Geek-Guy.com

Tag: files

AI, Data Breaches, Europe, Global Security News, malware, Network Security, Risk Management

The Gentlemen are coming for your files, and then your network

Ransomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first. Microsoft’s recent warning of the Gentlemen ransomware revealed its operators using a self-propagating Go-based encryptor capable of moving laterally through compromised environments and deploying itself across additional systems. “Modern ransomware…

Read more →

AI, Apps, Exploits, Global Security News, malware

19.6 Billion Files Are Sitting Open on the Internet. No Password Required

19.6 Billion files are exposed in misconfigured cloud buckets, including 685K credential files and nearly 1M database dumps. There’s a comfortable myth most people carry around: that the data they hand to companies is locked somewhere safe. Researchers at Mysterium VPN just ran the numbers, and the numbers disagree. Across 535,480 publicly listable cloud storage…

Read more →

AI, Global Security News

Microsoft Access VBA, (Mon, May 25th)

Microsoft Access files (Microsoft Office’s Database) can contain VBA code. But they are not ole or OOXML files. You can’t analyze them with oledump.py: Neither do they contain an embedded OLE file: Microsoft does not publish official documentation for the Microsoft Access file format, like it does for CFB (ole) and OOXML. That inspired me…

Read more →

AI, Apps, Global Security News

Product showcase: Syncthing for secure, private file synchronization

Syncthing is a free and open-source application that synchronizes files directly between your devices. Instead of uploading data to a central server, it uses a peer-to-peer approach, transferring files whenever peers are online. This decentralized model ensures that your data remains private and under your control. Syncthing monitors shared folders for changes. When a file…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Global Security News, malware, Network Security, privacy, Risk Management

Most Secure Cloud Storage for Privacy & Protection

Cloud storage makes it easy to store and access files from anywhere, but it also introduces real security risks. Every time you upload sensitive data, you rely on a provider to protect it from breaches, unauthorized access, and data exposure. Not all cloud storage services offer the same level of security. Some lack zero-knowledge encryption,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy

7,500+ Magento sites defaced in global hacking campaign

Hackers defaced 7,500 Magento sites since Feb 27, uploading files across 15,000 hostnames, mostly opportunistic attacks. Since February 27, a large-scale campaign has defaced over 7,500 Magento sites, targeting e-commerce platforms, global brands, and government services. According to cybersecurity firm Netcraft, attackers placed plaintext defacement files across more than 15,000 hostnames, directly compromising affected infrastructure.…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

12 Million exposed .env files reveal widespread security failures

Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny rule, an overlooked server setting, or a full project folder uploaded to production can quietly expose a company’s most sensitive secrets. In many cases, those secrets live inside simple environment files…

Read more →

AI, Global Security News, Risk Management

SecureClaw: Dual stack open-source security plugin and skill for OpenClaw

AI agent frameworks are being used to automate work that involves tools, files, and external services. That type of automation creates security questions around what an agent can access, what it can change, and how teams can detect risky behavior. SecureClaw is an open-source project that adds security auditing and rule-based controls to OpenClaw agent…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Risk Management

Four new reasons why Windows LNK files cannot be trusted

The number of ways that Windows shortcut (.LNK) files can be abused just keeps growing: A cybersecurity researcher has documented four new techniques to trick Windows users into running malicious actions through innocent-looking shortcuts. Wietze Beukema demonstrated how to spoof the visible LNK destination, hide command-line arguments, and execute a different program than the one…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Risk Management

Four new reasons why Windows LNK files cannot be trusted

The number of ways that Windows shortcut (.LNK) files can be abused just keeps growing: A cybersecurity researcher has documented four new techniques to trick Windows users into running malicious actions through innocent-looking shortcuts. Wietze Beukema demonstrated how to spoof the visible LNK destination, hide command-line arguments, and execute a different program than the one…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, privacy

The Epstein Files didn’t hide this hacker very well

Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about – especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting. Sloppy redaction leads to explosive claims, and difficult reputational consequences for cybersecurity vendors, and we learn how trust – once cracked – can be almost impossible to fully…

Read more →

AI, Apps, AWS Security Hub, Cybersecurity, Global Security News, Intermediate (200), Network Security, Security, Identity, & Compliance

File integrity monitoring with AWS Systems Manager and Amazon Security Lake 

Customers need solutions to track inventory data such as files and software across Amazon Elastic Compute Cloud (Amazon EC2) instances, detect unauthorized changes, and integrate alerts into their existing security workflows. In this blog post, I walk you through a highly scalable serverless file integrity monitoring solution. It uses AWS Systems Manager Inventory to collect…

Read more →