POPULARITY
Categories
Today's Full Court Finance at Zacks explores two beaten-down S&P 500 stocks, Chipotle Mexican Grill (CMG) and Fortinet (FTNT), trading at least 30% below their highs that investors might want to buy as the benchmark trades near its peaks. Both Chipotle and Fortinet remain strong companies with durable businesses that are finding support at their long-term 200-week moving averages. (0:30) - Stock Market Update: Everything You Need To Know To Close August (4:45) - Chipotle Stock Is Down Nearly 40%: Should Investors Start Buying? (12:00) - Should Investors Buy Fortinet At A Major Discount? Podcast@Zacks.com
On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Oracle's long term CSO departs, and we're not that sad about it Canada's House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also behind child sextortion Reports that the UK has backed down on Apple crypto are… strange Oh and of course there's a Fortinet bug! There's always a Fortinet bug! This week's episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You'll never guess which one was a few lines of PAM config, and which was a multi-month engineering project! This episode is also available on Youtube. Show notes Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs Oracle CSO blasted over anti-security research rant - iTnews New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump' Cashout Scheme – Krebs on Security How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch UK has backed down on demand to access US Apple user data, spy chief says DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for" Hackers target Workday in social engineering attack Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970) U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge" 493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED .:: Phrack Magazine ::. Accenture to buy Australian cyber security firm CyberCX - iTnews
Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — The gif that keeps on giffing01:46 - Cyberattack Bricks Speed Cameras – BHIS - Talkin' Bout [infosec] News 2025-08-1802:39 - Story # 1: Perplexity made a sky-high $34.5 billion bid for Google Chrome — a bold and unusual move in the midst of antitrust scrutiny07:16 - Story # 2: Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say10:22 - Story # 3: How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes12:17 - Story # 4: Cisco discloses maximum-severity defect in firewall software13:56 - Story # 5: Data Dump From APT Actor Yields Clues to Attacker Capabilities19:13 - Story # 6: Russian cyberattack in the Netherlands leaves speed cameras offline indefinitely23:30 - Story # 7: HTTP/2 MadeYouReset Vulnerability Enables Massive DDoS Attacks24:51 - Story # 8: LAPD Eyes ‘GeoSpy', an AI Tool That Can Geolocate Photos in Seconds29:05 - Story # 9: Manpower discloses data breach affecting nearly 145,000 people34:51 - Story # 10: Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum35:34 - Story # 11: The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived40:54 - Story # 12: New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”46:28 - Story # 13: Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild48:13 - Story # 14: Plex warns users to patch security vulnerability immediately50:53 - ChickenSec: Noble Foods using soil mapping technology at organic egg farm
Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »
Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »
Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »
In this episode of Cybersecurity Today, host David Shipley reports from Fredericton, New Brunswick, amidst severe forest fires. The main story covers a data breach in Canada's House of Commons involving parliamentary employee information, attributed to a recent Microsoft vulnerability. The episode also discusses Fortinet's recent high-severity vulnerability patches and Microsoft's reminder of Windows 10 support ending in October 2025. Additionally, there's rare good news as researchers gain insights into the iMac 3.0 malware after a source code leak. The episode encourages vigilance, patching, and awareness of upcoming support changes while offering contact information and solicitation for audience engagement. 00:00 Introduction and Headlines 00:35 Canada's House of Commons Data Breach 03:48 Fortinet Vulnerabilities and Patches 05:49 Windows 10 End of Life Announcement 07:17 Malware Source Code Leak Insights 09:08 Conclusion and Viewer Engagement
Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503
Josh, Chris and Mark dive into the chaos of the back‑to‑school rush and the latest K‑12 tech headlines. Topics include Ohio's new requirement that districts adopt AI policies, the pros and cons of writing evergreen AI regulations, and how that mandate could interact with existing tech agreements. The trio also covers recent news like ChatGPT‑5's launch and integrations, a Fortinet vulnerability alert, and San Francisco Unified's payroll/ERP struggles. Between updates they share candid stories from the frontline: ticket surges as staff return, construction and classroom rollouts, recovering deleted Google accounts, and practical coping strategies for IT teams (from daily planning tricks to quick wellness tips). Expect first‑hand anecdotes, real‑world advice for managing summer‑to‑school transitions and a light‑hearted finale — the improvised children's story “Grumpy Josh and the Magical Gummies.” Tune in for an episode that blends policy debate, troubleshooting war stories, and a little comic relief. Referenced Links: https://marketbrief.edweek.org/regulation-policy/ohio-is-requiring-ai-policies-for-all-k-12-schools-will-other-states-follow/2025/08 https://www.govtech.com/education/k-12/sfusd-payroll-software-prompts-teachers-union-labor-complaint Grumpy Josh Storybook: https://g.co/gemini/share/477028792b1c 00:00:00-Intro 00:12:44-AI Policies in Education 00:17:00-Summer Woes 00:42:55-Grumpy Josh -------------------- NTP Managed Methods CTL VIZOR Fortinet -------------------- Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com Call us at 314-329-0363 X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.
Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503
Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503
Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503
A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform. Phishing attacks increasingly rely on personalization. Rooting and jailbreaking frameworks pose serious enterprise risks. Fortinet warns of a critical command injection flaw in FortiSIEM. Estonian nationals are sentenced in a crypto Ponzi scheme. Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Meet the Blockchain Bandits of Pyongyang. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Their team tested open-source, underground, and commercial AI models on vulnerability research and exploit development tasks—finding high failure rates and significant limitations, even among top commercial systems. Selected Reading Medical records for 1 million dialysis patients breached in data hack of VA vendor (Stars and Stripes) NSA Joins CISA and Others to Share OT Asset Inventory Guidance (NSA.gov) CISA warns of N-able N-central flaws exploited in zero-day attacks (Bleeping Computer) U.K. Secretly Spent $3.2 Million to Stop Journalists From Reporting on Data Breach (The New York Times) From Support Ticket to Zero Day (Horizon3.ai) Personalization in Phishing: Advanced Tactics for Malware Delivery (Cofense) The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device (Zimperium) Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild (Bleeping Computer) Estonians behind $577 million cryptomining fraud sentenced to 16 months (The Record) Someone counter-hacked a North Korean IT worker: Here's what they found (Cointelegraph) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer to exfiltrate passwords via email. https://isc.sans.edu/diary/CVE-2017-11882%20Will%20Never%20Die/32196 Windows Kerberos Elevation of Privilege Vulnerability Yesterday, Microsoft released a patch for a vulnerability that had already been made public. This vulnerability refers to the privilege escalation taking advantage of a path traversal issue in Windows Kerberos affecting Exchange Server in hybrid mode. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53779 Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images Some old Debian Docker images containing the xz-utils backdoor are still available for download from Docker Hub via the official Debian account. https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images FortiSIEM / FortiWeb Vulnerablities Fortinet patched already exploited vulnerabilities in FortiWeb and FortiSIEM https://fortiguard.fortinet.com/psirt/FG-IR-25-152 https://fortiguard.fortinet.com/psirt/FG-IR-25-448
Hack of federal court filing system exploited security flaws known since 2020 Pennsylvania attorney general says cyberattack knocked phone, email systems offline Spike in Fortinet VPN brute-force attacks raises zero-day concerns Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines
In this episode of Cybersecurity Today, host David Shipley covers critical security updates and vulnerabilities affecting Microsoft Exchange, Citrix NetScaler, and Fortinet SSL VPNs. With over 29,000 unpatched Exchange servers posing a risk for admin escalation and potential full domain compromise, urgent action is needed. Citrix Bleed 2 is actively being exploited, with significant incidents reported in the Netherlands and thousands of devices still unpatched globally. Fortinet SSL VPNs are experiencing a spike in brute force attacks, hinting at a possible new vulnerability on the horizon. Lastly, Shipley highlights notable moments from DEFCON 33, including innovative security hacks and sobering realities of the hacker community. Tune in for detailed breakdowns and insights on how to stay vigilant against these threats. 00:00 Introduction and Overview 00:32 Microsoft Exchange Vulnerability 02:54 Citrix Bleed Two Exploits 05:21 Fortinet SSL VPN Brute Force Attacks 07:39 Insights from DEFCON 33 13:46 Conclusion and Final Thoughts
The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com
If you like what you hear, please subscribe, leave us a review and tell a friend!
Börsen-Update: Trump, Handelskrieg & Quartalszahlen – Das müssen Anleger jetzt wissen! Willkommen zum aktuellen Börsenbriefing – dem Markt-Update für Privatanleger, die keine Zeit haben, sich durch endlose News zu kämpfen. Heute sprechen wir über: Donald Trump & Handelskrieg – wie die neuen Drohungen den Markt bewegen Korrekturgefahr – droht jetzt ein Rücksetzer an der Wall Street? Eli Lilly Absturz – warum die Aktie trotz Mega-Hype stark gefallen ist Gewinner der Berichtssaison – welche Aktien haben überraschend überzeugt Blick auf die Märkte – was die aktuelle Berichtssaison für dein Depot bedeutet Rezession – sind wir schon lange drin gewesen? Und wechseln wir jetzt in einen Boom? Airbnb-Pleite – die Aktie enttäuscht weiterhin! Auch schwach die Aktien von Fortinet, Snap und Rheinmetall. Auch die Beiersdorf Aktie schmiert böse ab in dieser Woche, genauso wie die Zalando Aktie Eigentlich gibt es nur schlechte Nachrichten? Trump verhängt Zölle auf Halbleiter von 100% und verdoppelt die Zölle für Indien auf 50% – auch die Schweiz muss blechen mit 39% – aber die Kurse steigen. Ist die Börse verrückt geworden?
Aktien hören ist gut. Aktien kaufen ist besser. Bei unserem Partner Scalable Capital geht's unbegrenzt per Trading-Flatrate oder regelmäßig per Sparplan. Alle weiteren Infos gibt's hier: scalable.capital/oaws. Aktien + Whatsapp = Hier anmelden. Lieber als Newsletter? Geht auch. Das Buch zum Podcast? Jetzt lesen. Siemens und Allianz performen. Telekom und Rheinmetall nicht ganz. Tschechien kriegt bald krasse Rüstungs-Aktie. Firefly ist krasse Space-Aktie. Eli Lilly leidet unter Pille. Trump will Intel-CEO feuern. Celsius, Dutch Bros und Duolingo = stark. Crocs & Fortinet = schwach. Scout24 (WKN: A12DM8) bald im DAX? Wie steht's um die Gig Economy? Die ersten werden die letzten sein = Airbnb (WKN: A2QG35). Uber-Flieger (WKN: A2PHHG) gibt es noch und DoorDash (WKN: A2QHEA) hat keinen Wachstums-Crash. Diesen Podcast vom 08.08.2025, 3:00 Uhr stellt dir die Podstars GmbH (Noah Leidinger) zur Verfügung.
Wall Street closed lower as rising rates and weak bond demand pressured markets. Treasury yields rose after soft bond auction results, dragging equities down. Healthcare stocks declined, with Eli Lilly falling on disappointing weight-loss drug data. Tech also struggled, with Fortinet plunging over 20% after a weak refresh cycle. Meanwhile, Trump announced tariffs on imported chips and urged Intel’s CEO to resign, unsettling the semiconductor space. In commodities, oil fell on news of a planned Trump-Putin meeting, easing geopolitical tensions. Elsewhere, the Bank of England cut rates to 4% in response to cooling inflation. Back home, Aussie shares are tracking lower for the week, though QBE is expected to report higher profits despite yield headwinds. The content in this podcast is prepared, approved and distributed in Australia by Commonwealth Securities Limited ABN 60 067 254 399 AFSL 238814. The information does not take into account your objectives, financial situation or needs. Consider the appropriateness of the information before acting and if necessary, seek appropriate professional advice.See omnystudio.com/listener for privacy information.
Wegen der Käufe von Russlands-Energie, wird Indien von USA mit Zöllen von 50% bestraft! Wir sehen auch in Folge der Ergebnisse teils größere Bewegungen. Während die Aktien von AMD, Super Micro und Snap teils stärker unter Druck stehen, geht es bei Shopify und Arista Networks deutlich aufwärts. Das Ertragsbild ist seit dem Closing insgesamt leicht positiv, mit Disney und McDonald's ebenfalls über den Erwartungen der Wall Street. Nach dem Closing werden die Ergebnisse von Airbnb, DoorDash und Fortinet gemeldet. Wichtige Wirtschaftsdaten gibt es heute keine, wobei die Auktion der 10-jährigen US-Staatsanleihen viel Beachtung finden wird. Abonniere den Podcast, um keine Folge zu verpassen! ____ Folge uns, um auf dem Laufenden zu bleiben: • X: http://fal.cn/SQtwitter • LinkedIn: http://fal.cn/SQlinkedin • Instagram: http://fal.cn/SQInstagram
Wir sehen in Folge der Ergebnisse teils größere Bewegungen in beide Richtungen. Während die Aktien von AMD, Super Micro und Snap teils stärker unter Druck stehen, geht es bei Shopify und Arista Networks deutlich aufwärts. Das Ertragsbild ist seit dem Closing insgesamt leicht positiv, mit Disney und McDonald's ebenfalls über den Erwartungen der Wall Street. Nach dem Closing werden die Ergebnisse von Airbnb, DoorDash und Fortinet gemeldet. Wichtige Wirtschaftsdaten gibt es heute keine, wobei die Auktion der 10-jährigen US-Staatsanleihen viel Beachtung finden wird. Ein Podcast - featured by Handelsblatt. +++Erhalte einen exklusiven 15% Rabatt auf Saily eSIM Datentarife! Lade die Saily-App herunter und benutze den Code wallstreet beim Bezahlen: https://saily.com/wallstreet +++ +++EXKLUSIVER NordVPN Deal ➼ https://nordvpn.com/Wallstreet Jetzt risikofrei testen mit einer 30-Tage-Geld-zurück-Garantie!+++ +++ Alle Rabattcodes und Infos zu unseren Werbepartnern findet ihr hier: https://linktr.ee/wallstreet_podcast +++ Der Podcast wird vermarktet durch die Ad Alliance. Die allgemeinen Datenschutzrichtlinien der Ad Alliance finden Sie unter https://datenschutz.ad-alliance.de/podcast.html Die Ad Alliance verarbeitet im Zusammenhang mit dem Angebot die Podcasts-Daten. Wenn Sie der automatischen Übermittlung der Daten widersprechen wollen, klicken Sie hier: https://datenschutz.ad-alliance.de/podcast.html
Arista's VeloCloud SD-WAN acquisition marks a major shift in the enterprise networking space, giving Arista a mature and cloud-native SD-WAN platform to complement its strengths in data center and cloud networking. For enterprise customers, the move could mean faster innovation, improved support, and stronger WAN-to-cloud integration. However, customers should be aware of potential risks with the acquisition including hardware changes, licensing shifts, and short-term integration hiccups. In this 7-minute podcast, Larry York and Tony Mangino from TC2 break down why the deal matters — and the potential impact on competition in the SD-WAN marketplace from the likes of Cisco, Fortinet, and Juniper. If you would like to learn more about our experience in this space, please visit our Technology Consulting & Strategy Development Services and Strategic Sourcing webpages. Follow us on LinkedIn: TC2 & LB3
Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »
Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »
Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »
CyberRatings, a non-profit that performs independent testing of security products and services, has released the results of comparative tests it conducted on Secure Service Edge, or SSE, services. Tested vendors include Cisco, Cloudflare, Fortinet, Palo Alto Networks, Skyhigh Security, Versa Networks, and Zscaler. We look at what was tested and how, highlight results, and discuss... Read more »
CyberRatings, a non-profit that performs independent testing of security products and services, has released the results of comparative tests it conducted on Secure Service Edge, or SSE, services. Tested vendors include Cisco, Cloudflare, Fortinet, Palo Alto Networks, Skyhigh Security, Versa Networks, and Zscaler. We look at what was tested and how, highlight results, and discuss... Read more »
Why Exclusive Networks says modern cybersecurity requires more than “pick, pack, and ship” “We're not just a distributor. We're a channel services aggregator — an extension of our partners' businesses.” — Jason Beal, President, Americas, Exclusive Networks In this episode of Technology Reseller News, publisher Doug Green sits down with Jason Beal, President, Americas, and Andrew Warren, VP of Sales and Marketing, North America, to explore how Exclusive Networks is rewriting the rules of cybersecurity distribution in North America. More than just moving product, Exclusive Networks delivers white-glove service, certified expertise, and true channel partnership — simplifying cybersecurity sales and delivery for MSPs, MSSPs, and solution providers. With over 45 country operations and reach into 170 markets, the company now brings its global playbook to North America with fresh investments, expanded services, and a unique partner-first approach. Key Highlights from the Conversation: Partner Empathy as Philosophy Exclusive Networks builds programs around the real-world needs of partners — from helping an MSP with student-powered hiring programs to assisting with complex financing, logistics, and field deployment. From MSP to MSSP, Cyber Expertise at Every Step Whether you're a security-focused MSP or a fully-fledged MSSP, Exclusive offers domain expertise, hands-on technical support, and services like SASE implementation, firewall deployment, and SOC augmentation through its CloudRise acquisition. Training & Certification Simplified With global training centers and relationships with top vendors like Fortinet and Palo Alto Networks, Exclusive lowers the barrier for entry but offers high benefits for those who commit to deep certification and specialization. Demand Generation for End Users and Partners Exclusive not only helps vendors reach the market — it also helps partners generate demand directly from end users, creating new revenue opportunities across the lifecycle. A New Kind of Distributor Exclusive Networks calls itself a “channel services aggregator”, offering a full lifecycle of services — from sales support and technology enablement to post-sales adoption and renewals — redefining what a modern cybersecurity distributor should be. What's Next? Expect new vendor partnerships, expanded services, and continued investment in dedicated local support across the U.S. and Canada — all backed by the belief that “people still do business with people.” Learn more at: www.exclusive-networks.com
Big thank you to DeleteMe for sponsoring this video. Go to http://joindeleteme.com/Bombal to receive a 20% discount. Discover how attackers exploit enterprise VPNs like Fortinet to gain admin access and compromise networks. In this video, OTW exposes a real authentication bypass exploit, explains the risks of outdated VPN devices, and shares expert tips on Linux, TCPDump, and staying secure. Perfect for cybersecurity pros, penetration testers, and anyone serious about digital defense. // Occupy The Web SOCIAL // X: / three_cube Website: https://hackers-arise.net/ // Occupy The Web Books // Linux Basics for Hackers 2nd Ed US: https://amzn.to/3TscpxY UK: https://amzn.to/45XaF7j Linux Basics for Hackers: US: https://amzn.to/3wqukgC UK: https://amzn.to/43PHFev Getting Started Becoming a Master Hacker US: https://amzn.to/4bmGqX2 UK: https://amzn.to/43JG2iA Network Basics for hackers: US: https://amzn.to/3yeYVyb UK: https://amzn.to/4aInbGK // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://hackers-arise.net/ // Playlists REFERENCE // Linux Basics for Hackers: • Linux for Hackers Tutorial (And Free Courses) Mr Robot: • Hack like Mr Robot // WiFi, Bluetooth and ... Hackers Arise / Occupy the Web Hacks: • Hacking Tools (with demos) that you need t... // YouTube video REFERENCE // Hacking IP Cameras: • Hacking IP Cameras (CCTV) with Demos and R... Are VPNs even safe now?: • Are VPNs even safe now? Hacker Explains // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.
Mit Ausnahme von ASML, fallen die seit gestern Abend gemeldeten Quartalszahlen überwiegend erfreulich aus. Im Bankensektor schlagen nun auch die Bank of America, Goldman Sachs, Morgan Stanley und PNC Financial die Ertragsziele der Wall Street. Zudem sehen wir ein insgesamt gesundes Kreditwachstum, mit abkühlenden Kreditausfällen. Ein gutes Omen für die Verbraucher und Wirtschaft. ASML kann die Ziele zwar schlagen, redet aber die Aussichten für 2026 nach unten. Der Wert steht entsprechend unter Druck. Was den Tech-Sektor erneut stützen sollte, sind anhaltend positive Stimmen von Analysten. Heute werden die Kursziele von Amazon, AMD, Fortinet, Google, IBM, Meta und Roblox angehoben. Abonniere den Podcast, um keine Folge zu verpassen! ____ Folge uns, um auf dem Laufenden zu bleiben: • X: http://fal.cn/SQtwitter • LinkedIn: http://fal.cn/SQlinkedin • Instagram: http://fal.cn/SQInstagram
Mit Ausnahme von ASML, fallen die seit gestern Abend gemeldeten Quartalszahlen überwiegend erfreulich aus. Im Bankensektor schlagen nun auch die Bank of America, Goldman Sachs, Morgan Stanley und PNC Financial die Ertragsziele der Wall Street. Zudem sehen wir ein insgesamt gesundes Kreditwachstum, mit abkühlenden Kreditausfällen. Ein gutes Omen für die Verbraucher und Wirtschaft. ASML kann die Ziele zwar schlagen, redet aber die Aussichten für 2026 nach unten. Der Wert steht entsprechend unter Druck. Was den Tech-Sektor erneut stützen sollte, sind anhaltend positive Stimmen von Analysten. Heute werden die Kursziele von Amazon, AMD, Fortinet, Google, IBM, Meta und Roblox angehoben. Ein Podcast - featured by Handelsblatt. +++Erhalte einen exklusiven 15% Rabatt auf Saily eSIM Datentarife! Lade die Saily-App herunter und benutze den Code wallstreet beim Bezahlen: https://saily.com/wallstreet +++ +++EXKLUSIVER NordVPN Deal ➼ https://nordvpn.com/Wallstreet Jetzt risikofrei testen mit einer 30-Tage-Geld-zurück-Garantie!+++ +++ Alle Rabattcodes und Infos zu unseren Werbepartnern findet ihr hier: https://linktr.ee/wallstreet_podcast +++ Der Podcast wird vermarktet durch die Ad Alliance. Die allgemeinen Datenschutzrichtlinien der Ad Alliance finden Sie unter https://datenschutz.ad-alliance.de/podcast.html Die Ad Alliance verarbeitet im Zusammenhang mit dem Angebot die Podcasts-Daten. Wenn Sie der automatischen Übermittlung der Daten widersprechen wollen, klicken Sie hier: https://datenschutz.ad-alliance.de/podcast.html
In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet's FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code. 00:00 Introduction and Overview 00:35 Urgent Citrix Vulnerability Alert 03:26 Fortinet FortiWeb Exploit Details 06:23 Ingram Micro Ransomware Recovery 09:26 AI Coding and Security Risks 14:03 ChatGPT Security Flaw Exposed 17:20 Conclusion and Contact Information
Fortinet patches a critical flaw in its FortiWeb web application firewall. Hackers are exploiting a critical vulnerability in Wing FTP Server. U.S. Cyber Command's fiscal 2026 budget includes a new AI project. Czechia's cybersecurity agency has issued a formal warning about Chinese AI company DeepSeek. The DoNot APT group targets Italy's Ministry of Foreign Affairs. Mexico's former president is under investigation for alleged bribes to secure spyware contracts. The FBI seizes a major Nintendo Switch piracy site. CISA releases 13 ICS advisories. A retired US Army lieutenant colonel pleads guilty to oversharing classified information on a dating app. Our guest is Catherine Woneis, VP of Product at Fingerprint, to discuss how bots are being used to facilitate music royalty fraud. A federal judge is not impressed with a crypto-thief's lack of restitution. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Catherine Woneis, VP of Product at Fingerprint, to discuss how bots are being used to facilitate music royalty fraud and how companies can protect themselves. Selected Reading Critical SQL injection vulnerability in Fortinet FortiWeb enables unauthenticated remote code execution (Beyond Machines) Critical Wing FTCritical Wing FTP Server Vulnerability Exploited - SecurityWeekP Server Vulnerability Exploited (SecurityWeek) Cyber Command creates new AI program in fiscal 2026 budget (DefenseScoop) DeepSeek a threat to national security, warns Czech cyber agency (The Record) Indian Cyber Espionage Group Targets Italian Government (Infosecurity Magazine) Former Mexican president investigated over allegedly taking bribes from spyware industry (The Record) Major Nintendo Switch Piracy Website Seized By FBI (Kotaku) CISA Releases Thirteen Industrial Control Systems Advisories (CISA) Lovestruck US Air Force worker admits leaking secrets on dating app (The Register) Crypto Scammer Truglia Gets 12 Years Prison, Up From 18 Months (Bloomberg) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Alissa Coram and Ed Carson analyze Monday's market action and discuss key stocks to watch on Stock Market Today. Learn more about your ad choices. Visit megaphone.fm/adchoices
If you like what you hear, please subscribe, leave us a review and tell a friend!
This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor naming conventions I have the phone number linked to your Google account Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us) retiring floppy disks fault injection for the masses there is no defender AI blackmails Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-878
This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor naming conventions I have the phone number linked to your Google account Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us) retiring floppy disks fault injection for the masses there is no defender AI blackmails Show Notes: https://securityweekly.com/psw-878
This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor naming conventions I have the phone number linked to your Google account Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us) retiring floppy disks fault injection for the masses there is no defender AI blackmails Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-878
In this episode, Avanish and Andrew discuss:Andrew's journey as an "operational CFO" from Sun Microsystems through ServiceNow, WalkMe, Lacework, and now Amplitude, being part of the team that built ServiceNow from $400M to $4.5B ARRWhy CFOs must "play chess, not checkers" - thinking several moves ahead about decision implications and making strategic investment pivots for anticipated future growthThe critical difference between multi-product and platform strategies: true platforms have definite customer adoption journeys where products aren't sold independentlyRecognizing platform readiness signals: when customers organically create their own workflows and use cases you never conceived, like hospitals using Amplitude for emergency room optimizationBuilding effective teams by mixing "veterans with rookies" to solve problems rather than just "admire problems," and driving focused execution around single key investmentsThe "fair exchange of value" approach to pricing and partnerships that emphasizes customer adoption, transparency, and simplicity over complexityAbout Avanish Sahai:Avanish Sahai is a Tidemark Fellow and served as a Board Member of Hubspot from 2018 to 2023; he currently serves on the boards of Birdie.ai, Flywl.com and Meta.com.br as well as a few non-profits end educational boards. Previously, Avanish served as the vice president, ISV and Apps partner ecosystem of Google from 2019 until 2021. From 2016 to 2019, he served as the global vice president, ISV and Technology alliances at ServiceNow. From 2014 to 2015, he was the senior vice president and chief product officer at Demandbase. Prior to Demandbase, Avanish built and led the Appexchange platform ecosystem team at Salesforce, and was an executive at Oracle and McKinsey & Company, as well as various early-to-mid stage startups in Silicon Valley.About Andrew Casey: Andrew Casey is Chief Financial Officer at Amplitude, where he leads Amplitude's General & Administrative organization, which includes finance, accounting, and legal. With more than 25 years of enterprise software experience, Casey brings deep financial expertise combined with extensive go-to-market strategy and business operations experience.Casey joined Amplitude from Lacework, where he served as CFO and oversaw its successful acquisition by Fortinet. Prior to that, he was the CFO of WalkMe, where he led its Initial Public Offering (IPO) and transformed its enterprise sales motion. Casey's career also includes senior finance roles with ServiceNow, Hewlett-Packard, NortonLifeLock Inc. (formerly Symantec), Oracle, and Sun Microsystems.About TidemarkTidemark is a venture capital firm, foundation, and community built to serve category-leading technology companies as they scale. Tidemark was founded in 2021 by David Yuan, who has been investing, advising, and building technology companies for over 20 years. Learn more at www.tidemarkcap.com.LinksFollow our guest, Andrew CaseyFollow our host, Avanish SahaiLearn more about Tidemark
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SVG Steganography Steganography is not only limited to pixel-based images but can be used to embed messages into vector-based formats like SVG. https://isc.sans.edu/diary/SVG%20Steganography/31978 Fortinet Vulnerability Details CVE-2025-32756 Horizon3.ai shows how it was able to find the vulnerability in Fortinet s products, and how to possibly exploit this issue. The vulnerability is already being exploited in the wild and was patched May 13th https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/ Remote Prompt Injection in GitLab Duo Leads to Source Code Theft An attacker may leave instructions (prompts) for GitLab Duo embedded in the source code. This could be used to exfiltrate source code and secrets or to inject malicious code into an application. https://www.legitsecurity.com/blog/remote-prompt-injection-in-gitlab-duo
Three Buddy Problem - Episode 46: We dig into a Coinbase breach headlined by bribes, rogue contractors and a $20 million ransom demand. Plus, (another!) batch of Ivanti and Microsoft zero-days being exploited in the wild, a new 'Intrusion Logging' feature coming to Android, Apple's iOS 18.5 patches, and the EU announcing its own vulnerability database and software vendor secure-coding pledge. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being exploited. In particular, a remote code execution vulnerability in the scripting engine should be taken seriously. It requires the Microsoft Edge browser to run in Internet Explorer mode. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20May%202025/31946 Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428) Ivanti patched an authentication bypass vulnerability and a remote code execution vulnerability. The authentication bypass can exploit the remote code execution vulnerability without authenticating first. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US Fortinet Patches Exploited Vulnerability in API (CVE-2025-32756) Fortinet patched an already exploited stack-based buffer overflow vulnerability in the API of multiple Fortinet products. The vulnerability is exploited via crafted HTTP requests. https://fortiguard.fortinet.com/psirt/FG-IR-25-254
On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back! The ransomware ecosystem is finding life a bit tough lately SAP Netweaver bug being used by Chinese APT crew Academics keep just keep finding CPU side-channel attacks And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF? This week's episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future. This episode is also available on Youtube. Show notes Exploiting Copilot AI for SharePoint | Pen Test Partners MrBruh's Epic Blog Ransomware group Lockbit appears to have been hacked, analysts say | Reuters "CONTI LEAK: Video they tried to bury! 6+ Conti members on a private jet. TARGET's birthday — $10M bounty on his head. Filmed by TARGET himself. Original erased — we kept a copy." Mysterious hackers who targeted Marks and Spencer's computer systems hint at political allegiance as they warn other tech criminals not to attack former Soviet states The organizational structure of ransomware groups is evolving rapidly. SAP NetWeaver exploitation enters second wave of threat activity China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures DOGE software engineer's computer infected by info-stealing malware Hackers hijack Japanese financial accounts to conduct nearly $2 billion in trades FBI and Dutch police seize and shut down botnet of hacked routers Poland arrests four in global DDoS-for-hire takedown School districts hit with extortion attempts after PowerSchool breach EU launches vulnerability database to tackle cybersecurity threats Training Solo - vusec Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet PSIRT | FortiGuard Labs EPMM Security Update | Ivanti
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap' to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinetrsac to learn more about them! Unpacking the latest annual report from Fortinet's FortiGuard Labs. We're talking with Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet's FortiGuard Labs, to get a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework. The report reveals that threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders. Read the full report at https://securityweekly.com/fortinetrsac. This segment is sponsored by Cobalt. Visit https://securityweekly.com/cobaltrsac to learn more about them! In this interview, Gunter Ollmann, Chief Technology Officer at Cobalt, unpacks the findings from the State of Pentesting Report 2025, spotlighting both measurable security progress and the rising challenges introduced by generative AI (genAI). While the report shows that organizations are resolving vulnerabilities faster than ever, genAI systems stand out as a growing security blind spot: only 21% of serious genAI vulnerabilities identified during penetration testing are fixed, compared to over 75% for API flaws and 68% for cloud vulnerabilities. Nearly 32% of genAI-related findings were classified as high risk — more than double the average across other systems. And although 98% of organizations are adopting genAI-powered features, only 66% are running regular security assessments on those systems. Segment Resources: https://www.cobalt.io/blog/key-takeaways-state-of-pentesting-report-2025 https://resource.cobalt.io/state-of-pentesting-2025?gl=1*zwbjgz*gclaw*R0NMLjE3MzcwNTU5ODMuQ2owS0NRaUEtYUs4QmhDREFSSXNBTF8tSDltRlB0X2FmSVhnQnBzSjYxOHlRZ1dhcmRMQ0lHalo3eVgxcTh1cHVnWFVwV0todHFPSDFZZ2FBb0hNRUFMd193Y0I.*gcl_au*MTc4MjQwMTAwNC4xNzQ0NjM0MTgz Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-395
In this episode of Cybersecurity Today, host Jim Love covers recent cybersecurity incidents including a data breach at Mark's and Spencer, the FBI's alert on outdated routers being exploited, and critical Fortinet vulnerabilities actively used in attacks. Additionally, the episode discusses a researcher's proof of concept showing how ransomware can be embedded directly into a CPU, bypassing traditional security measures. Listeners are urged to stay vigilant and implement necessary security patches and updates. 00:00 Breaking News: Marks and Spencer Data Breach 01:37 FBI Alert: Outdated Routers at Risk 03:43 Fortinet Zero-Day Vulnerability 05:46 Ransomware Embedded in CPUs: A New Threat 08:13 Conclusion and Contact Information
Once a month, the Packet Protector podcast likes to see what’s going on out there via our news roundup. There’s a lot happening! Today we discuss Fortinet warning that a threat actor has found a way to maintain read-only access on Fortinet devices even if you’ve applied the patch for the original threat. Avanti VPNs... Read more »
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248) After spotting individaul attempts to exploit the recent Langflow vulnerability late last weeks, we now see more systematic internet wide scans attempting to verify the vulnerability. https://isc.sans.edu/forums/diary/Exploit+Attempts+for+Recent+Langflow+AI+Vulnerability+CVE20253248/31850/ Fortinet Analysis of Threat Actor Activity Fortinet oberved recent vulnerablities in its devices being used to add a symlink to ease future compromise. The symlink is not removed by prior patches, and Fortinet released additional updates to detect and remove this attack artifact. https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity MSFT Inetpub Microsoft clarrified that its April patches created the inetpub directory on purpose. Users should not remove it. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204#exploitability SANSFIRE https://isc.sans.edu/j/sansfire
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday Microsoft patched over 120 vulnerabilities this month. 11 of these were rated critical, and one vulnerability is already being exploited. https://isc.sans.edu/diary/Microsoft%20April%202025%20Patch%20Tuesday/31838 Adobe Updates Adobe released patches for 12 different products. In particular important are patches for Coldfusion addressing several remote code execution vulnerabilities. Adobe Commercse got patches as well, but none of the vulnerabilities are rated critical. https://helpx.adobe.com/security/security-bulletin.html OpenSSL 3.5 Released OpenSSL 3.5 was released with support to post quantum ciphers. This is a long term support release. https://groups.google.com/a/openssl.org/g/openssl-project/c/9ZYdIaExmIA Fortiswitch Update Fortinet released an update for Fortiswitch addressing a vulnerability that may be used to reset a password without verification. https://fortiguard.fortinet.com/psirt/FG-IR-24-435