Podcasts about Fortinet

This week on the GetConnected Podcast with Mike Agerbo, tech journalist Carmi Levy joins us to dig into the biggest stories in tech — including OpenAI's new Atlas browser and whether it could be a Google Chrome killer. We'll also look at YouTube's new deepfake detection tools and WhatsApp's war on spammers. Then, Robert May from Fortinet shares important advice on cybersecurity for small businesses, and Omer Waysman from Michelin explains how the company is using AI to power smarter marketing and education

If you like what you hear, please subscribe, leave us a review and tell a friend!

Please enjoy this encore of Word Notes. Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Career Notes. Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices

The architecture and tech stack of a Secure Access Service Edge (SASE) solution will influence how the service performs, the robustness of its security controls, and the complexity of its operations. Sponsor Fortinet joins Heavy Networking to make the case that a unified offering, which integrates SD-WAN and SSE from a single vendor, provides a... Read more »

The architecture and tech stack of a Secure Access Service Edge (SASE) solution will influence how the service performs, the robustness of its security controls, and the complexity of its operations. Sponsor Fortinet joins Heavy Networking to make the case that a unified offering, which integrates SD-WAN and SSE from a single vendor, provides a... Read more »

The architecture and tech stack of a Secure Access Service Edge (SASE) solution will influence how the service performs, the robustness of its security controls, and the complexity of its operations. Sponsor Fortinet joins Heavy Networking to make the case that a unified offering, which integrates SD-WAN and SSE from a single vendor, provides a... Read more »

Microsoft Patch Tuesday Microsoft not only released new patches, but also the last patches for Windows 10, Office 2016, Office 2019, Exchange 2016 and Exchange 2019. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20October%202025/32368 Ivanti Advisory Ivanti released an advisory with some mitigation steps users can take until the recently made public vulnerablities are patched. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025?language=en_US Fortinet Patches https://fortiguard.fortinet.com/psirt/FG-IR-25-010 https://fortiguard.fortinet.com/psirt/FG-IR-24-361

International law enforcement take down the Breachforums domains. Researchers link exploitation campaigns targeting Cisco, Palo Alto Networks, and Fortinet. Juniper Networks patches over 200 vulnerabilities. Apple and Google update their bug bounties. Evaluating AI use in application security (AppSec) programs. Microsegmentation can contain ransomware much faster and yield better cyber insurance terms. The new RondoDox botnet exploits over 50 vulnerabilities. Researchers tag 13 unpatched Ivanti Endpoint Manager flaws. Our guest is Jason Manar, CISO of Kaseya, sharing his insight into how the private and public sectors can work together for national security. Hackers mistake a decoy for glory.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by ⁠Jason Manar⁠, CISO of ⁠Kaseya⁠, sharing his insight into how the private and public sectors can/must work together for national security. Selected Reading FBI takes down BreachForums portal used for Salesforce extortion (Bleeping Computer) Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign (SecurityWeek) Juniper Networks Patches Critical Junos Space Vulnerabilities (OffSeq)   Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits (WIRED) Google Launches AI Bug Bounty with $30,000 Top Reward (Infosecurity Magazine) In AI We Trust? Increasing AI Adoption in AppSec Despite Limited Oversight (Fastly) Reducing Risk: Microsegmentation Means Faster Incident Response, Lower Insurance Premiums for Organizations (Akamai) RondoDox Botnet Takes ‘Exploit Shotgun' Approach (SecurityWeek) ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities (SecurityWeek) Pro-Russian hackers caught bragging about attack on fake water utility (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week brings some new insights into the origins and length of the Cl0p extortion attacks tied to the Oracle E-Business Suite vulnerability, big surges in scanning for Cisco ASA, Palo Alto, and Fortinet devices, and a huge upgrade to Apple bug bounty payouts.  Plus: Does Dennis have a dog yet?https://security.apple.com/blog/apple-security-bounty-evolved/https://decipher.sc/2025/10/08/data-connects-scanning-surges-for-cisco-fortinet-pan-devices/https://decipher.sc/2025/10/09/oracle-clop-data-theft-campaign-started-months-ago/

Parce que… c'est l'épisode 0x642! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 14 et 15 octobre 2025 - ATT&CKcon 6.0 14 et 15 octobre 2025 - Forum inCyber Canada Code rabais de 30% - CA25KDUX92 4 et 5 novembre 2025 - FAIRCON 2025 8 et 9 novembre 2025 - DEATHcon 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2026 Description Dans cet épisode du podcast Sécurité technique, l'animateur reçoit Charles F. Hamilton pour discuter des tendances en cybersécurité à surveiller pour la fin de l'année 2025. La discussion s'amorce sur une réalité préoccupante : l'automne marque une période de forte activité tant pour les équipes légitimes que pour les cybercriminels, avec une hausse notable des incidents de sécurité nécessitant des réponses d'urgence. La complexité d'Azure : un terrain propice aux vulnérabilités Un des points majeurs abordés concerne la plateforme Azure de Microsoft. Une vulnérabilité récemment publiée permet de prendre le rôle Global Admin sur tous les tenants Azure, illustrant parfaitement les dangers liés à la complexité excessive de cet écosystème. Cette faille, découverte par manipulation de jetons de service, rappelle les problèmes similaires rencontrés avec Active Directory Certificate Services il y a quelques années. La complexité d'Azure réside dans ses multiples méthodes d'authentification, ses contextes variés et ses centaines d'applications déployées par défaut dans chaque tenant. Les organisations ajoutent souvent leurs propres applications avec des permissions mal configurées, créant involontairement des chemins d'accès privilégiés. Le problème s'aggrave car il n'existe pas d'outils officiels de Microsoft pour auditer ces configurations, forçant les équipes de sécurité à se fier à des scripts PowerShell disparates ou à des outils développés par la communauté. Le faux sentiment de sécurité Un exemple frappant illustre le décalage entre la perception et la réalité de la sécurité : lors d'un test red team, un client disposait d'une infrastructure de sécurité impressionnante incluant filtrage réseau, EDR, NDR et autres solutions avancées. Paradoxalement, l'outil d'accès à distance légitime a été bloqué, nécessitant trois jours pour configurer des exceptions. En revanche, le payload malveillant a passé sans problème, sans générer aucune alerte. Cette situation démontre que ces outils créent souvent plus de complexité pour les équipes IT légitimes qu'ils ne protègent réellement contre les menaces sophistiquées. Le fossé entre red team et blue team La discussion révèle un écart de compétences préoccupant entre les équipes offensives et défensives. Les red teamers investissent constamment dans l'apprentissage de nouvelles techniques, tandis que les équipes défensives ont tendance à s'appuyer aveuglément sur l'intelligence artificielle de leurs outils de sécurité. Le threat hunting, pourtant essentiel, demeure rare au Québec et au Canada, malgré la disponibilité des données nécessaires dans les solutions EDR et NDR. Un test révélateur : demander à des professionnels d'expliquer le fonctionnement de SecretDump, un outil largement utilisé. Très peu peuvent fournir une réponse complète sur ses mécanismes internes et les artefacts qu'il laisse. Cette lacune empêche les red teamers d'expliquer efficacement aux équipes bleues comment détecter leurs actions. La sophistication des attaquants : un mythe à déconstruire Contrairement à la perception populaire, la majorité des attaquants ne sont pas particulièrement sophistiqués. Ils suivent des playbooks répétitifs et comptent sur le volume pour réussir. Les intervenants ont observé des cas où des attaquants ont obtenu des accès privilégiés, puis ont immédiatement alerté leurs victimes par des actions bruyantes comme tenter de rendre publics tous les dépôts GitHub d'une entreprise. Paradoxalement, les red teamers modernes développent des techniques si avancées qu'ils représentent désormais un niveau de sophistication comparable aux groupes parrainés par des États-nations, un scénario irréaliste pour la plupart des petites et moyennes entreprises québécoises. Cette situation crée un décalage : on teste la capacité à détecter des attaques extrêmement sophistiquées alors que les vraies menaces utilisent des méthodes beaucoup plus basiques. Les tendances à surveiller pour l'automne 2025 Plusieurs éléments méritent une attention particulière pour la fin de l'année : Les vulnérabilités sur les équipements périmétriques : Les solutions VPN de Cisco, SonicWall et Fortinet ont toutes été touchées récemment. Les délais d'exploitation se comptent maintenant en heures après la publication d'une vulnérabilité, amplifiés par la publication immédiate de preuves de concept sur les réseaux sociaux. L'audit des tenants Azure et Google Enterprise : Les vecteurs d'attaque identifiés sur Azure s'appliquent également aux environnements Google Enterprise. Les organisations doivent absolument auditer leurs applications, leurs permissions et leurs configurations. Les employés infiltrés : Une tendance émergente concerne l'embauche de développeurs travaillant pour des pays politiquement non neutres, qui obtiennent un accès au code source dans le but apparent de voler la propriété intellectuelle. Les vulnérabilités GitHub Actions : Les fuites de clés API continuent de poser problème, avec des délais d'exploitation extrêmement rapides. Le problème de la publication des preuves de concept La course à la visibilité pousse certains chercheurs en sécurité à publier immédiatement des preuves de concept complètes, parfois dans l'heure suivant la découverte d'une vulnérabilité. Cette pratique, combinée à l'intelligence artificielle capable de générer du code fonctionnel à partir de bulletins de sécurité, met les organisations en danger avant qu'elles n'aient le temps d'appliquer les correctifs. Un retour aux pratiques de divulgation responsable avec un délai minimum de 80 jours serait bénéfique. Conclusion : l'importance de l'éducation Le podcast se termine sur l'importance cruciale de l'éducation en cybersécurité. Plutôt que de se focaliser uniquement sur l'utilisation d'outils, les professionnels doivent comprendre les fondements : comment fonctionne Windows, comment un programme s'exécute, comment créer ses propres exploits. La simplicité est souvent plus efficace que la complexité. Les solutions les plus durables reposent sur une compréhension approfondie des systèmes plutôt que sur l'accumulation d'outils sophistiqués dont personne ne maîtrise vraiment le fonctionnement. Collaborateurs Nicolas-Loïc Fortin Charles F. Hamilton Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

Why NDR is Evolving—And What Enterprises Should Demand From ItIn this episode of  the @Endace Packet Forensic Files, Michael Morris is joined by Jack Chan, VP of Product and Field CTO at Fortinet, to unpack what makes a truly effective Network Detection and Response (NDR) solution. Jack shares his perspective on why visibility, historical context, and deep threat hunting capabilities matter more than flashy features.They explore how AI and machine learning are transforming NDR—helping detect threats in encrypted traffic and reduce alert fatigue for SOC teams. Jack also talks about integrating NDR with firewalls and EDR tools to improve response decisions and streamline investigations.Finally, Jack leaves us with a powerful reminder: security starts with people. From secure coding to user awareness, the human element is often the weakest link—and the best place to strengthen your defences.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a 'single-pane-of-glass'.Endace's open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-prem locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.

What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »

What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »

Netskope, a competitor in cloud security and SASE, has just hit the public market with its new IPO (NTSK). While the company operates in the booming cybersecurity industry and is growing revenue at over 30%, there are several critical risks potential investors must consider.In this analysis, we run Netskope through our investing framework to uncover the opportunities and the red flags. We'll explore its innovative SASE platform, the ongoing "Browser Wars" in the AI era, and the complicated legal battles and shareholder structure lurking beneath the surface. Is this a top cybersecurity stock to buy now, or a high-risk bet for your portfolio?In this video, we cover:[00:00:00] A Hot New Cybersecurity IPO: Introducing Netskope and its role in the emerging "Enterprise Browser Wars".[00:01:00] The Venture Capital Connection: Examining the role of top shareholder Lightspeed Ventures and its connection to another recent IPO, Rubrik[00:03:00] The SASE Market Opportunity: A breakdown of Netskope's focus on the Secure Access Service Edge (SASE) market and how its platform unifies cloud security.[00:05:00] Patent Battles & Legal Risks: Netskope's ongoing legal proceedings with competitor Fortinet over patent infringement claims.[00:06:00] Complex Shareholder Structure: Unpacking the risks of the dual-class share structure, where Class B shares get 20 votes each, concentrating control among insiders and VCs.[00:08:00] The Financial Red Flags: Netskope's GAAP net losses and negative free cash flow, despite impressive revenue growth.[00:10:00] Balance Sheet Concerns: A look at potential burdens on common shareholders from convertible debt and preferred stock.[00:11:00] Our Final Takeaway: Why we are still interested in Netskope as a potential small bet and a hedge against SASE leaders like Palo Alto Networks and Fortinet.What are your thoughts on the Netskope IPO? Let us know in the comments below!

On today's Heavy Networking: the Security Operations Center, or SOC. When I think of a SOC, I picture a miniature version of NASA's mission control: lots of computers, lots of people, some big boards with lines and arrows and telemetry scrolling across the screens. I also think of SOCs as requiring a lot of gear,... Read more »

On today's Heavy Networking: the Security Operations Center, or SOC. When I think of a SOC, I picture a miniature version of NASA's mission control: lots of computers, lots of people, some big boards with lines and arrows and telemetry scrolling across the screens. I also think of SOCs as requiring a lot of gear,... Read more »

On today's Heavy Networking: the Security Operations Center, or SOC. When I think of a SOC, I picture a miniature version of NASA's mission control: lots of computers, lots of people, some big boards with lines and arrows and telemetry scrolling across the screens. I also think of SOCs as requiring a lot of gear,... Read more »

Episode 233 discusses the newest tensions between AI and schools: teenagers using AI companions and alarming incidents tied to platforms like Character.ai that have drawn federal attention. Josh talks about his student MFA pilot using Clever, how onboarding works (and how MFA can be network-aware to reduce classroom friction), and using student-led help desks to test the rollout. The guys discuss a post from Jay on K12TechPro asking about IT leadership background (educators and non‑educators in K12 tech dept roles). The episode's guest is Peter Kaplan from Fortinet, an E‑Rate expert. He breaks down why E‑Rate matters, outlines the FCC's cybersecurity pilot (challenges with procurement, reporting, and evaluating success), and discusses gaps left by potential MS‑ISAC funding changes. He also highlights CISA's K12 resources and Fortinet's no‑cost cybersecurity awareness materials for schools. Our new Swag Store is OPEN - Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! -------------------- NTP Managed Methods Arista VIZOR Fortinet -------------------- Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com Call us at 314-329-0363 X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

Join host Paul Spain and Joshua Alcock (Fortinet) as they explore the cybersecurity threats facing Operational Technology (OT) environments and the latest insights from Fortinet's 2025 Industrial Cybersecurity Report. They also delve into some of the latest tech news, including the launch of AWS data centers in New Zealand, Fieldays' NZ-Brazil AgriTech opportunities, Microsoft's Internal AI developments, Masterdon's Age verification challenges. Plus, Workdays research into AI Agent adoption in the workplace.Thanks to our Partners One NZ, Workday, 2degrees, HP, Spark and Gorilla Technology

Today's Full Court Finance at Zacks explores two beaten-down S&P 500 stocks, Chipotle Mexican Grill (CMG) and Fortinet (FTNT), trading at least 30% below their highs that investors might want to buy as the benchmark trades near its peaks. Both Chipotle and Fortinet remain strong companies with durable businesses that are finding support at their long-term 200-week moving averages.  (0:30) - Stock Market Update: Everything You Need To Know To Close August (4:45) - Chipotle Stock Is Down Nearly 40%: Should Investors Start Buying? (12:00) - Should Investors Buy Fortinet At A Major Discount?               Podcast@Zacks.com

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Oracle's long term CSO departs, and we're not that sad about it Canada's House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also behind child sextortion Reports that the UK has backed down on Apple crypto are… strange Oh and of course there's a Fortinet bug! There's always a Fortinet bug! This week's episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You'll never guess which one was a few lines of PAM config, and which was a multi-month engineering project! This episode is also available on Youtube. Show notes Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs Oracle CSO blasted over anti-security research rant - iTnews New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump' Cashout Scheme – Krebs on Security How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch UK has backed down on demand to access US Apple user data, spy chief says DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for" Hackers target Workday in social engineering attack Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970) U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge" 493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED .:: Phrack Magazine ::. Accenture to buy Australian cyber security firm CyberCX - iTnews

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — The gif that keeps on giffing01:46 - Cyberattack Bricks Speed Cameras – BHIS - Talkin' Bout [infosec] News 2025-08-1802:39 - Story # 1: Perplexity made a sky-high $34.5 billion bid for Google Chrome — a bold and unusual move in the midst of antitrust scrutiny07:16 - Story # 2: Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say10:22 - Story # 3: How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes12:17 - Story # 4: Cisco discloses maximum-severity defect in firewall software13:56 - Story # 5: Data Dump From APT Actor Yields Clues to Attacker Capabilities19:13 - Story # 6: Russian cyberattack in the Netherlands leaves speed cameras offline indefinitely23:30 - Story # 7: HTTP/2 MadeYouReset Vulnerability Enables Massive DDoS Attacks24:51 - Story # 8: LAPD Eyes ‘GeoSpy', an AI Tool That Can Geolocate Photos in Seconds29:05 - Story # 9: Manpower discloses data breach affecting nearly 145,000 people34:51 - Story # 10: Hacker Offers to Sell 15.8 Million Plain-Text PayPal Credentials On Dark Web Forum35:34 - Story # 11: The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived40:54 - Story # 12: New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”46:28 - Story # 13: Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild48:13 - Story # 14: Plex warns users to patch security vulnerability immediately50:53 - ChickenSec: Noble Foods using soil mapping technology at organic egg farm

Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »

Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »

Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »

  In this episode of Cybersecurity Today, host David Shipley reports from Fredericton, New Brunswick, amidst severe forest fires. The main story covers a data breach in Canada's House of Commons involving parliamentary employee information, attributed to a recent Microsoft vulnerability. The episode also discusses Fortinet's recent high-severity vulnerability patches and Microsoft's reminder of Windows 10 support ending in October 2025. Additionally, there's rare good news as researchers gain insights into the iMac 3.0 malware after a source code leak. The episode encourages vigilance, patching, and awareness of upcoming support changes while offering contact information and solicitation for audience engagement. 00:00 Introduction and Headlines 00:35 Canada's House of Commons Data Breach 03:48 Fortinet Vulnerabilities and Patches 05:49 Windows 10 End of Life Announcement 07:17 Malware Source Code Leak Insights 09:08 Conclusion and Viewer Engagement

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

Josh, Chris and Mark dive into the chaos of the back‑to‑school rush and the latest K‑12 tech headlines. Topics include Ohio's new requirement that districts adopt AI policies, the pros and cons of writing evergreen AI regulations, and how that mandate could interact with existing tech agreements. The trio also covers recent news like ChatGPT‑5's launch and integrations, a Fortinet vulnerability alert, and San Francisco Unified's payroll/ERP struggles. Between updates they share candid stories from the frontline: ticket surges as staff return, construction and classroom rollouts, recovering deleted Google accounts, and practical coping strategies for IT teams (from daily planning tricks to quick wellness tips). Expect first‑hand anecdotes, real‑world advice for managing summer‑to‑school transitions and a light‑hearted finale — the improvised children's story “Grumpy Josh and the Magical Gummies.” Tune in for an episode that blends policy debate, troubleshooting war stories, and a little comic relief. Referenced Links: https://marketbrief.edweek.org/regulation-policy/ohio-is-requiring-ai-policies-for-all-k-12-schools-will-other-states-follow/2025/08 https://www.govtech.com/education/k-12/sfusd-payroll-software-prompts-teachers-union-labor-complaint Grumpy Josh Storybook: https://g.co/gemini/share/477028792b1c 00:00:00-Intro 00:12:44-AI Policies in Education 00:17:00-Summer Woes 00:42:55-Grumpy Josh -------------------- NTP Managed Methods CTL VIZOR Fortinet -------------------- Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com Call us at 314-329-0363 X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform.  Phishing attacks increasingly rely on personalization. Rooting and jailbreaking frameworks pose serious enterprise risks. Fortinet warns of a critical command injection flaw in FortiSIEM. Estonian nationals are sentenced in a crypto Ponzi scheme. Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Meet the Blockchain Bandits of Pyongyang. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Their team tested open-source, underground, and commercial AI models on vulnerability research and exploit development tasks—finding high failure rates and significant limitations, even among top commercial systems. Selected Reading Medical records for 1 million dialysis patients breached in data hack of VA vendor (Stars and Stripes) NSA Joins CISA and Others to Share OT Asset Inventory Guidance (NSA.gov) CISA warns of N-able N-central flaws exploited in zero-day attacks (Bleeping Computer) U.K. Secretly Spent $3.2 Million to Stop Journalists From Reporting on Data Breach (The New York Times) From Support Ticket to Zero Day  (Horizon3.ai) Personalization in Phishing: Advanced Tactics for Malware Delivery (Cofense) The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device (Zimperium) Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild (Bleeping Computer) Estonians behind $577 million cryptomining fraud sentenced to 16 months (The Record) Someone counter-hacked a North Korean IT worker: Here's what they found (Cointelegraph) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer to exfiltrate passwords via email. https://isc.sans.edu/diary/CVE-2017-11882%20Will%20Never%20Die/32196 Windows Kerberos Elevation of Privilege Vulnerability Yesterday, Microsoft released a patch for a vulnerability that had already been made public. This vulnerability refers to the privilege escalation taking advantage of a path traversal issue in Windows Kerberos affecting Exchange Server in hybrid mode. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53779 Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images Some old Debian Docker images containing the xz-utils backdoor are still available for download from Docker Hub via the official Debian account. https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images FortiSIEM / FortiWeb Vulnerablities Fortinet patched already exploited vulnerabilities in FortiWeb and FortiSIEM https://fortiguard.fortinet.com/psirt/FG-IR-25-152 https://fortiguard.fortinet.com/psirt/FG-IR-25-448

Hack of federal court filing system exploited security flaws known since 2020 Pennsylvania attorney general says cyberattack knocked phone, email systems offline Spike in Fortinet VPN brute-force attacks raises zero-day concerns Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

In this episode of Cybersecurity Today, host David Shipley covers critical security updates and vulnerabilities affecting Microsoft Exchange, Citrix NetScaler, and Fortinet SSL VPNs. With over 29,000 unpatched Exchange servers posing a risk for admin escalation and potential full domain compromise, urgent action is needed. Citrix Bleed 2 is actively being exploited, with significant incidents reported in the Netherlands and thousands of devices still unpatched globally. Fortinet SSL VPNs are experiencing a spike in brute force attacks, hinting at a possible new vulnerability on the horizon. Lastly, Shipley highlights notable moments from DEFCON 33, including innovative security hacks and sobering realities of the hacker community. Tune in for detailed breakdowns and insights on how to stay vigilant against these threats. 00:00 Introduction and Overview 00:32 Microsoft Exchange Vulnerability 02:54 Citrix Bleed Two Exploits 05:21 Fortinet SSL VPN Brute Force Attacks 07:39 Insights from DEFCON 33 13:46 Conclusion and Final Thoughts

The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com

If you like what you hear, please subscribe, leave us a review and tell a friend!

Russia suspected of hacking a US Court system, researchers break the DarkBit ransomware's encryption, a new attack can leak sensitive data from AMD processors, and a brute-force campaign targets Fortinet devices. Show notes Risky Bulletin: Crypto-thieves turn their sights to Open VSX

Join us on Discord with Semiconductor Insider, sign up on our website: www.chipstockinvestor.com/membershipFortinet stock got clobbered following its Q2 2025 earnings update. What happened? Chip Stock Investor discusses Fortinet's investment into data centers, and how that warrants a re-rate of the valuation for now, and whether the company's prospects are still good in the important cybersecurity industry.Supercharge your analysis with AI! Get 15% of your membership with our special link here: https://fiscal.ai/csi/Sign Up For Our Newsletter: https://mailchi.mp/b1228c12f284/sign-up-landing-page-short-form********************************************************Affiliate links that are sprinkled in throughout this video. If something catches your eye and you decide to buy it, we might earn a little coffee money. Thanks for helping us (Kasey) fuel our caffeine addiction!Content in this video is for general information or entertainment only and is not specific or individual investment advice. Forecasts and information presented may not develop as predicted and there is no guarantee any strategies presented will be successful. All investing involves risk, and you could lose some or all of your principal. #fortinet #ftnt #cybersecurity #semiconductors #chips #investing #stocks #finance #financeeducation #silicon #artificialintelligence #ai #financeeducation #chipstocks #finance #stocks #investing #investor #financeeducation #stockmarket #chipstockinvestor #fablesschipdesign #chipmanufacturing #semiconductormanufacturing #semiconductorstocks Timestamps:(00:00) Fortinet's Market Position and Recent Performance(04:43) Detailed Analysis of Fortinet's Financials(05:53) Fortinet's Strategic Investments in Data Centers(10:48) Future Outlook and Investment Strategy(14:33) Conclusion Nick and Kasey own shares of FTNT

Aktien hören ist gut. Aktien kaufen ist besser. Bei unserem Partner Scalable Capital geht's unbegrenzt per Trading-Flatrate oder regelmäßig per Sparplan. Alle weiteren Infos gibt's hier: scalable.capital/oaws. Aktien + Whatsapp = Hier anmelden. Lieber als Newsletter? Geht auch. Das Buch zum Podcast? Jetzt lesen. Siemens und Allianz performen. Telekom und Rheinmetall nicht ganz. Tschechien kriegt bald krasse Rüstungs-Aktie. Firefly ist krasse Space-Aktie. Eli Lilly leidet unter Pille. Trump will Intel-CEO feuern. Celsius, Dutch Bros und Duolingo = stark. Crocs & Fortinet = schwach. Scout24 (WKN: A12DM8) bald im DAX? Wie steht's um die Gig Economy? Die ersten werden die letzten sein = Airbnb (WKN: A2QG35). Uber-Flieger (WKN: A2PHHG) gibt es noch und DoorDash (WKN: A2QHEA) hat keinen Wachstums-Crash. Diesen Podcast vom 08.08.2025, 3:00 Uhr stellt dir die Podstars GmbH (Noah Leidinger) zur Verfügung.

Arista's VeloCloud SD-WAN acquisition marks a major shift in the enterprise networking space, giving Arista a mature and cloud-native SD-WAN platform to complement its strengths in data center and cloud networking.  For enterprise customers, the move could mean faster innovation, improved support, and stronger WAN-to-cloud integration.  However, customers should be aware of potential risks with the acquisition including hardware changes, licensing shifts, and short-term integration hiccups.  In this 7-minute podcast, Larry York and Tony Mangino from TC2 break down why the deal matters — and the potential impact on competition in the SD-WAN marketplace from the likes of Cisco, Fortinet, and Juniper. If you would like to learn more about our experience in this space, please visit our Technology Consulting & Strategy Development Services and Strategic Sourcing webpages. Follow us on LinkedIn: TC2 & LB3

Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »

Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »

Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »

CyberRatings, a non-profit that performs independent testing of security products and services, has released the results of comparative tests it conducted on Secure Service Edge, or SSE, services. Tested vendors include Cisco, Cloudflare, Fortinet, Palo Alto Networks, Skyhigh Security, Versa Networks, and Zscaler. We look at what was tested and how, highlight results, and discuss... Read more »

CyberRatings, a non-profit that performs independent testing of security products and services, has released the results of comparative tests it conducted on Secure Service Edge, or SSE, services. Tested vendors include Cisco, Cloudflare, Fortinet, Palo Alto Networks, Skyhigh Security, Versa Networks, and Zscaler. We look at what was tested and how, highlight results, and discuss... Read more »

Why Exclusive Networks says modern cybersecurity requires more than “pick, pack, and ship” “We're not just a distributor. We're a channel services aggregator — an extension of our partners' businesses.” — Jason Beal, President, Americas, Exclusive Networks In this episode of Technology Reseller News, publisher Doug Green sits down with Jason Beal, President, Americas, and Andrew Warren, VP of Sales and Marketing, North America, to explore how Exclusive Networks is rewriting the rules of cybersecurity distribution in North America. More than just moving product, Exclusive Networks delivers white-glove service, certified expertise, and true channel partnership — simplifying cybersecurity sales and delivery for MSPs, MSSPs, and solution providers. With over 45 country operations and reach into 170 markets, the company now brings its global playbook to North America with fresh investments, expanded services, and a unique partner-first approach. Key Highlights from the Conversation: Partner Empathy as Philosophy Exclusive Networks builds programs around the real-world needs of partners — from helping an MSP with student-powered hiring programs to assisting with complex financing, logistics, and field deployment. From MSP to MSSP, Cyber Expertise at Every Step Whether you're a security-focused MSP or a fully-fledged MSSP, Exclusive offers domain expertise, hands-on technical support, and services like SASE implementation, firewall deployment, and SOC augmentation through its CloudRise acquisition. Training & Certification Simplified With global training centers and relationships with top vendors like Fortinet and Palo Alto Networks, Exclusive lowers the barrier for entry but offers high benefits for those who commit to deep certification and specialization. Demand Generation for End Users and Partners Exclusive not only helps vendors reach the market — it also helps partners generate demand directly from end users, creating new revenue opportunities across the lifecycle. A New Kind of Distributor Exclusive Networks calls itself a “channel services aggregator”, offering a full lifecycle of services — from sales support and technology enablement to post-sales adoption and renewals — redefining what a modern cybersecurity distributor should be. What's Next? Expect new vendor partnerships, expanded services, and continued investment in dedicated local support across the U.S. and Canada — all backed by the belief that “people still do business with people.” Learn more at: www.exclusive-networks.com

In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet's FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code. 00:00 Introduction and Overview 00:35 Urgent Citrix Vulnerability Alert 03:26 Fortinet FortiWeb Exploit Details 06:23 Ingram Micro Ransomware Recovery 09:26 AI Coding and Security Risks 14:03 ChatGPT Security Flaw Exposed 17:20 Conclusion and Contact Information

Fortinet patches a critical flaw in its FortiWeb web application firewall.  Hackers are exploiting a critical vulnerability in Wing FTP Server. U.S. Cyber Command's fiscal 2026 budget includes a new AI project.  Czechia's cybersecurity agency has issued a formal warning about Chinese AI company DeepSeek. The DoNot APT group targets Italy's Ministry of Foreign Affairs. Mexico's former president is under investigation for alleged bribes to secure spyware contracts. The FBI seizes a major Nintendo Switch piracy site. CISA releases 13 ICS advisories.  A retired US Army lieutenant colonel pleads guilty to oversharing classified information on a dating app. Our guest is Catherine Woneis, VP of Product at Fingerprint, to discuss how bots are being used to facilitate music royalty fraud. A federal judge is not impressed with a crypto-thief's lack of restitution. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Catherine Woneis, VP of Product at Fingerprint, to discuss how bots are being used to facilitate music royalty fraud and how companies can protect themselves. Selected Reading Critical SQL injection vulnerability in Fortinet FortiWeb enables unauthenticated remote code execution (Beyond Machines) Critical Wing FTCritical Wing FTP Server Vulnerability Exploited - SecurityWeekP Server Vulnerability Exploited (SecurityWeek) Cyber Command creates new AI program in fiscal 2026 budget (DefenseScoop) DeepSeek a threat to national security, warns Czech cyber agency (The Record) Indian Cyber Espionage Group Targets Italian Government (Infosecurity Magazine) Former Mexican president investigated over allegedly taking bribes from spyware industry (The Record) Major Nintendo Switch Piracy Website Seized By FBI (Kotaku) CISA Releases Thirteen Industrial Control Systems Advisories (CISA) Lovestruck US Air Force worker admits leaking secrets on dating app (The Register) Crypto Scammer Truglia Gets 12 Years Prison, Up From 18 Months (Bloomberg) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices