IT SPARC Cast

John Barger
  • 5.0 (2)
  • Tech News
  • Updated Weekly

IT SPARC Cast is a digest of the Enterprise IT news over the last week, with insights, opinions, and a little sarcasm from 2 experts each with over 20 years of experience working in IT or for IT vendors. Hosted on Acast. See acast.com/privacy for more information.

  1. 200 Microsoft Patches?! RoguePlanet Zero-Day & Ubiquiti’s Enterprise Firewall

    3h ago

    200 Microsoft Patches?! RoguePlanet Zero-Day & Ubiquiti’s Enterprise Firewall

    In this episode of IT SPARC Cast - News Bytes, John & Lou tackle a security-heavy week featuring a new Microsoft Defender zero-day, the largest Patch Tuesday release in Microsoft’s history, and a growing debate around how vulnerability disclosures should be handled in the AI era. As AI accelerates bug discovery, the industry is struggling to keep pace with validation, patching, and deployment. The discussion also covers Ubiquiti’s entry into the enterprise firewall market and OpenAI’s report on coordinated influence campaigns targeting public perception around AI infrastructure and data centers. If you work in enterprise IT, cybersecurity, cloud, or networking, this episode highlights several trends that will directly impact security operations and infrastructure planning.   ⸻ 📌 Show Notes 00:00 – Intro This week’s episode focuses on security, patch management, enterprise networking, and the growing role AI plays in both finding vulnerabilities and shaping public narratives. ⸻ 📰 News Bytes 01:48 – Microsoft Defender “RoguePlanet” Zero-Day Security researcher Chaotic Eclipse revealed a new Microsoft Defender vulnerability dubbed “RoguePlanet” that allows local privilege escalation to SYSTEM-level access on Windows 10 and 11. The flaw joins a growing list of publicly disclosed Defender vulnerabilities and highlights ongoing tensions between researchers and Microsoft regarding vulnerability disclosure and patch response times. https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-rogueplanet-zero-day-grants-system-privileges/ ⸻ 04:47 – Microsoft Smashes Record for Biggest Ever Patch Tuesday Update Microsoft released more than 200 security fixes in a single Patch Tuesday, setting a new record. The update included dozens of critical vulnerabilities spanning Windows, Office, Azure, Exchange, Active Directory, Hyper-V, BitLocker, and Copilot services. John & Lou discuss why traditional patch cycles may no longer be sufficient as AI dramatically accelerates vulnerability discovery and exploit creation. https://www.computerweekly.com/news/366644117/Microsoft-smashes-record-for-biggest-ever-Patch-Tuesday-update ⸻ 11:40 – Ubiquiti Releases Enterprise Firewalls Ubiquiti announced its new Enterprise Firewall Core (EFC), expanding beyond networking into full next-generation firewall capabilities. The platform includes deep packet inspection, IDS/IPS, SSL inspection, AI-assisted threat analysis, and integration with the broader UniFi ecosystem. The aggressive pricing and subscription-light model could make it attractive for SMBs, education, MSPs, and mid-market enterprises. https://blog.ui.com/article/introducing-enterprise-firewall-core ⸻ 17:46 – OpenAI Calls Out Anti-Data Center Influence Operations OpenAI reported disrupting multiple coordinated campaigns that used AI-generated content, fake personas, and automated translations to influence online discussions around AI infrastructure and data centers. The report found AI significantly increased content generation volume but provided limited evidence that it improved persuasion or effectiveness. https://openai.com/index/prc-linked-influence-operations-ai-debates/ ⸻ 📬 21:44 – Mail Bag Longtime listener Dennis weighs in on RTX Spark, Microsoft’s AI strategy, AMD’s role in the next Xbox, and the future of gaming platforms. The discussion explores what happens when AI agents become the primary interface and whether future gaming experiences could include Holodecks hosted by Sydney Sweeney. The conversation also raises larger questions about operating systems, platform ecosystems, and whether AI assistants eventually become more important than the devices they run on. ⸻ 🔚 23:21 – Wrap Up ⸻ 🌐 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    24 min
  2. One Character Broke Linux Security: CVE-2026-23111 Explained

    3d ago

    One Character Broke Linux Security: CVE-2026-23111 Explained

    A single-character coding mistake in the Linux kernel created a privilege escalation vulnerability that could allow attackers to gain root access, escape containers, and compromise systems. In this episode of IT SPARC Cast – CVE of the Week, John and Lou break down CVE-2026-23111, discuss why container escapes are so dangerous, and explore how AI-powered code analysis may become essential for finding bugs before attackers do. ⸻ 📄 Show Notes 🚨 CVE of the Week: Linux Kernel Privilege Escalation (CVE-2026-23111) This week we’re covering CVE-2026-23111, a Linux kernel vulnerability that demonstrates how a tiny coding error can create a major security risk. The vulnerability: CVSS Score: 7.8Allows local privilege escalation to rootCan enable container escapesImpacts systems using nftables and user namespacesWas caused by a single-character logic error Researchers demonstrated successful exploitation against major Linux distributions, including Debian and Ubuntu. ⸻ ⚠️ Why This Matters While technically a local privilege escalation vulnerability, the real danger comes from exploit chaining. Attackers can: Gain limited access through another vulnerabilityUse CVE-2026-23111 to escalate privilegesEscape containersTake control of the host system This is why John and Lou argue that modern vulnerability scoring needs to better account for attack chains rather than evaluating each flaw in isolation. ⸻ 🛠️ Mitigation Steps ✅ Verify Your Linux Kernel Is Patched The vulnerability was patched in February 2026. Ensure your systems are running updated kernels provided by your Linux distribution. ✅ Update Embedded Linux Devices Many embedded systems: IoT devicesHVAC controllersSecurity appliancesSmart sensors may not receive patches automatically. Audit these devices and verify firmware versions. ✅ Implement Zero Trust Limit lateral movement through: Zero Trust architecturesLeast-privilege accessNetwork segmentationStrong authentication controls ✅ Use Micro-Segmentation Restrict devices to only the resources they require. IoT and embedded systems should never have broad access to: Financial systemsHR systemsCritical infrastructureAdministrative networks ✅ Add AI-Assisted Code Review This vulnerability existed because of a one-character mistake. Modern AI tools can: Review codeIdentify logic errorsDetect privilege escalation risksFind issues before deployment ⸻ 🤖 AI: The Defender and the Attacker One of the biggest themes of this episode is how AI is changing cybersecurity. The same technologies being used to: Find vulnerabilitiesReview codeImprove software quality can also be used by attackers to: Discover exploit chainsGenerate exploitsAutomate attacks The future of security will require organizations to use AI defensively just to keep pace. ⸻ 💬 Listener Feedback Thanks to listener Xavier-Nostromo for highlighting the growing need for AI-powered security defenses. As vulnerability discovery accelerates, organizations can no longer rely solely on traditional patch cycles and manual response processes. The future may require continuous monitoring, continuous validation, and continuous patching. ⸻ 📣 Wrap Up Do you think AI-assisted code review should become mandatory for critical infrastructure and open-source projects? 📧 feedback@itsparccast.com 🐦 @itsparccast on X ⸻ 🔗 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    11 min
  3. Microsoft vs Security Researchers | RTX Spark & Why Linux Won

    Jun 8

    Microsoft vs Security Researchers | RTX Spark & Why Linux Won

    In this episode of IT SPARC Cast - News Bytes, John & Lou take a deep dive into a Microsoft-heavy week that touches nearly every corner of enterprise IT. From a growing controversy around vulnerability disclosure practices to Microsoft’s new AI-native device strategy and NVIDIA’s RTX Spark platform, the discussion explores how AI is reshaping operating systems, endpoints, and enterprise workflows. The episode also examines a surprising announcement that may signal a major shift in the desktop computing landscape: Microsoft bringing Linux CoreUtils directly into Windows. Combined with AI agents, local inference, and cross-platform development, the lines between operating systems are blurring faster than ever. If you work in enterprise IT, cloud, AI, or cybersecurity, this episode is packed with insights into where the industry is heading next.   📌 Show Notes 00:00 – Intro This week’s episode focuses on Microsoft’s evolving AI strategy, security challenges, AI-native devices, and the growing convergence between Windows and Linux. News Bytes 00:46 – Microsoft’s Coordinated Vulnerability Disclosure (CVD) Controversy Microsoft defended its coordinated vulnerability disclosure process after several high-profile Windows vulnerabilities were publicly disclosed before fixes were available. Researchers argue Microsoft has become increasingly difficult to work with and too slow to patch critical issues. John & Lou discuss both sides of the debate and why faster vulnerability discovery driven by AI is putting pressure on traditional disclosure models. Key takeaways: Vulnerability disclosure requires cooperation between researchers and vendorsPatch timelines are becoming increasingly importantAI is accelerating vulnerability discovery faster than ever https://www.microsoft.com/en-us/msrc/blog/2026/05/a-shared-responsibility-protecting-customers-through-coordinated-vulnerability-disclosure 07:20 – Inside Microsoft’s Project Solara Microsoft unveiled Project Solara, an AI-native platform designed around agents rather than traditional applications. Running on Android-based hardware, Solara aims to provide AI-first devices that handle workflows, context, and automation without requiring users to jump between apps. The platform includes wearable and desktop reference designs and reflects Microsoft’s vision of AI assistants becoming a core part of everyday work. https://www.geekwire.com/2026/inside-microsofts-project-solara-a-new-platform-for-devices-that-run-ai-agents-instead-of-apps/ 11:36 – NVIDIA & Microsoft Reinvent Windows PCs with RTX Spark NVIDIA and Microsoft announced RTX Spark, a new AI-focused platform designed to run large AI models, local agents, and advanced inference workloads directly on PCs and workstations. The platform combines NVIDIA Blackwell GPUs with AI-optimized software to reduce cloud dependency and improve data privacy while enabling powerful local AI experiences. https://www.theverge.com/tech/940589/nvidia-rtx-spark-n1-n1x-laptop-desktop-pc-cpu-gpu-ai-release-date 17:43 – Microsoft Adds CoreUtils to Windows. So What? Linux Won. Microsoft is bringing native Linux CoreUtils commands directly into Windows, allowing cross-platform scripting without relying on WSL. Commands like grep, cat, find, sort, head, tail, and cut will become first-class Windows citizens. The bigger story isn’t the tools themselves—it’s what they represent: the operating system matters less than the applications, services, and workflows running on top of it. https://blogs.windows.com/windowsdeveloper/2026/06/02/build-2026-furthering-windows-as-the-trusted-platform-for-development/ ⸻ 🔚 23:22 – Wrap Up ⸻ 🌐 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    24 min
  4. AI Finds a Redis Vulnerability Humans Missed for Two Years

    Jun 5

    AI Finds a Redis Vulnerability Humans Missed for Two Years

    An autonomous AI security tool has discovered a critical Redis remote code execution vulnerability that remained hidden for more than two years. In this episode of IT SPARC Cast – CVE of the Week, John and Lou discuss CVE-2026-23479, why Redis is such a critical part of modern cloud infrastructure, and how AI is fundamentally changing vulnerability discovery, patch management, and enterprise security operations. ⸻ 📄 Show Notes 🚨 CVE of the Week: Redis Remote Code Execution (CVE-2026-23479) This week we’re looking at CVE-2026-23479, a high-severity Redis remote code execution vulnerability discovered by an autonomous AI security tool called Xint Code. Redis is one of the most widely deployed databases in cloud computing, meaning many organizations may be affected even if they don’t realize Redis is running somewhere in their environment. The vulnerability stems from a use-after-free bug in Redis blocked-client handling logic introduced in Redis 7.2. ⸻ ⚠️ Why This Matters An authenticated attacker can exploit the vulnerability to achieve arbitrary operating system command execution on the Redis host. Potential impacts include: Remote code execution (RCE)Server compromiseLateral movementPrivilege escalation through exploit chaining While no active exploitation has been reported, public exploit details are now available. The bigger story is that AI found a serious vulnerability that human review missed for over two years. ⸻ 🛠️ Mitigation Steps for CVE-2026-23479 ✅ Patch Redis Immediately Upgrade to a fixed version: Redis 7.2.14Redis 7.4.9Redis 8.2.6Redis 8.4.3Redis 8.6.3 or later versions as available. ✅ Restrict Redis Access Limit authenticated usersRemove unnecessary privilegesRestrict network exposureBlock direct internet access whenever possible ✅ Review Authentication Controls Because exploitation requires authentication: Rotate credentialsReview user permissionsImplement least-privilege access ✅ Monitor for Suspicious Activity Watch for: Unexpected Redis commandsUnusual process creationUnauthorized shell executionPrivilege escalation attempts ⸻ 🤖 The Real Story: AI vs. AI Security The vulnerability itself is serious. The larger trend may be even more important. AI tools are now: Finding vulnerabilities fasterAnalyzing source code at scaleDiscovering flaws humans miss This means organizations must rethink patch management. Traditional “Patch Tuesday” approaches may no longer be sufficient. John and Lou discuss a future where: AI finds vulnerabilitiesAI develops fixesAI monitors infrastructureAI defends against AI-driven attacks ⸻ 🔧 Enterprise Recommendations Assign dedicated personnel to vulnerability monitoringDeploy automated alerting systemsUse AI-assisted security analysisReview hot-patching capabilitiesReevaluate maintenance window policies The era of weekly patch cycles may be ending. ⸻ 💬 Listener Feedback Thanks to listener Alex for pointing out that the Microsoft Exchange vulnerability discussed in a previous episode remains unpatched. It’s a reminder that even when vulnerabilities are publicly disclosed, vendor response times can vary dramatically. ⸻ 📣 Wrap Up Are your current patch management processes fast enough to keep up with AI-driven vulnerability discovery? 📧 feedback@itsparccast.com 🐦 @itsparccast on X ⸻ 🔗 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    9 min
  5. AI Needs Managers Now? | Smart Glasses Return & Mythos Finds 23,000 Bugs

    Jun 1

    AI Needs Managers Now? | Smart Glasses Return & Mythos Finds 23,000 Bugs

    In this episode of IT SPARC Cast - News Bytes, John & Lou explore how AI is rapidly evolving from simple assistants into autonomous workers that require management, oversight, and governance. Google introduces an open-source Agent Executor framework designed to supervise AI agents in production environments, while smart glasses may finally be approaching the point where they become practical for mainstream use. The episode also dives into the growing impact of AI-driven cybersecurity. Anthropic’s Mythos platform identified more than 23,000 potential vulnerabilities across open-source projects, raising important questions about how the industry will keep pace with validation, patching, and deployment. If you work in enterprise IT, cloud, cybersecurity, or AI, this episode offers a glimpse into where the next wave of operational challenges is headed.   ⸻ 📌 Show Notes 00:00 – Intro This week’s episode covers AI agent management, the future of smart glasses, and the growing challenge of handling AI-discovered software vulnerabilities. ⸻ 📰 News Bytes 00:48 – Google Adds Open Source Agent Executor Google announced an open-source Agent Executor framework designed to help organizations safely run AI agents in production. The platform provides orchestration, task management, state tracking, auditing, and recovery workflows for fleets of AI agents. John & Lou compare the concept to middle management for AI—providing oversight, accountability, and guardrails that help prevent autonomous systems from making costly mistakes. Key takeaways: AI agents require supervision and governanceEnterprises need auditing and recovery mechanismsAgent fleets will require dedicated management infrastructure https://www.computerworld.com/article/4176809/google-adds-open-source-agent-executor-to-support-ai-agents-in-production-3.html ⸻ 07:19 – Smart Glasses: Are They Getting Real? XREAL and Google continue pushing augmented reality forward with new Android XR initiatives and lightweight smart glasses designs. Improvements in AI assistants, displays, optics, and battery technology are bringing wearable computing closer to practical adoption. The discussion explores whether smart glasses are finally approaching an inflection point where they move beyond niche devices and become a true successor—or companion—to smartphones. Key considerations: AI assistants significantly increase utilityWearables face challenges around battery life and social acceptanceAR development platforms may become the next major ecosystem battle https://techcrunch.com/2026/05/24/xreal-googles-smartglasses-partner-thinks-it-has-finally-mastered-this-notoriously-tricky-industry/ ⸻ 14:31 – Mythos Detected 23,000 Potential Vulnerabilities Anthropic revealed that its Mythos platform identified more than 23,000 potential vulnerabilities across approximately 1,000 open-source projects during limited testing. Over 1,700 findings were independently validated, including more than 1,000 high or critical severity issues. While AI is dramatically accelerating vulnerability discovery, the larger challenge may now be validation, patching, distribution, and deployment. Finding the bugs is no longer the bottleneck. Key takeaways: AI is transforming vulnerability researchPatching and deployment remain major obstaclesOpen-source communities may need new funding and workflow models https://www.securityweek.com/anthropic-mythos-detected-23000-potential-vulnerabilities-across-1000-oss-projects/ ⸻ 🔚 20:49 – Wrap Up As AI systems become more autonomous, organizations must rethink how they manage software development, cybersecurity, and operational governance. The future may belong not just to AI tools, but to the frameworks that supervise them safely and effectively. ⸻ 🌐 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    22 min
  6. Underminr Explained: The CDN Attack That Hides Malware Behind Trusted Traffic

    May 29

    Underminr Explained: The CDN Attack That Hides Malware Behind Trusted Traffic

    A newly disclosed attack technique called “Underminr” allows malicious traffic to hide behind trusted CDN infrastructure, potentially bypassing DNS filtering, zero trust policies, and traditional security controls. In this episode of IT SPARC Cast – CVE of the Week, John and Lou explain how attackers abuse TLS routing and CDN tenant behavior to disguise command-and-control traffic as legitimate web traffic — and why AI-driven behavioral analysis may become the only effective defense. ⸻ 📄 Show Notes 🚨 CVE of the Week: Underminr This week’s episode focuses on Underminr, a stealthy attack technique that allows malicious traffic to hide behind trusted CDN infrastructure. The attack abuses: CDN tenant routingTLS SNI mismatchesHTTP host header manipulationDNS resolution inconsistencies The result: Malicious command-and-control traffic can appear to originate from trusted services such as CDN providers. ⸻ ⚠️ Why This Is Dangerous Traditional security controls often trust: Well-known domainsCDN trafficTLS-encrypted connections Underminr exploits that trust model. Potential impacts include: Bypassing DNS filteringEvading protective DNS systemsHiding malware communicationsConcealing data exfiltrationCircumventing outbound filtering policies Because CDNs naturally move large volumes of traffic, malicious transfers can blend into legitimate content distribution activity. ⸻ 🛠️ Mitigation Steps for Underminr ✅ Validate TLS and Routing Consistency Verify that: DNS resolutionTLS SNI fieldsHTTP host headersCDN routing destinations …all match expected destinations. This is one of the most important defenses. ⸻ ✅ Implement Deep Packet Inspection (DPI) Traditional DNS filtering alone is no longer enough. Use: TLS inspectionDeep packet inspectionProxy inspectionBehavioral traffic analysis to identify suspicious traffic patterns. ⸻ ✅ Deploy Behavioral Network Analytics Monitor for: Unusual CDN usageUnexpected outbound transfersOff-hours synchronization activityAbnormal traffic paths Example: A large CDN upload occurring at 3AM outside normal workflows should trigger investigation. ⸻ ✅ Enforce Zero Trust Outbound Policies Instead of trusting domains: Validate applications and processesRestrict outbound communication permissionsUse application-aware filteringLimit which services can communicate externally ⸻ ✅ Improve CDN Isolation Policies CDN providers should: Tighten tenant routing validationPrevent cross-tenant hostname abuseRestrict mismatched origin routing ⸻ 🤖 AI and the Future of Network Security John and Lou discuss how AI-assisted security analytics may become essential against attacks like Underminr. Traditional rule-based systems struggle with: Correlating multiple protocol layersDetecting subtle routing anomaliesIdentifying behavioral inconsistencies in real time AI-driven network analysis could help identify: Suspicious traffic pathsOut-of-sequence synchronizationUnusual CDN behaviorHidden command-and-control channels ⸻ 💬 Listener Feedback Thanks to listeners Ahmed and Dennis for the feedback on last week’s Exchange vulnerability episode. One major takeaway: Organizations continuing to run on-prem email infrastructure are increasingly carrying significant operational and security risk. ⸻ 📣 Wrap Up Do you think traditional network trust models are finally breaking down, or can modern AI-driven security tools adapt quickly enough? 📧 feedback@itsparccast.com 🐦 @itsparccast on X ⸻ 🔗 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    12 min
  7. AI Data Centers, Vibe-Coded Android Apps, and the Coming Security Flood

    May 25

    AI Data Centers, Vibe-Coded Android Apps, and the Coming Security Flood

    In this episode of IT SPARC Cast - News Bytes, John & Lou break down the growing AI infrastructure arms race, Google’s push toward AI-generated mobile apps, and Cloudflare’s latest findings on frontier AI security models. As AI compute demand explodes, the conversation explores how power generation, cloud scaling, and automation are rapidly reshaping enterprise IT. They also dive into Google’s new AI Studio tools that let users build Android apps in minutes and discuss how AI-driven vulnerability research is changing software security forever. From multi-agent bug hunting systems to the future of software development itself, this episode looks at how AI is transforming both how software is built—and how it’s secured. ⸻ 📌 Show Notes 00:00 – Intro ⸻ 📰 News Bytes 00:49 – xAI Power, Anthropic Workloads Anthropic signed a massive compute deal with SpaceX/xAI worth potentially tens of billions of dollars, highlighting how compute capacity has become the primary bottleneck in AI growth. The discussion explores the rise of “Neo Cloud” providers, AI-driven data center expansion, and the enormous power requirements driving demand for natural gas, nuclear energy, and eventually orbital data centers. Key takeaways: AI revenue is increasingly tied directly to compute availabilityData center power generation is becoming a strategic industrySpaceX and xAI are positioning themselves as major AI infrastructure providers https://techcrunch.com/2026/05/20/anthropic-will-pay-xai-1-25-billion-per-month-for-compute/ https://techcrunch.com/2026/05/20/musks-xai-is-being-sued-over-its-data-center-generators-now-its-buying-2-8b-more/ ⸻ 06:48 – Google’s AI Studio Lets Anyone Build Android Apps Google announced major upgrades to AI Studio that allow users to generate Android apps directly from text prompts using AI. The tools support hardware integrations like GPS, Bluetooth, and NFC while enabling users to preview and export apps quickly. John & Lou discuss how this may shift app development away from traditional coding and toward personalized automation and workflow control. Key considerations: AI-assisted development dramatically lowers barriers to entryApp development may become more task-oriented than platform-orientedSecurity and app validation remain major concerns https://techcrunch.com/2026/05/19/googles-ai-studio-now-lets-anyone-build-android-apps-in-minutes/ ⸻ 12:11 – Cloudflare Reports on Frontier AI Models & Security Cloudflare published findings from Project Glasswing and Anthropic’s Mythos model, revealing major advances in AI-driven vulnerability discovery. The report shows how specialized AI models can now identify exploit chains, generate proofs of concept, and assist with patch validation far beyond traditional coding agents. However, false positives, prompt bypasses, and scaling issues remain significant challenges. Key takeaways: AI vulnerability hunting is advancing rapidlyGeneric coding agents struggle with deep security analysisSoftware architecture and patching workflows must evolve for the AI era https://blog.cloudflare.com/cyber-frontier-models/ ⸻ 📬 25:16 – Mail Bag Listener feedback highlights growing excitement around the show’s AI coverage and sparks additional discussion around the future of security operations, AI-assisted coding, and enterprise infrastructure strategy. 🔚 26:02 – Wrap Up As AI accelerates software development and vulnerability discovery simultaneously, enterprise IT teams will need stronger architecture, better automation, and tighter security discipline than ever before. The future isn’t just AI-powered—it’s AI-amplified. ⸻ 🌐 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    27 min
  8. Microsoft Exchange Zero-Day: No Patch, Active Exploitation, Major Risk

    May 22

    Microsoft Exchange Zero-Day: No Patch, Active Exploitation, Major Risk

    A newly disclosed Microsoft Exchange vulnerability is actively being exploited in the wild, and there’s still no permanent patch available. In this episode of IT SPARC Cast – CVE of the Week, John and Lou break down CVE-2026-42897, explain how attackers can exploit Outlook Web Access through malicious emails, and discuss why temporary mitigations may not be enough for organizations still running on-prem Exchange. ⸻ 📄 Show Notes 🚨 CVE of the Week: Microsoft Exchange / Outlook Web Access Exploit This week’s episode focuses on CVE-2026-42897, a high-severity vulnerability affecting: Microsoft Exchange Server 2016Microsoft Exchange Server 2019Exchange Subscription Edition The vulnerability is a cross-site scripting (XSS) and spoofing flaw impacting Outlook Web Access (OWA). ⸻ ⚠️ How the Attack Works Attackers send specially crafted emails that execute malicious JavaScript when opened through Outlook Web Access. Potential impacts include: Session hijackingBrowser-based code executionExchange session theftSpoofing attacks The vulnerability is already being actively exploited in the wild. ⸻ 🌐 Who Is Affected? This impacts on-prem Exchange deployments only. Cloud-hosted Exchange Online environments are not currently believed to be affected. Organizations most at risk include: Enterprises with legacy Exchange infrastructureOrganizations avoiding cloud email hostingRemote-access-heavy environments relying on OWA ⸻ 🛠️ Mitigation Steps for CVE-2026-42897 ✅ 1️⃣ Apply Microsoft Emergency Mitigations Microsoft has released temporary protections through: Exchange Emergency Mitigation Service (EEMS)URL rewrite mitigation rules Apply these immediately. ⚠️ Important: These mitigations are pattern-based and may not block future modified exploits. ⸻ ✅ 2️⃣ Consider Disabling Outlook Web Access (OWA) If operationally possible: Disable OWA temporarilyRequire users to use the Outlook desktop client instead This significantly reduces exposure. ⸻ ✅ 3️⃣ Prepare for Operational Side Effects Known mitigation side effects include: Calendar printing failuresInline image rendering problemsIncreased help desk tickets Organizations should proactively communicate these issues to users. ⸻ ✅ 4️⃣ Patch Immediately When Available At recording time: No permanent patch exists yetApply the official patch immediately once released This is not a vulnerability where delayed patching is safe. ⸻ 🔒 Security Takeaways This vulnerability reinforces several growing cybersecurity realities: On-prem infrastructure carries operational security burdensBrowser-based attacks remain highly effectiveTemporary mitigations are not substitutes for permanent fixes John and Lou also discuss how attackers increasingly chain vulnerabilities together and how AI-assisted exploit development is accelerating the speed of attacks. ⸻ 💬 Listener Feedback Thanks to listener “ZZZZ” on YouTube for pushing back on last week’s discussion around passwords stored in clear text memory. The discussion highlights an important point: Many vulnerabilities are low risk for average usersBut become extremely dangerous for high-value targets such as executives and organizations with sensitive data ⸻ 📣 Wrap Up Are organizations moving away from on-prem Exchange fast enough, or are these vulnerabilities making the case for cloud migration even stronger? 📧 feedback@itsparccast.com 🐦 @itsparccast on X ⸻ 🔗 Social Links IT SPARC Cast @ITSPARCCast on X https://www.linkedin.com/company/sparc-sales/ on LinkedIn John Barger @john_Video on X https://www.linkedin.com/in/johnbarger/ on LinkedIn Lou Schmidt @loudoggeek on X https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

    10 min
See All (166)

Ratings & Reviews

5
out of 5
2 Ratings

About

IT SPARC Cast is a digest of the Enterprise IT news over the last week, with insights, opinions, and a little sarcasm from 2 experts each with over 20 years of experience working in IT or for IT vendors. Hosted on Acast. See acast.com/privacy for more information.

Information

  • Creator
    John Barger
  • Years Active
    2024 - 2026
  • Episodes
    166
  • Rating
    Clean
  • Copyright
    © John Barger
  • Show Website
    IT SPARC Cast

You Might Also Like