Geek-Guy.com

Compliance, Global Security News, Risk Management

Socure Launch enables startups to deploy identity verification and fraud controls

Socure has announced Socure Launch, providing every organization with immediate access to industry tested, pre-built identity and fraud solutions. This marks a new era for Socure, providing startups an enterprise level of identity verification, fraud detection, and compliance decisioning. With Socure Launch, developers can instantly build on Socure’s RiskOS platform and move from account creation…

Read more →

AI, Compliance, Endpoint, Global Security News, Risk Management

SurePath AI Announces New MCP Policy Controls

Security and governance platform SurePath AI recently announced MCP Policy Controls to provide real-time controls over which MCP servers and tools are allowed to be used. MCP presents a new attack surface and security challenges These new controls are designed to assist organizations in adopting MCP, ensuring safety, visibility, and safeguards from day one. MCP…

Read more →

Cloud Security, Compliance, Global Security News

Zscaler enhances data sovereignty controls with regional processing and logging

Zscaler has expanded its data sovereignty capabilities globally, powered by the Zscaler Zero Trust Exchange cloud security platform. For global enterprises, the conflict between protecting data and enabling cross-border collaboration is a major compliance and business challenge to growth. Zscaler already operates 160+ data centers and is present in most countries. Its architecture is based…

Read more →

APAC, Global Security News

SOC Prime’s DetectFlow Enterprise moves threat detection to the data ingestion layer

SOC Prime has announced the release of DetectFlow Enterprise, a solution that brings real-time threat detection to the ingestion layer, turning data pipelines into detection pipelines. Running tens of thousands of Sigma detections on live Kafka streams with millisecond MTTD using Apache Flink, DetectFlow Enterprise enables security teams to detect, tag, enrich, and correlate threat…

Read more →

AI, Global Security News

Binary Defense’s NightBeacon brings AI-driven analysis to SOCs

Binary Defense has announced the launch of NightBeacon, an AI-powered security operations platform built directly into the company’s security operations center (SOC). NightBeacon serves as the intelligence infrastructure behind Binary Defense’s MDR service, supporting every analyst shift, detection, and investigation across the SOC. Customers benefit from an approximately 30% reduction in mean time to resolution,…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Network Security

Iran-Linked Hacktivists Claim Wiper Attack on Stryker Systems

A cyberattack has disrupted global operations at medical technology manufacturer Stryker, forcing employees in multiple countries offline and cutting access to core corporate systems.  The incident, which began March 11, triggered widespread outages across the company’s Microsoft environment and left staff temporarily unable to access internal applications and devices.  “When a company the size of…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to a breach. For years, the cybersecurity industry has focused on the front door of phishing…

Read more →

AI, Global Security News, Network Security

Atlassian cuts 1,600 jobs to fund AI and enterprise expansion

Atlassian will reduce its global workforce by approximately 10%, eliminating around 1,600 roles, as the collaboration software maker redirects capital toward artificial intelligence development and enterprise sales. Co-CEO and co-founder Mike Cannon-Brookes disclosed the cuts in a blog post. The decision, he said, was made to “self-fund further investment in AI and enterprise sales” while…

Read more →

AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management

MicroStealer Analysis: A Fast-Spreading Infostealer with Limited Detection 

Security teams depend on early signals to spot and contain new threats. But what happens when a fully capable infostealer spreads while traditional detections stay limited?  In recent investigations, ANY.RUN researchers observed MicroStealer in 40+ sandbox sessions in less than a month, despite low public visibility. Early activity points to distribution through compromised or impersonated accounts,…

Read more →

AI, Global Security News, Network Security, Risk Management

Saviynt Taps NEXTGEN, an Exclusive Networks Company, to Accelerate Digital Identity Security in Australia

COMPANY NEWS:    Collaboration strengthens Saviynt’s partner-first strategy as AI-driven identity risk builds across the APJ region Key Highlights: Saviynt will broaden access to AI-ready identity security for organisations navigating growing digital risks NEXTGEN will help scale Saviynt’s partner ecosystem across APJ, enabling faster adoption of identity-centric security in the AI era 

Read more →

AI, Global Security News, malware, Network Security

North Korean fake IT worker tradecraft exposed

Research from GitLab has exposed the latest tradecraft behind North Korean fake IT worker scams. GitLab banned 131 North Korean-attributed accounts last year, most of which involved JavaScript repositories that acted as resources in the so-called Contagious Interview campaign. In most cases, GitLab projects acted as obfuscated loaders for malware payloads — such as BeaverTail…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance

ENISA’s first Technical Advisory on Secure Package Managers helps developers safely use third-party packages. ENISA has released its first Technical Advisory on Package Managers, focusing on how developers can safely consume third-party packages. The document (March 2026, v1.1) follows public feedback incorporating 15 contributions from stakeholders, experts, and the open-source community. “This document focuses on…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in n8n to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an n8n flaw, tracked as CVE-2025-68613 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. n8n is a workflow automation platform designed for technical teams that combines the…

Read more →

AI, Global Security News

Codoxo’s Deepfake Detection identifies AI-generated medical records for health plans

Codoxo has announced the launch of Deepfake Detection, an AI-driven fraud detection tool now being deployed by health plans across the U.S. The solution helps identify AI-generated or manipulated medical documentation and diagnostic images submitted in support of claims before payment is made. Healthcare fraud is already a multibillion-dollar problem, and generative AI is turning…

Read more →

AI, APAC, Global Security News

SOC Prime Launches DetectFlow Enterprise To Enhance Security Data Pipelines with Agentic AI

BOSTON, MA — March 12, 2026 — SOC Prime today announced the release of DetectFlow Enterprise, a solution that brings real-time threat detection to the ingestion layer, turning data pipelines into detection pipelines. Running tens of thousands of Sigma detections on live Kafka streams with millisecond MTTD using Apache Flink, DetectFlow Enterprise enables security teams…

Read more →

Cybersecurity, Global Security News, malware

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to full-fledged remote administration tools such as SURXRAT. PixRevolution, according to

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

AI use is changing how much companies pay for cyber insurance

In July 2025, McDonald’s had an unexpected problem on the menu, one involving McHire, its AI-powered platform used to recruit and screen job applicants. The system, developed by Paradox.ai, featured a rookie-level security flaw: the backend for restaurant operators accepted “123456” as both username and password, and lacked multi-factor authentication. As a result, the personal…

Read more →

AI, Cybersecurity, Global Security News, Network Security

Stop fixing OT security with IT thinking

In this Help Net Security interview, Ejona Preçi, Group CISO at Lindal Group, discusses the specific cybersecurity challenges in manufacturing environments. The conversation covers why standard IT security practices break down on shop floors, where PLCs and decade-old firmware were never designed to be networked. She explains how nation-state actors quietly settle into industrial networks,…

Read more →

AI, Endpoint, Global Security News, malware

“Zombie ZIP”: Neue Angriffstechnik täuscht Virenscanner

Mithilfe sogenannter Zombie-ZIPs lassen sich fast alle Virenscanner austricksen. Pressmaster | shutterstock.com Eine neue Technik mit dem Namen „Zombie ZIP“ ist in der Lage, Payloads in komprimierten Dateien zu verbergen. Sicherheitslösungen wie Antiviren- und EDR-Produkte (Endpoint Detection and Response) können sie nicht entdecken, denn die digitalen Untoten wurden speziell geschaffen, um die Security zu umgehen.…

Read more →

AI, Global Security News

Agentic attack chains advance as infostealers flood criminal markets

Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data collected from criminal forums, illicit marketplaces, and underground chat services shows a threat environment where stolen identity data, unpatched vulnerabilities, and ransomware operations are interdependent. The findings come from Flashpoint’s…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 (CVSS score: 9.9), concerns a case of expression injection that leads to remote code execution. The security shortcoming was patched

Read more →

AI, Data Breaches, Global Security News, Network Security

Bell Ambulance data breach impacted over 238,000 people

Bell Ambulance confirms a February 2025 breach affecting 238,000 people, exposing personal, financial, and health information. Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers,…

Read more →

AI, Compliance, Cybersecurity, Global Security News

Wie CISOs schlechte Angebote enttarnen

Drum prüfe… Ground Picture | shutterstock.com Security-Anbietern stehen viele Wege offen, um CISOs und Sicherheitsentscheider mit Lobpreisungen und Angeboten zu ihren jeweils aktuellen Produkten und Lösungen zu penetrieren. Und die nutzen sie auch: Manche Sicherheitsverantwortliche erhalten mehr als 30 solcher Anfragen pro Woche – per Telefon, E-Mail oder auch über LinkedIn. Um erkennen zu können,…

Read more →

AI, Cybersecurity, Data Breaches, Data Security, Exploits, Global Security News, Network Security, Risk Management

When your IoT Device Logs in as Admin, It?s too Late! [Guest Diary], (Wed, Mar 11th)

[This is a Guest Diary by Adam Thorman, an ISC intern as part of the SANS.edu BACS program] Introduction Have you ever installed a new device on your home or company router? Even when setup instructions are straightforward, end users often skip the step that matters most: changing default credentials. The excitement of deploying a…

Read more →

Cybersecurity, Global Security News

Smashing Security podcast #458: How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn’t stirred since 2024 – and within minutes, giant woodpecker images are plastered across the internet’s favourite encyclopaedia. Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it – and…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, privacy

How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn’t stirred since 2024 – and within minutes, giant woodpecker images are plastered across the internet’s favourite encyclopaedia. Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it – and…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Government & Policy, malware, Risk Management

Resumés with malicious ISO attachments are circulating, says Aryaka

Threat actors are still having success tricking human resources staff into opening malware-infected phishing emails. The latest example is detailed by researchers at Aryaka, who this week described a campaign by an unnamed threat actor who is distributing resumés containing a malicious ISO file to HR departments. It’s delivered through recruitment channels, and hosted on…

Read more →

china, Global Security News

MG IM5 & IM6 vs Zeekr 7X: Two high-end Chinese EVs redefining premium and quietly challenging Tesla’s dominance

China’s next wave of electric vehicles has arrived in Australia. Unlike early value-focused entrants, these cars aren’t trying to be cheap alternatives to Tesla; they’re trying to be better with tech-heavy luxury-leaning EVs packed with innovation, aggressive pricing, and design philosophies that diverge sharply from Tesla’s minimalist approach.

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, Network Security

CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that an authentication bypass vulnerability patched in Ivanti Endpoint Manager (EPM) last month is now being exploited in the wild. The agency has also updated its directive related to two Cisco Catalyst SD-WAN flaws that were also fixed last month after being used in zero-day…

Read more →

AI, APAC, Cybersecurity, Funding, Global Security News, Venture

News alert: Qevlar AI raises $30M to turn security alerts into actionable defense insights across SOCs

PARIS, March 10, 2026 — Qevlar AI, a leader in AI for transforming security operations centres (SOCs), has raised $30 million in funding for its autonomous AI SOC platform. The funding will support development of technology designed to turn alert investigations into security insights that help SOC teams strengthen their overall security posture. The round…

Read more →

AI, Global Security News, Government & Policy, malware, Network Security

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

Pro-Palestinian hacktivist group Handala claims a cyberattack on Stryker, alleging it wiped 200,000 systems and disrupted global operations. Pro-Palestinian hacktivist group Handala claims responsibility for a disruptive cyberattack against medical technology firm Stryker. “Medical technology giant Stryker is experiencing a global outage across its systems after a cyberattack early Wednesday. Staff and contractors report that…

Read more →

AI, Global Security News, Government & Policy, Risk Management

Anthropic announces think tank to examine AI’s effect on economy and society

Fresh from battling the US Department of Defense (DoD) over AI guardrails, Anthropic has returned this week with a new initiative: the company is founding a think tank, the Anthropic Institute, “to confront the most significant challenges that powerful AI will pose to our societies.” Headed by Anthropic co-founder Jack Clark, who will take up…

Read more →

AI, Apps, Global Security News, Government & Policy, malware

BeatBanker malware targets Android users with banking Trojan and crypto miner

BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called BeatBanker spreads through fake Starlink apps distributed on websites posing as the Google Play Store. Once installed, it hijacks devices, steals login credentials, tampers with cryptocurrency transactions, and secretly…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Microsoft SQL Server Vulnerability Enables Privilege Escalation

A vulnerability in SQL Server could allow attackers to escalate their privileges to system administrator level within affected database environments.  “Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network,” said Microsoft in their security advisory. Understanding CVE-2026-21262 The vulnerability, tracked as CVE-2026-21262, carries a CVSS score of 8.8…

Read more →

AI, Data Breaches, Global Security News

ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites

Salesforce customers have, once again, been targeted by the ShinyHunters group – or, at least, it’s what the group claims. Attackers modified and abused benign tool On Saturday, Saleforce confirmed that its security team has identified an attack campaign by unnamed malicious actors looking to access customers’ data. The attackers are not leveraging a vulnerability…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Microsoft .NET Vulnerability Enables Remote DoS Attacks

Microsoft has released a security update to address a vulnerability in the .NET platform that could allow attackers to remotely crash affected applications.  The flaw enables unauthenticated attackers to trigger a Denial-of-Service (DoS) condition, potentially causing applications or services running on vulnerable .NET environments to become unavailable.  Exploitation of the vulnerability “… allows an unauthorized…

Read more →

AI, Global Security News

Researchers uncover AI-powered vishing platform

A vishing-as-a-service platform that helps scammers carry out so-called “press 1” scams is misusing text-to-speech (TTS) capabilities provided by AI voice technology company ElevenLabs, Mirage Security researchers claim. How “press 1” vishing scams work For “press 1” scams, fraudsters spoof phone numbers of trusted institutions (e.g., bank), call up potential victims and try to scare…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Network Security, Politics

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at…

Read more →

AI, Cybersecurity, Global Security News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The vulnerabilities are listed below – CVE-2026-27577 (CVSS score: 9.4) – Expression sandbox escape leading to remote code execution (RCE) CVE-2026-27493 (CVSS score: 9.5) – Unauthenticated

Read more →

AI, Compliance, Data Security, Global Security News

Fortanix helps enterprises build resilience with multi-sourced quantum entropy

Fortanix announced a new multi-sourced quantum entropy capability within Fortanix Data Security Manager (DSM), enabling enterprises to diversify encryption key generation at the origin of trust. Through partnerships with Qrypt and Quantum Dice, Fortanix integrates independent, physics-based quantum entropy sources directly into its key management workflows, enabling compliance requirements that require multiple entropy sources and…

Read more →