Geek-Guy.com

Tag: even

AI, Exploits, Global Security News, malware, Network Security, Risk Management

CVE-2026-45585: YellowKey BitLocker Bypass Exposes Encrypted Data on Windows Devices

BitLocker is designed to protect data at rest even when a device is lost, stolen, or powered off, which is why a bypass against that trust model draws immediate attention. The CVE-2026-45585 vulnerability, publicly referred to as YellowKey, is a Windows security feature bypass flaw that Microsoft says can let an attacker with physical access…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Human-centric failures: Why BEC continues to work despite MFA

Business email compromise (BEC) is still thriving even in organizations that have implemented multi-factor authentication (MFA). As security professionals, we often assume that MFA is the silver bullet for email security, but real-world incidents suggest otherwise. Attackers exploit human behaviors, process gaps and operational blind spots that MFA alone cannot address. In many modern BEC…

Read more →

AI, Exploits, Global Security News, privacy, Risk Management

Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting

CVE-2026-6770 let attackers fingerprint Firefox and Tor users, even in Private mode. Firefox 150 and Tor Browser 15.0.10 fixed it. A vulnerability, tracked as CVE-2026-6770, allowed attackers to fingerprint Firefox users, even in Private Browsing, and also impacted the Tor Browser. The flaw worked even when Tor’s New Identity feature was used, bypassing protections meant…

Read more →

AI, Exploits, Global Security News, privacy, Risk Management

iPhone forensics expose Signal messages after app removal in U.S. case

An FBI case in Texas shows Signal messages can still be recovered from iPhones even after app uninstall, via system artifacts, challenging privacy assumptions. The recent revelations about FBI forensic access to Signal messages on an iPhone have reignited a long-standing misunderstanding about mobile privacy: the belief that disappearing messages and encrypted apps guarantee that…

Read more →

AI, Compliance, Global Security News, Network Security, Risk Management

Microsoft builds its own AI stack to help wean it from its reliance on OpenAI

Microsoft seems to be meeting OpenAI on its own turf, even as it continues its strategic partnership with the AI darling, with the release of three in-house, commercially-available AI models. MAI-Transcribe-1 (for speech transcription), MAI-Voice-1 (for voice generation), and MAI-Image-2 (for image creation) are now available on Microsoft Foundry and the MAI Playground. These new…

Read more →

AI, APAC, Apps, Exploits, Global Security News, Network Security, privacy, Risk Management, Venture

The dark side of chatbots with ‘personality’

They say you can find anything on Amazon. Now, you can even get a personality.  Not for yourself, but for your AI “friend,” Alexa.  Amazon has announced four new “conversation styles” or “personalities” for its voice-interaction Alexa+ AI chatbot.  Users can now choose between “Brief,” “Chill,” “Sweet,” and “Sassy” styles and pick from a range…

Read more →

Cybersecurity, Global Security News, Risk Management

Healthcare organizations are accepting cyber risk to cut costs

Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global healthcare executives, conducted between May and July 2025, puts numbers to the gap between the risks the sector faces and the controls it has in place. Key findings (Source: PwC) Data protection…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Your dependencies are 278 days out of date and your pipelines aren’t protected

Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across the environments studied, 87% of organizations run at least one exploitable vulnerability in production services, affecting 40% of those…

Read more →

AI, Compliance, Europe, Exploits, Global Security News, Network Security, Russia

AI-augmented threat actor accesses FortiGate devices at scale

Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale—a trend Amazon Threat Intelligence has been tracking closely. A recent investigation illustrates this shift: Amazon Threat Intelligence observed a Russian-speaking financially motivated threat actor leveraging multiple commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries…

Read more →

AI, Exploits, Global Security News

Open-source benchmark EVMbench tests how well AI agents handle smart contract exploits

Smart contract exploits continue to drain funds from blockchain projects, even as auditing tools and bug bounty programs grow. The problem is tied to how Ethereum Virtual Machine (EVM) contracts work: code is deployed permanently, runs autonomously, and often controls large pools of assets. That environment has created demand for better ways to measure whether…

Read more →

AI, Global Security News, malware, Russia

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled in device firmware, hidden inside system apps, or even distributed via official stores like Google Play. Currently used for ad fraud by turning infected…

Read more →

AI, APAC, Apps, Global Security News, Infrastructure, Risk Management

Java Adoption Accelerates for AI Workloads, Azul Survey Finds

Java is increasingly being positioned as a core language for enterprise AI development, even as organizations accelerate plans to move away from Oracle Java due to pricing and licensing concerns, according to Azul’s newly released 2026 State of Java Survey & Report. The annual study is based on responses from more than 2,000 Java professionals…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, malware, Password, password protection, Risk Management, Threat Lab

Strengthen your digital defenses on World Password Day

In today’s digital world, passwords have become a necessary part of life. But even though you use them for almost everything you do online, you probably don’t give them the thought they truly deserve. May 1, 2025, is World Password Day, a reminder that passwords are the unsung heroes of cybersecurity, the first line of…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, malware, Password, password protection, Risk Management, Threat Lab

Strengthen your digital defenses on World Password Day

In today’s digital world, passwords have become a necessary part of life. But even though you use them for almost everything you do online, you probably don’t give them the thought they truly deserve. May 1, 2025, is World Password Day, a reminder that passwords are the unsung heroes of cybersecurity, the first line of…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, malware, Password, password protection, Risk Management, Threat Lab

Strengthen your digital defenses on World Password Day

In today’s digital world, passwords have become a necessary part of life. But even though you use them for almost everything you do online, you probably don’t give them the thought they truly deserve. May 1, 2025, is World Password Day, a reminder that passwords are the unsung heroes of cybersecurity, the first line of…

Read more →