In this eye-opening episode of IT SPARC Cast - CVE of the Week, John and Lou dive into a double-breach nightmare involving the TEA app—a dating safety app marketed to women. What began as a leak of 72,000 user images and 13,000 photo IDs escalated into a much more severe incident: over 1.1 million private messages containing deeply personal topics were exposed due to unprotected Firebase storage.

We examine the catastrophic lapses in security hygiene, discuss the enterprise IT lessons learned, and reflect on the reputational and legal ramifications that follow when data protection is treated as an afterthought. Whether you’re a CISO, a privacy advocate, or just someone who cares about where their data lives, this is a must-listen.

⸻

📌 Key Talking Points:

•Legacy database exposes sensitive identity images and chat content

•TEA app suffers two breaches—one legacy, one current

•Firebase misconfiguration allowed full access to private conversations

•Enterprise-level lessons on paranoia, trust, and protecting sensitive services

•How consumer apps impact corporate environments when users overlap

⸻

🔗 Social Links:

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/

Lou Schmidt

@loudoggeek on X

https://www.linkedin.com/in/louis-schmidt-b102446/

Hosted on Acast. See acast.com/privacy for more information.

In this third installment of our future-casting series, John & Lou dive headfirst into the radical transformation of enterprise IT in 2055—two decades after the convergence of AGI, Super Intelligence, Quantum Computing, and Nuclear Fusion.

This isn’t science fiction—it’s plausible, near-future speculation grounded in tech trends already in motion. Topics include:

•Non-invasive, high-resolution neural interfaces that replace keyboards and voice commands

•Fully immersive human-AGI workspaces that resemble Iron Man’s Jarvis

•“Code as Thought” and self-composing infrastructure where thinking replaces programming

•A look at the tech workforce of 2055—what roles remain, and which new ones emerge

This is the future of work in a world with near-infinite compute, power, and potential.

⸻

⏱️ Timestamps & Topics:

00:00 – Intro

Welcome to Part 3 in our multi-part future-tech series.

00:15 – Setting the Context

A quick recap of assumptions from Episodes 1–2 and one big addition: global population decline.

02:25 – Neural Interface as Primary Input

Typing and voice are obsolete—2055 interfaces read intent directly through advanced, non-invasive neural links.

04:30 – Unified Human-AGI Workspaces

Iron Man-style collaboration environments become real—customized, immersive, and powered by AGI.

07:27 – Code as Thought

Programming as we know it disappears. Thinking is the new coding, and AI builds the infrastructure.

11:06 – Who Are the Specialists in 2055?

From digital ethicists to intent engineers, we break down the roles shaping the IT workforce of the future.

14:02 – Wrap Up

What do you think of our 2055 vision? Email us at [email protected] or drop a comment.

⸻

🔗 Social Links:

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/ on LinkedIn

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/ on LinkedIn

Lou Schmidt

@loudoggeek on X

https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.

In this episode of IT SPARC Cast - News Bytes, John & Lou highlight three big stories shaking up the tech world.

First, they explore how Google is tightening open-source security with OSS Rebuild—an AI-powered tool designed to detect supply chain attacks before they strike. Then they pivot to Meta’s latest innovation in gesture-based control using wrist-worn electromyography tech, showing real potential for AR and VR interactions.Finally, they break down a new Android vulnerability called TapTrap, which exploits screen transitions—good news: a simple toggle can mitigate it until a patch arrives.

From open-source code hygiene to wearable input breakthroughs to proactive Android security, this episode covers it all in just 15 minutes.

⸻

⏱️ Timestamps & Show Notes

00:00 - Intro

Welcome back to IT SPARC Cast – your fast-track to the latest in enterprise IT, cybersecurity, and innovation.

⸻

01:22 - Google Launches OSS Rebuild

Google debuts an open-source tool to proactively detect tampered packages across PyPI, NPM, and Crates.io. Highlights:

•AI-driven automated rebuilds

•CLI and self-hosted options

•Targets supply chain risks with sandboxed testing

John and Lou explain why this could become a staple of enterprise DevSecOps pipelines.

https://security.googleblog.com/2025/07/introducing-oss-rebuild-open-source.html 

⸻

07:12 - Meta’s Wrist-Worn Gesture Controllers for AR Interaction

Meta publishes peer-reviewed research on wristbands that interpret hand gestures via surface electromyography (sEMG).

•No gloves or cameras required

•Could provide input and potentially haptic feedback

•Implications for AR/VR usability, accessibility, and future UX

Includes comparisons to Apple’s gesture control and Google’s accelerometer innovations.

https://www.meta.com/blog/reality-labs-surface-emg-research-nature-publication-ar-glasses-orion/ 

⸻

12:00 - TapTrap Targeting Android Devices

A new attack vector uses Android screen transition animations to overlay fake system prompts.

•Patched in GrapheneOS; not yet by Google

•Simple mitigation: disable system animations

•Could be used to escalate privileges or launch follow-up attacks

Lou and John praise the transparency of the security researchers while calling out the silence from vendors like SonicWall.

https://taptrap.click/ 

⸻

15:32 - Wrap Up

Want to share feedback or pitch a topic? Reach out!

📨 [email protected]

📣 @ITSPARCCast on X

🔗 https://www.linkedin.com/company/sparc-sales/ 

Follow the hosts:

John Barger

• @john_Video on X

• https://www.linkedin.com/in/johnbarger/ 

Lou Schmidt

• @loudoggeek on X

• https://www.linkedin.com/in/louis-schmidt-b102446/ 

Hosted on Acast. See acast.com/privacy for more information.

This week on IT SPARC Cast – CVE of the Week, John and Lou sound the alarm on two critical zero-day vulnerabilities impacting on-premise Microsoft SharePoint servers: CVE-2025-53770 and CVE-2025-53771. Exploited via a chained attack called “ToolShell,” these flaws enable unauthenticated remote code execution (RCE). Nation-state attackers, particularly Chinese APTs, are already exploiting these vulnerabilities, targeting government and infrastructure networks slow to patch. If you’re running SharePoint 2016, 2019, or Subscription Edition on-prem, your window for action is closing fast.

We break down Microsoft’s emergency guidance—including patching beyond last Patch Tuesday, rotating cryptographic keys, enabling AMSI & Defender, auditing for compromise, and cutting off Internet access immediately if patching isn’t feasible. With some organizations still dangerously unpatched, this episode is a must-listen for IT professionals and enterprise defenders. If your SharePoint instance is Internet-facing and not yet patched, assume it’s compromised and begin incident response now.

Links:

https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ 

https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/ 

https://www.tomsguide.com/computing/online-security/microsoft-releases-emergency-security-updates-to-fix-sharepoint-zero-day-flaws-everything-you-need-to-know 

https://www.windowscentral.com/software-apps/were-witnessing-an-urgent-and-active-threat-microsoft-sharepoint-toolshell-vulnerability-is-being-attacked-globally

🔒 Keywords: SharePoint RCE exploit, CVE-2025-53770, CVE-2025-53771, ToolShell vulnerability, Microsoft SharePoint security, SharePoint emergency patch, nation-state cyberattacks, enterprise IT security, zero-day vulnerabilities, CVE of the week podcast

⸻

🔗 Social Links:

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/

Lou Schmidt

@loudoggeek on X

https://www.linkedin.com/in/louis-schmidt-b102446/

Hosted on Acast. See acast.com/privacy for more information.

In this episode of IT SPARC Cast – Hot Take, John & Lou take you on a deep-dive into what Enterprise IT might look like in 2045, assuming the convergence of AGI, Super Intelligence, quantum computing, and nuclear fusion began reshaping the world a decade earlier. This is part two of their future-focused series exploring how these exponential technologies will transform entire industries.

From non-invasive neural interfaces and zero-latency global communication to intent-based operating environments and deeply personalized collaboration spaces, the future of work is less about where and more about how. Tune in to hear speculative but grounded insights into what’s coming next—and how enterprise IT professionals can start preparing today.

⸻

⏱️ Timestamps & Topics:

00:00 – Intro

Welcome back to our speculative series on future enterprise IT.

00:25 – Setting the Context

John sets the stage with the assumptions and constraints: AGI, Super Intelligence, quantum computing, and fusion energy are reshaping IT by 2035, leading us into the world of 2045.

05:55 – Neural Interfaces (Basic)

A look at non-invasive brain-computer interfaces—glasses, patches, or contact lenses—and how they may enable seamless, hands-free interaction with digital systems.

08:23 – Zero-Latency Global Communication

Quantum networking and AGI-enhanced routing power instant global comms and real-time language translation with no lag.

09:40 – Dynamic, Intent-Based Operating Environments

The operating system as we know it dies. Workspaces adapt to your context, switching between creative, analytical, or entertainment modes in real time.

12:12 – Context-Aware Collaboration Environments

Teamwork in 2045 is fully dynamic—each participant sees personalized interfaces, and every action is tagged with human intent.

15:18 – Wrap Up

Next episode: Enterprise IT in 2055. Share your thoughts at [email protected] or on X.

⸻

🔗 Social Links:

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/ on LinkedIn

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/ on LinkedIn

Lou Schmidt

@loudoggeek on X

https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.

This week on IT SPARC Cast, John and Lou unpack UniFi Network 9.3’s biggest update yet, talk about why quantum security is no longer just a buzzword, and break down the soap opera acquisition collapse of Windsurf by OpenAI. Spoiler: Google and Cognition swooped in with a surprise twist.

⏱️ Timestamps & Show Notes

00:00 - Intro

00:52 - UniFi Network 9.3

Ubiquiti releases UniFi Network version 9.3, and it’s a big one. Key highlights:

•Redesigned client tables with better filtering options

•Centralized DHCP and improved IP management

•Customizable alarms and logs with 3rd-party integrations

•Enhanced content filtering with scheduling, ad blocking, and allow/block lists

•IDS/IPS powered by Proofpoint, real-time blocking via Cloudflare

•Multi-WAN with policy-based routing and SLA support

•Aimed squarely at small-to-mid enterprises — without drowning in licensing fees

https://blog.ui.com/article/introducing-network-9-3 

06:59 - Quantum Security: It’s Not Just a Buzzword Issue Anymore

Quantum computing may still require liquid nitrogen, but the quantum threat is already knocking. Lou and John discuss:

•Aptive’s call to action on post-quantum cryptography

•Signs of quantum decryption attempts in the wild

•Long-term implications for embedded systems, firmware, and legacy encryption

•The urgent need for organizations to inventory encryption dependencies

https://www.aptiv.com/en/insights/article/why-it-s-time-to-invest-in-quantum-cybersecurity 

10:43 - OpenAI Loses Out on Windsurf

The Windsurf acquisition saga gets messy:

•Microsoft’s IP entanglement derails OpenAI’s planned buyout

•Google DeepMind hires Windsurf’s top talent in a surprise pivot

•Cognition scoops up the remaining assets for integration with Devon

•A lesson in why talent acquisition sometimes matters more than the tech

https://techcrunch.com/2025/07/11/windsurfs-ceo-goes-to-google-openais-acquisition-falls-apart 

https://techcrunch.com/2025/07/14/cognition-maker-of-the-ai-coding-agent-devin-acquires-windsurf/ 

15:06 - Listener Feedback

Shoutout to YouTube commenter GFA_Basic32 who compared our AR glasses segment to Minority Report — and got John dreaming about ad-blocking Pie Hole for your face.

16:05 - Wrap Up

Thanks for tuning in! Got feedback or episode ideas? Reach out anytime:

📧 [email protected]

📣 @ITSPARCCast on X

🔗 https://www.linkedin.com/company/sparc-sales/ 

Follow the hosts:

John Barger

• @john_Video on X

• https://www.linkedin.com/in/johnbarger/ 

Lou Schmidt

• @loudoggeek on X

• https://www.linkedin.com/in/louis-schmidt-b102446/ 

Hosted on Acast. See acast.com/privacy for more information.

📄 Episode Description:

In this episode of IT SPARC Cast – CVE of the Week, John and Lou dive into a troubling situation involving SonicWall’s SMA 100 series firewalls. Despite devices being fully patched, active exploits are targeting one-time password seeds with stealthy malware like “OVERSTEP.” The malware modifies boot scripts, hides logs, steals credentials, and persists through reboots—leaving enterprise networks exposed without an effective patch in sight.

We break down known associated CVEs (including CVE-2021-20038, CVE-2024-38475, CVE-2021-20035, CVE-2021-20039, and CVE-2025-32819) and highlight the problematic nature of SonicWall’s response: telling customers to “just upgrade” without offering real mitigation. Whether you’re a SonicWall customer or an IT security leader assessing vendor risk, this episode serves as a wake-up call for how to handle (or not handle) active cyber threats.

⸻

🔗 Social Links:

IT SPARC Cast

@ITSPARCCast on X

IT SPARC Cast on LinkedIn

John Barger

@john_Video on X

John Barger on LinkedIn

Lou Schmidt

@loudoggeek on X

Lou Schmidt on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.

In this Hot Take episode of IT SPARC Cast, John Barger and Lou Schmidt unpack a mind-bending scenario that feels like it’s ripped straight from science fiction—but could it be closer than we think? With China claiming to sustain nuclear fusion for 30 minutes and targeting operational reactors by 2035, and the rapid rise of quantum computing and AI advancements, the stage is set for a technological revolution. John and Lou explore how fusion, quantum, AI, and space resources could combine to redefine energy, research, space exploration, and everyday life within the next decade.

What happens when scientists can compress years of research into days using Super AI? What breakthroughs could emerge in medicine, communications, and even space travel? The conversation touches on digital twins, ammonia production, energy independence, and the social disruption these changes could bring. This episode kicks off a multi-part discussion with YOUR feedback shaping where we go next.

⸻

🔗 Social Links:

IT SPARC Cast

@ITSPARCCast on X

SPARC Sales on LinkedIn

John Barger

@john_Video on X

John Barger on LinkedIn

Lou Schmidt

@loudoggeek on X

Lou Schmidt on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.

This week on IT SPARC Cast – CVE of the Week, John and Lou dive into one of the most critical vulnerabilities to ever hit enterprise wireless networks: CVE-2025-44957 and a cluster of related flaws targeting Ruckus Wireless’s Virtual SmartZone (VSZ) and Ruckus Network Director (RND). These platforms, which manage massive deployments of up to 10,000 access points, contain hardcoded secrets, default RSA keys, unauthenticated RCE flaws, and directory traversal exploits—all scoring up to CVSS 10.0.

With no patch currently available and Ruckus/CommScope silent, these vulnerabilities present a hair-on-fire moment for network administrators. The team breaks down what went wrong, what to do now, and why silence from the vendor is the worst possible response. If you’re running Ruckus infrastructure—or connecting to a network that is—you need to listen to this episode immediately.

⸻

Stay Connected with Us

IT SPARC Cast

🔗 @ITSPARCCast on X

🔗 SPARC Sales on LinkedIn

John Barger

🔗 @john_Video on X

🔗 John on LinkedIn

Lou Schmidt

🔗 @loudoggeek on X

🔗 Lou on LinkedIn

⸻

🔐 SEO Keywords: Ruckus CVE-2025-44954, CVE-2025-44955, CVE-2025-44957, CVE-2025-44958, CVE-2025-44960, CVE-2025-44961, CVE-2025-44962, CVE‑2025‑6243, CVE‑2025‑4496, Ruckus vulnerabilities 2025, hardcoded backdoor Ruckus, CVSS 10.0 wireless flaw, Ruckus Virtual SmartZone exploit, Commscope network security breach, enterprise WiFi security alert, zero-day in Ruckus management systems, IT SPARC Cast security podcast.

Hosted on Acast. See acast.com/privacy for more information.

In this of IT SPARC Cast - News Bytes, John and Lou explore the strange reality where human call center agents are now being mistaken for AI. They also break down the Linux Foundation’s adoption of the Agent to Agent Protocol (A2A), a potential game-changer in AI agent communication. And yes, someone built an ad blocker… for Snap Spectacles. It’s another week of tech headlines you don’t want to miss.

⸻

⏱️ Show Notes:

00:00 - Intro

Welcome back to IT SPARC Cast - News Bytes! John and Lou dive into the top tech stories of the week with a side of sarcasm.

00:56 - Call Center Workers Are Tired of Being Mistaken for AI

•Real people are now being confused for bots.

•Workers report customers asking if they are “real” during calls.

•Tech is blurring the line between human and machine interactions.

https://it.slashdot.org/story/25/06/28/1740215/call-center-workers-are-tired-of-being-mistaken-for-ai 

05:33 - Linux Foundation Adopts A2A Protocol

•The Linux Foundation embraces the A2A Protocol

•A2A offers a standard for multi-agent communication across LLMs.

•The duo compares A2A to Anthropic’s Model Context Protocol

•Could be the start of an interoperable AI ecosystem.

https://www.zdnet.com/article/linux-foundation-adopts-a2a-protocol-to-help-solve-one-of-ais-most-pressing-challenges/ 

11:18 - Ad Blocker For Snap Spectacles

•Yes, someone made an ad blocker for augmented reality glasses.

•Targets Snap Spectacles to cut down on AR-based visual noise.

•Raises big questions about future ad delivery in wearable tech.

https://www.uploadvr.com/real-world-ad-blocker-snap-spectacles/

14:44 - Wrap Up

We wrap with a few parting thoughts — and your weekly reminder to rate and review the show.

Follow and connect with us:

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/ on LinkedIn

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/ on LinkedIn

Lou Schmidt

@loudoggeek on X

https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.