Tech Updates

Andres Sarmiento
  • 0.0 (0)
  • TECH NEWS

Tech Updates is your quick-hit source for the latest in enterprise technology—all in 10 minutes or less. From cybersecurity and network connectivity to data center innovation, cloud advancements, and the rise of AI, we cover the updates that matter. Each episode delivers vendor announcements, industry trends, and agnostic insights to keep you informed and ahead of the curve. Whether you’re a tech professional or just tech-curious, this podcast is designed to fit into your busy schedule and fuel your knowledge.

  1. npm Supply Chain Attack Hit 47K Apps — What Happened and How to Defend

    3 DAYS AGO

    npm Supply Chain Attack Hit 47K Apps — What Happened and How to Defend

    In February, a maintainer of a widely-used npm package pushed a release that shipped malware to 47,000 downstream applications. The maintainer's GitHub account had been compromised four months earlier. Nobody noticed. It happened again in March. Again in early April. This episode is the supply chain security story the vendors aren't telling you correctly. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📚 WHAT YOU'LL LEARN ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ✅ The 4 Q1 2026 supply chain incidents you may have missed ✅ Maintainer takeover — the 5-step playbook attackers actually use ✅ Why SBOM (Software Bill of Materials) doesn't prevent this ✅ SLSA (pronounced "salsa") levels — and why 1% of enterprise hits Level 3 ✅ Sigstore adoption by registry — the ugly numbers ✅ The pragmatic defense playbook for a 50-person shop ✅ What package maintainers need to hear right now ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ⏱ CHAPTERS ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 0:00 Intro — the February npm incident 0:49 The Q1 2026 timeline — 4 incidents, 4 vectors 2:01 Maintainer takeover — the 5-step template 3:39 SBOM theater vs reality 4:35 SLSA adoption by level 5:39 Sigstore adoption by registry 6:36 The pragmatic defense — what to do this quarter 8:29 To the maintainers watching — enable MFA. Please. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🎯 THE MEMORABLE LINES ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ • "An SBOM is a receipt. It's proof you bought the groceries. It does not mean you cooked dinner." • "94% of enterprise builds are still at SLSA Level 1." • "If your CI can push to npm, steal crypto wallets, and read your production database — that's not a CI account. That's a supervillain." • "We are collectively running on trust and good luck." ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🛡 THE PRAGMATIC DEFENSE CHECKLIST ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ • Hard-pin every dependency · no floating ranges • Dependabot/Renovate with auto-merge OFF · review every diff • Dependency firewall (JFrog, Cloudsmith, Artifactory) • Minimize your supply chain — every dep is a trust decision • Segregate build credentials · principle of least privilege on CI ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📡 TECH UPDATES · THE PODCAST ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🔗 techupdates.it-learn.io 🔔 Subscribe for the full EP17–21 run. Previous → EP17 · The Collapse of SaaS Up next → EP19 · AI Is Eating the Grid #TechUpdates #SupplyChainSecurity #npm #SBOM #SLSA #Sigstore #DevSecOps #OpenSource #MaintainerSecurity

    9 min
  2. Special · S01: The CISO Under Fire — $1.4M Comp, SEC Subpoena, Same Job

    4 DAYS AGO

    Special · S01: The CISO Under Fire — $1.4M Comp, SEC Subpoena, Same Job

    $1.4M comp. SEC subpoena. Same job. Welcome to TechUpdates Special Series — four episodes on the cybersecurity roles people actually want to hear about. We start with the only C-suite job in tech where doing it right can still get you indicted: the CISO. What you'll hear: • What a CISO actually does (and what they delegate) • The real comp ladder — Series B startup $250K → Fortune 500 $800K → big tech $1.4M+ • The Tim Brown and Joe Sullivan reckoning: why CISOs now face personal SEC and DOJ exposure • A composite 24-hour day, from 7 AM board prep to a 3 AM pager • The 15-year path to the seat — and the 18-month average tenure once you're in • What LinkedIn promises ("strategic visionary") vs. what the calendar actually delivers (60% vendor management) We say it straight: this is the most consequential security job in tech when the company backs you, and the worst job in tech when they don't. Pick the company before you pick the title. Sources referenced: SEC v. SolarWinds & Timothy G. Brown (Oct 2023) · United States v. Joseph Sullivan (Uber, conviction Oct 2022) · public CISO compensation surveys. Next in the series: The Detection Engineer — the role that quietly killed the SOC. — Andrés Sarmiento #cybersecurity #CISO #infosec #SecurityLeadership #SolarWinds #TechUpdates

    7 min
  3. Is SaaS Dead? How AI Agents Are Killing Enterprise Software in 2026

    23 APR

    Is SaaS Dead? How AI Agents Are Killing Enterprise Software in 2026

    "SaaS is dead." Satya Nadella said it on All-In in late 2024. Everyone laughed. Eighteen months later, Klarna went on the record — they fired Salesforce, fired Workday, and replaced them with Python scripts wired to Claude. ~$40M in annual SaaS spend. Gone. This episode breaks down what's actually happening to enterprise software, which layer is getting compressed, which layer is getting bigger, and what IT buyers should do Monday. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📚 WHAT YOU'LL LEARN ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ✅ What Nadella actually predicted vs what sounded absurd at the time ✅ The Klarna playbook — exactly what got replaced, and with what ✅ The 4 layers of every SaaS product (and which 3 are now commodity) ✅ Which SaaS categories are getting compressed (middleware, dashboards, generic CRM/HRIS) ✅ Which categories get bigger (infra, APIs-as-products, vertical SaaS, IAM, GRC) ✅ The per-seat pricing collapse — what vendors are trying instead ✅ What to actually do Monday if you're in IT leadership ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ⏱ CHAPTERS ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 0:00 Intro — "SaaS is dead" 0:38 The Klarna teardown 1:26 What SaaS actually sold — the 4 layers 2:37 What's getting cooked — dying categories 3:54 What survives — the layer that gets bigger 5:15 Pricing model chaos 6:26 What to do Monday — 5-step playbook 7:52 The real story — the dashboard tax is dead ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🎯 THE MEMORABLE LINES ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ • "Companies were paying two thousand dollars a seat for permissions and a log file." • "Buyer's market for the first time in a decade." • "The middle layer is getting compressed — infrastructure is bigger than ever." • "Do not sign a three-year SaaS deal in 2026. Do not." ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 📡 TECH UPDATES · THE PODCAST ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Tech Updates covers the real stories behind enterprise tech — no hype, no vendor pitches. Host: Andrés Sarmiento. 🔗 techupdates.it-learn.io 🔔 Subscribe for the rest of the EP17–21 run: SaaS, Supply Chain, AI Power, Typhoons, NHIs. Up next → EP18 · The Supply Chain Attack Nobody's Talking About #TechUpdates #SaaS #Klarna #EnterpriseTech #AgenticAI #Nadella #ITLeadership #CIO #EnterpriseSaaS

    8 min
  4. RSAC 2026 Recap: Agentic AI, the Death of the SIEM, and 22-Second Breakouts

    17 APR

    RSAC 2026 Recap: Agentic AI, the Death of the SIEM, and 22-Second Breakouts

    In 2022, the median time between initial access and the secondary threat hand-off was 8 hours. At RSAC 2026, Mandiant put the new number on the main stage: 22 seconds. That one stat explains everything that got announced in San Francisco this year. This episode of Tech Updates is a full RSAC 2026 recap — the product flood, the agentic AI pivot, and the six predictions every CISO and senior engineer should be tracking over the next 12 months. ⏱ CHAPTERS 0:00 — Intro 0:03 — Cold open: the 22-second attacker hand-off 0:31 — Segment 1: Agentic AI, for real this time 2:20 — Agent Identity & Runtime Control 3:35 — Agentic SOC & the Death of the SIEM 5:09 — AI-Generated Code Security 5:43 — Post-Quantum, Quietly 6:36 — Palo Alto's Full Stack 6:55 — The Cryptographers' Panel 8:10 — Six Predictions for the Next 12 Months 10:45 — The honest takeaway 🔑 VENDORS & PRODUCTS COVERED • Cisco DefenseClaw · Duo IAM for agents • Microsoft Entra ID + Foundry guardrails • Teleport Beams (per-agent Firecracker micro-VMs) • 1Password Unified Access (Anthropic, Cursor, GitHub, Perplexity, Vercel) • Astrix Security · shadow agent coverage • Databricks Lakewatch — agentic SIEM • Google Cloud Triage & Investigation Agent • Accenture + Anthropic Cyber.AI • CrowdStrike Charlotte AI AgentWorks • SentinelOne Prompt AI Agent Security • Secure Code Warrior Trust Agent: AI • Black Duck Signal • ZeroTier Quantum (hybrid PQC transport) • Palo Alto Prisma AIRS 3.0 · Agentic SASE · Prisma Browser for Business • pQCee crypto-agile CNG • SandboxAQ AQtive Guard • Acalvio 360 Deception 🎤 KEY QUOTES "With chatbots you worry about getting the wrong answer. With agents you worry about taking the wrong action." — Jeetu Patel, Cisco "AI will kill the SIEM in 2026." — Ali Ghodsi, Databricks CEO (CNBC) "The cryptographic algorithms have really held up over the last 25 years. You can't say that about a lot of areas within cybersecurity." — Paul Kocher, 25th Cryptographers' Panel "We're spending more on cybersecurity than ever before, but the breaches keep happening. Something is fundamentally broken about how we've approached this problem." — Karl Van den Bergh, Illumio 🎯 SIX PREDICTIONS FOR THE NEXT 12 MONTHS 1. Non-human identity becomes the primary identity problem 2. MCP is now part of the attack surface — treat it like an API gateway 3. The SOC gets automated, or it gets outrun 4. Prompt injection is the new SQL injection 5. Post-quantum is closer than you think (CNSA 2.0 deadlines are real) 6. Active defense and deception are coming back 📚 SOURCES Mandiant M-Trends 2026 · RSAC 2026 official press releases · SecurityWeek daily roundups · Help Net Security · Futuriom · Google Cloud blog · Lumu Technologies recap · Biometric Update · Govtech Lohrmann column · Hive Pro disclosure of Operation Olalampo + Rust-based Char backdoor 🎧 LISTEN & SUBSCRIBE Spotify · Apple Podcasts · YouTube techupdates.it-learn.io New episode every week. #RSAC2026 #AgenticAI #Cybersecurity #SIEM #ZeroTrust #PostQuantum #InfoSec #CISO #MCP #PromptInjection #AIAgents #RSAConference

    12 min
  5. Malware: Viruses, Ransomware, Botnets & How to Fight Back

    10 APR

    Malware: Viruses, Ransomware, Botnets & How to Fight Back

    Malware isn't just "a virus." It's a whole ecosystem of tools designed to damage, steal, spy, and extort — and in 2026 it's more dangerous than ever. This episode is your complete field guide. WHAT IS MALWARE? Malware (malicious software) is any program intentionally designed to harm a system, steal data, or gain unauthorized access. It's not accidental — it's engineered. THE 5 MAJOR TYPES Viruses & Worms Viruses attach to clean files and spread when a user runs them. Worms self-replicate without any user interaction — ILOVEYOU (2000) infected 50 million machines in 10 days. Trojans & Ransomware Trojans disguise themselves as legitimate software. Ransomware encrypts your files and demands payment — Colonial Pipeline paid $4.4M in 2021. Double extortion is now standard: pay or we publish your data. Spyware & Keyloggers Spyware silently monitors your activity. Keyloggers capture every keystroke — passwords, credit cards, everything. Pegasus (NSO Group) targeted journalists and world leaders via a single missed call. Rootkits & Botnets Rootkits hide deep in the OS or firmware — the only guaranteed fix is a full OS wipe. Botnets turn your device into a zombie for DDoS attacks, spam, and crypto mining. Mirai (2016) infected IoT cameras and routers, then took offline Twitter, Netflix, Reddit, and Amazon. HOW MALWARE GETS IN - Phishing emails — #1 delivery method - Drive-by downloads — visit a compromised site, malware auto-downloads - Malvertising — malicious ads on legitimate websites - USB drops — infected drives left in public places - Unpatched vulnerabilities — no user interaction needed - Supply chain attacks — SolarWinds (2020) hit 18,000 organizations including US government agencies DEFENSE IN DEPTH — 7 LAYERS 01. Patch everything — OS, apps, firmware 02. Endpoint protection / EDR — behavioral detection catches what signatures miss 03. Email filtering + sandboxing — detonate attachments before delivery 04. Least privilege access — limits blast radius 05. 3-2-1 Backups — 3 copies, 2 media types, 1 offsite, immutable 06. Security awareness training — humans are the #1 attack surface 07. Network segmentation / Zero Trust — never trust, always verify 2024–2026 THREAT TRENDS - Ransomware-as-a-Service (RaaS): criminals rent malware like a SaaS subscription — no coding required - AI-powered malware: better phishing, polymorphic evasion that adapts to bypass defenses - IoT explosion: billions of unpatched smart devices are easy targets - Nation-state attacks: Stuxnet, Flame, Triton, Pegasus — government-grade malware in the wild - Average ransomware attack cost in 2024: $4.5 million (downtime, recovery, legal) - Reminder: paying the ransom does NOT guarantee you get your files back THE BOTTOM LINE Malware is intentional. Understanding how each type works is the first step to defending against it. No single tool protects you — layers do. New episode every week. Subscribe on Spotify, Apple Podcasts, or YouTube. techupdates.it-learn.io

    15 min
  6. Ransomware in 2026: It's Not About Encryption Anymore

    24 MAR

    Ransomware in 2026: It's Not About Encryption Anymore

    Tech Updates — Ransomware in 2026: Industrial Extortion and How to Fight Back Ransomware isn't just encryption anymore. In 2026, it's a full extortion operation — and it's getting more aggressive as fewer victims pay up. What's changed: Ransomware-as-a-Service has effectively lowered the barrier to entry for cybercrime, and in 2026 it's the dominant engine driving the threat landscape. Huntress Groups now layer encryption with data theft, DDoS attacks, and direct victim harassment. Many groups are skipping encryption entirely in 2026 — focusing purely on data exfiltration, which puts organizations under immediate legal and reputational pressure even if systems stay online. Level Three attack scenarios covered in this episode: Credential-based intrusion — Stolen logins, no MFA, AD enumeration, Kerberoasting, domain takeover, backup destruction, then encryptionHypervisor compromise — Unpatched ESXi vulnerabilities, VM datastore encryption, snapshot manipulation, bundled DDoSAI-assisted data-only extortion — Deepfake phishing, silent exfiltration, no encryption, no early alertsKey defenses: Phishing-resistant MFA (FIDO2/passkeys) · Privileged Access Management · EDR/XDR with behavioral rules · Immutable/air-gapped backups (3-2-1-1-0 rule) · Network microsegmentation · Zero Trust Network Access · Aggressive patching prioritized by the CISA KEV catalog · Rapid EDR auto-quarantine on encryption indicators 📎 Resources & Further Reading 🔗 CISA StopRansomware Guide — https://www.cisa.gov/stopransomware 🔗 CISA Known Exploited Vulnerabilities (KEV) Catalog — https://www.cisa.gov/known-exploited-vulnerabilities-catalog 🔗 Verizon 2025 Data Breach Investigations Report — https://www.verizon.com/business/resources/reports/dbir/ 🔗 Ransomware Trends 2026 (Huntress) — https://www.huntress.com/ransomware-guide/ransomware-trends 🔗 Ransomware Statistics & Facts 2026 (TechTarget) — https://www.techtarget.com/searchsecurity/feature/Ransomware-trends-statistics-and-facts 🔗 Top 10 RaaS Operations 2026 (Cyber Sierra) — https://cybersierra.co/blog/top-ransomware-operations-2026/ 🔗 10 New Ransomware Groups of 2025 (Cyble) — https://cyble.com/knowledge-hub/10-new-ransomware-groups-of-2025-threat-trend-2026/

    13 min
  7. Phishing in 2026: From Classic Emails to AI-Enhanced Deepfakes – Technical Breakdown & Defenses

    17 MAR

    Phishing in 2026: From Classic Emails to AI-Enhanced Deepfakes – Technical Breakdown & Defenses

    Description / Summary: Phishing remains the #1 initial access vector in 2026, now supercharged by generative AI, voice cloning, and multimodal deception. This episode dissects classic phishing, spear-phishing, smishing (SMS), vishing (voice), and emerging AI variants (hyper-personalized content, real-time voice synthesis, deepfake video calls). We walk through realistic attack scenarios with indicators of compromise (IOCs), attack chains, and living-off-the-land techniques—then deliver layered, modern defenses: phishing-resistant MFA, behavioral analytics, zero-trust controls, DMARC enforcement, and AI-native detection. Key Takeaways: Modern phishing uses perfect grammar, OSINT personalization, and urgency manipulation—no typos needed. AI variants generate tailored messages in seconds, clone voices from public audio, and simulate live video calls for multi-million BEC fraud. Core attack chains: credential harvesting → token/session replay → lateral movement or ransomware. Strongest defenses: FIDO2/passkeys (phishing-resistant), behavioral EDR rules (block anomalous process spawning), strict DMARC p=reject, continuous posture checks, and multi-vector simulated attacks. Organizations must assume AI acceleration—prioritize cryptographic MFA, URL rewriting/sandboxing, and verification protocols over awareness alone. Links Classic & Spear-Phishing Scenarios: Microsoft Defender for Office 365 – Phishing Attack Chain Examples – https://learn.microsoft.com/en-us/defender-office-365/anti-phishing-protection Proofpoint 2025 State of the Phish Report (attack trends & indicators) – https://www.proofpoint.com/us/resources/threat-reports/state-of-the-phish Smishing & Vishing (including quishing): CISA – Smishing and Vishing Guidance (technical indicators & mitigations) – https://www.cisa.gov/news-events/news/smishing-and-vishing FBI Internet Crime Complaint Center (IC3) – Business Email Compromise & Voice Impersonation Alerts – https://www.ic3.gov/Media/Y2026/PSA250301 AI-Enhanced Phishing & Deepfakes: Google Cloud Blog – AI-Powered Phishing Detection & Voice Cloning Risks (2026) – https://cloud.google.com/blog/topics/threat-intelligence/ai-enhanced-phishing-2026 Dark Reading – Deepfake Video Calls Enable Record BEC Losses (case studies) – https://www.darkreading.com/cyberattacks-data-breaches/deepfake-video-calls-business-email-compromise Defenses & Phishing-Resistant MFA: NIST SP 800-63B – Digital Identity Guidelines (FIDO2 & phishing-resistant authenticators) – https://pages.nist.gov/800-63-3/sp800-63b.html Yubico – Implementing Phishing-Resistant MFA (practical deployment guide) – https://www.yubico.com/authentication-standards/fido2/

    8 min
  8. Urgent Cybersecurity Alerts: Geopolitical Cyber Escalation, VMware Zero-Day Exploitation, and Major Ransomware Breach (March 2026)

    11 MAR

    Urgent Cybersecurity Alerts: Geopolitical Cyber Escalation, VMware Zero-Day Exploitation, and Major Ransomware Breach (March 2026)

    Summary: In this fast-paced technical roundup, we cover three high-impact cybersecurity developments from the last 7 days (Feb 28–Mar 4, 2026): escalating Iranian-linked cyber operations amid U.S.-Israel strikes, CISA's addition of an actively exploited VMware Aria Operations command injection flaw to the KEV catalog, and the University of Hawaiʻi Cancer Center's disclosure of a 2025 ransomware attack exposing up to 1.2 million individuals' sensitive data. We break down attack vectors, indicators of compromise, exploitation mechanics, and immediate defensive steps—essential listening for SOC teams, incident responders, and risk managers navigating blended threats, virtualization vulnerabilities, and long-tail data extortion. Geopolitical Cyber Escalation (Iran-linked activity post-Feb 28 strikes): Canadian Centre for Cyber Security Threat Bulletin – https://www.cyber.gc.ca/en/guidance/cyber-threat-bulletin-iranian-cyber-threat-response-usisrael-strikes-february-2026 Palo Alto Networks Unit 42 Threat Brief (phishing campaign details) – https://unit42.paloaltonetworks.com/iranian-cyberattacks-2026 VMware Aria Operations Vulnerability (CVE-2026-22719): CISA Known Exploited Vulnerabilities Catalog Addition – https://www.cisa.gov/news-events/alerts/2026/03/03/cisa-adds-two-known-exploited-vulnerabilities-catalog Broadcom Security Advisory VMSA-2026-0001 – https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 University of Hawaiʻi Cancer Center Ransomware Breach: Official UH Cancer Center Notice of Cyberattack – https://www.hawaii.edu/news/2026/02/27/notice-of-cyberattack-uh-cancer-center HIPAA Journal Coverage (impact and timeline details) – https://www.hipaajournal.com/university-of-hawaii-cancer-center-ransomware-data-breach

    7 min
See All (19)

About

Tech Updates is your quick-hit source for the latest in enterprise technology—all in 10 minutes or less. From cybersecurity and network connectivity to data center innovation, cloud advancements, and the rise of AI, we cover the updates that matter. Each episode delivers vendor announcements, industry trends, and agnostic insights to keep you informed and ahead of the curve. Whether you’re a tech professional or just tech-curious, this podcast is designed to fit into your busy schedule and fuel your knowledge.

Information

  • Creator
    Andres Sarmiento
  • Years Active
    2025 - 2026
  • Episodes
    19
  • Rating
    Clean
  • Copyright
    © Andres Sarmiento
  • Show Website
    Tech Updates