Podcasts about cisco

In this episode of Supply Chain Now, host Scott Luton sits down with two industry leaders shaping the future of reverse logistics and circular supply chains. Joining the conversation are Sean Cleland, Vice President of Mobility and Asset Recovery at B-Stock, and Rich Bulger, Founder and Chief Circularity Officer at All Things Circular.Sean shares how B-Stock has pioneered the secondary market for retailers and brands, using data and AI to transform returns from a tactical afterthought into a strategic advantage. He explores how mobile technology sets the pace for the broader supply chain, why retailers like Best Buy are rethinking refurbished and resale programs, and how companies are shifting toward proactive planning and insourcing to better manage reverse flows.Rich reflects on his journey from building billion-dollar trade-in programs at Verizon and Cisco to launching All Things Circular, a platform dedicated to education, collaboration, and innovation in reverse logistics. He highlights the evolution of returns as a revenue driver, the urgent need for new training and curricula, and the importance of circular thinking in addressing a $1.6 trillion challenge.Together, Sean and Rich offer a candid look at where reverse logistics is headed, the role of AI in predicting value and shaping contracts, and how leaders can rethink returns as an opportunity for growth, sustainability, and impact. Jump into the conversation:(00:00) Intro(01:38) Interview with Sean Cleland from B-Stock(02:55) B-Stock's role in reverse logistics(04:02) Trends in mobile tech and returns management(08:15) The importance of data and AI(11:52) Interview with Rich Bulger from All Things Circular(13:13) Rich Bulger's journey and insights(21:56) Introduction to circular platforms(25:05) The evolution of Going Circular(27:46) Viewing feedback as blessings for improvement(31:01) The importance of reverse logistics education(35:35) Impact of returns and circular logisticsResources:Connect with Sean Cleland: https://www.linkedin.com/in/seanrcleland/ Connect with Rich Bulger: https://www.linkedin.com/in/rich-bulger-43b02112/ Learn more about All Things Circular: https://allthingscircular.com/ Learn more about B-Stock: https://bstock.com/ Connect with Scott Luton: https://www.linkedin.com/in/scottwindonluton/Learn more about Supply Chain Now: https://supplychainnow.com Watch and listen to more Supply Chain Now episodes here: https://supplychainnow.com/program/supply-chain-now Subscribe to Supply Chain Now on your favorite platform: https://supplychainnow.com/join Work with us!...

Will this be the AI update that finally brings AI agents to millions?

From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »

From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »

Brian Davis, an associate professor at the University of Louisville School of Medicine, loves looking for small fossils. His research focuses on early mammals, particularly teeth, jaws, and skull parts. Brian's most recent discovery is a mammal fossil quarry in Cisco, Utah, part of the Morrison Formation dating back to the Jurassic period. The site has yielded small animal fossils, including some potentially significant early mammals that correlate with a nearby site in Fruita, CO. We discuss the complexities of fossil excavation, preservation, and the analysis process as well as the importance of student education.

Take a Network Break! We start with a two-part listener follow-up and sound alarms about a serious flaw in Termix and tens of thousands of still-vulnerable Cisco security devices. Alkira debuts an MCP server and AI copilot for its multi-cloud networking platform; Cato Networks releases a Chrome-based browser extension to help secure contractor and personal... Read more »

Take a Network Break! We start with a two-part listener follow-up and sound alarms about a serious flaw in Termix and tens of thousands of still-vulnerable Cisco security devices. Alkira debuts an MCP server and AI copilot for its multi-cloud networking platform; Cato Networks releases a Chrome-based browser extension to help secure contractor and personal... Read more »

Take a Network Break! We start with a two-part listener follow-up and sound alarms about a serious flaw in Termix and tens of thousands of still-vulnerable Cisco security devices. Alkira debuts an MCP server and AI copilot for its multi-cloud networking platform; Cato Networks releases a Chrome-based browser extension to help secure contractor and personal... Read more »

Diving into the evolving landscape of the partner ecosystem, the discussion centers around three major forces shaping the industry by 2030. First, cloud marketplaces are projected to reach $163 billion in transactions, with nearly 60% of that being partner-led. This shift signifies a redefinition of partner value in the marketplace era, moving beyond traditional procurement methods. Second, the rise of AI services is highlighted, with a projected $267 billion opportunity by 2030, growing at an impressive 35% CAGR. This transition emphasizes the importance of packaging, governance, and delivering measurable outcomes rather than merely developing AI technologies.The conversation also delves into the critical role of cybersecurity as a services multiplier, with a study indicating that for every dollar spent on the CrowdStrike Falcon platform, partners can generate over $7 in services revenue. This statistic underscores the potential for partners to leverage cybersecurity solutions to enhance their service offerings. Jay McBain, Chief Analyst at Omdia, provides insights into how these trends impact channel partners, vendors, and the future of IT services, emphasizing the need for partners to adapt to these changes. As the discussion progresses, the challenges and opportunities for partners in the AI landscape are examined. The conversation points out that while AI is becoming a feature rather than a standalone product, partners must engage with business leaders across various departments to capitalize on the growing demand for AI-driven solutions. The importance of understanding customer needs and aligning services accordingly is stressed, as partners risk being sidelined by larger system integrators and management consultants if they do not adapt.Finally, the dialogue touches on the changing economics of partnering, particularly in light of recent shifts by major vendors like Microsoft and Cisco, which are cutting back on their partner networks. This consolidation raises questions about how partners can continue to thrive in a landscape where margins are shrinking. The emphasis is placed on the necessity for partners to rethink their business models, focusing on delivering high-value services and leveraging the opportunities presented by AI and cybersecurity to ensure sustainable growth in the future. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Today we get an inside look at a major data center migration that Nokia is undertaking. Nokia is our sponsor for today’s episode. The company is moving legacy sets of data center networking equipment to its own Event Driven Automation (EDA) solution. We go behind the scenes of Nokia’s own IT department, which is supporting... Read more »

Today we get an inside look at a major data center migration that Nokia is undertaking. Nokia is our sponsor for today’s episode. The company is moving legacy sets of data center networking equipment to its own Event Driven Automation (EDA) solution. We go behind the scenes of Nokia’s own IT department, which is supporting... Read more »

This week, we dig into the latest DORA report and OpenAI's big product updates. Plus, some hot takes on airline status and the Eurostar. Watch the YouTube Live Recording of Episode (https://www.youtube.com/live/urU5sn8Ufl8?si=WNrIuP_uXbhIg4gq) 540 (https://www.youtube.com/live/urU5sn8Ufl8?si=WNrIuP_uXbhIg4gq) Runner-up Titles Just plug in an iPhone Be helpful, not helpless Rundown Announcing the 2025 DORA Report | Google Cloud Blog (https://cloud.google.com/blog/products/ai-machine-learning/announcing-the-2025-dora-report/) OpenAI Agentic Commerce (https://openai.com/index/buy-it-in-chatgpt/) (https://openai.com/sora/) The New Sora App (https://openai.com/sora/) Introducing ChatGPT Pulse (https://openai.com/index/introducing-chatgpt-pulse/) Relevant to your Interests Intel and Apple hold investment talks, no deal in sight - 9to5Mac (https://9to5mac.com/2025/09/24/intel-and-apple-hold-investment-talks-no-deal-in-sight/) Ed Zitron is mad as hell (https://www.ft.com/content/4c8d6420-d088-4660-8973-c4996cd990fb) TikTok will stay: Trump signs executive order to keep app in the US (https://siliconangle.com/2025/09/25/tiktok-will-stay-trump-signs-executive-order-keep-app-us/) 10+ Hidden Features in iOS 26 (https://www.macrumors.com/guide/ios-26-hidden-features/) Splunk .conf25: Forging a Data Foundation for Cisco's AgenticOps Vision (https://futurumgroup.com/insights/splunk-conf25-forging-a-data-foundation-for-ciscos-agenticops-vision/) JFrog SwampUp 2025: The Agentic Development Era Emerges From The Swamp (https://www.forrester.com/blogs/jfrog-swampup-2025-the-agentic-development-era-emerges-from-the-swamp/) RIP, AOL dial-up: Take a walk down memory lane to 5 other now-defunct tech icons that defined millennials' youths (https://www.aol.com/rip-aol-dial-walk-down-063119808.html) Logitech launches MX Master 4 flagship productivity mouse – the best mouse we've tested adds haptic feedback, circular Action Ring shortcuts (https://www.tomshardware.com/peripherals/gaming-mice/logitech-launches-mx-master-4-flagship-productivity-mouse-the-best-mouse-weve-tested-adds-haptic-feedback-circular-action-ring-shortcuts) Charlie Javice Sentenced to 85 Months in Prison for Fraud (https://www.nytimes.com/2025/09/29/business/charlie-javice-sentence.html) Spotify CEO Daniel Ek to step aside (https://www.axios.com/2025/09/30/spotify-ceo-daniel-ek) Cloudscape - Cloudscape Design System (https://cloudscape.design/) Cursor CLI (https://cursor.com/cli) Introducing Claude Sonnet 4.5 (https://www.anthropic.com/news/claude-sonnet-4-5) Cursor CLI (https://cursor.com/cli) Introducing Claude Sonnet 4.5 (https://www.anthropic.com/news/claude-sonnet-4-5) GitHub Copilot CLI is now in public preview (https://github.blog/changelog/2025-09-25-github-copilot-cli-is-now-in-public-preview/) Shopify, pulling strings at Ruby Central, forces Bundler and RubyGems takeover (https://joel.drapper.me/p/rubygems-takeover/) How Ruby Went Off the Rails (https://www.404media.co/how-ruby-went-off-the-rails/) Open source to closed doors: RubyGems control fight erupts (https://www.theregister.com/2025/09/25/open_source_to_closed_doors/) Platform Engineering and AI - Two Buzzwords Finally Meet! | Michael Cote (https://www.youtube.com/watch?v=6jL3xp3LmQw) Nonsense Build-A-Bear Stock Outperforms Nvidia (https://theonion.com/build-a-bear-stock-outperforms-nvidia/) (The Onion) Conferences CF Day EU (https://events.linuxfoundation.org/cloud-foundry-day-europe/), Coté speaking, Frankfurt, October 7th, 2025. AI for the Rest of Us (https://aifortherestofus.live/london-2025), Coté speaking, October 15th-16th, London. Use code SDT20 for 20% off. Wiz Wizdom Conferences (https://www.wiz.io/wizdom), NYC November 3-5, London November 17-19 SREDay Amsterdam (https://sreday.com/2025-amsterdam-q4/), Coté speaking, November 7th. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Black Rabbit (https://www.netflix.com/title/81630027) Coté: Sune, Hackney, London (https://www.sune.restaurant). Photo Credits Header (https://unsplash.com/photos/a-eurostar-train-is-shown-in-close-up-KRJNGFKNjJM)

Three Buddy Problem - Episode 66: We discuss drone sightings that shut down airports across Europe and what they reveal about hybrid warfare and the changing nature of conflict; Oracle ransomware/extortion campaign tied to unpatched E-Business Suite vulnerabilities and the company's muted response. Plus, the TikTok–Oracle deal and the strange role Oracle now plays in U.S. national security; OpenAI's Sora 2 launch and its implications for social media and human expression; Palo Alto's “Phantom Taurus” APT report, a follow-up on Cisco's ArcaneDoor disclosures, and the impact of the U.S. government shutdown on CISA. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — A little radiation never hurt anybody.03:07 - BHIS - Talkin' Bout [infosec] News 2025-09-2903:29 - Story # 1: As many as 2 million Cisco devices affected by actively exploited 0-day19:07 - Story # 2: Viral call-recording app Neon goes dark after exposing users' phone numbers, call recordings, and transcripts | TechCrunch24:25 - Story # 3: AI Darwin Awards Show AI's Biggest Problem Is Human29:32 - Story # 4: Nikon revokes all C2PA image authenticity certificates after major vulnerability exposed34:14 - Story # 5: ‘You'll never need to work again': Criminals offer reporter money to hack BBC38:18 - Story # 6: Cybersecurity Training Programs Don't Prevent Employees from Falling for Phishing Scams46:48 - Mini CTF Walkthrough56:03 - Story # 7: U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area

In this episode of Brains Byte Back, we're joined by Ibrahim Hasanov, a founder whose story is anything but ordinary.He started building hardware at six, coding at eleven, and by thirteen, he'd already launched his first startup. Impressive when most founders don't launch their own startups until the age of 30. Since then, his projects have ranged from an online operating system to an image compression algorithm that caught the attention of Cisco engineers.Now, Ibrahim is the founder of Myuser, an AI-powered platform that transforms how businesses connect with new customers. Instead of drowning in generic outreach, Myuser helps companies scale with ultra-personalized communication at every step by using what he refers to as a smarter AI combined with a proven sales technique.In this conversation, we trace Ibrahim's journey from having a winner mindset even as a child to winning with my Myuser, and ending with some valuable advice for those young people looking to launch their own tech business, which involves looking behind the curtain. Find out more about Ibrahim HLearn more about Myuser,Reach out to today's host, Erick Espinosa - erick@sociable.coGet the latest on tech news - https://sociable.co/ Leave an iTunes review  - https://rb.gy/ampk26Follow us on your favourite podcast platform - https://link.chtbl.com/rN3x4ecY

Are you looking to save time, make money, and start winning with less risk? Then head to https://www.ovtlyr.com.The stock market is flashing some serious warning signs right now, and if you're not paying attention, you could get blindsided. In this video we walk through the signals that most investors are ignoring, why market concentration risk is a bigger deal than people think, and how OVTLYR's trend template helps you stay one step ahead when bubbles start to form.It all starts with an old lesson from a pig farmer who never lost money in the market. His secret was simple: buy when everyone else is fearful and sell when everyone else is greedy. That timeless principle is at the core of how OVTLYR operates today. Instead of chasing hype, we focus on quality, seasonality, and clear signals that cut through the noise.➡️ Learn why market crashes are normal and how to sidestep them➡️ See why breadth matters when indexes hit all-time highs➡️ Understand the risks of concentration in the “Magnificent Seven” stocks➡️ Discover how to avoid falling for the greater fool theory➡️ Get a simple plan to protect your portfolio with OVTLYR strategiesRight now, indexes like the S&P 500 and Nasdaq are printing new highs, but under the surface, breadth is weak. Only a small group of mega-cap stocks are driving the rally while most stocks lag behind. That kind of divergence has historically been a red flag, and ignoring it can be costly. Add in sky-high valuations, stretched price-to-earnings ratios, and extreme greed readings on sentiment indexes, and you can see why many pros are raising caution.But this video isn't about doom and gloom. It's about preparation. We show how Plan ETF provides a steady approach when individual setups aren't ready. By following a disciplined framework, you can capture gains in trending markets while avoiding the emotional traps that wipe out accounts. The OVTLYR trend template makes it easy: when the 10 EMA is above the 20 and price is above the 50, you're in a bullish trend. When those signals reverse, it's time to get defensive.We also break down why dollar-cost averaging can trick traders into thinking they're lowering risk when in reality they're just tying up capital in underperforming positions. The smarter move is to buy stocks that are “crashing up” with strong momentum and get out of the way when they start crashing down. That's how you trade like a fund manager instead of a normal investor stuck holding through brutal drawdowns.History has shown time and again—from Cisco in 1999 to the Janus Fund in 2000—that ignoring risk during bubbles leads to devastating losses. But with the right tools and mindset, you don't have to repeat those mistakes. This video gives you the insights and strategies to trade with clarity, protect your capital, and stay profitable no matter what the market throws your way.Gain instant access to the AI-powered tools and behavioral insights top traders use to spot big moves before the crowd. Start trading smarter today

AB sits down with Snorre Kjesbu, SVP & GM of Employee Experience at Cisco, for a great conversation on a variety of topics such as the value of AI-powered collaboration in the workplace; unifying devices, spaces, and workflows to enhance employees' day-to-day experience; and how Cisco is helping organizations prepare for the future with a platform that simplifies management, future-proofs investments, and unlocks intelligence everywhere work happens.

The AI landscape is akin to the Wild West right now. There are so many solutions on the market, and it can be hard for SMBs to know which ones are secure and which can best support their internal systems. Many SMBs need an experienced guide that can navigate this rapidly evolving industry. I'm joined by Dustin Holub, Director of Solutions Architecture at Technology Group Solutions, a Cisco Partner. He helps us cut through the noise by dispelling common fears surrounding AI and providing practical tips that enable SMBs to maximize the benefits of the latest LLM technologies. Learn more about Cisco's solutions for SMBs: www.cisco.com/site/us/en/solutio…usiness/index.html Check our TGS's offerings here: https://www.tgs-mtc.com/

In this episode of Cisco Champion Radio, we spotlight Cybersecurity Awareness Month and the resources available to help you strengthen your skills and defenses in an evolving threat landscape. With cyberattacks growing more sophisticated and the industry facing a global shortage of 4 million professionals, the need for education and training has never been greater. Our experts break down Cisco's latest initiatives, including the consolidation of certifications under the CCNA umbrella, free training and labs through Cisco U and Networking Academy, and a new video series—Security Unlocked—hosted by Kyle Winters. Plus, discover October-exclusive perks like free courses, tutorials, and a 25% discount on select premium content. Whether you're just starting your cybersecurity journey or looking to sharpen your expertise, this episode highlights the tools, training, and best practices to help you stay ahead. Resources Cybersecurity Training and Certification Giveaway: https://mkto.cisco.com/cybersecurity-giveaway-oct-2025.html?utm_campaign=csg25&utm_source=web&utm_medium=champions Upcoming Cisco Learning Network Store Sale: https://learningnetworkstore.cisco.com/specials/?src=cybrsec25_chmp Learn with Cisco Cybersecurity Awareness page: https://www.cisco.com/site/us/en/learn/training-certifications/cybersecurity-awareness.html?utm_campaign=csm25&utm_source=web&utm_medium=champions  Rev Up to Recert: Security Solutions: https://u.cisco.com/paths/enhancing-cisco-security-solutions-with-data-analytics-10327?utm_campaign=revup_ss&utm_source=web&utm_medium=champions  Cisco guest Kyle Winters, Technical Consulting Engineer, Cisco Cisco Champion hosts Liam Keegan, Advisor Jonathan Mahady, Principal Network Engineer, BHP David Penaloza, Assoc. Director - LAN Network Architecture, Novartis Moderator Danielle Carter, Customer Voices and Cisco Champion Program

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

On this week's show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week's cybersecurity news, including: Hackers learn that trying to coerce a journalist just makes for … a great story? A man in his 40s gets arrested over the European airport chaos. Yep, we're surprised, too. Adam fanboys over Watchtowr Labs while bemoaning Fortra. Academics pick apart Tile trackers and find them lacking CISA tells agencies to patch their damn Cisco gear This episode is also available on YouTube. Show notes 'You'll never need to work again': Criminals offer reporter money to hack BBC Government to guarantee £1.5bn Jaguar Land Rover loan after cyber shutdown Feds Tie ‘Scattered Spider' Duo to $115M in Ransoms – Krebs on Security UK authorities arrest man in connection with cyberattack against aviation vendor | Cybersecurity Dive Chinese scammer pleads guilty after UK seizes nearly $7 billion in bitcoin Cyberattack on Japanese beer giant Asahi limits shipping, call center operations | The Record from Recorded Future News Afghanistan plunged into nationwide internet blackout, disrupting air travel, medical care | The Record from Recorded Future News Tile trackers are a stalker's dream, say Georgia Tech researchers Intel and AMD trusted enclaves, the backbone of network security, fall to physical attacks - Ars Technica Supermicro server motherboards can be infected with unremovable malware - Ars Technica China-linked hackers use ‘BRICKSTORM' backdoor to steal IP | The Record from Recorded Future News Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors Federal agencies given one day to patch exploited Cisco firewall bugs | The Record from Recorded Future News Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability Is This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035) It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Critical Vulnerabilities and AI Voice Cloning Risks in Cybersecurity In this episode of Cybersecurity Today, host Jim Love discusses key cybersecurity threats, including critical vulnerabilities in Sudo and Cisco firewalls, and a remote command flaw in Western Digital MyCloud devices. The show highlights efforts by national security agencies in the US, Canada, France, Netherlands, and the UK to address these risks, urging immediate patching and system updates. Additionally, the episode covers the emerging threat of real-time AI voice cloning, stressing the need for stricter security measures to prevent social engineering attacks. Listeners are encouraged to implement robust verification processes to secure their organizations and personal communications. 00:00 Critical Sudo Flaw Warning 00:21 Cisco Firewalls Vulnerabilities 02:34 Western Digital MyCloud Devices at Risk 03:48 AI Voice Cloning Threat 05:16 Conclusion and Contact Information

In August, Nevada government agencies were hit with a crippling ransomware attack. Thankfully, Nevada's election infrastructure wasn't affected. But against that backdrop — and with concern over Nevadans' personal information still fresh — the Department of Justice is now requesting driver's license records and partial Social Security numbers for every registered voter in the state. Secretary of State Cisco Aguilar joins this week to discuss how Nevada's election systems held up during the cyberattack, why he won't release voter data to the Trump administration and a first look at initiatives that could appear on Nevada's 2026 ballot. Nevada Secretary of State concerned about DOJ requests for voter data Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, Frederic Detienne, a Distinguished Cisco CX Engineer takes us through the evolution of cryptography in IT, the latest changes and challenges as well as the quantum problem and post-quantum cryptography.

Kyle McIntyre is the owner and executive recruiter at McIntyre Associates, where he has placed VPs, SVPs, and C-Level executives for companies ranging from Seed Stage through Fortune 100. In this episode, McIntyre joins host Amanda Glassner to discuss open positions in cybersecurity today, as well as the outlook for 2026, what hiring managers should consider, and more. McIntyre Associates has served the cybersecurity startup community for over two decades, partnering with industry leaders such as CrowdStrike, KnowBe4, Cisco, Arbor Networks and others to achieve record-breaking growth and noteworthy exit events. To learn more about our sponsor, visit https://McIntyreAssociates.com.

“At TeleMate, our job is to make IT and communications troubleshooting easy,” said Reginald Pearson, VP of Sales & Strategy at TeleMate. At WebexOne in San Diego, Doug Green, Publisher of Technology Reseller News, spoke with Pearson about how TeleMate delivers observability across the entire Cisco collaboration suite. Pearson explained that TeleMate provides end-to-end visibility for Webex Calling, Webex Contact Center, and messaging platforms—while also supporting hybrid environments that combine on-premises and cloud technologies such as Cisco Call Manager and CUBEs. With a single-pane-of-glass interface, TeleMate aggregates logs, traces, alarms, and analytics to ensure full service assurance for enterprise IT and communications teams. The platform is vendor-neutral, designed to simplify troubleshooting and performance monitoring across complex UC ecosystems. TeleMate's value proposition: faster troubleshooting, better visibility, and proactive assurance that keeps collaboration platforms running smoothly. Learn more at www.telemate.net.

“Our approach is simple: remove the PII from the data stream, and you don't have to worry about compliance,” said Bill Placke, President, Americas at SecurePII. At WebexOne in San Diego, Doug Green, Publisher of Technology Reseller News, spoke with Jason Thals, COO of BroadSource, and Placke of SecurePII about their finalist recognition in Cisco's Dynamic Duo competition. The joint solution, built on Cisco Webex Contact Center, is designed to unlock AI's potential by enabling enterprises to leverage large language models without exposing sensitive personal data. SecurePII's flagship product, SecureCall, was purpose-built for Webex (and also available on Genesys) to deliver PCI compliance while removing personally identifiable information from voice interactions. This enables organizations to deploy AI and agentic automation confidently, without the regulatory risk tied to data privacy laws across the U.S., GDPR, and beyond. Thals emphasized BroadSource's role in delivering services that complement CCaaS and UCaaS platforms globally, while Placke framed the opportunity for Cisco partners: “This is a super easy bolt-on, available in the Webex App Hub. Customers can be up and running in 30 minutes and compliant.” The collaboration, already proven with a government-regulated client in Australia, is industry-agnostic and scalable from small deployments to 50,000+ users. For Cisco resellers, it represents a powerful, sticky service that integrates seamlessly into channel models while helping enterprises stay compliant as they modernize customer engagement. Learn more at BroadSource and SecurePII.

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

We're back with another power-packed highlight reel of our favorite conversations. In this episode, Jeff revisits big shifts shaping the partner + customer ecosystem:

In this episode of the podcast, Ryan Williams Sr. and Shannon Tynes discuss the latest cybersecurity news, including CISA's emergency directive regarding Cisco vulnerabilities, the rise of SIM farms threatening US infrastructure, and the alarming trend of cybercriminals targeting children's data for ransom. They emphasize the importance of cybersecurity awareness and the evolving landscape of cyber threats while also sharing personal updates and reflections on their experiences in the field. Article: CISA orders feds to patch Cisco flaws used in multiple agency hacks https://www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExd2lleHdWb1RWbEFZTDBJeQEenjZcbYPfTEpDqYpskC1y_ATnQjy8Xs0O_lBm9CqOYVx3jY2IWAuVe19i1Rk_aem_QN5KLONSnHGtBgaVUXEsXw ‘SIM Farms' Are a Spam Plague. A Giant One in New York Threatened US Infrastructure, Feds Say https://www.wired.com/story/sim-farm-new-york-threatened-us-infrastructure-feds-say/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExd2lleHdWb1RWbEFZTDBJeQEenLyO6lHFipbOSiGb3VydzS5_tY3hL7Z4kXKi86wzH_Qcfc3tyl4x1uELPgk_aem_KHOxgSVa-qn4XeXt7xdiKQ Nursery hackers threaten to publish more children's profiles online https://www.bbc.com/news/articles/c07vxv8v89lo.amp?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExd2lleHdWb1RWbEFZTDBJeQEetWzL8TMJE9U0bVS7Uy0EJFnJXxX0Xf7BQRXxJw-U4fatP_ilEnBIKdE6tQc_aem_OaAnjTw17cUrAzhvv9ShRw Buy the guide: www.theothersideofthefirewall.com Please LISTEN

Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/

There’s an abundance of vulnerabilities in this week’s Network Break. We start with a red alert on a cluster of Cisco vulnerabilities in its firewall and threat defense products. On the news front, the vulnerability spotlight stays on Cisco as the US Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive to all federal... Read more »

There’s an abundance of vulnerabilities in this week’s Network Break. We start with a red alert on a cluster of Cisco vulnerabilities in its firewall and threat defense products. On the news front, the vulnerability spotlight stays on Cisco as the US Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive to all federal... Read more »

There’s an abundance of vulnerabilities in this week’s Network Break. We start with a red alert on a cluster of Cisco vulnerabilities in its firewall and threat defense products. On the news front, the vulnerability spotlight stays on Cisco as the US Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive to all federal... Read more »

We have management changes at both Barrick and Newmont this morning. Sterling Metals make a new discovery in Ontario. Golden Cross Resources published new drill results from Reedy Creek. Q2 Metals share latest from Cisco. Newcore Gold have new cash from warrant exercise. Rio2 takes a stake in Royal Road. This episode of Mining Stock Daily is brought to you by... Revival Gold is one of the largest pure gold mine developer operating in the United States. The Company is advancing the Mercur Gold Project in Utah and mine permitting preparations and ongoing exploration at the Beartrack-Arnett Gold Project located in Idaho. Revival Gold is listed on the TSX Venture Exchange under the ticker symbol “RVG” and trades on the OTCQX Market under the ticker symbol “RVLGF”. Learn more about the company at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠revival-dash-gold.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Vizsla Silver is focused on becoming one of the world's largest single-asset silver producers through the exploration and development of the 100% owned Panuco-Copala silver-gold district in Sinaloa, Mexico. The company consolidated this historic district in 2019 and has now completed over 325,000 meters of drilling. The company has the world's largest, undeveloped high-grade silver resource. Learn more at⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://vizslasilvercorp.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Equinox has recently completed the business combination with Calibre Mining to create an Americas-focused diversified gold producer with a portfolio of mines in five countries, anchored by two high-profile, long-life Canadian gold mines, Greenstone and Valentine. Learn more about the business and its operations at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠equinoxgold.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Integra is a growing precious metals producer in the Great Basin of the Western United States. Integra is focused on demonstrating profitability and operational excellence at its principal operating asset, the Florida Canyon Mine, located in Nevada. In addition, Integra is committed to advancing its flagship development-stage heap leach projects: the past producing DeLamar Project located in southwestern Idaho, and the Nevada North Project located in western Nevada. Learn more about the business and their high industry standards over at integraresources.com

Think you need a perfect UX portfolio and hundreds of job applications to land a senior UX role? Think again.In this episode, UX career coach Sarah Doody talks with Laura, a former physician turned UX designer, about how she landed a Principal Product Design role, without even applying.Laura shares how she turned a contract job into a 2.5-year role at Cisco, why she joined Sarah Doody's UX career coaching program, Career Strategy Lab, twice. Laura also shares how staying ready (not scrambling) made all the difference when her UX contract ended. Spoiler: she was hired again within two weeks, and her new VP of Product found her on LinkedIn.What You'll Learn in This Episode:✔️ How Laura pivoted from medicine to UX and built her confidence along the way✔️ Why having just one solid case study was enough to land multiple interviews✔️ The key mindset shift that helped her stand out—even in a competitive market✔️ How staying visible on LinkedIn led to a job offer without applying✔️ Why portfolio perfectionism keeps talented UXers stuck✔️ The benefit of specializing in a niche like cybersecurity or networking✔️ How CSL's frameworks helped her lead, mentor, and present more confidentlyTimestamps:02:06 Laura's Career Journey and Success with Career Strategy Lab05:23 Importance of Testing and Networking09:06 Specialization and Job Search Strategy12:53 Applying Career Strategy Lab Skills in the Workplace17:39 Final Thoughts and Advice for Job Seekers19:29 Conclusion and Podcast Information20:09 Special Message for Job Seekers

The Monday Microsegment for the week of September 29th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.CISA orders an emergency patch after attackers weaponize Cisco firewall flaws.AI and malware are working hand-in-hand, but it's not actually romanticAnd a string of new breaches could ruin the friendship between customers and major brands.And Michael Adjei joins us for an "Ask the Expert" segment. Head to The Zero Trust Hub: hub.illumio.comRegister to attend The Illumio World Tour: https://www.illumio.com/illumio-world-tour 

The White House Office of Management and Budget is instructing agencies to consider reducing staff for programs that have a lapse in funding in the event of a government shutdown, as tensions rise ahead of the Sept. 30 end to the fiscal year. “With respect to those Federal programs whose funding would lapse and which are otherwise unfunded, such programs are no longer statutorily required to be carried out,” the undated message said. The guidance goes on to say that consistent with applicable law, including a federal reduction in force statute, agencies are directed to use this opportunity to consider RIF notices for employees working in projects, programs or activities that have a funding lapse on Oct.1, don't have another source of funding, and are not consistent with President Donald Trump's priorities. The project, program or activity must meet all three criteria, the message said. The message places blame for a possible shutdown squarely on congressional Democrats, calling their demands “insane.” The OMB message explains that the One Big Beautiful Bill Act, legislation passed earlier this year that is at the heart of Trump's second-term agenda, provided “ample resources to ensure that many core Trump Administration priorities will continue uninterrupted.” Federal cyber authorities sounded a rare alarm last week, issuing an emergency directive about an ongoing and widespread attack spree involving actively exploited zero-day vulnerabilities affecting Cisco firewalls. Cisco said it began investigating attacks on multiple government agencies linked to the state-sponsored campaign in May. The vendor, which attributes the attacks to the same threat group behind an early 2024 campaign targeting Cisco devices it dubbed “ArcaneDoor,” said the new zero-days were exploited to “implant malware, execute commands, and potentially exfiltrate data from the compromised devices.” Cisco disclosed three vulnerabilities affecting its Adaptive Security Appliances — CVE-2025-20333, CVE-2025-20363 and CVE-2025-20362 — but said “evidence collected strongly indicates CVE-2025-20333 and CVE-2025-20362 were used by the attacker in the current attack campaign.” The Cybersecurity and Infrastructure Security Agency said those two zero-days pose an “unacceptable risk” to federal agencies and require immediate action. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

If you like what you hear, please subscribe, leave us a review and tell a friend!Attackers exploited Cisco firewall zero-days, Medusa and Akira ransomware hit Comcast and SonicWall VPNs, and Ohio's Union County suffered a ransomware attack affecting 45,000 people. Meanwhile, Dutch teens spied for pro-Russian hackers, US investors plan to take over TikTok operations, and a vital cyber data-sharing law may expire amid a government shutdown, while a South Korean data center fire took 600+ government websites offline.

CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. Researchers uncover the first known malicious MCP server used in a supply chain attack. The New York SIM card threat may have been overblown. Microsoft tags a new variant of the XCSSET macOS malware. An exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncover North Korea's hybrid playbook of cybercrime and insider threats. An old Hikvision security camera vulnerability rears its ugly head. Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats. DOGE delivers dysfunction, disarray, and disappointment. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats and also shares advice for breaking into the fast-growing field of space cybersecurity Selected Reading Federal agencies given one day to patch exploited Cisco firewall bugs (The Record) First malicious MCP Server discovered, stealing data from AI-Powered email systems (Beyond Machines) Secret Service faces backlash over SIM farm bust as experts challenge threat claims (Metacurity) Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs (Bleeping Computer) Microsoft cuts off cloud services to Israeli military unit after report of storing Palestinians' phone calls (CNBC) Auto Insurance Platform Exposed Over 5 Million Records Including Documents Containing PII (Website Planet) Amazon pays $2.5 billion to settle Prime memberships lawsuit (Bleeping Computer) DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception (We Live Security) Critical 8 years old Hikvision Camera flaw actively exploited again (Beyond Machines) The Story of DOGE, as Told by Federal Workers (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Webshells Hiding in .well-known Places Our honeypots registered an increase in scans for URLs in the .well-known directory, which appears to be looking for webshells. https://isc.sans.edu/diary/Webshells%20Hiding%20in%20.well-known%20Places/32320 Cisco Patches Critical Exploited Vulnerabilities Cisco released updates addressing already-exploited vulnerabilities in the VPN web server for the ASA and FTD appliances. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW XCSSET Evolves Again Microsoft detected a new XCSSET variant, an infostealer infecting X-Code projects. https://www.microsoft.com/en-us/security/blog/2025/09/25/xcsset-evolves-again-analyzing-the-latest-updates-to-xcssets-inventory/ Exploitation of Fortra GoAnywhere MFT CVE-2025-10035 watchTowr analyzed the latest GoAnywhere MFT vulnerability and exploits used against it. https://labs.watchtowr.com/it-is-bad-exploitation-of-fortra-goanywhere-mft-cve-2025-10035-part-2/

Send us a text

In an IT world full of abstraction, overlays, and virtualization, it’s important to remember the physical infrastructure that supports all those things. So let’s get inside Mass IX, the Massachusetts Internet Exchange, to get a holistic view of the logical architecture and protocol mechanics of peering and Internet exchanges, as well as the iron, steel,... Read more »

Fortra flags a critical flaw in its GoAnywhere Managed File Transfer (MFT) solution. Cisco patches a critical vulnerability in its IOS and IOS XE software. Cloudflare thwarts yet another record DDoS attack. Rhysida ransomware gang claims the Maryland Transit cyberattack. The new “Obscura” ransomware strain spreads via domain controllers. Retailers' use of generative AI expands attack surfaces. Researchers expose GitHub Actions misconfigurations with supply chain risk. Mandiant links the new BRICKSTORM backdoor to a China-based espionage campaign. Kansas students push back against an AI monitoring tool. Ben Yelin speaks with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, discussing Women's health apps and the legal grey zone that they create with HIPAA. Senators push the FTC to regulate your brainwaves. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, co-host of Caveat, is speaking with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, about Women's health apps and the legal grey zone that they create with HIPAA. If you want to hear the full conversation, check it out on Caveat, here. Selected Reading Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems (HackRead) Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability (Cisco) Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack (Bleeping Computer) Ransomware gang known for government attacks claims Maryland transit incident (The Record) Obscura, an obscure new ransomware variant (Bleeping Computer) Threat Labs Report: Retail 2025 (Netskope) pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks (Orca) China-linked hackers use ‘BRICKSTORM' backdoor to steal IP (The Record) AI safety tool sparks student backlash after flagging art as porn, deleting emails (The Washington Post) Senators introduce bill directing FTC to establish standards for protecting consumers' neural data (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Exploit Attempts Against Older Hikvision Camera Vulnerability Out honeypots observed an increase in attacks against some older Hikvision issues. A big part of the problem is weak passwords, and the ability to send credentials as part of the URL. https://isc.sans.edu/diary/Exploit%20Attempts%20Against%20Older%20Hikvision%20Camera%20Vulnerability/32316 Cisco Patches Already Exploited SNMP Vulnerability Cisco patched a stack-based buffer overflow in the SNMP subsystem. It is already exploited in the wild, but requires admin privileges to achieve code execution. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte SonicWall Anti-Rootkit Update SonicWall released a firmware update for its SMA100 devices specifically designed to eradicate a commonly deployed rootkit. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0015 Extended Windows 10 Support Microsoft will extend free Windows 10 essential support for US and European customers. https://www.straitstimes.com/world/united-states/microsoft-offers-no-cost-windows-10-lifeline