followed — Geek-Guy.com

Unrequited love drove a 57-year-old man to an AI. Delusions of grandeur followed.

Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)

April 16, 2026

Introduction This diary provides indicators from a Lumma Stealer infection that was followed by Sectop RAT (ArechClient2). I searched for cracked versions of popular copyright-protected software, and I downloaded the initial malware after following the results of one such search. This is a common distribution technique for various families of malware, and I often find…

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

April 1, 2026

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next. Threat actors now use malware less frequently in favor of what’s already inside your environment, including abusing trusted tools, native binaries, and legitimate admin utilities to move laterally, escalate privileges, and persist without raising…

Ransomware’s Opening Play: Target Identity First

March 17, 2026

For years, ransomware attacks followed a familiar script. Threat actors gained entry through a vulnerable server, a phishing email, or malicious software on an endpoint. Once inside, they moved laterally through the network, then encrypted systems and demanded payment. That playbook has changed. Today’s ransomware operators increasingly target identity infrastructure as their first objective. Active…

Pre-travel authorisation is the next big audit focus in Australian business travel

March 10, 2026

GUEST OPINION: For years, corporate travel governance in Australia has followed a familiar and largely unchallenged sequence: employees book trips, incur costs, and submit expense claims, then finance teams check compliance afterwards. That post-trip model worked until now. As travel volumes regain momentum, finance and audit leaders face new pressure to avoid non-compliant spend. The answer is pre-travel authorisation,…

How ‘silent probing’ can make your security playbook a liability

March 2, 2026

For years, cyberattacks followed a familiar pattern: reconnaissance, exploitation, persistence, impact. Defenders built their strategies around that cycle, patching vulnerabilities, monitoring indicators, and working to reduce dwell time. But a quieter shift is underway. Today’s most sophisticated adversaries are using AI to study how organizations defend themselves. They run what we call “silent probing campaigns:”…

Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells

February 11, 2026

A massive wave of exploitation attempts has followed the disclosure of CVE-2026-1281, a critical pre-authentication Ivanti EPMM vulnerability, the Shadowserver Foundation has warned. Some of it is automated scanning for vulnerable systems, but according to Greynoise and Defused, a suspected initial access broker has been prepping unpatched instances with a “sleeper” webshell for follow-on exploitation…

Tag: followed

AI, Global Security News

His Chatbot Nearly Ruined Him. To Recover, He Had to Destroy It.

May 23, 2026

AI, Global Security News, malware