POPULARITY
Categories
On this week's show special guest co-host Rob Joyce joins Patrick Gray and James Wilson to discuss the week's cybersecurity news. Rob served as an advisor to Donald Trump during his first term as president and also served at NSA for 34 years. While at the agency, Joyce led Tailored Access Operations (TAO), and later became NSA's Director of Cybersecurity. They cover: The surprisingly well done Fortibleed campaign Stolen Klue OAuth tokens lead to Salesforce data theft OpenAI wants to patch the planet runZero gets acquired by Accenture, congrats HD Moore! Much, much more! This episode is also available on YouTube. Show notes FortiBleed campaign used custom FortiGate sniffer to steal credentials | BleepingComputer FortiBleed: Fortinet device credential compromise expands into broader credential-attack guidance | unit42.paloaltonetworks.com Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world | TechCrunch Security Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks | BleepingComputer Polymarket (@Polymarket) on X | X (formerly Twitter) The Korean telecom giant at the center of Anthropic's Mythos controversy | wrd.cm Beyond Fable: Can a Local LLM Replace Cloud AI for Security Code Reviews - SRLabs Research | SRLabs OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic's Mythos | wired.com Sponsored: Trail of Bits and OpenAI patch the planet | Risky Bulletin Intel agencies: Frontier AI models will reshape cybersecurity faster than expected | cyberscoop.com Embedding Forbidden Text in Spyware to Discourage AI Analysis | Schneier on Security A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak | TechCrunch Security USB worm spreads crypto-stealing malware via Windows shortcut files | BleepingComputer Android verification is coming: Google confirms timeline and supported app stores | Ars Technica California water utility probes breach claim by Iran-linked actor | Cybersecurity Dive Suspected cyberattack triggers false emergency alerts across parts of Brazil | The Record Tesco moving 40,000 server workloads off VMware amid Broadcom's "abusive conduct" | Ars Technica Trump directs federal agencies to protect US data from quantum threats | therecord.media Accenture shells out $4.18B on three companies in big industrial cybersecurity push | cyberscoop.com
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Webshells Remain Popular https://isc.sans.edu/diary/Webshells%20Remain%20Popular/33096 Safer pull_request_target defaults for GitHub Actions checkout https://github.blog/changelog/2026-06-18-safer-pull_request_target-defaults-for-github-actions-checkout/ Private Access Control Tokens https://cloudflare.net/news/news-details/2026/Cloudflare-Collaborates-With-Leading-Browsers-to-Develop-a-Privacy-First-Protocol-For-the-Global-Internet/default.aspx https://blog.cloudflare.com/eliminating-captchas-on-iphones-and-macs-using-new-standard/ Fortibleed Update https://socradar.io/resources/whitepapers/dismantling-fortibleed-inside-a-russian-fortinet-compromise-operation/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
Join Paul Spain and JD Trask (Raygun & Autohive) as they dive deep into the future of AI, SaaS businesses, and the evolution innovation. Discover JD Trask's journey from founding Raygun to launching Autohive, hands-on insights from adopting AI across teams, and candid commentary on innovation, risk, security, and growth in a rapidly changing tech landscape. Essential listening for anyone passionate about technology, entrepreneurship, and AI's impact on business.Special thanks to our show partners: Fortinet, Workday, Spark New Zealand, One New Zealand, 2degrees, and Gorilla Technology.
Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Security agencies sound alarm over FortiBleed credential harvesting operation. Texas data breach affects hunting and fishing licensees. Microsoft ties Mastra AI supply chain attack to North Korean hackers. Vidar infostealer unveils new technique to defeat Chrome's encryption protections. Brazil investigates suspected hack of emergency alert system. We got your Monday business brief. On today's Industry Voices, Dave Bittner sits down with Mike Britton, CIO of Abnormal AI, as they discuss "AI-Powered Attacks Are Now a Commodity.” And not the kind of beats you want to drop. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Mike Britton, CIO of Abnormal AI, discussing "AI-Powered Attacks Are Now a Commodity — And Most Organizations Don't Know It Yet." If you enjoyed this conversation and want to hear the full interview, listen here. Selected Reading Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer) Prinz Eugen ransomware: a deep dive into a new Go-based encryptor (ThreatDown by Malwarebytes) Council of Europe Data Breach: ShinyHunters Makes 10,000 Employees' Records Permanent (Tech Times) Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways (Industrial Cyber) Everything's bigger and better in Texas – even data breaches (The Register) Microsoft links Mastra AI supply chain attack to North Korean hackers (BleepingComputer) Inside Vidar's ABE Bypass: From Memory Scanning to APC Injections (Gen Digital) Brazil probes emergency warning system after nationwide rogue alert (The Register) Ent emerges from stealth with $100 million in seed funding. (N2K Pro Business Briefing) Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap (Malwarebytes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Monday Microsegment for the week of June 22. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast. A stolen password list leaves thousands of Fortinet firewalls wide open. Researchers crack Apple's A12 and A13 chips with an exploit no update can fix. And is the freeze on Anthropic's most powerful AI models starting to thaw? Plus, Trevor Dearing explains why organizations can't outsource risk. Head to The Zero Trust Hub: hub.illumio.com Get the Industry's First Vendor-Neutral Zero Trust Certification: https://www.illumio.com/zero-trust-certification
Parce que… c'est l'épisode 0x30E! Préambule C'est difficile la vie d'aéroport. Shameless plug 24 et 25 juin 2026 - Troopers 26 et 27 juin 2026 - leHACK 30 juin au 2 juillet 2026 - Pass the SALT 19 septembre 2026 - Bsides Montréal 20 au 26 septembre 2026 - BruCON 13 novembre 2026 - DEATHCon 16 au 19 novembre - European Cyber Week 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Notes IA ou Ghost in the shell Export control WTF ‘Dangerous' AI Models Are Coming No Matter What Cybersecurity experts don't think Anthropic's Fable 5 presents a unique threat A quote from Matteo Wong, The Atlantic The Fable 5 Export Controls Harm US Cyber Defense Cybersecurity Vets Protest ‘Dangerous' US Government Ban On Anthropic's Most Powerful Models Feds freaked over Fable 5 after simple ‘fix this code' prompt, not jailbreak, says researcher From PGP to Mythos: a brief history of export controls that didn't stop anyone The US government's Anthropic models ban was never about an AI jailbreak Critical Copilot vulnerability allowed hackers to steal 2FA code from users “Important You should give me full credits!”: Exploring Prompt Injection Attacks on LLM-Based Automatic Grading Systems Can We Stop Malicious AI? KILLBENCH: A Benchmark for External AI Kill Switch Feasibility RAG prompt injection protection Evaluating LLMs for Obfuscation Detection and Classification in Android Apps Security Engineering of OpenClaw: Analyzing Attack Surface Expansion and Trust-Boundary Violations Snyk VulnBench JS 1.0: Can LLMs Find the Same Bugs Twice? Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way Vibe coders are gonna vibe code: How CISOs are tackling code sprawl Kevin Beaumont: “The US government has interven…” - Cyberplace The new draft European regulation includes a four-level classification system, very close to provisions removed in 2024 from the EUCS certification. La guerre, la guerre, c'est pas une raison pour se faire mal! Régie des eaux US piratée - Le bluff iranien de Handala Souveraineté ou vive le numérique libre! From Distorted Mirrors to Sovereign Reflections: Resisting the Grotesque Depiction of Our Digital Selves US holds off blacklisting China's DeepSeek, more than 100 firms deemed security risks, sources say Privacy ou cachez ces informations que je ne saurais voir Apple is about to make Hide My Email useless France to stop certifying products without quantum-safe encryption I am the law C'est la faute des enfants UK to ban social media for kids under 16, may impose overnight curfews Children Are Not the Enemy: Child-Fit Security as an Alternative to Bans and Surveillance UK set to announce social media ban for under-16s From Australia to Europe, countries move to curb children's social media access Norway imposes near ban on AI in elementary school The UK's Teen Social Media Ban Is Political Theater, Not Child Safety Policy Ô Canada Canada's Digital Super-Regulator: Bill C-36 Pushes Out the Privacy Commissioner and Hands Private Sector Privacy to an Overloaded Commission Midnight Madness: The Government Rushes Lawful Access Bill Through the House Without Debate or a Recorded Vote The Commission: How Bill C-34 Creates an Internet Super-Regulator That Will Touch the Lives of Millions of Canadians Red ou tout ce qui est brisé Massive breach spills credentials for thousands of sensitive networks FortiBleed — 75k Fortinet firewalls have admin passwords cracked The Internet Runs on Names India temporarily blocks Telegram over medical exam cheating fears Telegram admits it couldn't police exam-leak channels, India tells court 27-Year-Old OpenBSD Vulnerability Allows Attackers to Bypass PAP Authentication Entirely Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise When Does a Threat Intelligence IOC Expire? Most CISOs Report Pressure to Bury Bad Security News Stressors, AI Forcing Changes to Cybersecurity Teams I discovered a large-scale malware distribution on GitHub Microsoft Discovers Cryptocurrency Stealer That Spreads Through USB Drives and Uses Tor Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic Cyber offenses now account for around a third of all crime across Asia and South Pacific Microsoft site throwing warnings after someone forgot to renew cert Blue ou tout ce qui améliore notre posture [curl summer of bliss daniel.haxx.se](https://daniel.haxx.se/blog/2026/06/15/curl-summer-of-bliss/) Divers ou parce que j'ai aucune idée où les placer AMD FTW Users cry foul after AMD stripped memory crypto from its consumer CPUs AMD will reinstate memory encryption on Ryzen 9000 CPUs through a BIOS update in July — TSME is coming back after ‘valuable community feedback' Cabal How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members Leak Exposes Members of Peter Thiel's Secretive ‘Dialog' Society Collaborateurs Nicolas-Loïc Fortin Crédits Montage par Intrasecure inc Locaux réels par YUL
Patrick kämpft mit einem 13 Jahre alten Synology-NAS, dessen Lüfter den Geist aufgegeben hat (Ersatzteil: 8 Euro aus China) – und mit einem Energieversorger, der E-Mails offenbar nur noch für Thunderbird-Nutzer schreibt. Danach geht's ans Eingemachte: Wir erklären, was Bring Your Own Key in der Microsoft-Cloud wirklich bedeutet und wann sich der Aufwand überhaupt lohnt. Bei FortiBleed haben Angreifer aus alten Konfigurationsdateien Zugangsdaten für 75.000 Fortinet-Firewalls gecrackt – Patch-Stand hin oder her. Und mit PinTheft bekommt der Linux-Kernel binnen drei Wochen schon die vierte Root-Lücke seiner Art, dieses Mal mit Exoten-Bonus: Wer RDS nicht kennt, muss sich auch nicht fürchten. Kurz: viele offene Türen, ein kaputter Lüfter – und am Ende hat trotzdem fast niemand wirklich was zu befürchten, außer Fortinet.
El crecimiento exponencial de los pagos digitales y la banca en línea delinea una inclusión financiera a dos velocidades en México, donde el entorno urbano acelera su digitalización mientras el sector rural enfrenta el riesgo de quedarse rezagado en la economía del futuro. En este episodio también encontrará:El impacto global de "Fortibleed", la masiva filtración de credenciales VPN que afectó a miles de firewalls de Fortinet, La alianza entre Gobierno y universidades para la creación del Clúster Nacional de Supercómputo y AIEl despliegue de la red gratuita con tecnología wifi 7 en las terminales del AICM. Secciones: Historia Innovadora: Sistema de Tren Eléctrico Urbano. Así lo dijo: José Antonio Peña Merino, titular de la Agencia de Transformación Digital y Telecomunicaciones (ATDT). Breves de la semana: Las adquisiciones de SpaceX, Salesforce y Databricks. Prompt que me cambió la vida: Walter Rosenkranz, Director General para México de Movizzon. IT Masters Insight: Álvaro Arce, cofundador de Genuine Digital School. #InclusionFinanciera #Ciberseguridad #Supercomputo #WiFi7 #TransformacionDigitalLe invitamos a seguir IT Masters Update, dejarnos sus comentarios aquí o a través de #ITMastersUpdate en las redes sociales y a visitar nuestro sitio oficial en IT Masters Mag.
Nintendo, Eastman Kodak, Madison Square Garden, Fortinet are all part of this week's fun!
Cran se Kuberveiligheidsvoorvalreaksiespan, NAM-CSIRT, waarsku oor 'n wêreldwye kuberveiligheidsvoorval bekend as FortiBleed. Dit is 'n beduidende internasionale kuberveiligheidsvoorval wat organisasies raak wat Fortinet-firwalls en VPN-infrastruktuur gebruik. NAM-CSIRT het 13 Namibiese organisasies geïdentifiseer wie se stelsels moontlik deur die blootstelling geraak is. Cran-woordvoerder Mufaro Nesongano.
FortiBleed campaign exposes 75,000 Fortinet firewalls worldwide
A special crossover episode of Cybersecurity Today and Hashtag Trending for June 19, 2026. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning after security researchers uncovered the FortiBleed dataset, exposing credentials tied to approximately 74,000 Fortinet firewall and SSL VPN devices across 194 countries. Researchers found the data on an exposed threat actor server containing attack tools, victim databases, logs, and thousands of verified usernames and passwords. Analysts report that tens of thousands of those credentials may still be active. Host Jim Love breaks down: • What FortiBleed is and how it was discovered • Why this affects roughly half of all internet-facing Fortinet devices • What CISA and Fortinet are telling organizations to do immediately • The potential risks of credential reuse and lateral movement attacks • Practical steps security teams should take right now The episode also includes an interview with Mike Sweeney of Silent Push on major international efforts targeting Southeast Asian scam compounds and criminal infrastructure during Operation Disruption Week. If your organization uses Fortinet firewalls, FortiGate appliances, or SSL VPNs, this is an episode you should not miss. #Cybersecurity #Fortinet #FortiBleed #CISA #CybersecurityToday #HashtagTrending #FortiGate #ThreatIntelligence #DataBreach #InfoSec
A special crossover episode of Cybersecurity Today and Hashtag Trending for June 19, 2026. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning after security researchers uncovered the FortiBleed dataset, exposing credentials tied to approximately 74,000 Fortinet firewall and SSL VPN devices across 194 countries. Researchers found the data on an exposed threat actor server containing attack tools, victim databases, logs, and thousands of verified usernames and passwords. Analysts report that tens of thousands of those credentials may still be active. Host Jim Love breaks down: • What FortiBleed is and how it was discovered • Why this affects roughly half of all internet-facing Fortinet devices • What CISA and Fortinet are telling organizations to do immediately • The potential risks of credential reuse and lateral movement attacks • Practical steps security teams should take right now The episode also includes an interview with Mike Sweeney of Silent Push on major international efforts targeting Southeast Asian scam compounds and criminal infrastructure during Operation Disruption Week. If your organization uses Fortinet firewalls, FortiGate appliances, or SSL VPNs, this is an episode you should not miss. #Cybersecurity #Fortinet #FortiBleed #CISA #CybersecurityToday #HashtagTrending #FortiGate #ThreatIntelligence #DataBreach #InfoSec
A LOT of Fortinet creds have leaked online, Canada's spy agency allowed to remove a botnet from Canadian devices, a supply chain attack hits the Mastra AI framework, and Europol disrupts SocGolish. Show notes Risky Bulletin: Canada's spy agency allowed to remove a botnet from Canadian devices
Anthropic tells G7 to cooperate Fortinet VPN leak exposes credentials Crypto Clipper abuses reviews, narrators, and comments Get the show notes here: https://cisoseries.com/cybersecurity-news-anthropic-tells-g7-to-cooperate-fortinet-vpn-leak-exposes-credentials-crypto-clipper-abuses-reviews/ Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk? That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision. ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do. That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.
Referências do EpisódioTURING DAY 2026 | 6ª EDIÇÃO - DIA 25/06FortiBleed — 75k Fortinet firewalls have admin passwords crackedFortiBleed Exposes Admin Passwords for 75,000 Fortinet FirewallsFortiBleed - HudsonRockClickFix Campaign Generated Via AI Delivers SmartRATFrom package to postinstall payload: Inside the Mastra npm supply chain compromiseFrom Stars to Upvotes: Fake Reputation Fueling a Crypto Clipboard HijackerMalware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader ChainRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
President Trump halts a key intelligence nomination. The FBI warns of a new Microsoft 365 phishing threat. France cuts ties with Palantir. A new Android banking trojan emerges. Fortinet firewalls come under attack. CISA orders emergency Joomla patching. Plus, Madison Square Garden data leaks and malware hidden in Steam wallpapers. Our guest is Christy Wyatt, CEO from Absolute Security, discussing their new ebook. The DOJ claims pollution is mission-critical. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's Industry Voices we are joined by Christy Wyatt, CEO from Absolute Security, discussing their ebook. If you enjoyed this conversation, check out the full interview here. Selected Reading President Trump calls to delay nomination of intel pick Jay Clayton (NPR) Warner warns of CISA cuts, staffing gaps in letter to acting chief (The Record) French spies drop AI giant Palantir over US overreliance fears (The Local) Rokarolla : Android Banker with Complete Device Takeover Capabilities (Zimperium) FortiBleed: 75,000 Fortinet Firewalls Compromised: Global Enterprises Exposed – Claim Your Ethical Disclosure (InfoStealers) CISA orders feds to patch max severity Joomla plugin flaw by Friday (Bleeping Computer) Hackers Publish Knicks and Madison Square Garden Data Online (404 Media) Gamers beware: malicious wallpapers on Steam found stealing accounts (Securelist) DHS S&T Highlights New SPARTA Resources for Defending Spacecraft Against Cyberattacks (ExecutiveGov) DOJ Lawyers Argue xAI Is ‘Vital' for National Security in NAACP Lawsuit (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
For years, cybersecurity leaders have focused on identity as the new perimeter. MFA, Zero Trust, SSO, and identity protection became the center of modern security strategies.But while everyone was focused on identity, attackers never stopped targeting something much older: internet-facing infrastructure.VPNs. Firewalls. Remote access appliances.Recent attacks involving Check Point, Fortinet, Ivanti, SonicWall, and others show that the perimeter never really disappeared.In this episode, Tyler Moffitt discusses why edge devices remain prime ransomware targets, why patch windows matter more than ever, and why vulnerability management remains one of cybersecurity's most important fundamentals.As featured on Million Podcasts' Best 100 Cybersecurity Podcasts Top 50 Chief Information Security Officer CISO Podcasts Top 70 Security Hacking PodcastsThis list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Host Paul Spain is joined by Glenn Maiden, Chief Security Officer and Director of Threat Intelligence at Fortinet Aus & NZ. Glenn Maiden brings invaluable insights into today's rapidly evolving digital threat landscape with practical advice for organisations of all sizes on how to bolster cyber defences against current and future threats.Paul and Glenn also dive into the latest tech news including:TUANZ call for cross-party tech strategy for New Zealand's digitalAnthropic Suspends latest AI Models Following US Security DirectiveSpaceX launches largest IPO in historyThe emergence of autonomous AI drones in warfareThanks to our partners: Fortinet, One NZ, Workday, 2degrees, Spark, PwC New Zealand, and Gorilla Technology.
Fortinet patches a new critical FortiSandbox flaw GitHub to disable npm install scripts by default to stop supply chain attacks Nottingham University announces data breach Get the show notes here: https://cisoseries.com/cybersecurity-news-fortinet-patches-fortisandbox-github-disables-npm-scripts-nottingham-university-breach/ Thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com.
Send us Fan MailThe unsexy blocking and tacking that creates more win-win cybersecurity scenarios.It struck me in putting this episode together that working in industrial cybersecurity is kind of like playing special teams in football. Regardless of how many times you do something right, all it takes is that one blocked kick, long return, or missed field goal to get you noticed in the wrong way. All the instances of flawless defense and precise execution is negated with one, single lapse that brings the whole operation down. I'd invite you to watch/listen as Richard Springer, Senior Director of Marketing for OT Solutions at Fortinet offers some insight on how we can build on those wins by:Embracing the "when", not "if" dynamic of being attacked.Not losing sight of the basics, despite all the challenges and potential tools and technological solutions.Continuing to build awareness of OT security challenges and priorities.Bringing IT and OT together with the shared mission of "keeping the lights on."Implementing Continuous Improvement strategies used in operations for security.Using AI to help establish priorities and assist with patching vulnerabilities.Learning from other sectors on how to identify, react and recover from attacks.The report Richard mentions can be found here.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.
Balancing compliance, resilience, data sovereignty and uptime across IT and OT environments - whether a cloud-first strategy is viable in CNIHow the need to harness operations data for optimisation, innovation, risk management, and organisational resilience challenges legacy security modelsAdapting proven resilience models from IT cloud transformation to OT security in CNI and the importance of public-private partnerships in its success - Thom Langford, Host, #teissTalk- Amal Kotecha, Head of Technology, INEOS- Sarah Clarke, Head of Information, Strategic Command- Alex Holben, Strategy & Technology Officer, Fortinet
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft June 2026 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20June%202026%20Patch%20Tuesday/33064 Miasma Software Supply Chain Attack Toolkit Source Published https://safedep.io/inside-the-miasma-supply-chain-attack-toolkit/ Fortinet FortiSandbox Vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-141 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
Host Paul Spain sits down with Jonathan Good, Co-Founder and CEO of Scentian Bio, to dive into the "digitisation of smell and taste “and what it means for industries in New Zealand and beyond. Jonathan shares about the realities of fundraising both locally and abroad, and the challenges and opportunities of bringing cutting-edge chemical sensing technology to market.Plus, Paul and Jonathan explore the latest tech news, including:Health New Zealand's Hybrid Cloud MigrationSpark's Verified Call Feature Against ScamsWorkday's Go Platform expands to NZ & AU2degrees' Shaping Business Study 2026Is AI More Expensive Than Humans?UN Report warns of the Environmental Impact of AIA big thank you to our show partners One NZ, Spark, Workday, 2degrees, Fortinet and Gorilla Technology.
Špecializovaná AI na vyhľadávanie chýb v programoch je podľa expertov natoľko výkonná, že v rukách útočníkov by mohla napáchať mimoriadne škody.Zabudnite na AI chatbotov či dokonca programovacích agentov. Na scénu nastupuje nová kategória umelej inteligencie – technológia taká nebezpečná, že firma, ktorá za ňou stojí, robí všetko preto, aby sa k verejnosť vôbec nedostala.Reč je o široko medializovanom modeli Claude Mythos od spoločnosti Anthropic. Vývojári ho navrhli s jasným cieľom: analyzovať milióny riadkov zdrojového kódu a nachádzať v ňom kritické zraniteľnosti, ktoré ľudskí kontrolóri – ale aj útočníci – prehliadali celé roky. A výsledok predčil očakávania.Aby sa nástroj nedostal do nepovolaných rúk, Anthropic prístup k nemu poskytol len úzkemu okruhu vybraných technologických firiem, a i to len v obmedzenom režime a za prísnych bezpečnostných podmienok.V tomto programe je aj spoločnosť Fortinet. Jej vybraní inžinieri sú jedni z prvých expertov, ktorí s touto prelomovou technológiou pracujú v praxi. Peter Kočík a Juraj Belko z Fortinetu redakcii Živé.sk prezradili, ako sa ich kolegom pracuje s najobávanejšou umelou inteligenciou dneška.Podcast vznikol v spolupráci so spoločnosťou Fortinet.V podcaste sa dozviete aj o týchto témach:Prečo Claude Mythos dostal nálepku superzbrane.Ako prebieha utajovaný program, do ktorého majú prístup len vybraní jednotlivci.Že nával aktualizácií od Apple či Microsoftu súvisí práve s touto technológiou.Čo je „mitigačné okno“ a prečo experti varujú pred príchodom novej vlny kyberútokov.Ako chrániť software v továrňach, kde systémy nemožno len tak aktualizovať.Prečo slovenské firmy ignorujú opravy aj tri roky a prečo je to v ére autonómnej AI likvidačné.Podcast SHARE pripravuje magazín Živé.sk.
Die Wall Street startet nach dem Ausverkauf vom Freitag teils deutlich fester in die neue Woche. Vor allem der Nasdaq und S&P 500 profitieren von Stabilisierungskäufen im Technologiesektor, nachdem Halbleiter- und KI-Werte zuletzt massiv unter Druck geraten waren. Corning profitiert von einem Multi-Milliarden-Deal mit Amazon, im Zusammenhang mit den Data Center des Tech-Riesen. Bei der Bank of America werden die Kursziele für Arista Networks, Cisco, Datadog und Nokia angehoben. Die Aktien werden mit Kaufempfehlungen bestätigt. TD Cowen sieht bei Fortinet durch KI und Rechenzentren neues Wachstumspotenzial und Wells Fargo erhöht das Kursziel für Micron von 550 auf 1.220 US-Dollar. Oracle meldet nach dem Closing am Mittwoch Zahlen und wird heute von Oppenheimer als Top-Pick für 2026 eingestuft. Im Fokus steht heute auch die Entwicklerkonferenz von Apple, mit der Rede von CEO Tim Cook um 19 Uhr MEZ. Insgesamt bleibt das Umfeld an der Wall Street fragil. Die Eskalation zwischen Israel und Iran treibt den Ölpreis nach oben, die Renditen steigen, und nach den robusten Arbeitsmarktdaten richtet sich der Blick auf die US-Inflationsdaten zur Wochenmitte. JPMorgan bleibt taktisch vorsichtig und warnt, dass ein heißer CPI-Report neue Zinssorgen auslösen könnte. Ein Podcast - featured by Handelsblatt. ► Entdecke den exklusiven NordVPN Deal! Jetzt risikofrei testen mit einer 30-Tage-Geld-zurück-Garantie: https://nordvpn.com/wallstreet * ► Erhalte einen exklusiven 15% Rabatt auf Saily eSIM Datentarife! Lade die Saily-App herunter und benutze den Code wallstreet beim Bezahlen: https://saily.com/wallstreet +++ Alle Rabattcodes und Infos zu unseren Werbepartnern findet ihr hier: https://linktr.ee/wallstreet_podcast +++ ► Mehr Einblicke: https://bit.ly/360wallstreetpc * Impressum: https://www.360wallstreet.de/impressum *Werbung
Die Wall Street startet nach dem Ausverkauf vom Freitag teils deutlich fester in die neue Woche. Vor allem der Nasdaq und S&P 500 profitieren von Stabilisierungskäufen im Technologiesektor, nachdem Halbleiter- und KI-Werte zuletzt massiv unter Druck geraten waren. Corning profitiert von einem Multi-Milliarden-Deal mit Amazon, im Zusammenhang mit den Data Center des Tech-Riesen. Bei der Bank of America werden die Kursziele für Arista Networks, Cisco, Datadog und Nokia angehoben. Die Aktien werden mit Kaufempfehlungen bestätigt. TD Cowen sieht bei Fortinet durch KI und Rechenzentren neues Wachstumspotenzial und Wells Fargo erhöht das Kursziel für Micron von 550 auf 1.220 US-Dollar. Oracle meldet nach dem Closing am Mittwoch Zahlen und wird heute von Oppenheimer als Top-Pick für 2026 eingestuft. Im Fokus steht heute auch die Entwicklerkonferenz von Apple, mit der Rede von CEO Tim Cook um 19 Uhr MEZ. Insgesamt bleibt das Umfeld an der Wall Street fragil. Die Eskalation zwischen Israel und Iran treibt den Ölpreis nach oben, die Renditen steigen, und nach den robusten Arbeitsmarktdaten richtet sich der Blick auf die US-Inflationsdaten zur Wochenmitte. JPMorgan bleibt taktisch vorsichtig und warnt, dass ein heißer CPI-Report neue Zinssorgen auslösen könnte. Abonniere den Podcast, um keine Folge zu verpassen! ____ Folge uns, um auf dem Laufenden zu bleiben: • X: http://fal.cn/SQtwitter • LinkedIn: http://fal.cn/SQlinkedin • Instagram: http://fal.cn/SQInstagram
Host Paul Spain is joined by Sam Allen and Nick Walton, co-founders of NZ Boat Register, to explore how Kiwi innovation is improving marine visibility and asset tracking using AquaGPS, a Starlink-enabled GPS solution. The conversation also covers the latest in tech news, including:Game changing Nvidia chip coming to Windows laptops and PCsMSD Welfare decisions moving to AI Automated Decision-MakingNew Zealand's First Deepfake Porn ProsecutionOne New Zealand AI Trust Report (2026)New Zealand Government budget's impact on the tech sectorExperimental chip demo shows 1000x performance gainsSpecial thanks to our show partners: Fortinet, Workday, Spark New Zealand, One New Zealand, 2degrees, and Gorilla Technology.
How to Trade Stocks and Options Podcast by 10minutestocktrader.com
Are you looking to save time, make money, and start winning with less risk? Then head to https://www.ovtlyr.com.Learn more about OVTLYR: https://youtu.be/TUCbD5KovlcEverybody's been talking about AI replacing software companies.Meanwhile, software stocks have been quietly ripping higher.And that's exactly what we're diving into today.A few weeks ago, names like ServiceNow looked completely broken. People were dumping software stocks left and right, convinced AI was about to make them irrelevant. Then something changed. The selling stopped. The buyers stepped in. And suddenly some of these stocks started exploding higher.In this video, we're looking at the software sector comeback, where the biggest opportunities may still be hiding, and why money is rotating back into tech right now. We also break down fresh OVTLYR buy and sell signals on stocks like ServiceNow, SAP, Atlassian, Palantir, Super Micro Computer, IonQ, NVIDIA, Micron, Palo Alto Networks, Fortinet, HP, Intel, and more.✅ Why software stocks are suddenly leading the market✅ The buy signals showing up across tech✅ Stocks that may be getting too crowded✅ Key resistance levels traders should watch✅ Where the best risk-to-reward setups may be formingThe biggest money isn't made chasing headlines.It's made by spotting trends before everybody else notices them.Subscribe to OVTLYR for disciplined trading strategies that actually make sense.
台灣身為全球供應鏈核心,正面臨「AI 攻擊實戰化」的嚴峻挑戰。Fortinet 台灣區資深技術顧問李鵬 (Paul) 指出,資安已從過去的「加分題」轉變為出海接單的「門票」。歐美買家在 2026 年的採購邏輯下,更看重供應鏈韌性而非僅是 CP 值。透過 Security Fabric(安全織網) 的整合力與在地 FortiGuard Labs 的情報力,企業能將碎片化的工具轉化為可視化的治理架構。本集將拆解如何落實「零信任」架構,讓合規不再是成本,而是贏得國際長單的競爭武器。 【聽完這集你會知道】 00:32 | AI 攻擊全面實戰化,規則正在改寫 02:36 | 信任門檻何時加速?台灣企業卡在哪 08:44 | 合規怎麼從守勢變攻勢:從應付查核到主動出示 17:44 | 出海信任基礎設施實戰三步驟:可視性、零信任、合規認證 25:15 | 台灣是 Fortinet 全球資安情資的燈塔,不是分支市場 【本集金句】 李鵬 Paul:「資安合規在 2026 年不再是加分題,而是企業進入國際供應鏈的入場券。」 對談來賓:Fortinet 台灣區資深技術顧問 李鵬 Paul 主持人:未來城市頻道總監 陳芳毓 #Fortinet #安全織網 #零信任 #供應鏈韌性 #AI資安 本集節目由 Fortinet 合作推薦 -- Hosting provided by SoundOn
Alissa Coram and Mike Webster walk through Friday's market action and discuss key stocks to watch in Stock Market Today. Learn more about your ad choices. Visit megaphone.fm/adchoices
The 2026 NZ Hi-Tech Awards highlight a sector reaching new heights in innovation, global growth, and impact, celebrating the organisations and individuals driving New Zealand's tech success story. In this special episode, host Paul Spain speaks with several of this year's standout winners. Hear from Dr Yoram Benit, CEO of Tait Communications, named NZ Hi-Tech Company of the Year, and Matty Blomfield, co-founder and CEO of Hectre, winner of both the NZTE Most Innovative Hi-Tech Agritech Solution and the Greenmount and Poutama Trust Māori Hi-Tech Company of the Year. We also recognise Vaughan Fergusson's contribution to the industry as this year's Flying Kiwi, alongside insights from Jock Richardson and Peter Tait of TCS, winners of the Kiwibank Most Innovative Hi-Tech Solution for a More Sustainable Future. Plus, Arash Tayebi and Noreen Wilson of Kara Technologies share their journey after taking out the 2040 Ventures Hi-Tech Startup Company of the Year. With tech now contributing $24 billion to New Zealand's economy, this episode explores the momentum behind the sector's growth and what's next.Thanks to our partners: One NZ, Workday, 2degrees, Spark, Fortinet, and Gorilla Technology.
A dangerous new Microsoft Exchange zero-day is being actively exploited, ransomware gangs are adopting nation-state-style tactics, two fired contractors were caught deleting U.S. government databases after accidentally recording themselves on Microsoft Teams, and Fortinet has patched critical remote code execution flaws. In this episode of Cybersecurity Today, David Shipley breaks down four major cybersecurity stories that security teams need to know. Cybersecurity Today would like to thank Material Security for supporting this podcast. Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. Contact them at material[dot]security Microsoft has confirmed active exploitation of a new Exchange Server zero-day, CVE-2026-42897, affecting Exchange Server 2016, Exchange Server 2019, and Exchange Subscription Edition. There is currently no patch, only mitigations through the Exchange Emergency Mitigation Service, with some trade-offs for Outlook Web App users. Security researcher Marcus Hutchins highlights an unusually disciplined ransomware affiliate operation using tradecraft more commonly associated with nation-state attackers, including a custom SentinelOne endpoint detection and response (EDR) killer and a stripped-down toolset designed to leave fewer forensic traces. In one of the more astonishing insider threat stories of the week, former OPEX Corporation contractors Muneeb and Sohaib Akhtar were allegedly caught deleting 96 U.S. government databases after leaving a Microsoft Teams recording running. Also in this episode: Fortinet has released urgent patches for critical unauthenticated remote code execution vulnerabilities in FortiAuthenticator (CVE-2026-44277) and FortiSandbox (CVE-2026-26083). If you're responsible for enterprise security, patch management, incident response, or cyber risk, this is one you need to see. Chapters: 00:00 Sponsor Message 00:24 Headlines Intro 00:49 Ransomware Nation-State Discipline 04:18 Exchange Zero-Day Mitigation 07:01 Fired Contractors Caught Recording 09:21 Fortinet Critical Vulnerabilities 11:07 Wrap Up and Sign Off 11:38 Sponsor Deep Dive Ad #Cybersecurity #MicrosoftExchange #ZeroDay #Ransomware #Fortinet #CyberAttack #Infosec #DavidShipley #CybersecurityToday
Join Host Paul Spain and Bill Bennett, tech and telecommunications journalist, for a wide-ranging discussion on the latest tech news from New Zealand and beyond, including:Car-sharing startup Mevo goes into liquidationRural connectivity funding reportMobile Network Outages and ResiliencyHydrogen-fuelled vehicles in New ZealandChrome's Silent AI DownloadAI backlash at US university graduationsApple's privacy moves to auto-delete Siri/AI conversationsIntel Core Ultra Series 3A big thank you to our show partners One NZ, Spark, Workday, 2degrees, Fortinet and Gorilla Technology.
Amazon, Microsoft, Alphabet, and Meta just collectively committed to over $750 billion in capital expenditure for 2026. They spent $130 billion in a single quarter. That is a 70% increase from what these companies spent in 2025 — and the spending is still accelerating into the second half of the year.The ROI is showing up. Operating margins are expanding across all four businesses. Google Cloud grew 63% year over year. AWS grew 28%. Microsoft Intelligent Cloud grew 29%. Meta grew revenue 33%. This is not speculative infrastructure spending anymore. These are some of the most profitable businesses ever built, getting more profitable.But the more important conversation is about what this means for everyone else.CSI has a framework for understanding how AI infrastructure investment actually flows — and it is the most useful mental model for investors trying to figure out where value accrues in the AI buildout. The hyperscalers eat first. They buy the technology and deploy it internally before any customer touches it. Their strategic investment partners eat second — OpenAI, Anthropic, and others who receive capital and get early infrastructure access. Enterprise software companies and Neo Cloud providers eat third. They get the leftovers, and right now they are scrambling.This creates two distinct problems. Neo Cloud companies have great infrastructure but no vertical integration — no final product of their own. The moment spare capacity appears in the market, their economics break down rapidly. Enterprise SaaS companies have great products but no infrastructure control — they get stuck waiting for technology that the hyperscalers have already been using internally for years.CSI lays out what both camps need to do to survive the next phase: Neo Clouds need to start developing software and services of their own before excess capacity forces their hand. Enterprise software companies need to start acquiring infrastructure assets — and there are already early signals that the smarter ones are doing exactly that.This episode was released to Semi Insider members several weeks before this public version. Members receive CSI's full research, live Q&A sessions, and analysis like this as it happens — not weeks later. If that matters to you, the membership page is at chipstockinvestor.comWhat we cover:— Why hyperscaler earnings reactions are about cashflow expectations not beats or misses— $750B+ in 2026 AI CapEx — full breakdown across Amazon, Microsoft, Alphabet, and Meta— Amazon Q1 2026: AWS +28% YoY, operating margin expanding to 13.1%— Microsoft Q1 2026: Intelligent Cloud +29% YoY, 46.3% operating margin— Alphabet Q1 2026: Google Cloud +63% YoY, 36.1% operating margin— Meta Q1 2026: +33% revenue, CapEx raised to $245B, why the stock reaction was muted— The ROI is real — operating leverage across all four hyperscalers— The "who eats first" hierarchy — the most useful AI investing framework right now— Neo Cloud companies — the vertical integration problem and what needs to change— Enterprise SaaS — why they are chasing the puck and what the smart ones are doing— Early signals: Salesforce, Snowflake, Fortinet, Trade Desk CapEx movesDisclosure: Nick and Kasey hold positions in several companies mentioned. This content is for general information only and is not individual investment advice. All investing involves risk.chipstockinvestor.com
Dr. Adeel Shaikh Muhammad, a cybersecurity strategist and global speaker with over 16 years of experience across information security, networks, and systems. Adeel brings a practical perspective on how organizations can adapt to evolving cyber threats and the growing role of AI in cybersecurity. Adeel, with an extraordinary portfolio of 40+ industry certifications, including CISSP, CISM, CISA, CCISO, PMP, CEH, ISO 27001 Lead Implementer & Auditor, and a robust suite of advanced Cisco, Microsoft, Fortinet, Barracuda, ITIL, PRINCE2, and AI-related credentials, he is a benchmark of technical mastery and visionary execution. His academic excellence includes a Master's in Cybersecurity and a current Doctorate in Business Administration (DBA) focused on the impact of AI in Security Operations Centers (SOCs) in the Gulf region.Adeel is the author of two acclaimed books—“AI-Driven Transformation of Security Operations Center (SOC)” and “AI and Us: The Ethical Choices”—bridging the critical intersection of AI innovation and ethical leadership.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io
Paul Spain visits Mike Casey at Electric Cherries in Central Otago for an inspiring dive into tech-driven sustainable farming. Discover how Mike went from tech startup success in Sydney to building New Zealand's first fully electric cherry orchard, where self-generated solar power slashes costs and future-proofs the business. Explore practical insights on electrification, energy economics, and why making smarter tech choices at every level can transform New Zealand's prosperity and sustainability.Special thanks to our show partners: 2degrees, Fortinet, One New Zealand, Spark New Zealand, Workday, and Gorilla Technology.
Podcast: SecurityWeek Podcast Series - Cybersecurity InsightsEpisode: Decoding the IEC 62443-4-1 Standard for OTPub date: 2026-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of the SecurityWeek Podcast, we speak with Rod Locke of Fortinet about the growing importance of IEC 62443 standards in operational technology (OT) security. The conversation explores secure-by-design principles, IEC 62443-4-1 certification, long-term security support for industrial systems, and how critical infrastructure operators can evaluate vendor security practices as IT and OT environments continue to converge. Follow SecurityWeek on LinkedInThe podcast and artwork embedded on this page are from SecurityWeek, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In der heutigen Folge sprechen die Finanzjournalisten Daniel Eckert und Lea Oetjen über die Kursexplosion von DataDog, ein Rekordtief an den US-Börsen und einen Dämpfer für McDonald's. Außerdem geht es um Fortinet, Arm Holdings, Coinbase, Tesla, Siemens Healthineers, Vonovia, Nvidia, Rheinmetall, Henkel, 2G Energy, Apple, Amazon, Alphabet und Broadcom. Wir freuen uns an Feedback über aaa@welt.de. Noch mehr "Alles auf Aktien" findet Ihr bei WELTplus und Apple Podcasts – inklusive aller Artikel der Hosts. Hier bei WELT: https://www.welt.de/podcasts/alles-auf-aktien/plus247399208/Boersen-Podcast-AAA-Bonus-Folgen-Jede-Woche-noch-mehr-Antworten-auf-Eure-Boersen-Fragen.html. Hier könnt ihr den AAA-Newsletter abonnieren: https://www.welt.de/newsletter/article232797673/Alles-auf-Aktien-Der-taegliche-Boersen-Newsletter-fuer-WELTplus-Abonnenten.html Und - ganz neu: AAA gibt es jetzt auch auf Instagram: https://www.instagram.com/alles_auf_aktien/ Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Hörtipps: Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. +++ Werbung +++ Du möchtest mehr über unsere Werbepartner erfahren? Hier findest du alle Infos & Rabatte! https://linktr.ee/alles_auf_aktien Impressum: https://www.welt.de/services/article7893735/Impressum.html Datenschutz: https://www.welt.de/services/article157550705/Datenschutzerklaerung-WELT-DIGITAL.html
Carl Quintanilla, Jim Cramer and David Faber drilled down on new record highs for the S&P 500 and Nasdaq — amid investor hopes for an Iran deal. AI in the spotlight: In a "First on CNBC" interview, Arm Holdings CEO Rene Haas spoke about the chip designer's better-than-expected results, which didn't stop the stock from falling sharply lower. The anchors discussed what Anthropic CEO Dario Amodei said about the AI startup trying to keep up with demand, after posting 80-fold growth in Q1. Also in focus: McDonald's beats on earnings despite a "challenging environment," Shake Shack tumbles, the Iran war effect on Whirlpool's stock, Datadog and Fortinet soar and spark a software rally, Elon Musk's take on the SpaceX-Anthropic deal. Squawk on the Street Disclaimer Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
In this episode of the SecurityWeek Podcast, we speak with Rod Locke of Fortinet about the growing importance of IEC 62443 standards in operational technology (OT) security. The conversation explores secure-by-design principles, IEC 62443-4-1 certification, long-term security support for industrial systems, and how critical infrastructure operators can evaluate vendor security practices as IT and OT environments continue to converge. Follow SecurityWeek on LinkedIn
Host Paul Spain is joined by Cam Richardson, founder of Paysquad, to dive into the latest in tech news and innovation. They discuss Amazon scrapping its West Auckland data centre plans, the expansion of AI-powered infrastructure in Invercargill, EV charging with ChargeNet, movie deal for a Kiwi-led Roblox game, Apple's Vision Pro headset future and data security concerns around Chinese EVs. Plus, they break down new rules at the Oscars regarding AI-generated content and Taylor Swift's play for control in the AI era. Cam also shares the origin, mission, and future vision of Paysquad, a Kiwi fintech making group payments possible at checkout.Thanks to our Partners One NZ, Workday, 2degrees, Spark, Fortinet and Gorilla Technology
Take a Network Break! It’s a busy show this week. We start with follow-up on Anthropic’s Project Glasswing, router bans, and end-of-engineering/end-of-support date changes for Fortinet’s FortiOSv7.4. Our Red Alert warns of 13 critical CVEs in the Linux kernel (all of which can be addressed by updating to version 7). On the news front, Cisco... Read more »
Take a Network Break! It’s a busy show this week. We start with follow-up on Anthropic’s Project Glasswing, router bans, and end-of-engineering/end-of-support date changes for Fortinet’s FortiOSv7.4. Our Red Alert warns of 13 critical CVEs in the Linux kernel (all of which can be addressed by updating to version 7). On the news front, Cisco... Read more »
Take a Network Break! It’s a busy show this week. We start with follow-up on Anthropic’s Project Glasswing, router bans, and end-of-engineering/end-of-support date changes for Fortinet’s FortiOSv7.4. Our Red Alert warns of 13 critical CVEs in the Linux kernel (all of which can be addressed by updating to version 7). On the news front, Cisco... Read more »
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Lumma Stealer infection with Sectop RAT (ArechClient2) https://isc.sans.edu/diary/Lumma%20Stealer%20infection%20with%20Sectop%20RAT%20%28ArechClient2%29/32904 Three Recent Windows Defender Vulnerabilities Exploited (one 0-day) https://x.com/HuntressLabs/status/2044882115574091960 FortiSandbox PoC Exploit CVE-2026-39808 https://github.com/samu-delucas/CVE-2026-39808?tab=readme-ov-file NIST Updates NVD Operations to Address Record CVE Growth https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth
Interview with Jim Spignardo What does it take to build AI workflows that work? Why do so many fail? Jim isn't a typical ESW guest. I think it's essential for security folks to regularly step outside the security bubble and understand other perspectives and mindsets. That's what we're doing today with Jim. He specializes in building custom AI architecture and workflows for his clients. We discuss the state of AI in the enterprise and why so many of these efforts fail. We'll discuss the elements of AI success and whether security plays a role in helping AI efforts succeed or contribute to failures. Segment Resources: https://www.proarch.com/ Cowork vs Cowork - Why Microsoft 365 Copilot Cowork Is the One Built for Enterprise RSAC Exec Interviews, Part 1 Trends Revealed in Fortinet's FortiGuard Labs 2026 Global Threat Landscape Report Fortinet's Global Director of Threat Intelligence and Adversarial AI Research explores the trends revealed in the latest Global Threat Landscape Report from FortiGuard Labs, including a surge in AI-enabled cybercrime. As AI optimizes and accelerates attack techniques, here's how cyber defenders should respond. This segment is sponsored by Fortinet . Visit https://securityweekly.com/fortinetrsac to learn more about them! X-PHY Delivers Hardware-Enforced Security for the Age of AI Agents Camellia Chan, CEO and Co-Founder of X-PHY, discusses how Model Context Protocol (MCP) is making it easier for AI agents to plug into enterprise apps and operate with elevated permissions—creating new opportunities for attacks and data exfiltration. She explains how X-PHY's hardware-enforced monitoring and detection sit beyond the OS trust boundary to enforce immutable limits on what agents can do and stop threats before data is lost, so organizations can adopt agentic AI with confidence. Security leaders looking to deploy AI agents safely can request a demo or briefing with X-PHY at https://securityweekly.com/xphyrsac. RSAC Exec Interviews, Part 2 Introducing Legion Investigator: Goal-Oriented AI Investigations Traditional security playbooks often fail because they cannot capture the fluid, context-dependent reasoning required when a routine investigation hits a non-scripted "judgment point." Legion Investigator addresses this gap by employing goal-oriented AI agents that move beyond rigid scripts to interpret findings and execute complex, multi-step investigations based on your team's unique environment and expertise. By bridging the divide between automated execution and human-level reasoning, the platform ensures that every alert (no matter how unpredictable) is handled with the depth and consistency of a senior analyst. This segment is sponsored by Legion Security. Visit https://securityweekly.com/legionrsac to learn more about them! The Missing Layer in Zero Trust: The Security Policy Control Plane Zero Trust has become the dominant security architecture for hybrid and cloud environments, but many organizations are discovering that deploying enforcement technologies alone does not deliver operational control. Firewalls, cloud security groups, and microsegmentation platforms enforce access decisions, yet the policies behind those controls are often fragmented, difficult to validate, and constantly changing. In this conversation, FireMon CEO Jody Brazil discusses why modern security architectures increasingly require a security policy control plane: a layer that continuously validates how policy is enforced across firewalls, cloud networks, and segmentation platforms. The discussion explores why policy drift occurs in real environments, how enforcement systems become difficult to coordinate at scale, and what organizations must do to ensure Zero Trust policies remain consistent as infrastructure evolves. This segment is sponsored by FireMon. Visit https://securityweekly.com/firemonrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-455
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday April 2026 https://isc.sans.edu/forums/diary/Microsoft%20Patch%20Tuesday%20April%202026./32898/ Adobe Patches https://helpx.adobe.com/security/Home.html Fortinet Patches https://fortiguard.fortinet.com/psirt
Fortinet releases an emergency update for a critical vulnerability. A major outage disrupts Russian banking apps. A new report highlights critical skills gaps. CyberCorp scholars struggle to secure jobs. Scammers use QR codes in fake traffic violation schemes. A proposed lawsuit accuses Perplexity of oversharing users' AI transcripts. Cambodia outlaws scam centers. Scammers impersonate Harvard IT staff. With “wrench attack” threats of violence, life imitates art. Kevin Magee from Microsoft for Startups describes emerging trends. On Afternoon Cyber Tea with Ann Johnson, Ann speaks with Allie Mellen about her new book "Code War: How Nations Hack, Spy, and Shape the Digital Battlefield." Users find Copilot's terms of use highly entertaining. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Kevin Magee from Microsoft for Startups discussing how cybersecurity startups can succeed by focusing on real problems and navigating emerging trends. Tune into the full conversation here. Afternoon Cyber Tea On this segment of Afternoon Cyber Tea with Ann Johnson, Ann speaks with Allie Mellen about her new book "Code War: How Nations Hack, Spy, and Shape the Digital Battlefield." You can listen to the full conversation here and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. Selected Reading New FortiClient EMS flaw exploited in attacks, emergency patch released (Bleeping Computer) Major outage hits Russian banking apps, metro payments across regions (The Record) SANS 2026 report flags cybersecurity skills crisis, putting critical infrastructure and OT sectors at measurable breach risk (Industrial Cyber) CyberCorps grads consider private sector as fed hiring challenges persist (Federal News Network) Traffic violation scams switch to QR codes in new phishing texts (Bleeping Computer) Perplexity's "Incognito Mode" is a "sham," lawsuit says (Ars Technica) Cambodian parliament passes landmark cybercrime law after scam centre scrutiny (Reuters) Harvard Warns of Active Cyberattack Impersonating IT Staff and Targeting Affiliates (The Crimson) Wealthy California crypto holders targeted in violent ‘wrench attacks' (KTLA) Security (xkcd) Censys raises $70 million in a Series D round. (N2K Pro Business Briefing) Even Microsoft know Copilot can't be trusted (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Team PCP Update and Axios Post Mortem https://isc.sans.edu/diary/32864 https://github.com/axios/axios/issues/10636 Strapi NPM Packages Compromised https://safedep.io/malicious-npm-strapi-plugin-events-c2-agent/ Fortinet CVE-2026-35616 exctively exploited https://fortiguard.fortinet.com/psirt/FG-IR-26-099