Geek-Guy.com

Tag: systems

AI, Global Security News

Why Business Success Depends on IT Excellence

GUEST OPINION:  IT is the business. When systems fail, operations stop, revenue halts, and customers lose trust. The COO of KLM captured this reality succinctly: “Nobody flies without IT.” In a digital economy, technology underpins every function, from customer experience to core operations. This reality places extraordinary responsibility on IT teams and raises an important question:…

Read more →

AI, Apps, Data Breaches, Global Security News, Government & Policy, malware, Network Security, Politics, Risk Management

FBI Investigates Suspicious Activity in Surveillance Platform

The Federal Bureau of Investigation (FBI) is investigating suspicious cyber activity involving systems used to process surveillance and wiretap warrants, raising concerns about the security of highly sensitive law enforcement infrastructure.  Although officials say the issue has been contained, the incident highlights the growing cyber risks facing government networks that store and manage critical investigative…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

MS-Agent Flaw Enables Remote Code Execution via AI Agents 

A vulnerability in an AI automation framework could allow attackers to take complete control of systems running the software.  Security researchers have identified a command injection flaw in the ModelScope MS-Agent framework that could enable remote code execution through crafted prompt input, exposing organizations that deploy AI agents with operating system access. “The real issue…

Read more →

AI, Global Security News

AI went from assistant to autonomous actor and security never caught up

Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security teams can observe or control. A briefing published by the AIUC-1 Consortium, developed with input from Stanford’s Trustworthy…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Risk Management

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells following attacks that began in December 2025. Sangoma FreePBX is an open-source, web-based platform for managing Asterisk-powered VoIP phone systems. Maintained by Sangoma Technologies, it allows businesses…

Read more →

Exploits, Global Security News

CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108)

CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused by attackers abusing the flaw. Because public disclosures from the Japanese CERT Coordination Center (JPCERT/CC) and…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Soliton Systems K.K FileZen flaw, tracked as CVE-2026-25108 (CVSS v4 score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. Soliton Systems K.K. FileZen is a…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Take control: Locking down common endpoint vulnerabilities

Attackers are constantly on the prowl, scoping out vulnerabilities of network-connected devices in your systems. These devices—laptops, desktops, servers, IoT, and more—are like unlocked doors waiting for threat actors to stroll through. And here’s the kicker: many of these vulnerabilities are shockingly common and easily preventable. Let’s break down the weaknesses we most frequently track…

Read more →

AI, Apps, Cloud Security, Cybersecurity, Endpoint, Global Security News, malware, Risk Management

Cyber defense: From reactive to proactive

When systems are attacked, we should respond. But how much better would it be if we could anticipate attacks before they strike and stop them with a proactive defense? Faced with today’s cybersecurity challenges, that is no simple task. “It’s a cat-and-mouse situation. AI is changing the speed and sophistication of attacks, and AI is…

Read more →

AI, Global Security News, Risk Management

Enterprises are racing to secure agentic AI deployments

AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can open pull requests, query internal databases, book services, and trigger automated workflows with limited human involvement. The State of AI Security 2026 from Cisco places this level of access inside a…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management

AI Governance Becomes Critical as Agentic AI Moves Into Production

As agentic AI systems shift from pilot projects to real-world deployment, governance is quickly becoming a board-level concern.  Unlike traditional AI models that generate content, agentic systems can autonomously invoke tools, access enterprise data and execute actions across business systems — fundamentally changing the risk equation. “As agentic AI moves from experimentation into real-world deployment,…

Read more →

AI, Apps, china, Cybersecurity, Data Security, Exploits, Global Security News, Government & Policy, Network Security, Politics, Risk Management

Texas Sues TP-Link Over Alleged Security Risks and Supply Chain Deception

Texas has filed a lawsuit against networking manufacturer TP-Link Systems, accusing the company of misleading consumers about the security and origins of its routers while exposing users to exploitation by Chinese state-backed threat actors.  The complaint alleges that TP-Link marketed its devices as secure and labeled them “Made in Vietnam,” despite sourcing nearly all components…

Read more →

Global Security News

The era of the Digital Parasite: Why stealth has replaced ransomware

For years, ransomware encryption functioned as the industry’s alarm bell. When systems locked up, defenders knew an attack had occurred. Not anymore. New empirical data show that attackers are actively dismantling that signal. According to Picus Security’s Red Report 2026, adversaries are no longer optimizing for disruption; they’re optimizing for residency. Based on a thorough…

Read more →

AI, Global Security News

How Can AI Improve Industrial Inventory Management (Practical Use Cases)

AI can improve industrial inventory management where traditional systems struggle most. This includes forecasting intermittent demand, positioning inventory across multiple sites, improving execution accuracy, and moving surplus inventory from planning to action. In each case, the value comes from better decisions grounded in data. The post How Can AI Improve Industrial Inventory Management (Practical Use…

Read more →

AI, Cybersecurity, Global Security News, Network Security

OT teams are losing the time advantage against industrial threat actors

In many industrial environments, internet-facing gateways, remote access appliances, and boundary systems sit close enough to production networks that attackers can move from IT intrusion to operational disruption with limited resistance. Dragos’ 2026 OT/ICS Year in Review describes a threat landscape where adversaries are spending more time learning how physical processes work and less time…

Read more →

AI, Apps, Cybersecurity, Exploits, Funding, Global Security News, Network Security, Risk Management

Why 2025’s agentic AI boom is a CISO’s worst nightmare

By late 2025, the enterprise AI landscape had shifted. Standard RAG systems are failing at a rate of 80%, forcing a pivot to autonomous agents. But while “agentic RAG” solves the reliability problem, it introduces a terrifying new one: the autonomous execution of malicious instructions. If 2023 was the year of the chatbot and 2024…

Read more →

Global Security News, Network Security

How Emerging Threats Are Forcing a Reboot of Defence Industrial Base Security Policy

Cyber threats to the defence industrial base are no longer theoretical or confined to classified systems; they are an operational reality affecting personnel, contractors and supply networks worldwide. A newly published Google Threat Intelligence Group report positions the DIB as a contested environment where state-sponsored operations and criminal actors alike apply relentless pressure on digital infrastructure…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Vendor Leadership & Partner Programs

SecurityBridge Taps Jesper Zerlang to Lead Global Growth

Enterprise ERP systems remain one of the most overlooked attack surfaces in cybersecurity. In an interview with Channel Insider, newly appointed SecurityBridge CEO Jesper Zerlang said closing that SAP security gap will define the company’s next phase of growth as it accelerates global expansion and deepens channel partnerships. Former board member turned executive charts early…

Read more →

AI, Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware, Network Security

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botnet dubbed SSHStalker, observed via SSH honeypots over two months. Researchers ran an SSH honeypot with weak credentials starting in early 2026 and spotted a set of intrusions unlike…

Read more →

AI, Artificial Intelligence, Cybersecurity, Don't miss, Exploits, framework, Global Security News, News

Zen-AI-Pentest: Open-source AI-powered penetration testing framework

Zen-AI-Pentest provides an open-source framework for scanning and exercising systems using a combination of autonomous agents and standard security utilities. The project aims to let users run an orchestrated sequence of reconnaissance, vulnerability scanning, exploitation, and reporting using AI guidance and industry tools like Nmap and Metasploit. It is written to support command line, API,…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, CISO, Cybersecurity, Don't miss, features, Global Security News, Hot stuff, News, Risk Management

United Airlines CISO on building resilience when disruption is inevitable

Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains how the company approaches modernization without compromising…

Read more →

AI, CISO, Cybersecurity, Don't miss, features, Global Security News, Hot stuff, News, Risk Management

United Airlines CISO on building resilience when disruption is inevitable

Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains how the company approaches modernization without compromising…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, Data Breaches, Europe, Global Security News, hacking, malware, Network Security, Russia, Security

Italian university La Sapienza still offline to mitigate recent cyber attack

Rome’s La Sapienza University was hit by a cyberattack that disrupted IT systems and caused widespread operational issues. Since February 2, Rome’s La Sapienza University, one of the most important Italian universities, has been offline due to a cyberattack. For days, students have been unable to book exams, check tuition payments, or access faculty contacts.…

Read more →

AI, Amazon GuardDuty, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Security, Identity, & Compliance

GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS

Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). GuardDuty Extended Threat Detection was able to correlate signals…

Read more →