Tech Updates

Andres Sarmiento
  • 5.0 (3)
  • TECH NEWS

Tech Updates is your quick-hit source for the latest in enterprise technology—all in 10 minutes or less. From cybersecurity and network connectivity to data center innovation, cloud advancements, and the rise of AI, we cover the updates that matter. Each episode delivers vendor announcements, industry trends, and agnostic insights to keep you informed and ahead of the curve. Whether you’re a tech professional or just tech-curious, this podcast is designed to fit into your busy schedule and fuel your knowledge.

  1. Phishing in 2026: From Classic Emails to AI-Enhanced Deepfakes – Technical Breakdown & Defenses

    5D AGO

    Phishing in 2026: From Classic Emails to AI-Enhanced Deepfakes – Technical Breakdown & Defenses

    Description / Summary: Phishing remains the #1 initial access vector in 2026, now supercharged by generative AI, voice cloning, and multimodal deception. This episode dissects classic phishing, spear-phishing, smishing (SMS), vishing (voice), and emerging AI variants (hyper-personalized content, real-time voice synthesis, deepfake video calls). We walk through realistic attack scenarios with indicators of compromise (IOCs), attack chains, and living-off-the-land techniques—then deliver layered, modern defenses: phishing-resistant MFA, behavioral analytics, zero-trust controls, DMARC enforcement, and AI-native detection. Key Takeaways: Modern phishing uses perfect grammar, OSINT personalization, and urgency manipulation—no typos needed. AI variants generate tailored messages in seconds, clone voices from public audio, and simulate live video calls for multi-million BEC fraud. Core attack chains: credential harvesting → token/session replay → lateral movement or ransomware. Strongest defenses: FIDO2/passkeys (phishing-resistant), behavioral EDR rules (block anomalous process spawning), strict DMARC p=reject, continuous posture checks, and multi-vector simulated attacks. Organizations must assume AI acceleration—prioritize cryptographic MFA, URL rewriting/sandboxing, and verification protocols over awareness alone. Links Classic & Spear-Phishing Scenarios: Microsoft Defender for Office 365 – Phishing Attack Chain Examples – https://learn.microsoft.com/en-us/defender-office-365/anti-phishing-protection Proofpoint 2025 State of the Phish Report (attack trends & indicators) – https://www.proofpoint.com/us/resources/threat-reports/state-of-the-phish Smishing & Vishing (including quishing): CISA – Smishing and Vishing Guidance (technical indicators & mitigations) – https://www.cisa.gov/news-events/news/smishing-and-vishing FBI Internet Crime Complaint Center (IC3) – Business Email Compromise & Voice Impersonation Alerts – https://www.ic3.gov/Media/Y2026/PSA250301 AI-Enhanced Phishing & Deepfakes: Google Cloud Blog – AI-Powered Phishing Detection & Voice Cloning Risks (2026) – https://cloud.google.com/blog/topics/threat-intelligence/ai-enhanced-phishing-2026 Dark Reading – Deepfake Video Calls Enable Record BEC Losses (case studies) – https://www.darkreading.com/cyberattacks-data-breaches/deepfake-video-calls-business-email-compromise Defenses & Phishing-Resistant MFA: NIST SP 800-63B – Digital Identity Guidelines (FIDO2 & phishing-resistant authenticators) – https://pages.nist.gov/800-63-3/sp800-63b.html Yubico – Implementing Phishing-Resistant MFA (practical deployment guide) – https://www.yubico.com/authentication-standards/fido2/

    8 min
  2. Urgent Cybersecurity Alerts: Geopolitical Cyber Escalation, VMware Zero-Day Exploitation, and Major Ransomware Breach (March 2026)

    MAR 11

    Urgent Cybersecurity Alerts: Geopolitical Cyber Escalation, VMware Zero-Day Exploitation, and Major Ransomware Breach (March 2026)

    Summary: In this fast-paced technical roundup, we cover three high-impact cybersecurity developments from the last 7 days (Feb 28–Mar 4, 2026): escalating Iranian-linked cyber operations amid U.S.-Israel strikes, CISA's addition of an actively exploited VMware Aria Operations command injection flaw to the KEV catalog, and the University of Hawaiʻi Cancer Center's disclosure of a 2025 ransomware attack exposing up to 1.2 million individuals' sensitive data. We break down attack vectors, indicators of compromise, exploitation mechanics, and immediate defensive steps—essential listening for SOC teams, incident responders, and risk managers navigating blended threats, virtualization vulnerabilities, and long-tail data extortion. Geopolitical Cyber Escalation (Iran-linked activity post-Feb 28 strikes): Canadian Centre for Cyber Security Threat Bulletin – https://www.cyber.gc.ca/en/guidance/cyber-threat-bulletin-iranian-cyber-threat-response-usisrael-strikes-february-2026 Palo Alto Networks Unit 42 Threat Brief (phishing campaign details) – https://unit42.paloaltonetworks.com/iranian-cyberattacks-2026 VMware Aria Operations Vulnerability (CVE-2026-22719): CISA Known Exploited Vulnerabilities Catalog Addition – https://www.cisa.gov/news-events/alerts/2026/03/03/cisa-adds-two-known-exploited-vulnerabilities-catalog Broadcom Security Advisory VMSA-2026-0001 – https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 University of Hawaiʻi Cancer Center Ransomware Breach: Official UH Cancer Center Notice of Cyberattack – https://www.hawaii.edu/news/2026/02/27/notice-of-cyberattack-uh-cancer-center HIPAA Journal Coverage (impact and timeline details) – https://www.hipaajournal.com/university-of-hawaii-cancer-center-ransomware-data-breach

    7 min
  3. Application-Level Microsegmentation: Granular Zero Trust Enforcement in 2026

    MAR 9

    Application-Level Microsegmentation: Granular Zero Trust Enforcement in 2026

    Description / Summary: In this technical deep dive, we examine leading products for microsegmentation at the application and workload level—essential for stopping lateral movement in hybrid, multi-cloud, and containerized environments. As breaches become inevitable, these solutions enforce least-privilege policies based on process identities, behaviors, dependencies, and real-time telemetry, using host-based enforcement, AI-driven recommendations, and dynamic containment. We cover three standout platforms: Illumio Zero Trust Segmentation: Host/agentless visibility, AI-powered policy computation, and rapid breach isolation. Akamai Guardicore Segmentation: Process-level kernel enforcement, automated policy generation, and Osquery threat hunting. Cisco Secure Workload: Workload dependency graphing, eBPF tracing, and ACI/Kubernetes integration. Stay neutral as we highlight technical architectures, enforcement mechanisms, and 2025-2026 enhancements like agentless modes, ML anomaly detection, and scalability for thousands of workloads. Supporting Links: Illumio Zero Trust Segmentation Overview – https://www.illumio.com/illumio-segmentation Akamai Guardicore Segmentation Product Page – https://www.akamai.com/products/akamai-guardicore-segmentation Cisco Secure Workload Documentation & Releases – https://www.cisco.com/c/en/us/support/security/tetration/products-release-notes-list.html Gartner Peer Insights: Network Security Microsegmentation (2026 Customers' Choice mentions) – https://www.gartner.com/reviews/market/network-security-microsegmentation Akamai Segmentation Impact Study 2025 – https://www.akamai.com/site/en/documents/research-paper/segmentation-impact-study-2025.pdf

    7 min
  4. The Future of Firewalls: Hybrid Mesh Architectures Take Center Stage in 2026

    MAR 5

    The Future of Firewalls: Hybrid Mesh Architectures Take Center Stage in 2026

    The Future of Firewalls: Hybrid Mesh Architectures Take Center Stage in 2026 In this episode of Tech Updates, we explore the evolving world of network security as traditional firewalls give way to hybrid mesh architectures. With enterprises operating across on-premises, multi-cloud, edge, and remote environments, unified protection is no longer optional—it's essential. Gartner formalized the Hybrid Mesh Firewall (HMF) category in its inaugural 2025 Magic Quadrant, predicting that over 60% of organizations will deploy multiple firewall types by 2026. We break down what HMF means technically—multi-deployment firewalls (hardware, virtual, cloud-native, FWaaS) managed from a single cloud-based plane for consistent policies, threat prevention, and reduced complexity. We cover key developments from leading vendors: Palo Alto Networks' Strata platform unifying PA-Series, VM-Series, CN-Series, and cloud options with AI-powered threat intel.Fortinet's FortiOS convergence across appliances and cloud, emphasizing ASIC performance and Security Fabric integration.Cisco's Hybrid Mesh Firewall with intent-based policy management via Security Cloud Control and Mesh Policy Engine, supporting multi-vendor enforcement (including third-party like Palo Alto and Fortinet).Plus quick mentions of Check Point, Juniper/HPE, and others pushing similar unified approaches. Key Takeaways: Hybrid mesh firewalls simplify ops with centralized management while extending advanced protections (DPI, microsegmentation, AI detection) everywhere. The shift addresses east-west threats, hybrid work, and multi-cloud realities—no more silos. Expect more SASE/SSE integration and quantum-readiness in the coming years. Listen in for a neutral, technical deep dive into where firewall tech is headed. Subscribe for more updates on emerging security trends! If you found this information useful share with a friend or colleague, Thank you for your support. Feel free to tweak these—let me know if you'd like more title options or adjustments to the notes! Gartner Magic Quadrant for Hybrid Mesh Firewall (official report page, August 2025)https://www.gartner.com/en/documents/6871166Palo Alto Networks: Leader in the 2025 Gartner Magic Quadrant for Hybrid Mesh Firewall (with download link)https://start.paloaltonetworks.com/gartner-hybrid-mesh-firewalls-mq-2025Fortinet: Leader in the 2025 Gartner Magic Quadrant for Hybrid Mesh Firewall (highest in Ability to Execute)https://www.fortinet.com/resources/analyst-reports/gartner-magic-quadrant-hmfCisco Hybrid Mesh Firewall Overview (with Security Cloud Control and unified management details)https://www.cisco.com/site/us/en/solutions/security/hybrid-mesh-firewall/index.htmlPalo Alto Networks Blog: What Is a Hybrid Mesh Firewall and Why It Matters (explains Strata platform unification)https://www.paloaltonetworks.com/blog/2025/08/hybrid-mesh-firewall-and-why-it-matters

    6 min
  5. Latest Technical Enhancements in SSE Platforms: Prisma Access, Zscaler, and Cisco Secure Access (2025–2026 Updates)

    MAR 2

    Latest Technical Enhancements in SSE Platforms: Prisma Access, Zscaler, and Cisco Secure Access (2025–2026 Updates)

    1. Palo Alto Networks Prisma Access Feb 2025 (Prisma SD-WAN): Flow visualization, SGT propagation, GCM encryption, ION 9300 support.https://docs.paloaltonetworks.com/prisma-sd-wan/release-notes/new-features/prisma-sd-wan-release-information/prisma-sd-wan-features-introduced-in-2025/features-introduced-in-february-2025Aug 2025 (Strata Cloud Manager): Entity timestamps, region-based config management.https://docs.paloaltonetworks.com/content/techdocs/en_US/strata-cloud-manager/release-notes/new-features-strata-cloud-manager/new-features-in-august-20252. Zscaler 2025 Upgrades (ZIA/ZPA/ZDX): EDM/IDM in email DLP, tenancy restrictions, Sandbox tokens, NSS exclusions.https://help.zscaler.com/zia/release-upgrade-summary-2025https://help.zscaler.com/zpa/release-upgrade-summary-2025Jan/Feb 2026: AI Security Suite, Client Connector 4.7/4.8 (strict enforcement, offload controls, DNS fixes, vuln mitigations). https://www.zscaler.com/press/zscaler-unveils-new-innovations-secure-enterprise-ai-adoptionhttps://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2026https://help.zscaler.com/zscaler-client-connector/release-upgrade-summary-2026ZPA Feb 2026: RHEL 8/9 RPMs, Private Service Edge VPN (IPsec/GRE, BGP).https://help.zscaler.com/zpa/release-upgrade-summary-20263. Cisco Secure Access 2025: Universal ZTNA, trusted network detection, scheduled rules, endpoint/email DLP (ML inspection).https://www.cisco.com/site/us/en/products/security/secure-access/index.htmlhttps://www.cisco.com/c/en/us/td/docs/security/cdo/whats-new-for-cisco-defense-orchestrator/m-features-highlights-of-2025.htmlFeb 2026: AI Defense (supply chain governance, prompt injection protection), AI-Aware SASE, ThousandEyes app insights. https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m02/cisco-redefines-security-for-the-agentic-era.htmlAdditional: Hybrid ZTNA, AI Access, policy assurance, enterprise browser.https://www.ciscolive.com/c/dam/r/ciscolive/global-event/docs/2025/pdf/BRKSEC-2285.pdf

    10 min
  6. How Exploit Kits Are Automating Attacks Against Recent CVEs

    FEB 27

    How Exploit Kits Are Automating Attacks Against Recent CVEs

    🎙️ Tech Updates Weekly Episode: How Exploit Kits Are Automating Attacks Against Recent CVEs Exploit kits are transforming how cyberattacks happen — automating vulnerability exploitation at internet scale and dramatically shrinking the window between disclosure and compromise. In this episode, we break down how exploit kits work, why recent CVEs are being weaponized faster than ever, and what defensive teams must do to stay ahead. Attackers are no longer relying on manual exploitation. Instead, they’re leveraging automated frameworks that continuously scan the internet, identify vulnerable systems, and deploy payloads within hours of vulnerability disclosure. Understanding this shift is critical for security teams, IT leaders, and anyone responsible for protecting internet-facing infrastructure. 🧭 Episode Breakdown Section 1 — How Exploit Kits Work Exploit kits are automated attack platforms that allow attackers to scan, identify, and exploit vulnerable systems at scale. Section 2 — Why CVEs Are Being Exploited Faster Than Ever The time between vulnerability disclosure and active exploitation continues to shrink. Section 3 — How Defensive Teams Can Stay Ahead Security teams must shift from reactive patching to proactive exposure management. Key defensive strategies include: 🎯 Key Takeaways Exploit kits automate vulnerability exploitation at scaleThe exploitation window after CVE disclosure is shrinking rapidlyInternet-facing infrastructure is the primary targetPatch prioritization and attack surface reduction are criticalProactive defense is essential in today’s threat landscape🔗 Recommended Resources CISA Known Exploited Vulnerabilities Cataloghttps://www.cisa.gov/known-exploited-vulnerabilities-catalogNIST National Vulnerability Databasehttps://nvd.nist.gov/MITRE CVE Databasehttps://www.cve.org/SANS Internet Storm Centerhttps://isc.sans.edu/

    6 min
  7. The perimeter is no longer just a boundary — it’s the battlefield

    FEB 25

    The perimeter is no longer just a boundary — it’s the battlefield

    This week on Tech Updates: A critical 9.8 vulnerability in Honeywell CCTV systems. Ransomware groups increasingly targeting firewalls. And a surge of high-severity CVEs hitting infrastructure this week alone. The perimeter is no longer just a boundary — it’s the battlefield. If you manage firewalls, IoT, or internet-facing systems, this episode breaks down what happened, why it matters, and what you should be doing right now. Source Links CVE-2026-1670 — Honeywell CCTV Camera Vulnerability👉 https://www.techradar.com/pro/security/honeywell-cctv-cameras-vulnerable-to-hijacking-which-allows-hackers-to-crack-passwords-easily Ransomware Targeting Firewalls Report👉 https://www.techradar.com/pro/security/batten-down-the-hatches-ransomware-attacks-are-increasingly-targeting-firewalls-experts-claim Recent High-Severity CVEs Published (NIST NVD overview)👉 https://nvd.nist.gov/general/nvd-dashboard

    3 min
  8. Trending Cybersecurity News (February 2026)

    FEB 22

    Trending Cybersecurity News (February 2026)

    Cybersecurity never slows down — and neither should we. In this week’s Tech Updates episode, we break down three major stories shaping the security landscape right now: • Microsoft Patch Tuesday fixing 54 vulnerabilities — including 6 zero-days • Apple’s emergency update addressing an actively exploited zero-day • New research showing how AI adoption is expanding enterprise attack surfaces The big takeaway? Speed and visibility are everything. Attackers are moving faster, zero-days are more common, and AI is introducing both opportunity and risk. Organizations need strong patch management, mobile endpoint visibility, and governance around AI usage — not just new tools. If you’re in security, IT, or leadership, this episode gives you a quick breakdown of what happened and why it matters. 🔗 Source Links Microsoft Patch Tuesday — 54 Vulnerabilities (6 Zero-Days)👉 https://cybersecuritynews.com/microsoft-patch-tuesday-february-2026/ Apple Fixes Exploited Zero-Day on iOS/macOS👉 https://thehackernews.com/2026/02/apple-fixes-exploited-zero-day.html AI Is Expanding Attack Surfaces — Zscaler Report👉 https://www.itpro.com/security/they-are-able-to-move-fast-now-ai-is-expanding-attack-surfaces-and-hackers-are-looking-to-reap-the-same-rewards-as-enterprises-with-the-technology

    4 min
See All (13)

Ratings & Reviews

5
out of 5
3 Ratings

About

Tech Updates is your quick-hit source for the latest in enterprise technology—all in 10 minutes or less. From cybersecurity and network connectivity to data center innovation, cloud advancements, and the rise of AI, we cover the updates that matter. Each episode delivers vendor announcements, industry trends, and agnostic insights to keep you informed and ahead of the curve. Whether you’re a tech professional or just tech-curious, this podcast is designed to fit into your busy schedule and fuel your knowledge.

Information

  • Creator
    Andres Sarmiento
  • Years Active
    2025 - 2026
  • Episodes
    13
  • Rating
    Clean
  • Copyright
    © Andres Sarmiento
  • Show Website
    Tech Updates