Geek-Guy.com

Tag: modern

Apps, Global Security News

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems. The result is Identity Dark Matter: identity activity that sits outside the visibility of centralized IAM and beyond the reach of

Read more →

AI, Data Breaches, Global Security News, malware, Network Security

Ransomware Negotiations Mirror Aggressive Sales Tactics 

A Nord Security study analyzing leaked ransomware negotiation transcripts shows how modern ransomware groups increasingly operate like professional sales organizations.  The report found that attackers frequently use discounts, upselling tactics, psychological pressure, and negotiation strategies to maximize payments from victims.  The report reviewed 246 leaked negotiation transcripts from 2020 to 2026, covering more than 11,500…

Read more →

AI, Europe, Global Security News, Network Security, Risk Management

ExtraHop, Ignition Bring Agentic SOC Push to North America

ExtraHop, a modern network detection and response (NDR) provider, has expanded its partnership with Ignition, operating under Exclusive Networks, in North America. Providing the ‘definitive’ intelligence layer for SOCs According to ExtraHop, the expanded partnership with Exclusive Networks will make its NDR platform “more accessible than ever,” giving organizations real-time network traffic insights to strengthen…

Read more →

AI, APAC, Apps, Compliance, Global Security News, Network Security, privacy, Risk Management

Top 6 UCaaS Providers for Businesses in 2026

Unified Communications as a Service (UCaaS) is essential for modern businesses looking to stay connected in today’s fast-moving work environment. By combining video conferencing, VoIP, messaging, and collaboration tools into a single cloud-based platform, UCaaS helps teams communicate and collaborate in real time from anywhere.  As remote and hybrid work continue to evolve in 2026,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

CISA chief frets about open-source vulnerabilities, delayed security improvements

Securing some of the open-source technology that serves as the backbone for all modern digital infrastructure is going to require some “hard decisions” amid a wave of malware attacks, the leader of the Cybersecurity and Infrastructure Security Agency said Thursday. “The open-source community is one that I’m particularly worried about when we start to think…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Your CTEM program is probably ignoring MCP. Here’s how to fix it

Model Context Protocol (MCP) is the connective tissue of modern AI tooling and has quietly become one of the most significant blind spots in modern security programs. Like shadow IT before it, shadow AI — especially as it relates to MCP risk — introduces a new class of exposures that security teams lack adequate tooling…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Inside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking Credentials in Real Time 

A new phishing campaign targeting Brazilian users demonstrates how modern financial malware has evolved from simple credential theft into full-scale, operator-driven fraud platforms. Disguised as a judicial summons, this campaign leverages social engineering, multi-stage malware delivery, and real-time remote access capabilities to compromise victims and actively assist attackers in financial theft.   For organizations, the implications extend beyond individual users. Employees accessing corporate…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

When Trust Becomes a Weapon: Google Cloud Storage Phishing Deploying Remcos RAT

Modern phishing campaigns increasingly abuse legitimate services. Cloud platforms, file-sharing tools, trusted domains, and widely used SaaS applications are now part of the attacker’s toolkit. Instead of breaking trust, attackers borrow it.  This shift creates a dangerous asymmetry. Security controls often whitelist or inherently trust these services, while users are far less likely to question them. The…

Read more →

Apps, Global Security News

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems.  The result is Identity Dark Matter: identity activity that sits outside the visibility of centralized IAM and

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Network Security, Risk Management

Major Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and More 

March 2026 brought a wave of cyber attacks that reflected how quickly modern threats can move from subtle early signals to serious business impact. ANY.RUN analysts identified and explored several major threats this month, exposing phishing campaigns, stealthy malware, payment-skimming activity, and resilient botnet infrastructure affecting organizations across industries. From Microsoft 365 token abuse and…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Network Security, Risk Management

Major Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and More 

March 2026 brought a wave of cyber attacks that reflected how quickly modern threats can move from subtle early signals to serious business impact. ANY.RUN analysts identified and explored several major threats this month, exposing phishing campaigns, stealthy malware, payment-skimming activity, and resilient botnet infrastructure affecting organizations across industries. From Microsoft 365 token abuse and…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, privacy, Risk Management

Telemetry Pipeline: How It Works and Why It Matters in 2026

A telemetry pipeline has become a core layer in modern security operations because teams no longer send data from applications, infrastructure, and cloud services straight into a single backend and hope for the best. In 2026, most environments are distributed across cloud, hybrid, and on-prem systems, which means more services, more data sources, more formats,…

Read more →

AI, Compliance, Data Breaches, Data Security, Endpoint, Global Security News, Network Security, Risk Management

Beyond File Servers: Securing Unstructured Data in the Era of AI

File servers still exist for legacy storage and governance, but most modern workflows now happen in collaboration tools, code platforms, chats, and AI systems. File servers remain, but they are no longer central to operations. They still appear important on paper: legacy project shares with strict permissions, legal drives with structured folders, and network areas…

Read more →

AI, Data Breaches, Exploits, Global Security News, Risk Management

Agent-to-Agent Attacks Are Coming: What API Security Teaches Us About Securing AI Systems

AI systems are no longer just isolated models responding to human prompts.  In modern production environments, they are increasingly chained together – delegating tasks, calling tools, and coordinating decisions with limited or no human oversight. Almost all that communication happens through APIs.  This shift offers enormous productivity benefits. But it has also complicated security. Because…

Read more →

AI, Global Security News, Russia

This spy tool has been quietly stealing data for years

ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture has enabled sustained surveillance of Ukrainian military personnel since at least April 2024. The Sednit group itself was tied to Unit…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

14 old software bugs that took way too long to squash

In 2021, a vulnerability was revealed in a system that lay at the foundation of modern computing. An attacker could force the system to execute arbitrary code. Shockingly, the vulnerable code was almost 54 years old — and there was no patch available, and no expectation that one would be forthcoming. Fortunately, that’s because the…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Expanding Phishing Detection at Scale with Automatic SSL Decryption

90% of modern cyberattacks start with phishing and it’s getting worse. The volume of compromise attempts keeps surging, leaving companies more exposed to credential theft and heavy financial hits.  As phishing evolves, we focus on countering the core tactics that make it effective. That’s why ANY.RUN is upgrading the threat detection capabilities of the Interactive Sandbox across all subscription tiers with the new SSL decryption technology.  By extracting encryption keys directly from process memory, it increases the detection rate of phishing inside the sandbox, helping every user and SOC team…

Read more →

AI, APAC, Apps, Cybersecurity, Global Security News, Government & Policy, Network Security, Risk Management

The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary], (Wed, Feb 25th)

  [This is a guest diary contributed by Claire Perry (LinkedIn)] The structural integrity of modern society is predicated upon a dense and often opaque network of interconnected systems. For decades, the modeling of these systems remained siloed within specific domains: industrial processes were governed by the hierarchical constraints of the Purdue Model, while corporate…

Read more →

AI, Apps, Global Security News, Network Security, Tools & Platforms

ExtraHop Expands Agentic SOCs With Deeper Visibility

ExtraHop, a modern network detection and response (NDR) provider, has launched new visibility and forensic capabilities that deliver the contextual insights required to power agentic SOCs and enable more autonomous defense against sophisticated threat actors. Setting AI agents up for success Citing the growth of AI-assisted attacks, ExtraHop says these new capabilities aim to equip…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

Windows Notepad RCE Flaw Exploits Markdown Files

Microsoft has patched a vulnerability in the modern Windows Notepad app that could allow remote code execution if a user opens a specially crafted Markdown file.  The issue carries a CVSS score of 8.8 and requires user interaction to exploit. The vulnerability “… allows an unauthorized attacker to execute code over a network,” said Microsoft…

Read more →

AI, Global Security News, Network Security, Risk Management

New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

GUEST RESEARCH:  Modern capabilities, such as cloud-powered management, analytics, and detection, have introduced a new architectural era to IP-based video surveillance, which remains a prominent safety feature across enterprises, manufacturing facilities, military installations, and even apartments and small businesses. What was once a world of on-premesis network video recorders (NVRs), local storage arrays, and LAN-based…

Read more →

AI, Global Security News, Network Security, Risk Management

New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

GUEST RESEARCH:  Modern capabilities, such as cloud-powered management, analytics, and detection, have introduced a new architectural era to IP-based video surveillance, which remains a prominent safety feature across enterprises, manufacturing facilities, military installations, and even apartments and small businesses. What was once a world of on-premesis network video recorders (NVRs), local storage arrays, and LAN-based…

Read more →