Geek-Guy.com

Tag: agencies

AI, Cybersecurity, Global Security News, Government & Policy, Network Security, Risk Management

White House charts new course for federal agencies and cybersecurity logging

The White House has updated rules for federal agencies to keep logs of significant cyber activities in their networks, touting it as a measure to cut back on red tape and focus on how cybersecurity risks have evolved. The Office of Management and Budget memorandum, released Friday, replaces a 2021 memo signed by then-President Joe…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Russia

Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukrainian government organizations. This time the lure is Prometheus, a legitimate Ukrainian online learning platform that many government employees actually use. Using…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

White House cyber official: identity security matters more than ever in the age of AI

As AI becomes more integrated into federal IT (and attacker toolsets) government agencies will need to focus their resources on regulating and monitoring the identities that access their network, a top White House cybersecurity official said Thursday. Nick Polk, branch director for federal cybersecurity in the Executive Office of the President, said that while AI…

Read more →

AI, Cybersecurity, Europe, Global Security News, Government & Policy, Risk Management

Major world economies spell out key elements of AI ‘ingredients list’

A group of international government agencies released guidance Tuesday on what they believe any artificial intelligence “ingredients list” tool should include to make AI more secure. The concept of such a list, known as a “software bill of materials (SBOM),” is to know everything that goes into a particular piece of software so that any…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, Network Security, Risk Management

US government, allies publish guidance on how to safely deploy AI agents

Cybersecurity agencies from the United States, Australia, Canada, New Zealand and the United Kingdom jointly published guidance Friday urging organizations to treat autonomous artificial intelligence systems as a core cybersecurity concern, warning that the technology is already being deployed in critical infrastructure and defense sectors with insufficient safeguards. The guidance focuses on agentic AI —…

Read more →

AI, china, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Risk Management

A dozen allied agencies say China is building covert hacker networks out of everyday routers

U.S. and international government agencies warned Thursday about a “widespread shift” in Chinese hacker methods toward the use of large-scale covert networks that compromise common devices to carry out a variety of attacks. The advisory details how those networks work, and defensive steps organizations should take. “Over the past few years there has been a…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Russia, Venture

The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops

On April 7, six US government agencies issued a critical advisory warning domestic private sector organizations of potential infrastructural cyberattacks conducted by Iranian-affiliated Advanced Persistent Threat (APT) actors. The advisory stops short of attributing these threats to a single group but makes reference to 2023 attacks on US water and wastewater facilities linked to the…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware, Network Security

Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites

As the US and Iran agreed to a ceasefire on Tuesday, six US federal agencies have warned that Iran-affiliated threat actors have compromised internet-exposed programmable logic controllers at critical infrastructure facilities in the US. The attacks, which the agencies linked to escalating hostilities between Iran and the US and Israel, targeted Rockwell Automation and Allen-Bradley…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, Network Security

Iranian cyber activity hits US energy, water, and government networks

U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, across multiple critical infrastructure sectors. The activity has been attributed to Iranian-affiliated APT actors seeking to disrupt operations in the United States. Disruptions across critical sectors The advisory, issued by…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers are targeting internet-exposed Rockwell/Allen-Bradley PLCs used in critical infrastructure. The agencies published a joint advisory involving multiple federal organizations. “Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Funding, Global Security News, Government & Policy, Network Security, Risk Management

2027 POTUS Budget Proposal Targets CISA With Funding Cuts

A federal budget proposal is putting one of the nation’s top cybersecurity agencies on the chopping block, raising alarms about the U.S. government’s readiness to defend against escalating digital threats.  The administration’s fiscal 2027 budget blueprint would reduce funding for the Cybersecurity and Infrastructure Security Agency (CISA), continuing a trend of cuts that could reshape…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Politics

ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review

A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps that have undergone a cybersecurity review and more, the Office of the Director of National Intelligence announced Thursday. An unclassified summary of cyber and…

Read more →

Cybersecurity, Exploits, Global Security News, Government & Policy

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild. The vulnerabilities in question are as follows – CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting

Read more →

AI, Compliance, Cybersecurity, Global Security News, Network Security, Politics

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at…

Read more →

AI, Global Security News, Network Security

Europol goes after The Com’s ransomware and extortion networks

Law enforcement agencies across 28 countries have spent the past year building cases against a loosely organized collective known as The Com, a decentralized network of mostly teenagers and young adults linked to high-profile ransomware attacks, financial extortion, and the coercion of vulnerable children. Europol announced the first operational results of Project Compass, reporting 30…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Five Eyes issue emergency directive on exploited Cisco SD-WAN zero-day

Cybersecurity agencies across the Five Eyes alliance have issued an emergency directive warning that a critical Cisco SD-WAN vulnerability is being actively exploited to gain unauthorized access to federal networks. Officials confirmed that threat actors are targeting core SD-WAN control systems —infrastructure that manages traffic across government and enterprise networks — and urged organizations to…

Read more →

AI, Breaking News, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Government & Policy, hacking, hacking news, intelligence, Security

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts. Dutch authorities said cyberattacks hit the Dutch Data Protection Authority and the Council for the Judiciary after hackers exploited newly disclosed flaws in Ivanti Endpoint Manager Mobile (EPMM). The incidents were reported to parliament, and…

Read more →

Endpoint, Exploits, Global Security News

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

The Netherlands’ Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country’s parliament on Friday. “On January 29, the…

Read more →

AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Endpoint, Europe, Exploits, Global Security News, Government & Policy, ivanti, known exploited vulnerabilities (KEV), network edge devices, Threats

Fallout from latest Ivanti zero-days spreads to nearly 100 victims

Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed late January after in-the-wild attacks already occurred. The Netherlands’ Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti…

Read more →

AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Endpoint, Europe, Exploits, Global Security News, Government & Policy, ivanti, known exploited vulnerabilities (KEV), network edge devices, Threats

Fallout from latest Ivanti zero-days spreads to nearly 100 victims

Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed late January after in-the-wild attacks already occurred. The Netherlands’ Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti…

Read more →

AI, Breaking News, Compliance, Cybersecurity, edge network devices, Global Security News, Government & Policy, hacking, hacking news, Network Security, Risk Management, Security

CISA pushes Federal agencies to retire end-of-support edge devices

CISA ordered U.S. federal agencies to improve management of edge network devices and replace unsupported ones within 12–18 months. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) instructed U.S. federal civilian agencies to strengthen how they manage edge network devices throughout their lifecycle. According to Binding Operational Directive 26-02, Mitigating Risk From End-of-Support Edge Devices, agencies must…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Endpoint Protection, Network Security, Security, Exploits, Global Security News, malware, Network Security, Risk Management

CISA gives federal agencies 18 months to purge unsupported edge devices

The Cybersecurity and Infrastructure Security Agency has given federal agencies 18 months to remove all end-of-support edge devices from their networks, escalating its response to what security researchers describe as a fundamental shift in nation-state attack tactics, where attackers exploit network infrastructure rather than endpoints. The binding operational directive, BOD 26-02, requires Federal Civilian Executive…

Read more →

AI, Compliance, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Government, Network Security, Policy, Politics, privacy, Risk Management

CISA tells agencies to stop using unsupported edge devices

A Cybersecurity and Infrastructure Security Agency order published Thursday directs federal agencies to stop using “edge devices” like firewalls and routers that their manufacturers no longer support. It’s a stab at tackling one of the most persistent and difficult-to-manage avenues of attack for hackers, a vector that has factored into some of the most consequential…

Read more →

AI, APT, china, Cyber warfare, Exploits, Global Security News, Government & Policy, hacking, intelligence, malware

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Dragon, carried out cyber-espionage campaigns in 2025 targeting government and law enforcement agencies across Southeast Asia. The activity is linked to the APT41 ecosystem and affected countries including Thailand, Indonesia, Singapore, and…

Read more →