Geek-Guy.com

Tag: team

AI, Global Security News

CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where “feasible” to safeguard against potential threats stemming from threat actors’ abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Global Security News, Risk Management

CIRT insights: How to help prevent unauthorized account removals from AWS Organizations

The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often uncovers new or trending tactics used by various threat actors that take advantage of specific customer configurations and designs. Understanding these tactics can help inform your architecture decisions, improve your…

Read more →

AI, Apps, Cloud Security, Exploits, Global Security News, Risk Management

What the March 2026 Threat Technique Catalog update means for your AWS environment

The AWS Customer Incident Response Team (AWS CIRT) regularly encounters patterns that repeat across their engagements when helping customers respond to security incidents. We’re passionate about making sure that information is widely accessible so that everyone can improve their security posture and their organization’s resilience to disruption. The primary method we use to share this…

Read more →

AI, Apps, Compliance, Endpoint, Europe, Global Security News, Risk Management

The Governance Gap: How the EU AI Act Makes API Security a Compliance Imperative

Your legal team just handed you a 400-page document and said “figure out compliance.” The EU AI Act is live, your organization falls under its scope, which is broader than many expect. Even non‑EU companies must comply if their AI systems are used, deployed, or produce effects within the European Union. In practice, that means that global organizations…

Read more →

AI, Global Security News

Level Up Your Payment Security Expertise with PCI SSC Knowledge Training

  Give your team the insight and confidence to work effectively with assessors through Knowledge Training. These courses are designed to help learners speak the same language as the assessor, confidently guide their organization through assessments and any pre-planning, and effectively collaborate alongside the assessor during an assessment. When teams are aligned, assessments run more…

Read more →

AI, Global Security News

Level Up Your Payment Security Expertise with PCI SSC Knowledge Training

  Give your team the insight and confidence to work effectively with assessors through Knowledge Training. These courses are designed to help learners speak the same language as the assessor, confidently guide their organization through assessments and any pre-planning, and effectively collaborate alongside the assessor during an assessment. When teams are aligned, assessments run more…

Read more →

AI, Global Security News, Government & Policy, malware

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which was observed between March and April

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management, Venture

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action

Built by a veteran security team and led by a former Google and Mandiant executive, Mallory delivers intelligence that drives action for enterprise security teams. Mallory is launching a AI-native threat intelligence platform, purpose-built to answer the questions CISOs and their teams are asking every day: What are the real threat vectors for our organization?…

Read more →

AI, Apps, Endpoint, Global Security News, malware, privacy

Protecting Cookies with Device Bound Session Credentials

Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April 2024 announcement, Device Bound Session Credentials (DBSC) is now entering public availability for Windows users on Chrome 146, and expanding to macOS in an upcoming Chrome release. This project represents a significant step forward in…

Read more →

AI, Data Breaches, Europe, Exploits, Global Security News, malware, Network Security

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

The European Union’s Computer Emergency Response Team, CERT-EU, has traced last week’s theft of data from the Europa.eu platform to the recent supply chain attack on Aqua Security’s Trivy open-source vulnerability scanner. The attack on the AWS cloud infrastructure hosting the Europa.eu web hub on March 24 resulted in the theft of 350 GB of…

Read more →

AI, china, Global Security News, Network Security

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on WeChat, CNCERT noted that the platform’s “inherently weak default security configurations,” coupled with its

Read more →

AI, APAC, Apps, Exploits, Global Security News, Network Security, Risk Management

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

The team at Readiness each month analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. The March release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET — a moderate volume with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in…

Read more →

AI, Global Security News

FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been compromised to establish a foothold into the targeted environment. Each incident was detected and stopped during the lateral movement phase of the attack.

Read more →

AI, Global Security News, Network Security

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

New research from Broadcom’s Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies’ networks, including banks, airports, non-profit, and the Israeli arm of a software company. The activity has been attributed to a state-sponsored hacking group called MuddyWater (aka Seedworm). It’s affiliated with…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

A scorecard for cyber and risk culture

Have you once watched a leadership team clap for their “security culture month” like they’d landed a rover? Posters everywhere. Quizzes. A prize draw. Someone baked cupcakes with padlocks iced on top. Cute. Two weeks later, a product manager asked an engineer to “just share the admin credentials for an hour” because the vendor demo…

Read more →

AI, Global Security News, privacy

How Apple built hypertension notifications for Apple Watch

February is Heart Month, so it’s appropriate to speak with the team that built the recently introduced hypertension notifications system for watchOS 26 and Apple Watch.  I spoke with Apple’s Steve Waydo, director for health sensing, and Dr. Rajiv Kumar, physician-researcher, who offered a glimpse into the science and decisions behind their lengthy project to give smartwatch users…

Read more →

AI, ANYRUN, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Malware Analysis, malware behavior, Risk Management

Emerging Ransomware BQTLock & GREENBLOOD Disrupt Businesses in Minutes 

How long would it take your team to realize ransomware is already running?  The newly identified ransomware families are already causing real business disruption. These threats can disrupt operations fast while also reducing visibility through stealth or cleanup activity, shrinking the time teams have to detect and contain the attack.  Here’s what you should know about BQTLock and GREENBLOOD, and how your team can detect and contain them before…

Read more →

AI, Apps, APT, Blog, CERT-UA, CVEs, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Pluggyape, Risk Management, Russia

UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces

On January 12, 2026, the CERT-UA team disclosed a targeted cyber-espionage campaign against the Ukrainian Armed Forces that abused charity-themed social engineering to deliver the PLUGGYAPE backdoor. The activity, observed between October and December 2025, is attributed with medium confidence to the russia-aligned threat actor known as Void Blizzard (Laundry Bear), tracked by CERT-UA as…

Read more →

AI, Apps, APT, Blog, CERT-UA, CVEs, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Pluggyape, Risk Management, Russia

UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces

On January 12, 2026, the CERT-UA team disclosed a targeted cyber-espionage campaign against the Ukrainian Armed Forces that abused charity-themed social engineering to deliver the PLUGGYAPE backdoor. The activity, observed between October and December 2025, is attributed with medium confidence to the russia-aligned threat actor known as Void Blizzard (Laundry Bear), tracked by CERT-UA as…

Read more →

AI, Apps, Global Security News, Network Security, Risk Management

Introducing OSS Rebuild: Open Source, Rebuilt to Last

Posted by Matthew Suozzo, Google Open Source Security Team (GOSST) Today we’re excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream…

Read more →