It’s big-money deals and ever-more AI on this week’s Network Break. We start with a red alert from NVIDIA, which has rolled out a software upgrade to patch multiple bugs in its Triton Inference Server, one of which is a dangerous remote code execution vulnerability. On the news front, NVIDIA pledges a $5 billion investment... Read more »
Take a Network Break! We start with a listener correction on Cisco’s history of wireless certifications, then dig into a couple of red alerts on Microsoft Defender and a backdoor in Outlook. On the news front, Cisco announces new AI agents and SoC packages for Splunk; F5 spends $180 million to buy an AI security... Read more »
Take a Network Break! We shine a red light on an AnyShare Service Agent API vulnerability and an active exploit against FreePBX. SASE vendor Cato Networks makes first-ever acquisition with purchase of AI security startup AIM, Microsoft researchers tout hollow core fiber tests that out-perform glass core fiber optics, and Wi-Fi 7 helps drive up... Read more »
Take a Network Break! We start with follow-ups regarding the 7-year-old Cisco bug, risks of AI agents, and Anthropic forcing you to opt out or have your chats saved for five years. Then we highlight a serious vulnerability (which is being exploited in the wild) in Citrix NetScaler ADC and Netscaler Gateway systems. On the... Read more »
Take a Network Break! We double-dip on red alerts as the FBI warns that Russian state hackers are targeting a seven-year-old vulnerability on Cisco IOS and IOS-XE devices (a patch has been available for seven years), and a compromised XZ Utils backdoor is still lurking in some Docker images. Palo Alto Networks has added support... Read more »
Take a Network Break! We start with critical vulnerabilities in Cisco Secure Firewall Management Center and Fortinet’s FortiSIEM. On the news front, SonicWall announces Gen8 firewalls plus a $200,000 warranty for customers that sign on to SonicWall’s Managed Protection Security Suite. IBM Cloud suffers its fourth major outage since May of this year, SASE vendor... Read more »
Take a Network Break! We start with follow-up on post-quantum support in firewalls and DPDK, then highlight a command injection vulnerability in Ruckus SmartZone software. In tech news, Broadcom rolls out the Jericho4 ASIC to help scale AI across multiple data centers, InfoBlox beefs up DNS protection to spot malicious domains faster, and HPE announces... Read more »
Take a Network Break! Guest opinionator Tom Hollingsworth joins Johna Johnson to opine on the latest tech news. On the vulnerability front, several versions of BentoML are open to a server side request forgery. Looking at tech news, Intel will spin out its networking and edge group as it continues cost-cutting, Palo Alto Networks makes... Read more »
Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »
Take a Network Break! We begin with a listener question about a paper critiquing Shor’s Algorithm and quantum computing, and touch on a remote code execution vulnerability in Riverbed SteelCentral NetProfiler / NetExpress 10.8.7. We discuss a Cloudflare BGP misconfiguration that caused the Internet to hiccup, Broadcom’s new Tomahawk Ultra ASIC aimed for–you guessed it–AI... Read more »
Take a Network Break! We start with listener follow-up on Arista market share in the enterprise, and then sound the alarm about a remote code execution vulnerability in Adobe Experience Manager. On the news front, Arista buys VeloCloud to charge into the SD-WAN market, CoreWeave acquires a cryptominer to get access to GPUs and electricity... Read more »
Take a Network Break! HPE and Juniper have settled with the US Department of Justice, allowing HPE’s $14 billion purchase to move forward. However, as part of the deal, Juniper must grant a full license to its AI Ops for Mist source code to one, or perhaps two, companies via an auction to be overseen... Read more »
Take a Network Break! Our Red Alert is a remote code execution vulnerability in Roundcube. On the news front, HPE announces GreenLake Intelligence, which will bring agentic AI capabilities to the HPE portfolio, Pure Storage brings cloud-like operations for on-prem storage, and Juniper Networks adds predictive analytics to its data center ops platform. Weka rolls... Read more »
Take a Network Break! Our Red Alert for the week is a remote code execution vulnerability in open-source XDR platform Wazuh. In tech news, we dig into several announcements from Cisco Live US including: unified management of Meraki and Catalyst gear, new switches, an AI Assistant for the Meraki dashboard, a Deep Network Model LLM,... Read more »
Take a Network Break! We start with two critical vulnerabilities: one affecting cloud versions of Cisco ISE, and the other for HPE StoreOnce. In the news, Broadcom announces the Tomahawk 6 ASIC with 102.4Tbits of bandwidth, SentinelOne suffers a self-imposed network outage, and the Wireshark Foundation announces its first-ever professional certification for Wireshark. Cisco rebrands... Read more »
Take a Network Break! We start with a Red Alert for the IBM Tivoli Monitoring Tool, which has an unpatched (as of recording time) vulnerability that could allow remote attackers to execute arbitrary code. On the news front, Salesforce ponies up $8 billion for Informatica to improve data governance capabilities, Google researchers revise estimates of... Read more »
Take a Network Break! We begin with a Red Alert for critical vulnerabilities Kubernetes Gardener. Up next, a threat actor has been squatting on unused CNAME records to distribute malware and spam, and IP Fabric rolls out a new firewall rule simulation capability to let administrators test the effect of firewall rules on traffic patterns.... Read more »
Take a Network Break! Guest co-host Tom Hollingsworth steps in for Johna Johnson. We start with Google patching a significant Chrome vulnerability and de-elevating Chrome running with admin rights when it launches on Windows. On the news front, we discuss a report, unconfirmed as of recording time, that Arista is acquiring VeloCloud, then discuss Broadcom... Read more »
Take a Network Break! We start with follow-up from a listener on the best way to listen to our podcast that helps the most. The answer? Any listen on any platform helps. Even better is to tell a friend! We discuss two critical security issues. First, CISA adds active exploits against known SonicWall vulnerabilities to... Read more »
Take a Network Break! This week we catch up on the Airborne vulnerabilities affecting Apple’s AirPlay protocol and SDK, and get an update on active exploits against an SAP NetWeaver vulnerability–a patch is available, so get fixing if you haven’t already. Palo Alto Networks launches the AIRS platform to address AI threats in the enterprise,... Read more »