Geek-Guy.com

Heightened Cyber Threat from Iran Sparks Urgent Calls for Vigilance and Mitigation

Following last week’s U.S. airstrikes targeting Iranian nuclear sites, cybersecurity experts and government officials are now warning of a possible digital retaliation, a surge in cyber threats originating from Iran. On June 22, the Department of Homeland Security (DHS) issued a National Terrorism Advisory System Bulletin warning of a “heightened threat environment” in the United..…

Russian court releases several REvil ransomware gang members

Four members of the notorious cybercriminal group REvil were found guilty of financial fraud and computer crimes targeting primarily American victims, but were released after a Russian court determined their sentence would amount to time already served. The four men — Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotayev — all admitted guilt and…

Microsoft’s new genAI model to power agents in Windows 11

Microsoft is laying the groundwork for Windows 11 to morph into a genAI-driven OS. The company on Monday announced a critical AI technology that will make it possible to run generative AI (genAI) agents on Windows without Internet connectivity. Microsoft’s small language model, called Mu, is designed to respond to natural language queries within the…

LinuxFest Northwest: Applying The Hybrid Threat Modeling Method

Author/Presenter: Chris Beckman (Principal Security Engineer At Taxbit) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…

Simbian Advances the AI Frontier With Industry’s First Benchmark for Measuring LLM Performance in the SOC

Simbian’s approach offers a new blueprint for how to evaluate and evolve AI for real-world use, without losing sight of the human element.   The post Simbian Advances the AI Frontier With Industry’s First Benchmark for Measuring LLM Performance in the SOC appeared first on Security Boulevard.

Coffee with the Council Podcast: Meet This Year’s North America Community Meeting Keynote Speaker, Reed Timmer

  This episode of Coffee with the Council is brought to you by our podcast sponsor, Feroot. Welcome to our podcast series, Coffee with the Council. I’m Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. Today, I am so excited to bring you a sneak peek interview with PCI…

Blackpoint Cyber Names Gagan Singh CEO, Murchison Stays On

Security platform provider Blackpoint Cyber is appointing Gagan Singh as CEO, as Jon Murchison transitions to the role of Executive Chairman. BlackPoint Cyber tours change as a signal of ongoing transformation The company says the duo will lead Blackpoint through its next transformation phase, including international expansion, the recently launched CompassOne platform, go-to-market strategy, and…

Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content

Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place. “Unlike traditional jailbreaks that rely on adversarial phrasing or character obfuscation, Echo Chamber weaponizes indirect references, semantic

TEKsystems Global Services Exec on AWS Designation & Demand

TEKsystems and its global services arm boast 80,000 team members and support over 6,000 customers—including 80% of the Fortune 500—across North America, Europe, and Asia. TEKsystems Global Services (TGS) recently announced the latest in a slew of AWS partner designations as it supports AI-enabled customer service and experience needs. AWS Service Delivery Designation added to…

AI, cybersecurity, and quantum computing shape UK’s new 10-year economic plan

Artificial intelligence, quantum computing and cybersecurity are “frontier technologies” the UK government plans to prioritize as part of its blueprint to overhaul the nation’s economy and industries over the next decade. That’s according to its long-awaited industrial strategy policy paper and a separate plan going into more detail on digital and other technologies. It would…

The SAVE database was already a headache for states. Now it’s fueling Trump’s voter fraud allegations.

Just under three weeks after being elected to his first term as president of the United States, Donald Trump took to Twitter to claim he’d been cheated.  While he had won the office through his strength in the electoral college, Trump wanted to make something clear: he also believed he’d won the popular vote “if…

DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes

The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a “heightened threat environment” in the country, the Department of Homeland Security (DHS) said in…

Deep Fake Detection: Safeguarding Digital Media Authenticity in an AI-Generated World

In this post, I will discuss deep fake detection. This will help you in safeguarding digital media authenticity in an AI-generated world. The emergence of deepfake technology represents one of the most significant challenges to digital media authenticity in the modern era. As artificial intelligence becomes increasingly sophisticated, the ability to create convincing fake videos,…

MCP-Bug bei Asana könnte Unternehmensdaten offengelegt haben

CISOs mit einem MCP-Server von Asana in ihrer Umgebung sollten ihre Protokolle und Metadaten auf Datenlecks überprüfen. Shutter z – shutterstock.com Die Software-as-a-Service-Plattform Asana zählt zu den beliebtesten Projektmanagement-Tools in Unternehmen. Der Anbieter gab kürzlich bekannt, dass sein MCP-Server (Model Context Protocol) vorübergehend aufgrund eines Bugs offline genommen wurde. Der Server war allerdings bereits nach…

McLaren Health Care data breach impacted over 743,000 people

The ransomware attack that hit McLaren Health Care in 2024 exposed the personal data of 743,000 individuals. McLaren Health Care is notifying over 743,000 people of a data breach discovered on August 5, 2024. McLaren discovered suspicious activity on its and Karmanos Cancer Institute’s systems on August 5, 2024, revealing a data breach incident. McLaren…

DHS: Retaliatory Iranian cyberattacks against US likely after nuclear site strikes

U.S. networks were noted by the Department of Homeland Security to potentially be subjected to cyberattacks by Iranian state-sponsored threat groups and pro-Iranian hacktivist operations following President Donald Trump’s directive to strike three Iranian nuclear sites on Saturday amid escalating tensions between Iran and Israel, reports Nextgov/FCW.

XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stage procedure to deploy the malware, French cybersecurity company HarfangLab said. XDSpy is…

GitHub’s AI billing shift signals the end of free enterprise tools era

GitHub began enforcing monthly limits on its most powerful AI coding models this week, marking the latest example of AI companies transitioning users from free or unlimited services to paid subscription tiers once adoption takes hold. “Monthly premium request allowances for paid GitHub Copilot users are now in effect,” the company said in its update…

Okta Introduces Cross App Access to Secure AI Agents in Enterprise

Okta Inc. on Monday said it has created a new protocol to secure artificial intelligence (AI) agents to bring visibility, control and governance to agent-driven and app-to-app interactions. The Cross App Access platform is especially important as more AI tools use protocols like Model Context Protocol (MCP) to connect their AI learning models to important..…

Turning evasion into detection: Varonis Jitter-Trap redefines beacon defense

Organizations may soon be able to detect in real time stealthy “beacons,” like Cobalt Strike, Silver, Empire, Mythic, and Havoc. Varonis Threat Labs has unveiled Jitter-Trap, a clever new technique that claims to exploit attackers’ own dodgy tactics against them, detecting the randomness cybercriminals use to stay hidden. “Leveraging the randomness (jitter) that threat actors…

American steel giant Nucor confirms data breach in May attack

American steel giant Nucor confirms hackers stole data in a May cyberattack, following its earlier disclosure of the incident. Nucor, North America’s largest steel maker, confirmed hackers stole some data in a May cyberattack, following its earlier disclosure of the incident. Nucor Corporation (NYSE: NUE) is a major American steel company headquartered in Charlotte, North Carolina.…

TikTok-style bite-sized videos are invading enterprises

The TikTok-ification of the corporate world is well under way, as more companies turn to video snippets to communicate information to employees and customers. But when it comes to user- and AI-generated content, the rules are different for companies than for casual TikTok or Instagram users — and enterprises need to move cautiously when implementing…

Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. “Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections

Despite its ubiquity, RAG-enhanced AI still poses accuracy and safety risks

Retrieval-Augmented Generation (RAG) — a method used by genAI tools like Open AI’s ChatGP) to provide more accurate and informed answers — is becoming a cornerstone for generative AI (genAI) tools, “providing implementation flexibility, enhanced explainability and composability with LLMs,” according to a recent study by Gartner Research. And by 2028, 80% of genAI business…

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M–£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between £270M and £440M. In early May, the attackers behind…

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes’ Data from Saudi Games

Cyber Fattah leaked thousands of records on athletes and visitors from past Saudi Games, per U.S.-based cybersecurity firm Resecurity. Resecurity (USA) identified the threat actors associated with the “Cyber Fattah” movement leaked thousands of records containing information about visitors and athletes from past Saudi Games, one of the major sports events in the Kingdom. The…

Deepgram Introduces Enterprise-Ready Voice Agent API

Voice AI platform for enterprise use cases, Deepgram, is making its Voice Agent API, a single, unified voice-to-voice interface, generally available. Voice-first AI agents: why Deepgram thinks the future lies in speech-to-text solutions The interface enables developers to have complete control over building context-aware voice agents to power natural, responsive conversations. The Voice Agent API…

16 Milliarden Zugangsdaten im Netz stammen von “Datenhalde”

Die offengelegten Zugangsdaten sollen von einer “Datenhalde” stammen. U-STUDIOGRAPHY DD59 – shutterstock.com Bei dem angeblichen riesigen Datenleck, bei dem 16 Milliarden Zugangsdaten zu Apple, Facebook, Google und anderen Anbietern in falsche Hände geraten seien sollen, handelt sich nach Einschätzung von Cybersicherheitsexperten nicht um einen aktuellen Sicherheitsvorfall. “Wir gehen davon aus, dass es sich um ältere…

10 tough cybersecurity questions every CISO must answer

As CISOs gain stature and responsibility, the top security role only gets more demanding. In addition to having to continuously evaluate their security postures to determine what adjustments to make to adequately protect their organizations, today’s CISOs must align with the business in ways that enforce key business objectives — and bring questions and tradeoffs…

Threat Casting a Nation State Attack on Critical Infrastructure Scenario at CognectCon2025

During exercises at CognectCon2025 a number of cyberattack scenarios were discussed that highlighted the risks of cyber attackers leveraging cognitive vulnerabilities to cause major impacts to nation critical infrastructures. This video is a short report-out on one such possible scenario, before we began discussing how to prevent, detect, and respond to such an event. In…

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying…

Feel Reassured with Advanced Secrets Scanning Technologies

Are You Ready for the Future of Cybersecurity? Cybersecurity is not just about human identities anymore. A rising segment of digital focuses on non-human identities (NHIs) – a crucial feature in any contemporary cybersecurity strategy. But what are NHIs, and why should we be paying attention to them? Navigating the Landscape of Non-Human Identities A…

Scattered Spider Targets Aflac, Other Insurance Companies

The prolific Scattered Spider threat group, which recently targeted U.S. and UK retailers in a series of attacks, is now turning its attention to the insurance industry and appears to have landed a big victim in Aflac after compromising networks and systems of the Philadelphia Insurance and Erie Insurance companies. The post Scattered Spider Targets…

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet   Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan  Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion  Anubis: A…

Crayon Unveils the Next Generation of its Cloud-iQ Platform

Crayon, a global leader in IT services and innovation, has announced the APAC-wide rollout of its upgraded Cloud-iQ platform experience, marking a decisive shift away from its previous versions of Cloud-iQ and PRISM systems. This move consolidates Crayon’s partner operations under one global platform, designed to future-proof cloud procurement, simplify license management, and deliver intelligent…

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses…

16 Billion Leaked Records May Not Be a New Breach, But They’re a Threat

Cybernews researchers reported that since the beginning of the year, they’ve detected 30 datasets containing 16 billion stolen credentials exposed on the internet, most of which had not been previously recorded and represent a massive trove of records that can be used in ransomware, phishing, BEC, and other attacks. The post 16 Billion Leaked Records…

WordPress Appliance - Powered by TurnKey Linux