Guardsquare will present at NAB Show Las Vegas on Monday, April 20, in the Tech Chat Theater at the Las Vegas Convention Center. In a session titled “When Your Streaming App Is the Attack Surface: Stopping Piracy at the Source,” Guardsquare will examine how attackers increasingly target mobile streaming applications to bypass traditional content protection controls.
WHAT: Guardsquare Tech Chat Session at NAB Show Las Vegas
WHEN: Monday, April 20, 2026 | 2:00 – 2:30 PM
WHERE: Tech Chat Theater (W1242), West Hall, Las Vegas Convention Center
Streaming platforms have invested heavily in DRM, watermarking, and backend protections to safeguard premium content. Yet piracy and revenue abuse continue to grow, often without attackers ever touching the video stream itself. Instead, attackers increasingly target the mobile app through repackaged binaries, modified playback logic, credential harvesting, and direct API abuse.
During this Tech Chat session, Amanda Sutliff, Director of Product Marketing at Guardsquare, will explore how attackers manipulate client-side applications to bypass traditional protections and how media and streaming providers can close this gap by protecting app integrity, detecting runtime abuse, and validating trust before content is delivered.
“Streaming providers have invested heavily in protecting the stream, but attackers increasingly exploit the mobile app itself,” said Sutliff. “By protecting app integrity and detecting tampering at runtime, streaming platforms can stop piracy earlier in the attack chain while preserving the viewer experience.”
In addition to the presentation, Guardsquare will be exhibiting at Booth #W1459 during NAB Show 2026. For more information about the event, visit https://www.nabshow.com/las-vegas/.
April Patch Tuesday Commentary From Fortra
Posted in Commentary with tags Fortra on April 14, 2026 by itnerdBy Tyler Reguly, Associate Director, Security R&D, Fortra
With 165 Microsoft CVEs and another 82 non-Microsoft CVEs combining for a total of 247 CVEs, I can’t help but wonder who angered Microsoft this month. Here’s hoping that admins everywhere are well hydrated with snacks available because I feel like this mess will take a few days to fully detangle.
There are two vulnerabilities that Microsoft has called out as either exploited or disclosed. The first, CVE-2026-32201, is a spoofing vulnerability in Microsoft SharePoint that is seeing active exploitation. SharePoint can definitely be one of the harder systems to patch and maintain, so admins are going to want to pay close attention to this one. The second is CVE-2026-33825, an elevation of privilege vulnerability in Microsoft Defender, which Microsoft has listed as publicly disclosed. This appears to be the BlueHammer vulnerability that everyone was talking about, which Fortra has written about in detail.
Two things caught my attention this month.
The first is that there are 19 vulnerabilities listed as Exploitation More Likely. In the first quarter of the year, we saw 20 vulnerabilities listed as Exploitation More Likely and now, in a single month, we’re seeing only one less than that total. That is something to pay attention to, especially given the nature of the services affected.
The second is a pair of TCP/IP vulnerabilities. It is rare that you see a truly remote TCP/IP vulnerability these days and that’s exactly what CVE-2026-33827 is… unauthorized, network-based code execution against IPv6. The attack complexity is listed as high because the vulnerability is based on a race condition as well as “additional actions”, as Microsoft calls it, but it is still impressive to see these vulnerabilities identified in 2026.
Based on acknowledgements, the team that found the TCP/IP vulnerability, WARP & MORSE team at Microsoft, also found this month’s only CVSS 9.8 vulnerability. Microsoft has labeled it as Exploitation Less Likely, but it is the infamous network remote code execution vulnerability. In this case, Internet Key Exchange (IKE) v2 is impacted and a remote attacker could trigger remote code execution. Importantly here, we’re not talking about the fake remote code execution that Microsoft uses for Office documents and similar, we’re talking about a legitimate, over the network remote code execution.
For CISOs this month, I’d be more worried about the sheer quantity of items that admins are having to review. There are a lot of CVEs and a lot of one-offs that we don’t normally see. While Windows update and automatic updates for some applications will take care of a lot of the heavy lifting here, there’s still testing that is required before deploying updates this large. Additionally, with the likes of .NET, SharePoint, and SQL Server, there’s always the potential for difficult patches and/or version incompatibility that may crop up during testing.
Patience is going to be a keyword this month, followed very quickly by resourcing. Massive patch drops like this and the conversation around next-gen LLMs means that we need to be aware of the pressure on our teams and the amount of work they are expected to complete. If you still see your security teams as a cost centre, it is time to start rethinking that and looking at the value they bring to protecting your data and your systems. Large patch drops mean that you really need to review your teams to ensure they are adequately resourced.
Leave a comment »