Geek-Guy.com

Tag: detection

AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Release Notes: Decision-Ready SOC Reporting, Elastic Security Integration, and 1400+ Threat Coverage Updates

Security leaders are under growing pressure to reduce the time between threat detection and response without adding more complexity to already overloaded SOC workflows. ANY.RUN’s May updates help teams act on security risks more efficiently, improve consistency across investigations, and maintain stronger protection as attacker tactics continue to evolve. Discover the updates your team can…

Read more →

AI, Global Security News

Critical Start expands MDR capabilities with multi-agent AI system

Critical Start has released SOC AI, a production-proven multi-agent framework powering its AI-led Managed Detection and Response (MDR). SOC AI coordinates ten specialized agents across the full alert investigation and response lifecycle, covering detection, triage, response, threat hunting, and continuous improvement. Each agent operates with a discrete function, a defined scope, and a complete audit…

Read more →

AI, Europe, Global Security News, Network Security, Risk Management

ExtraHop, Ignition Bring Agentic SOC Push to North America

ExtraHop, a modern network detection and response (NDR) provider, has expanded its partnership with Ignition, operating under Exclusive Networks, in North America. Providing the ‘definitive’ intelligence layer for SOCs According to ExtraHop, the expanded partnership with Exclusive Networks will make its NDR platform “more accessible than ever,” giving organizations real-time network traffic insights to strengthen…

Read more →

AI, APAC, Compliance, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Risk Management

How Can MSSPs Scale Threat Detection Without Burning Out Their Analysts?

Scaling threat detection as an MSSP doesn’t mean hiring more analysts — it means enabling the analysts you already have to handle more clients, more alerts, and more complex threats without burning out. The practical path forward combines three capabilities: continuous real-time intelligence that keeps detection systems current automatically, instant IOC investigation that cuts triage…

Read more →

AI, Cybersecurity, Global Security News

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check

McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is available to anyone, without requiring a McAfee or ChatGPT subscription. It combines conversational AI with McAfee’s cybersecurity intelligence to help users evaluate potentially dangerous content such as messages, emails,…

Read more →

AI, Global Security News

Cofense adds AI-powered campaign detection to stop phishing attacks

Cofense has announced new advancements to its Phishing Defense Platform aimed at improving detection and response to AI-powered phishing attacks. The updates include AI-driven phishing detection, enhanced triage automation, and AI-assisted training campaign creation designed to strengthen protection across the phishing lifecycle. Phishing threats are no longer one-off emails. Attackers launch coordinated, polymorphic campaigns that…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management

ThreatDown Expands Into Identity Security With ITDR Platform

ThreatDown on Tuesday announced the launch of its new Identity Threat Detection and Response (ITDR) platform, designed to help organizations detect and respond to attacks targeting user identities and credentials after authentication. The California-based cybersecurity vendor said the product is built to monitor suspicious identity activity across hybrid environments, including Microsoft Entra ID, Okta, and…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Risk Management

AI Agents Are Creating a New Cybersecurity Blind Spot

The cybersecurity industry has spent years focusing on visibility. Dashboards expanded. Detection tooling improved. Telemetry volumes exploded. Yet one of the biggest emerging risks in 2026 is not hidden malware or an unknown zero-day. It is the rapid deployment of AI agents that organisations barely understand, cannot fully inventory, and often cannot meaningfully govern. AI…

Read more →

AI, Endpoint, Global Security News

Rustinel: Open-source endpoint detection for Windows and Linux

Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a Rust-based endpoint agent, is an attempt to collapse that work into a single codebase.…

Read more →

AI, APAC, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Release Notes: Expanded Threat Intelligence Access, AI Assisted Search 1,770 New Detections and More

April brought several updates across ANY.RUN’s Threat Intelligence and detection coverage.  The biggest change is expanded access to Threat Intelligence: Free plan users now get 20 premium requests in TI Lookup and YARA Search. This gives security teams a practical way to check suspicious indicators, explore related sandbox sessions, and validate malware or phishing activity using real attack…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security

Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on…

Read more →

AI, Global Security News

OPSWAT adds predictive AI engine to MetaDefender for pre-execution threat detection

OPSWAT has announced OPSWAT Predictive Alin AI, its first proprietary AI-based threat detection engine for the MetaDefender Platform. This AI-based innovation introduces a new category of capability within the MetaDefender Platform, a high-confidence predictive layer that works alongside existing detection and prevention engines to assess malicious intent before execution, driving greater efficiency across the platform.…

Read more →

AI, Europe, Global Security News

Njordium AI blocks fake invoices and fraudulent payments

Njordium Cyber Group has launched its new AI Fraud Detection Module, a self-learning AI engine integrated into the recently released Vendor Management System (VMS). The module instantly detects and neutralises fake invoices, phantom services or products, and inflated pricing. Fully transparent and compliant with the EU AI Act, it delivers a regulator-aligned solution to Europe’s…

Read more →

AI, Global Security News

AiStrike cuts alert noise with Continuous Detection Engineering

AiStrike has launched Continuous Detection Engineering, a capability that transforms how security operations teams manage detections, shifting from reactive alert triage to proactive, intelligence-driven optimization. The detection quality gap Security teams today are overwhelmed by alerts, but the root cause is not volume, it’s detection quality. AiStrike’s analysis across enterprise environments revealed that: More than…

Read more →

Endpoint, Global Security News, Network Security

Tuskira replaces centralized detection model with real-time, distributed approach

Tuskira has released its Federated Detection Engine, a new capability within its Agentic SecOps platform that enables real-time threat detection across cloud, identity, endpoint, network, SaaS, infrastructure, and legacy SIEM environments, without relying on centralized logging. Detection engineering still depends on centralized log architectures and manual rule authoring. That model is expensive to scale, slow…

Read more →

AI, Cybersecurity, Endpoint, Global Security News, Network Security, Risk Management

Top 6 XDR Solutions & Vendors in 2026

This guide is for security leaders, IT administrators, and growing businesses evaluating extended detection and response (XDR) platforms, and it covers the top solutions available today along with key features and buying considerations.  XDR tools provide centralized visibility and threat detection across endpoints, networks, cloud workloads, and email systems, helping organizations respond to increasingly complex…

Read more →

AI, Endpoint, Global Security News

EDR killers are now standard equipment in ransomware attacks

Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have become a standard component of ransomware intrusions. ESET Research tracked nearly 90 EDR killers actively used in the wild. The workflow is consistent across groups: an attacker gains high privileges, deploys an…

Read more →

AI, Apps, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Top 8 Endpoint Detection & Response (EDR) Solutions in 2026

This guide is for IT and security teams evaluating the best endpoint detection and response (EDR) solutions in 2026, covering top platforms and the features that matter most for threat detection and response.  EDR tools play a critical role in identifying and stopping threats at the device level by continuously monitoring endpoint activity and enabling…

Read more →

AI, Endpoint, Global Security News

Blumira enhances EDR and ITDR to speed up threat detection and containment

Blumira has announced the release of expanded endpoint detection and response (EDR) and identity threat detection and response (ITDR) capabilities in its platform. Security teams on Blumira Respond and Automate editions can now contain active threats by isolating compromised endpoints, stopping malicious processes, and locking out attackers across Microsoft 365 and Active Directory, without ever…

Read more →

AI, Compliance, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

Blumira Intros EDR and ITDR Solutions, Joins Pax8 Marketplace

Blumira, a security operations platform, is releasing enhanced endpoint detection and response (EDR) and identity threat detection and response (ITDR) capabilities. The company also recently joined the Pax8 Marketplace to deliver enterprise security operations to MSPs. Stopping threats at speed These newly expanded capabilities will enable security teams on Blumira Respond and Automate editions to…

Read more →

AI, Global Security News

Codoxo’s Deepfake Detection identifies AI-generated medical records for health plans

Codoxo has announced the launch of Deepfake Detection, an AI-driven fraud detection tool now being deployed by health plans across the U.S. The solution helps identify AI-generated or manipulated medical documentation and diagnostic images submitted in support of claims before payment is made. Healthcare fraud is already a multibillion-dollar problem, and generative AI is turning…

Read more →

AI, Global Security News

Armis improves vulnerability accuracy and speed with unified real-time visibility

Armis has announced Armis Centrix for Vulnerability Management Detection and Response. The solution enables security teams to identify and validate vulnerabilities across all organizational assets in real time. Armis’ unified approach to vulnerability assessment delivers greater accuracy, faster detection times, and reduced operational costs. “Waiting weeks for a vulnerability scan that still misses essential assets…

Read more →

AI, Endpoint, Global Security News

OPSWAT delivers AI-powered perimeter defense with unified zero-day verdicts

OPSWAT has introduced MetaDefender Aether, an AI-powered decision engine for fast zero-day detection, purpose-built for the perimeter. Unlike sandbox or antivirus solutions designed for endpoint protection, MetaDefender Aether intercepts files at every entry point, e.g. file transfers, removable media, email attachments, cloud storage, and web traffic, to detect unknown threats before they reach users, devices,…

Read more →

AI, Global Security News, malware, Network Security, Risk Management

Hacker abusing .arpa domain to evade phishing detection, says Infoblox

A threat actor has found a new way to evade phishing detection defenses: Manipulate the .arpa top-level domain (TLD) and IPv6-to-IPv4 tunneling to host phishing content on domains that shouldn’t resolve to an IP address.  For the uninitiated, the .arpa domain is an Address and Routing Parameter Area domain meant to be used exclusively for internet infrastructure…

Read more →

AI, Data Breaches, Global Security News, Risk Management

Push Security adds malicious browser extension detection to block threats in employee browsers

Push Security has announced new malicious browser extension detection and blocking capabilities within its browser-based security platform. The feature enables organizations to automatically block known-bad extensions from running in employee browsers. Attackers are increasingly turning to malicious browser extensions as a preferred method of compromise. Recent campaigns such as ShadyPanda, ZoomStealer, and GhostPoster, along with…

Read more →

AI, Cybersecurity, Global Security News, malware, Network Security, Risk Management

Threat Coverage Digest: New Malware Reports and 2,400+ Detection Rules  

February brought another round of major detection improvements across ANY.RUN’s threat intelligence and sandbox coverage. Alongside new Threat Intelligence reports, our analysts expanded behavioral visibility across dozens of malware families, strengthened detection logic for modern phishing and data-stealing campaigns, and added thousands of new network detection rules.  Let’s take a closer look at the updates delivered this month.  Threat Intelligence Reports …

Read more →

AI, Global Security News

N-able’s Anomaly Detection feature identifies credential-based threats

N-able expanded its Anomaly Detection capabilities in Cove Data Protection to combat the surge in identity-driven cyberattacks targeting backup environments. The new functionality delivers real-time alerts when suspicious or unauthorized changes to backup policies are detected, giving customers an early warning system against the credential-based tactics attackers use to disable or corrupt backups before deploying…

Read more →

AI, Global Security News, malware

Varist Hybrid Detection Engine protects against AI-assisted malware

Varist launched the Hybrid Detection Engine, creating an AI-scale malware detection solution that detects both known and zero-day threats. Built on proven technology used to perform more than 500 billion file scans per day for global customers, the Varist solution surpasses conventional detection by scanning every file and simulating suspicious components in real time. By…

Read more →

AI, Apps, Cybersecurity, Endpoint, Global Security News, malware, Risk Management

Moonrise RAT: A New Low-Detection Threat with High-Cost Consequences

Security professionals rely on early detection signals to prioritize and contain incidents. But what happens when a fully capable RAT generates none?  In a recent investigation, the ANY.RUN experts uncovered a new Go-based remote access trojan we named Moonrise. At the time of analysis, it wasn’t detected on VirusTotal and had no vendor signatures tied to it.  That’s the problem teams can’t ignore: credential theft, remote command execution, and persistence…

Read more →

AI, Global Security News, malware

Malwarebytes brings Scam Guard to desktop with real-time scam protection

Malwarebytes has expanded the availability of its scam detection tool Scam Guard to desktop for both Windows and Mac. The free scam protection tool provides real-time feedback on scams, threats and malware alongside digital safety recommendations. Scams have become a global crisis, draining $442 billion from consumers over the past year, according to GASA’s Global…

Read more →

AI, Cybersecurity, Endpoint, Global Security News, Network Security, Risk Management

Vectra AI Report Warns AI Gains Aren’t Boosting Resilience

Cybersecurity provider Vectra AI has published its 2026 State of Threat Detection and Response Report, revealing a persistent gap between security investment and real-world cyber resilience. Lagging confidence amid rising AI adoption Based on a survey of 1,450 security practitioners and leaders worldwide, the report found that while many security teams feel better staffed and…

Read more →

AI, Apps, Global Security News, Network Security, Tools & Platforms

ExtraHop Expands Agentic SOCs With Deeper Visibility

ExtraHop, a modern network detection and response (NDR) provider, has launched new visibility and forensic capabilities that deliver the contextual insights required to power agentic SOCs and enable more autonomous defense against sophisticated threat actors. Setting AI agents up for success Citing the growth of AI-assisted attacks, ExtraHop says these new capabilities aim to equip…

Read more →

AI, Global Security News, Network Security, Risk Management

New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

GUEST RESEARCH:  Modern capabilities, such as cloud-powered management, analytics, and detection, have introduced a new architectural era to IP-based video surveillance, which remains a prominent safety feature across enterprises, manufacturing facilities, military installations, and even apartments and small businesses. What was once a world of on-premesis network video recorders (NVRs), local storage arrays, and LAN-based…

Read more →

AI, Global Security News, Network Security, Risk Management

New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

GUEST RESEARCH:  Modern capabilities, such as cloud-powered management, analytics, and detection, have introduced a new architectural era to IP-based video surveillance, which remains a prominent safety feature across enterprises, manufacturing facilities, military installations, and even apartments and small businesses. What was once a world of on-premesis network video recorders (NVRs), local storage arrays, and LAN-based…

Read more →

AI, Global Security News, Government & Policy, Industry News

AiStrike introduces AI-powered MDR to reduce costs and alert fatigue

AiStrike announced the launch of AiStrike MDR, an AI-powered managed detection and response (MDR) service designed to replace human-intensive MDR with an AI-led, expert-guided operating model built for scale, speed, and measurable outcomes. Enterprises and government organizations use AiStrike to unify threat intelligence, detection engineering, investigation, and response in a single AI-native platform, improving detection…

Read more →

AI, Global Security News, Government & Policy, Industry News

AiStrike introduces AI-powered MDR to reduce costs and alert fatigue

AiStrike announced the launch of AiStrike MDR, an AI-powered managed detection and response (MDR) service designed to replace human-intensive MDR with an AI-led, expert-guided operating model built for scale, speed, and measurable outcomes. Enterprises and government organizations use AiStrike to unify threat intelligence, detection engineering, investigation, and response in a single AI-native platform, improving detection…

Read more →

AI, authentication bypass, Blog, CVE, CVEs, Exploits, Global Security News, Risk Management

CVE-2026-24061 Detection: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access

Update (January 28, 2026): This article has been updated to feature a dedicated detection rule set focused on CVE-2026-24061 exploitation. Dive into the threat overview and access the updated rule collection, which now contains 5 content items. A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability…

Read more →

AI, authentication bypass, Blog, CVE, CVEs, Exploits, Global Security News, Risk Management

CVE-2026-24061 Detection: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access

Update (January 28, 2026): This article has been updated to feature a dedicated detection rule set focused on CVE-2026-24061 exploitation. Dive into the threat overview and access the updated rule collection, which now contains 5 content items. A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability…

Read more →

AI, authentication bypass, Blog, CVE, CVEs, Exploits, Global Security News, Risk Management

CVE-2026-24061 Detection: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access

Update (January 28, 2026): This article has been updated to feature a dedicated detection rule set focused on CVE-2026-24061 exploitation. Dive into the threat overview and access the updated rule collection, which now contains 5 content items. A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability…

Read more →

AI, authentication bypass, Blog, CVE, CVEs, Exploits, Global Security News, Risk Management

CVE-2026-24061 Detection: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access

Update (January 28, 2026): This article has been updated to feature a dedicated detection rule set focused on CVE-2026-24061 exploitation. Dive into the threat overview and access the updated rule collection, which now contains 5 content items. A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability…

Read more →

AI, authentication bypass, Blog, CVE, CVEs, Exploits, Global Security News, Risk Management

CVE-2026-24061 Detection: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access

Update (January 28, 2026): This article has been updated to feature a dedicated detection rule set focused on CVE-2026-24061 exploitation. Dive into the threat overview and access the updated rule collection, which now contains 5 content items. A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability…

Read more →