisingly simple yet often overlooked: listening. "There's no bigger mistake any leader can make than implementing change without understanding the organization's landscape," he explains. This people-centric philosophy has become his hallmark in an industry often dominated by technical solutions seeking problems.What makes Aaron's approach particularly powerful is his integrated leadership style that seamlessly blends faith, discipline, and business acumen. When managing high-stakes initiatives, he maintains perspective through methodical execution: "We don't take the entire plate and throw it in our face. We do it bite-sized pieces." This calm, measured approach, combined with radical accountability, has proven effective across Fortune 500 companies and complex technology implementations.His perspective on emerging technologies like AI is equally thoughtful. Rather than focusing on the technology itself, Aaron emphasizes understanding the problem first, then leveraging AI as an enhancement tool. "It's about using technology for the purposes of what you need it for," he advises, encouraging adoption without fear.Perhaps most compelling is Aaron's commitment to developing others. When asked what qualities he looks for in mentees, his answer is striking: "I don't." Anyone expressing a desire to grow receives his support, regardless of their current position or potential. This generosity of spirit extends to his view of success itself—"my journey is about bringing others along with me."Connect with Aaron at www.aaronrplush.com or through his Authentic Realness podcast to learn more about his approach to leadership, technology, and personal development. His story reminds us that even in our increasingly digital world, authentic human connection remains the foundation of meaningful transformation.Thanks for tuning in to this episode of Follow The Brand! We hope you enjoyed learning about the latest marketing trends and strategies in Personal Branding, Business and Career Development, Financial Empowerment, Technology Innovation, and Executive Presence. To keep up with the latest insights and updates from us, be sure to follow us at 5starbdm.com. See you next time on Follow The Brand!
Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss: Microsoft tried to make outsourcing the Pentagon's cloud maintenance to China okay (it was not) She shells Sharepoint by the sea-shore (by ‘she' we mean ‘China') Four (alleged) Scattered Spider members arrested (and bailed) in the UK Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things! This week's episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system. This episode is also available on Youtube. Show notes Update on DOD's cloud services Microsoft to stop using engineers in China for tech support of US military, Hegseth orders review A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers While DOD policy bans unauthorized apps like TikTok from being on employees phones over national security risks Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security National Guard was hacked by China's 'Salt Typhoon' group, DHS says Suspected contractor for China's Hafnium group arrested in in Italy | Cybersecurity Dive Singapore accuses Chinese state-backed hackers of attacking critical infrastructure networks | The Record from Recorded Future News UK Arrests Four in ‘Scattered Spider' Ransom Group – Krebs on Security Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods Brazilian police arrest IT worker over $100 million cyber theft | The Record from Recorded Future News At Least 750 US Hospitals Faced Disruptions During Last Year's CrowdStrike Outage, Study Finds | WIRED Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment | The Record Indian crypto exchange CoinDCX says $44 million stolen from reserves | The Record Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record PoisonSeed bypassing FIDO keys to ‘fetch' user accounts Risky Bulletin: Browser extensions hijacked for web scraping botnet A Startup is Selling Data Hacked from Peoples' Computers to Debt Collectors A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations | TechCrunch Ukrainian hackers wipe databases at Russia's Gazprom in major cyberattack, intelligence source says File transfer company CrushFTP warns of zero-day exploit seen in the wild | The Record HPE warns of hardcoded passwords in Aruba access points Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw | Cybersecurity Dive Google finds custom backdoor being installed on SonicWall network devices - Ars Technica Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be exploited to execute commands on unauthorized hosts. https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host CitrixBleed2 PoC Posted (CVE-2025-5777) WatchTwer published additional details about the recently patched CitrixBleed vulnerability, including a PoC exploit. https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/ Instagram Using Six Day Certificates Instagram changes their TLS certificates daily and they use certificates that are just about to expire in a week. https://hereket.com/posts/instagram-single-day-certificates/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service. https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 Remote code execution in CentOS Web Panel - CVE-2025-48703 An arbitrary file upload vulnerability in the user (not admin) part of Web Panel can be used to execute arbitrary code https://fenrisk.com/rce-centos-webpanel Gogs Arbitrary File Deletion Vulnerability Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the .git directory and achieve remote command execution. https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7 Let s Encrypt Will Soon Issue IP Address-Based Certs Let s Encrypt is almost ready to issue certificates for IP address SANs from Let's Encrypt's production environment. They'll only be available under the short-lived profile (which has a 6-day validity period), and that profile will remain allowlist-only for a while. https://community.letsencrypt.org/t/getting-ready-to-issue-ip-address-certificates/238777