Podcasts about Fortinet

Patrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the week's cybersecurity news, including: Notepad++ update supply chain attack has been attributed to China The AI agent future is even more stupid than expected; behold the OpenClaw/Clawdbot/Moltbook mess The Epstein files claim he had a personal hacker? Microsoft is finally getting ready to (think about starting to begin to) disable NTLM by default The usual bugs in the usual things! Ivanti, Fortinet, and Solarwinds. Again. Telco hides a free trip in its privacy policy, someone actually reads it and wins! This weeks's episode is sponsored by opensource IDP platform Authentik. CEO Fletcher Heisler talks to Pat about their new endpoint agent that can enforce device posture policies during login. This episode is also available on Youtube. Show notes The Chrysalis Backdoor: A Deep Dive into Lotus Blossom's toolkit Notepad++ Hijacked by State-Sponsored Hackers | Notepad++ Notepad++ v8.8.3 - Self-signed Certificate: Certified by Code, Not Corporations | Notepad++ Hacking Moltbook: AI Social Network Reveals 1.5M API Keys | Wiz Blog lcamtuf on X: "Moltbook debate in a nutshell" / X Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site AndrewMohawk on X: "How exactly did an attacker send a message to your bot since you need to approve all the channels and set keys etc" / X Signal president warns AI agents are making encryption irrelevant Massive AI Chat App Leaked Millions of Users Private Conversations Runa Sandvik on X: New court record from the FBI details the state of the devices seized from Washington Post reporter Hannah Natanson EFTA01683874.pdf Disrupting the World's Largest Residential Proxy Network | Google Cloud Blog Nobel Committee says Peace Prize winner likely revealed early by digital spying | Reuters County pays $600,000 to pentesters it arrested for assessing courthouse security - Ars Technica Advancing Windows security: Disabling NTLM by default - Windows IT Pro Blog Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts | Cybersecurity Dive CISA orders federal agencies to patch exploited SolarWinds bug by Friday | The Record from Recorded Future News CISA, security researchers warn FortiCloud SSO flaw is under attack | Cybersecurity Dive Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach | TechCrunch We Hid a Free Trip to Switzerland in Our Privacy Policy. Someone Found It in 2 Weeks. - Cape Between Two Nerds: The internal logic of Russian power grid attacks - YouTube

The AI Grief Counselor Sketch, Fortinet, BSODs, WINRAR, Montreaux, Big Iron, Memory Prices, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-551

(Presented by Material Security: We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 83: Poland's CERT documents a rare, explicit wiper attack on civilians in a NATO country, including detailed attribution of a Russian government op targeting the electric grid in the heart of winter. We examine why this crosses a long-avoided threshold, why attribution suddenly matters again, and what it says about pre-positioned access, vendor insecurity, and the shrinking gap between cyber operations and acts of war. Plus, another Fortinet fiasco, a new batch of Ivanti zero-days under attack, an emergency patch from Microsoft and the return of the mysterious KasperSekrets account. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Another set of vulnerabilities in SolarWinds Web Helpdesk may result in unauthenticated system access https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/

CISA's interim director uploaded sensitive government material into the public version of ChatGPT. The cyberattack on Poland's power grid compromised roughly 30 energy facilities. The EU and India sign a new partnership that includes expanded cyber cooperation. Meta rolls out enhanced WhatsApp security features. Researchers uncover a campaign targeting LLM service endpoints. Fortinet and OpenSSL patch multiple vulnerabilities. A high-severity WinRAR vulnerability continues to see widespread exploitation six months after it was patched. The SoundCloud data breach affected nearly 30 million users. Ben Yelin explains the California lawsuit accusing social media platforms of harming kids. A Spanish resort town gets hit with low-rent ransomware.   Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Dave is joined by his Caveat co-host Ben Yelin, Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, to discuss the upcoming trial where Meta and YouTube will make their case against accusations of social media being harmful to children. You can learn more here.  T-Minus Guest Host Our T-Minus Space Daily podcast team is in Orlando, FL this week covering Commercial Space Week. Yesterday while the crew was on travel making their way to the event, Dave Bittner took his first spin behind the mic on T-Minus. Tune in and let us know how Dave did! You can follow along with host Maria Varmazis and producers Alice Carruth and Liz Stokes for event coverage via our LinkedIn profile. Selected Reading Trump's acting cyber chief uploaded sensitive files into a public version of ChatGPT (POLITICO) Cyberattack on Poland's power grid hit around 30 energy facilities, new report says (The Record) Europe/India • Indian 'hackers for hire' to continue to thrive under Brussels-New Dehli trade deal (Intelligence Online) New WhatsApp lockdown feature protects high-risk users from hackers (Bleeping Computer) Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation (Bleeping Computer) Fortinet Patches Exploited FortiCloud SSO Authentication Bypass (SecurityWeek) High-Severity Remote Code Execution Vulnerability Patched in OpenSSL (SecurityWeek) Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect (CyberScoop) SoundCloud breach added to HIBP, 29.8 million accounts exposed (CyberInsider) Spanish municipality Sanxenxo City Council calls hackers bluff as malware takes over network (Cryptopolitan) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Send us a textIn this powerhouse episode, Joey Pinz sits down with one of cybersecurity's most influential builders—a serial market maker who has helped shape some of the industry's most iconic companies. From Sourcefire and Fortinet to Cylance, Javelin, and now Sevco Security, Fitz brings unmatched perspective on what separates successful cyber companies from the rest—and what MSPs must do now to stay relevant.Fitz breaks down why visibility is the core of modern security, why most organizations still don't actually know what assets they have, and how exposure management has become the foundation of cyber resilience. He also explains where the real money is flowing in the MSP/MSSP space, the biggest mistakes founders still make, and what MSPs must do to move confidently into security services.On the personal side, Fitz shares insights from a life built around curiosity, communication, and impact—shaped by early roles at Coca-Cola during the Olympics, BMC, Compaq, and decades of startup leadership. His mission today? Protect the planet through better security, better intelligence, and smarter business decisions.

Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Take a Network Break! We start with a Red Alert in Oracle’s WebLogic Server Proxy Plugin for Apache or IIS, which has a severity score of 10. In the news, Fortinet warns that attackers have found a new exploit path against previously-patched vulnerabilities, Microsoft 365 services suffered an outage, and ServiceNow inks a deal with... Read more »

Take a Network Break! We start with a Red Alert in Oracle’s WebLogic Server Proxy Plugin for Apache or IIS, which has a severity score of 10. In the news, Fortinet warns that attackers have found a new exploit path against previously-patched vulnerabilities, Microsoft 365 services suffered an outage, and ServiceNow inks a deal with... Read more »

Take a Network Break! We start with a Red Alert in Oracle’s WebLogic Server Proxy Plugin for Apache or IIS, which has a severity score of 10. In the news, Fortinet warns that attackers have found a new exploit path against previously-patched vulnerabilities, Microsoft 365 services suffered an outage, and ServiceNow inks a deal with... Read more »

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.China's pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet's FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Cybersecurity Today: Critical Fortinet Flaws, Windows 11 Issues, and Major Cloud Security Near Miss In today's episode of Cybersecurity Today, host David Shipley covers several pressing cybersecurity topics including the continued exploitation of Fortinet flaws despite recent patches, Windows 11 systems failing to boot after January updates, a thwarted cyber attack on Poland's energy sector by the Sandworm group, a sophisticated phishing campaign targeting the energy sector, and a critical AWS vulnerability that posed a significant risk to cloud security globally. Stay informed on these key issues and more. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:48 Fortinet Flaws Still Actively Exploited 03:08 Windows 11 Update Issues 04:44 Cyber Attack on Poland's Energy Systems 06:18 Phishing Campaign Targeting Energy Sector 07:48 AWS CodeBuild Vulnerability 10:26 Conclusion and Final Thoughts

If you like what you hear, please subscribe, leave us a review and tell a friend!

At long last, a TikTok deal. Officials urge lawmakers to keep an eye on the quantum ball. Fortinet confirms active exploitation of a critical authentication bypass flaw. Ireland plans to authorize spyware for law enforcement. Okta warns customers of sophisticated vishing kits. Under Armour investigates data breach claims. CISA adds a Zimbra Collaboration Suite flaw to the known exploited vulnerabilities list. Poor OpSec enables recovery of data stolen by the INC ransomware gang. The DOJ deports a pair of Venezuelans convicted of ATM jackpotting. Our guest is Chris Nyhuis, Founder and CEO of Vigilant, sharing practical steps to protect money, identity, and devices.  Curl pulls the plug on bug bounties after drowning in AI slop. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Chris Nyhuis, Founder and CEO of Vigilant, sharing "practical steps consumers can take in 2026 to protect their money, identity, and devices." Selected Reading TikTok Strikes Deal to Create New U.S. Entity and Loosen App's Ties to China (New York Times) US Officials Urge Congress to Reauthorize Key Quantum Law (BankInfo Security) Fortinet confirms critical FortiCloud auth bypass not fully patched (Bleeping Computer) Ireland plans law allowing law enforcement to use spyware (The Record) Okta SSO accounts targeted in vishing-based data theft attacks (Bleeping Computer) Under Armour Investigates Data Breach (Infosecurity Magazine) Organizations Warned of Exploited Zimbra Collaboration Vulnerability  (SecurityWeek) INC ransomware opsec fail allowed data recovery for 12 US orgs (Bleeping Computer) 2 Venezuelans Convicted in US for Using Malware to Hack ATMs (SecurityWeek) Curl ending bug bounty program after flood of AI slop reports (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Is AI-Generated Code Secure? Xavier used the free static code analysis tool Bandit to review code he wrote with heavy AI support. https://isc.sans.edu/diary/Is%20AI-Generated%20Code%20Secure%3F/32648 Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts Arctic Wolf summarized some of the attacks it is seeing against FortiGate devices via the insufficiently patched SSL vulnerability. https://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-configuration-changes-fortinet-fortigate-devices-via-sso-accounts/ ISC BIND DoS vulnerability in Drone ID Records HHIT and BRID records, which are used as part of Drone ID, can be used to crash named if their length is 3 bytes. https://marlink.com/resources/knowledge-hub/isc-bind-vulnerability-discovered-and-disclosed-by-marlink-cyber/ SmarterTools SmarterMail Password Reset Vulnerability SmarterTools recently patched a trivial vulnerability in SmarterMail that would allow anybody without authentication to reset administrator passwords. https://labs.watchtowr.com/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass/

AI Cage Match, Fortinet, Cisco, DVWA, Polonium, Small Town AIs, LastPass, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-549

(Presented by Material Security: We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 82: We parse news that China-linked VoidLink is a malware framework created entirely by AI and the collapsing line between elite APT operations and everyday threat actors. Plus, a new Sean Heelan essay on low-cost exploit generation and why “AI guardrails” are mostly a comforting myth; AI slop overwhelming bug bounty programs; CISA's new Brickstorm YARA rules; and fresh research on a wiper-malware found in Russian attacks against Poland's electricity sector. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

AI Cage Match, Fortinet, Cisco, DVWA, Polonium, Small Town AIs, LastPass, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-549

AI Cage Match, Fortinet, Cisco, DVWA, Polonium, Small Town AIs, LastPass, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-549

CISA's acting director assures Congress the agency has “stabilized”. Google and Cisco patch critical vulnerabilities. Fortinet firewalls are being hit by automated attacks that create rogue accounts. A global spam campaign leverages unsecured Zendesk support systems. LastPass warns of attempted account takeovers. Greek authorities make arrests in a sophisticated fake cell tower scam. Executives at Davos express concerns over AI. Pwn2Own Automotive proves profitable. Our guest is Kaushik Devireddy, AI data scientist at Fable Security, with insights on a fake ChatGPT installer. New password, same as the old password.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kaushik Devireddy, AI data scientist at Fable Security, discussing their work on "How a fake ChatGPT installer tried to steal my password". Selected Reading CISA Is 'Trying to Get Back on Its Mission' After Trump Cuts (CISA) Google Patches High-Severity V8 Race Condition in Chrome 144 published: today (Beyond Machines) Cisco Patches Actively Exploited Flaw in Unified Communications Products (Beyond Machines) Hackers breach Fortinet FortiGate devices, steal firewall configs (Bleeping Computer) Zendesk ticket systems hijacked in massive global spam wave (Bleeping Computer) LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords (Infosecurity Magazine) Greek Police Arrest Scammers in Athens Using Fake Cell Tower for SMS Phishing Operation (TechNadu) Execs at Davos say AI's biggest problem isn't hype — it's security (Business Insider) Hackers exploit 29 zero-days on second day of Pwn2Own Automotive (Bleeping Computer) Analysis of 6 Billion Passwords Shows Stagnant User Behavior (SecurityWeek) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Automatic Script Execution In Visual Studio Code Visual Studio Code will read configuration files within the source code that may lead to code execution. https://isc.sans.edu/diary/Automatic%20Script%20Execution%20In%20Visual%20Studio%20Code/32644 Cisco Unified Communications Products Remote Code Execution Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b Zoom Vulnerability A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to execute remote code on the MMR via network access. https://www.zoom.com/en/trust/security-bulletin/zsb-26001/ Possible new SSO Exploit (CVE-2025-59718) on 7.4.9 https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/ SANS SOC Survey The 2026 SOC Survey is open, and we need your input to create a meaningful report. Please share your experience so we can advocate for what actually works in the trenches. https://survey.sans.org/jfe/form/SV_3ViqWZgWnfQAzkO?is=socsurveystormcenter

In the security news: Rainbow tables for everyone Lilygo releases a new T-Display that looks awesome AI generated malware for real Detecting BadUSB when its not a dongle A telnetd vulnerability Google Fast Pair and how I took control of your headset Should we make CVE noise? Exploiting the Fortinet patch DIY data diode Bambu NFC reader for your Flipper Payloads in PNG files Don't leave the lab door open - amazing research and new tool release Fixing your breadboards Finding vulnerabilities in AI using AI Then, Rob Allen from ThreatLocker joins us to discuss default allow, and why that is still a really bad idea. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-910

In the security news: Rainbow tables for everyone Lilygo releases a new T-Display that looks awesome AI generated malware for real Detecting BadUSB when its not a dongle A telnetd vulnerability Google Fast Pair and how I took control of your headset Should we make CVE noise? Exploiting the Fortinet patch DIY data diode Bambu NFC reader for your Flipper Payloads in PNG files Don't leave the lab door open - amazing research and new tool release Fixing your breadboards Finding vulnerabilities in AI using AI Then, Rob Allen from ThreatLocker joins us to discuss default allow, and why that is still a really bad idea. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/psw-910

In the security news: Rainbow tables for everyone Lilygo releases a new T-Display that looks awesome AI generated malware for real Detecting BadUSB when its not a dongle A telnetd vulnerability Google Fast Pair and how I took control of your headset Should we make CVE noise? Exploiting the Fortinet patch DIY data diode Bambu NFC reader for your Flipper Payloads in PNG files Don't leave the lab door open - amazing research and new tool release Fixing your breadboards Finding vulnerabilities in AI using AI Then, Rob Allen from ThreatLocker joins us to discuss default allow, and why that is still a really bad idea. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-910

Critical Security Flaws Patched by Cisco and Fortinet Amidst Recent Cyber Threats In this episode of Cybersecurity Today, host David Chipley covers several pressing cybersecurity issues. Cisco has patched a maximum severity zero-day vulnerability in its Async OS software, which has been exploited by a Chinese state-linked group. Fortinet has also addressed a critical vulnerability in its 40 Seam product, which is being actively exploited in the wild. The Dutch National Police are still recovering from a Citrix breach, emphasizing the need for modern infrastructure. Meanwhile, a spear-phishing campaign targeting US organizations uses Venezuela-themed lures. The episode wraps up with a discussion on a recent study revealing that training AI to produce insecure code can lead to broader problematic behaviour. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:46 Cisco Patches Critical Async OS Bug 02:26 Fortinet Vulnerability Exploited in the Wild 04:04 Dutch National Police and Aging IT Infrastructure 05:55 Spear Phishing Campaign with Venezuelan Lure 07:54 AI Writing Buggy Code: Unexpected Consequences 10:21 Conclusion and Final Thoughts

Microsoft Patch Tuesday January 2026 Microsoft released patches for 113 vulnerabilities. This includes one already exploited vulnerability, one that was made public before today and eight critical vulnerabilities. https://isc.sans.edu/diary/January%202026%20Microsoft%20Patch%20Tuesday%20Summary/32624 Adobe Patches Adobe released patches for five products. The code execution vulnerabilities in ColdFusion and Acrobat Reader deserve special attention. https://helpx.adobe.com/security.html Fortinet Patches Fortnet patched two products today, one suffering from an SSRF vulnerability. https://fortiguard.fortinet.com/psirt/FG-IR-25-783 https://fortiguard.fortinet.com/psirt/FG-IR-25-084 ConsentFix: Analysing a browser-native ClickFix-style attack that hijacks OAuth consent grants Attackers are tricking victims to copy/paste OAUTH URLs, including credentials, to a fake CAPTCHA https://pushsecurity.com/blog/consentfix

Everything old is new again in this Packet Protector news roundup, from end-of-life D-Link routers facing active exploits (and no patch coming) to a five-year-old Fortinet vulnerability being freshly targeted by threat actors (despite a patch having been available for five years). We also dig into a clever, multi-stage attack against hotel operators that could... Read more »

Everything old is new again in this Packet Protector news roundup, from end-of-life D-Link routers facing active exploits (and no patch coming) to a five-year-old Fortinet vulnerability being freshly targeted by threat actors (despite a patch having been available for five years). We also dig into a clever, multi-stage attack against hotel operators that could... Read more »

This week in the security news: Supply chain attacks and XSS PS5 leaked keys Claude tips for security pros No Flipper Zeros allowed, or Raspberry PIs for that matter Kimwolf and your local network Linux is good now Removing unremovable apps without root Detecting lag catches infiltrators Defending your KVM Fixing some of the oldest code Deleting websites live on stage in costume It was a honeypot FCC is letting telecoms off easy Don't buy a Haribo power bank Ransomeware scum Fortinet vulns CISA warns about NVRs Patching MongoDB Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-908

This week in the security news: Supply chain attacks and XSS PS5 leaked keys Claude tips for security pros No Flipper Zeros allowed, or Raspberry PIs for that matter Kimwolf and your local network Linux is good now Removing unremovable apps without root Detecting lag catches infiltrators Defending your KVM Fixing some of the oldest code Deleting websites live on stage in costume It was a honeypot FCC is letting telecoms off easy Don't buy a Haribo power bank Ransomeware scum Fortinet vulns CISA warns about NVRs Patching MongoDB Show Notes: https://securityweekly.com/psw-908

This week in the security news: Supply chain attacks and XSS PS5 leaked keys Claude tips for security pros No Flipper Zeros allowed, or Raspberry PIs for that matter Kimwolf and your local network Linux is good now Removing unremovable apps without root Detecting lag catches infiltrators Defending your KVM Fixing some of the oldest code Deleting websites live on stage in costume It was a honeypot FCC is letting telecoms off easy Don't buy a Haribo power bank Ransomeware scum Fortinet vulns CISA warns about NVRs Patching MongoDB Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-908

Cryptocurrency Scam Emails and Web Pages As We Enter 2026 Scam emails are directing victims to confidence scams attempting to steal cryptocurrencies. https://isc.sans.edu/diary/Cryptocurrency%20Scam%20Emails%20and%20Web%20Pages%20As%20We%20Enter%202026/32594 Debugging DNS response times with tshark tshark is a powerful tool to debug DNS timing issues. https://isc.sans.edu/diary/Debugging+DNS+response+times+with+tshark/32592/ Old Fortinet Devices Have not been updated Over 10,000 Fortinet devices are still vulnerable to a five year old vulnerability https://www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/

Active exploitation of Fortinet VPN bypass utility observed Google possibly allowing users to change default gmail address June Aflac attack resulted in data theft  Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.   Find the stories behind the headlines at CISOseries.com

If you like what you hear, please subscribe, leave us a review and tell a friend!

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this timely episode of The Voice of Retail, host Michael LeBlanc is joined by Aamir Lakhani, Global Director of Threat Intelligence and Artificial Intelligence at Fortinet, for a deep and sobering conversation on the evolving cyber threat landscape facing retailers as they close out 2025 and prepare for 2026.Lakhani leads adversarial AI research within FortiGuard Labs, Fortinet's global R&D arm, where his team studies how cybercriminals—ranging from lone actors to state-sponsored groups—exploit technology, human behaviour, and increasingly, artificial intelligence. With Fortinet protecting over half of the world's firewall traffic, Lakhani brings unparalleled visibility into global cybercrime trends.A central theme of the discussion is the explosion of credential-based attacks, where hackers no longer “break in” but simply log in using stolen usernames and passwords. Lakhani explains how years of data breaches have enabled automated attacks across thousands of retail, banking, and corporate systems, often at massive scale. Two-factor authentication, passkeys, and password-less systems are no longer optional—they are table stakes.The conversation then turns to AI-driven fraud, which Lakhani describes as one of the most urgent threats retailers face today. From deepfake voice scams impersonating CEOs to hyper-personalized phishing attacks fueled by social media data, AI has dramatically lowered the cost and increased the sophistication of fraud. On a scale of concern, Lakhani rates AI fraud “off the charts.”LeBlanc and Lakhani also explore deceptive domains, poisoned AI shopping results, and the risks associated with buy-now-pay-later programs, which fraudsters increasingly exploit through urgency-based scams. Importantly, Lakhani emphasizes that cybersecurity is now a shared responsibility across platforms, retailers, and consumers—especially as many small and mid-sized retailers rely heavily on platforms like Shopify.Looking ahead to 2026, Lakhani offers clear guidance for retail leaders: invest in education, embrace AI-powered security tools, and do not shy away from automation. Cybersecurity, he argues, is no longer just an IT issue—it is a brand trust issue, a revenue protection issue, and a core leadership responsibility. Cyberthreats Targeting the 2025 Holiday Season: What CISOs Need to Know and the report Cyber Threat Landscape Overview for the 2025 Holiday Season. The Voice of Retail podcast is presented by Hale, a performance marketing partner trusted by brands like ASICS, Saje, and Orangetheory to scale with focus and impact. Michael LeBlanc is the president and founder of M.E. LeBlanc & Company Inc, a senior retail advisor, keynote speaker and now, media entrepreneur. He has been on the front lines of retail industry change for his entire career. Michael has delivered keynotes, hosted fire-side discussions and participated worldwide in thought leadership panels, most recently on the main stage in Toronto at Retail Council of Canada's Retail Marketing conference with leaders from Walmart & Google. He brings 25+ years of brand/retail/marketing & eCommerce leadership experience with Levi's, Black & Decker, Hudson's Bay, CanWest Media, Pandora Jewellery, The Shopping Channel and Retail Council of Canada to his advisory, speaking and media practice.Michael produces and hosts a network of leading retail trade podcasts, including the award-winning No.1 independent retail industry podcast in America, Remarkable Retail with his partner, Dallas-based best-selling author Steve Dennis; Canada's top retail industry podcast The Voice of Retail and Canada's top food industry and one of the top Canadian-produced management independent podcasts in the country, The Food Professor with Dr. Sylvain Charlebois from Dalhousie University in Halifax.Rethink Retail has recognized Michael as one of the top global retail experts for the fifth year in a row, the National Retail Federation has designated Michael as on their Top Retail Voices for 2025, Thinkers 360 has named him on of the Top 50 global thought leaders in retail, RTIH has named him a top 100 global though leader in retail technology and Coresight Research has named Michael a Retail AI Influencer. If you are a BBQ fan, you can tune into Michael's cooking show, Last Request BBQ, on YouTube, Instagram, X and yes, TikTok.Michael is available for keynote presentations helping retailers, brands and retail industry insiders explaining the current state and future of the retail industry in North America and around the world.

Researchers detail a years-long Russian state-sponsored cyber espionage campaign. Israel's cyber chief warns against complacency. Vulnerabilities affect products from Fortinet and Hitachi Energy. Studies show AI models are rapidly improving at offensive cyber tasks. MITRE expands its D3FEND cybersecurity ontology to cover operational technology. Texas sues smart TV manufacturers, alleging illegal surveillance. A fraudulent gift card locks an Apple user out of their digital life. Our guest is Doron Davidson from CyberProof Israel discussing agentic SOCs and agentic transformation of an MDR. Fat racks crack the stacks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by ⁠Doron Davidson⁠, GM at ⁠CyberProof⁠ Israel, MD Security Operations, discussing agentic SOC and agentic transformation of an MDR. If you'd like to learn more be sure to check out ⁠CyberProof⁠. Tune into the full conversation here. Selected Reading Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure (Live Threat Intelligence) IDF warns future cyberattacks may dwarf past threats (The Jerusalem Post) CISA reports active exploitation of critical Fortinet authentication bypass flaw (Beyond Machines) Hitachi Energy reports BlastRADIUS flaw in AFS, AFR and AFF Series product families (Beyond Machines) AI models are perfecting their hacking skills (Axios) AI Hackers Are Coming Dangerously Close to Beating Humans (WSJ) MITRE Extends D3FEND Ontology to Operational Technology Cybersecurity (Mitre) Texas sues biggest TV makers, alleging smart TVs spy on users without consent (Ars Technica) Locked out: How a gift card purchase destroyed an Apple account (Apple Insider) Racks of AI chips are too damn heavy (The Verge) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Beyond RC4 for Windows authentication Microsoft outlined its transition plan to move away from RC4 for authentication and published guidance and tools to facilitate this change. https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication FortiCloud SSO Login Vuln Exploited Arctic Wolf observed exploit attempts against vulnerable FortiGate appliances. https://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-sso-logins-following-disclosure-cve-2025-59718-cve-2025-59719/ FrePBX Vulnerability Horizon3.ai identified three distinct vulnerabilities in FreePBX. In particular, the authentication by-pass issue should be of concern, but default FreePBX installs do not use the vulnerable web authentication feature. https://horizon3.ai/attack-research/the-freepbx-rabbit-hole-cve-2025-66039-and-others/

Rogue NuGet package steals data Venezuela's PDVSA suffers attack Patched Fortinet flaws exploited Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Picture a "new hire" who interviews well… except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the new reality: the attack surface is trust itself. Adaptive fights back with realistic deepfake simulations and training that actually sticks. Learn more at adaptivesecurity.com.  

Venezuela's state oil company blames a cyberattack on the U.S. An Iranian hacker group offers cash bounties for doxing Israelis. Germany's lower house of parliament suffers a major email outage. South Korea's e-commerce breach exposes personal information of nearly all of that nation's adults. Researchers report active exploitation of two critical Fortinet authentication bypass vulnerabilities, and three critical vulnerabilities in the FreePBX VoIP platform. An auto-industry credit reporting agency suffers a data breach. Google is shutting down its dark web reporting service. European law enforcement dismantles a Ukrainian fraud network. Our guest is Christiaan Beek, Senior Director Threat Intelligence & Analytics from Rapid7, discussing how attackers are accelerating exploitation, refining ransomware, and expanding nation-state operations. A Pornhub breach proves the internet never forgets.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, guest Christiaan Beek, Senior Director Threat Intelligence & Analytics from Rapid7, discusses how attackers are accelerating exploitation, refining ransomware, and expanding nation-state operations. Dive into the details in Rapid7's report. Tune into Christiaan's full conversation here. Selected Reading Venezuela Says Oil Export System Down After Weekend Cyberattack (Bloomberg) Iran-linked hackers dox Israelis, offer cash bounties (The Jerusalem Post) German Parliament Allegedly Hit by Email Outage During US-Ukraine Talks Amid Cyberattack Suspicions (TechNadu) Breach at South Korea's Equivalent of Amazon Exposed Data of Almost Every Adult (Wall Street Journal) Arctic Wolf Observes Malicious SSO Logins on FortiGate Devices Following Disclosure of CVE-2025-59718 and CVE-2025-59719 (Arctic Wolf) Critical authentication bypass and multiple flaws discovered in FreePBX VoIP platform (Beyond Machines) Millions Affected by Massive 700Credit Data Breach (Tech.co) Google Is Shutting Down Its Dark Web Monitoring Tool (Technology.org)  European authorities dismantle call center fraud ring in Ukraine (Bleeping Computer) Porn User Data Stolen—Pornhub ‘Search, Watch And Download' Activity (Forbes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

When your firewall forgets to buckle up, the crash doesn't happen in the network first, it happens in your blindspots. In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder of Aquia and host of the Resilient Cyber podcast. Chris helps reframe vulnerability work as exposure management, connect technical risk to human resilience, and break down the scoring and runtime tools security teams actually need today. Expect clear takeaways on EPSS, reachability analysis, ADR, AI's double-edged role, and the one habit Chris swears by as a CEO. This episode fuses attack-surface reality with mental-attack-surface strategy so you walk away with both tactical moves and daily practices that protect systems and people. Impactful Moments: 00:00 - Intro 02:00 - Breaking: Fortinet WAF zero-day & visibility lesson 05:00 - Meet Chris Hughes: CEO, author, Resilient Cyber host 08:00 - Mental attack surface explained and why it matters 18:00 - From CVSS to EPSS, reachability, and ADR realities 21:00 - AI as force-multiplier for attackers and defenders 24:30 - Exposure vs vulnerability naming, market trends 26:00 - Chris's book & how to follow his work 30:00 - Ron's solo: 3 pillars to patch your mindset 34:00 - Closing takeaways and subscribe reminder Links: Connect with our guest, Chris Hughes, on LinkedIn: https://www.linkedin.com/in/resilientcyber/ Check out the article on the Fortinet exploit here: https://www.helpnetsecurity.com/2025/11/14/fortinet-fortiweb-zero-day-exploited/  Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/  

Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. https://helpx.adobe.com/security.html Ivanti Endpoint Manager Patches Ivanti patched four vulnerabilities in End Point Manager. https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024?language=en_US Fortinet FortiCloud SSO Vulnerability Due to a cryptographic vulnerability, Forinet s FortiCloud SSO authentication is bypassable. https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ruby-saml vulnerability Ruby fixed a vulnerability in ruby-saml. The issue is due to an incomplete patch for another vulnerability a few months ago. https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3

Take a Network Break! We start with listener follow-up on Fortinet’s vulnerability numbering, and sound a red alert about an authentication bypass vulnerability in ASUS's AiCloud service. AWS and Google announce a joint cross-cloud interconnect offering (other cloud providers are invited to play), Microsoft and Ciena pitch a new design to boost optical network resiliency,... Read more »

Take a Network Break! We start with listener follow-up on Fortinet’s vulnerability numbering, and sound a red alert about an authentication bypass vulnerability in ASUS's AiCloud service. AWS and Google announce a joint cross-cloud interconnect offering (other cloud providers are invited to play), Microsoft and Ciena pitch a new design to boost optical network resiliency,... Read more »

Take a Network Break! We start with listener follow-up on Fortinet’s vulnerability numbering, and sound a red alert about an authentication bypass vulnerability in ASUS's AiCloud service. AWS and Google announce a joint cross-cloud interconnect offering (other cloud providers are invited to play), Microsoft and Ciena pitch a new design to boost optical network resiliency,... Read more »

Web applications have always been tricky to protect. They're meant to be accessible over the Internet, which exposes them to malicious actors, they're designed to take end-user inputs, which can be manipulated for malicious purposes, and they often handle sensitive data. Then the rise of public cloud and microservices architectures added new layers of complexity... Read more »

Take a Network Break!  We start with a relative path traversal vulnerability in Fortinet’s FortiWeb.  We’ll move on to an acquisition by Palo Alto Networks, another hiccup from our friends at Cloudflare, some AI announcements by Itential and Gluware, and finish with first quarter 2026 fiscal results from Palo Alto Networks. AdSpot Sponsor: Itential  ... Read more »

The US and allies sanction Russian bulletproof hosting providers. The White House looks to sue states over AI regulations. The US Border Patrol flags citizens' “suspicious” travel patterns. Lawmakers seek to strengthen the SEC's cybersecurity posture. A new Android banking trojan captures content from end-to-end encrypted apps. A hidden browser API raises security concerns. Fortinet patches a zero-day. A Philippine former mayor gets life in prison for scam center human trafficking. Our guest is Cliff Crosland, CEO and Co-founder at Scanner.dev, discussing why security data lakes are ideal for AI in the SOC. Green energy gets hijacked for a blockchain side-hustle.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Cliff Crosland, CEO and Co-founder at Scanner.dev, discussing why security data lakes are ideal for AI in the SOC. Listen to Cliff's full conversation here. Selected Reading Russian bulletproof hosting provider sanctioned over ransomware ties (Bleeping Computer) White House drafts order directing Justice Department to sue states that pass AI regulations (Washington Post) Border Patrol is monitoring US drivers and detaining those with 'suspicious' travel patterns (Associated Press) Lawmakers reintroduce bill to bolster cybersecurity at Securities and Exchange Commission (The Record) Multi-threat Android malware Sturnus steals Signal, WhatsApp messages (Bleeping Computer) Hidden API in Comet AI browser raises security red flags for enterprises (CSO Online) Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime (Infosecurity Magazine) Fortinet Patches Actively Exploited FortiWeb Zero Day Flaw (HIPAA Journal) Ex-Philippine mayor Alice Guo given life sentence for human trafficking (Reuters) Wind farm worker sentenced after turning turbines into a secret crypto mine (Bitdefender) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cloudflare's outage is rooted in an internal configuration error. The Trump administration is preparing a new national cyber strategy. CISA gives federal agencies a week to secure a new Fortinet flaw. MI5 warns that China is using LinkedIn headhunters and covert operatives to target lawmakers. Experts question the national security risks of TP-Link routers. The China-aligned PlushDaemon threat group hijacks software updates. Researchers discover WhatsApp's entire global member directory accessible online without protection. LG Energy Solution confirms a ransomware attack. ShinySp1d3r makes its debut. Rotem Tsadok, Director of Security Operations and Forensics at Varonis, is sharing lessons learned from thousands of forensics investigations. A judge says Google's claims to water use secrecy are all wet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Rotem Tsadok, Director of Security Operations and Forensics at Varonis, sharing lessons learned from thousands of forensics investigations. Listen to Rotem's full conversation here. Selected Reading Cloudflare blames this week's massive outage on database issues (Bleeping Computer) National cyber strategy will include focus on ‘shaping adversary behavior,' White House official says (The Record) CISA gives govt agencies 7 days to patch new Fortinet flaw (Bleeping Computer) Chinese Spies Are Using LinkedIn to Target U.K. Lawmakers, MI5 Warns (The New York Times) No evidence that TP-Link routers are a Chinese security threat (CSO Online) PlushDaemon compromises network devices for adversary-in-the-middle attacks (welivesecurity) 3.5 Billion Accounts: Complete WhatsApp Directory Retrieved and Evaluated (heise online) LG Energy Solution reports ransomware attack, hackers claim theft of 1.7 terabytes of data (beyondmachines) Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters (Bleeping Computer) Google Strives To Keep Data Center Water Use Secret After Judge Orders Records Released (Roanoke Rambler) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Fortiweb Vulnerability Fortinet, with significant delay, acknowledged a recently patched vulnerability after exploit attempts were seen publicly. https://isc.sans.edu/diary/Honeypot+FortiWeb+CVE202564446+Exploits/32486 https://labs.watchtowr.com/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass/ https://fortiguard.fortinet.com/psirt/FG-IR-25-910?ref=labs.watchtowr.com Flnger.exe and ClickFix Attackers started to use the finger.exe binary to retrieve additional payload in ClickFix attacks https://isc.sans.edu/diary/Finger.exe%20%26%20ClickFix/32492