Geek-Guy.com

Tag: their

AI, Apps, Compliance, Cybersecurity, Global Security News, Risk Management

GUEST ESSAY: Executives trust AI security even as security teams confront blind spots, new risks

In our recent report, Beyond the Black Box, we found a striking gap: 80% of executives believe their organizations have strong security coverage for AI systems. Only about 40% of AppSec practitioners agree. Related: AI moves mainstream That’s not just a perception problem. It’s a visibility problem. The numbers back that up. Sixty-three percent of…

Read more →

AI, china, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

The espionage reality: Your infrastructure is already in the collection path

Threat actors have always sought advantage over their targets. Recently we’ve seen two efforts designed for long-term intelligence gain. This activity surfaced right where you would expect inside the enterprise. Enterprises now sit directly in the adversary’s collection path. They don’t have to be the target; they are on the board and in play because…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group

The US is urging infosec leaders to harden their endpoint management system configurations after last week’s hack of American medical supplies provider Stryker by pro-Iranian threat actor Handala. The warning from the US Cybersecurity and Infrastructure Security Agency (CISA) is principally for organizations using Microsoft Intune, a cloud-based unified endpoint management (UEM) service that Handala,…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group

The US is urging infosec leaders to harden their endpoint management system configurations after last week’s hack of American medical supplies provider Stryker by pro-Iranian threat actor Handala. The warning from the US Cybersecurity and Infrastructure Security Agency (CISA) is principally for organizations using Microsoft Intune, a cloud-based unified endpoint management (UEM) service that Handala,…

Read more →

AI, APAC, Global Security News

Intezer AI SOC removes MDR limits with autonomous triage and optimization

Intezer has expanded capabilities in its AI SOC platform designed for teams who have outgrown their traditional managed detection and response (MDR) services. Internal SOC teams can now focus on supervising outcomes rather than grinding through alerts, with Intezer providing autonomous triage and investigation, continuous optimization for their SIEM and EDR detection rules and expert…

Read more →

AI, Cybersecurity, Global Security News, malware, Network Security, privacy

Surfshark vs NordVPN (2026): Which VPN Wins? Full Breakdown

This guide is for anyone comparing Surfshark vs. NordVPN in 2026, breaking down their features, performance, pricing, and real-world use cases to help you choose the right VPN. On paper, Surfshark and NordVPN look almost identical, offering fast speeds, airtight security, and worldwide streaming access. But when I tested them, the results revealed a clear…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Risk Management

How to manage the lifecycle of Amazon Machine Images using AMI Lineage for AWS

As organizations scale their cloud infrastructure, maintaining proper lifecycle management of Amazon Machine Images (AMIs) is a critical component of their security and risk management goals. AMIs provide the essential information required to launch Amazon Elastic Compute Cloud (Amazon EC2) instances, however; they present security and compliance challenges if not tracked and managed throughout their…

Read more →

AI, Global Security News

Agentic attack chains advance as infostealers flood criminal markets

Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data collected from criminal forums, illicit marketplaces, and underground chat services shows a threat environment where stolen identity data, unpatched vulnerabilities, and ransomware operations are interdependent. The findings come from Flashpoint’s…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Microsoft SQL Server Vulnerability Enables Privilege Escalation

A vulnerability in SQL Server could allow attackers to escalate their privileges to system administrator level within affected database environments.  “Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network,” said Microsoft in their security advisory. Understanding CVE-2026-21262 The vulnerability, tracked as CVE-2026-21262, carries a CVSS score of 8.8…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Overly permissive ‘guest’ settings put Salesforce customers at risk

Salesforce is urging its customers to review their Experience Cloud ‘guest’ configurations as cybercrime group ShinyHunters claims a new campaign involving data theft and extortion tied to exposed Salesforce environments. The group recently posted screenshots on its leak site claiming breaches of “several hundreds” of organizations, including around 400 websites and roughly 100 “high profile…

Read more →

AI, Europe, Global Security News, Government & Policy, Network Security

Gov’t IT spending seen as key to building Europe’s tech ecosystem

As more European organizations reconsider their reliance on US technology suppliers amid rising geopolitical and trade tensions, public sector organizations are leading the way in a potential shift to local tech providers.  The German state of Schleswig-Holstein is moving tens of thousands of employees from Microsoft apps Office, Windows and Exchange to open-source alternatives, for…

Read more →

AI, Compliance, Cybersecurity, Exploits, Global Security News, Risk Management

IRONSCALES Unveils AI Agents to Tackle ‘Phishing 3.0’

A new wave of phishing attacks is forcing security teams to rethink their defenses, and IRONSCALES believes AI agents are the answer. The Atlanta-based email security firm this week unveiled its Winter 2026 Release, introducing three specialized AI agents designed to help organizations counter what it calls “Phishing 3.0,” a new generation of AI-powered impersonation…

Read more →

AI, Europe, Global Security News, Network Security

$100 radio equipment can track cars through their tire sensors

When people consider what might track their movements, they think of smartphone apps, GPS services, or roadside cameras. The tires of a new car rarely enter that equation. Researchers at IMDEA Networks Institute, together with European partners, found that Tire Pressure Monitoring System (TPMS) sensors inside each wheel broadcast unencrypted wireless signals containing persistent identifiers.…

Read more →

Cybersecurity, Global Security News

Reinforcing Steel Suppliers: Building Strong Foundations for Every Project

Learn everything about reinforcing steel suppliers, their role in construction, and how to choose the right one for your project. Reinforcing Steel Suppliers Steel suppliers are a key part of the construction industry. Reinforcing steel suppliers provide steel bars, commonly called rebar, which are used to strengthen concrete. Concrete alone can crack under pressure, so…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

A scorecard for cyber and risk culture

Have you once watched a leadership team clap for their “security culture month” like they’d landed a rover? Posters everywhere. Quizzes. A prize draw. Someone baked cupcakes with padlocks iced on top. Cute. Two weeks later, a product manager asked an engineer to “just share the admin credentials for an hour” because the vendor demo…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Security hole could let hackers take over Juniper Networks PTX core routers

Network admins with Juniper PTX series routers in their environments are being warned to patch immediately, because a newly-discovered critical vulnerability could lead to an unauthenticated threat actor running code with root privileges. The hole is “especially dangerous, because these devices often sit in the middle of the network, not on the fringes,” said Piyush…

Read more →

AI, Cybersecurity, Global Security News

Climb & Fortinet Execs on New US Partnership, 2026 Goals

Specialty distributor Climb and security vendor Fortinet announced their partnership in December 2025. The agreement brings Fortinet’s vast portfolio into the Climb vendor linecard and follows years-long demand globally for security solutions available through the channel. Channel Insider spoke with executives from both companies in early 2026 to learn more about how the two organizations…

Read more →

AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

12.4 Million Accounts Exposed in CarGurus Leak

Millions of CarGurus users may have had their personal and financial data exposed after a notorious threat actor group published a massive dataset allegedly stolen from the automotive marketplace.  Attributed to the ShinyHunters extortion group, the leak includes 12.4 million records with about 70% of those being new data. “The ShinyHunters extortion group has published…

Read more →

AI, Global Security News, privacy, Risk Management

With attention shifting to AI smart glasses, VR faces another reality check

As tech vendors shift their attention to AI-enabled smart glasses, the momentum behind virtual reality (VR) headsets appears to slowing once again. It’s not the first time the technology has seen expectations outstrip real-world demand. An initial wave of interest in the early 1990s generated predictions of mainstream adoption, before fading as the decade progressed. …

Read more →

Apps, Endpoint, Global Security News, Risk Management

How Exposed Endpoints Increase Risk Across LLM Infrastructure

As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that serves, connects and automates the model. Each new LLM endpoint expands the…

Read more →

AI, Global Security News, Risk Management

Study: AI a Priority for Testing Teams Even as Doubt Remains

Software testing teams are prioritizing AI initiatives, but their willingness to scale adoption depends heavily on accuracy, reliability, and the ability to maintain stable automation as systems evolve, according to new research from test automation vendor Leapwork. The Copenhagen-based company surveyed more than 300 software engineers, QA leaders, and IT decision-makers at large and midsize…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Network Security, privacy, Risk Management

With CISOs stretched thin, re-envisioning enterprise risk may be the only fix

A majority of enterprise security leaders view their roles as “no longer fully manageable,” according to a recent report, and security consultants concede that the increasingly over-scoped nature of cyber execs’ roles is a problem not easily fixed. At issue is the fact that companies have consistently broadened the CISO’s jurisdiction and responsibilities without providing…

Read more →

AI, Cloud Security, Data Breaches, Global Security News, Risk Management

GUEST ESSAY: The hidden risks lurking beneath legal AI — permission sprawl, governance drift

In many law firms today, leadership believes their data is secure. Policies are documented, annual reviews are completed, and vendor questionnaires are answered with confidence. On paper, the safeguards look strong. Related: The cost of law firm breaches Yet in practice, few firms have a clear, current view of how their systems actually behave. That…

Read more →

AI, Global Security News, Risk Management

Elon Musk Pushes AI to Be ‘Unhinged,’ Former Employees Say

As OpenAI, Anthropic, and Google race to fortify their AI guardrails, Elon Musk appears to be loosening his. Former xAI insiders say the billionaire is pushing to make his chatbot “more unhinged,” framing safety measures as censorship rather than protection. According to employees who spoke anonymously, the company’s dedicated safety function has effectively been dismantled,…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management, Russia

Malicious Chrome Extensions Hijack 500,000 VK Accounts in Stealth Campaign

More than 500,000 VKontakte users had their accounts silently manipulated by Chrome extensions that appeared to offer simple interface customization.  Koi researchers found the extensions delivered multi-stage malware that forced group subscriptions, reset account settings, and interfered with VK’s security protections.  Because “… the extensions update automatically, the attacker can push new malicious code to…

Read more →

AI, Apps, Cybersecurity, Global Security News, Network Security, privacy, Risk Management

The democratization of AI data poisoning and how to protect your organization

Smart organizations have spent the last three years protecting their AI tools from skilled prompt injection-style attacks. The assumption has been that poisoning the foundational model, the real brains behind AI systems, requires technical expertise, privileged access, or a coordinated threat group. That assumption no longer holds, and it marks a significant shift in how…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Threats

macOS Infostealers Fuel Growing Cybercrime Market

For years, some Mac users believed their devices were largely insulated from the malware plaguing Windows environments. That perception is rapidly eroding.  Flare researchers found a growing underground economy is now centered on macOS Infostealers — malware designed to extract browser credentials, Apple Keychain data, and cryptocurrency wallet seed phrases at scale. “I remember that…

Read more →

AI, Data Breaches, Global Security News, Industry News, Risk Management, SpecterOps

BloodHound Scentry helps organizations reduce identity risk and close attack paths

SpecterOps has announced BloodHound Scentry, a new service designed to help customers accelerate their APM practice and reduce identity risk. BloodHound Scentry combines the power of BloodHound Enterprise with SpecterOps tradecraft experts and practitioners to provide customers with tailored guidance for attack path remediation, advanced analysis for emerging threats, and privilege zone design to protect…

Read more →

AI, Apps, Compliance, Europe, Global Security News, Venture

Gartner: European spending on sovereign cloud IaaS to nearly double in 2026

European organizations will nearly double their spending on sovereign cloud infrastructure as a service (IaaS) this year, as geopolitical tensions cause them to rethink their reliance on US hyperscalers. European investments in sovereign IaaS are expected to grow from $6.9 billion in 2025 to $12.6 billion in 2026, according to a forecast by Gartner published…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Risk Management

NIS2: Supply chains as a risk factor

Many companies today invest significant resources to secure their internal IT. Firewalls, monitoring, incident response plans, and awareness programs are well-established. At the same time, a dangerous illusion is growing: the assumption that risks can be controlled within the boundaries of one’s own system. The reality is quite different. Modern business models are virtually inconceivable without…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Risk Management

NIS2: Supply chains as a risk factor

Many companies today invest significant resources to secure their internal IT. Firewalls, monitoring, incident response plans, and awareness programs are well-established. At the same time, a dangerous illusion is growing: the assumption that risks can be controlled within the boundaries of one’s own system. The reality is quite different. Modern business models are virtually inconceivable without…

Read more →

AI, Funding, Global Security News, Infrastructure, Network Security

DH2I’s Don Boxley on AI, Security, and 2026 Channel Bets

As artificial intelligence investments push enterprises to rethink their infrastructure stacks, channel partners are increasingly being pulled into complex refresh, migration, and security conversations.  To understand how those shifts are unfolding, Channel Insider spoke with Don Boxley, CEO and co-founder of DH2I, about the technology and market forces shaping channel opportunity in 2026. AI infrastructure…

Read more →

AI, APAC, Apps, Cloud Security, Commentary, Compliance, Cybersecurity, Data Breaches, Enterprise resource planning (ERP) systems, Europe, Exploits, Global Security News, Jaguar Land Rover, Risk Management, SAP, ShinyHunters

Why boards should be obsessed with their most ‘boring’ systems

Following a series of high-profile cyberattacks, boards of directors are now requiring their organizations to take greater responsibility for the risks posed by enterprise resource planning (ERP) systems pose after a series of high-profile cyberattacks. The Jaguar Land Rover (JLR), incident in Sept. 2025 illustrates the severe consequences of such attacks. The cyberattack forced JLR…

Read more →

AI, Apps, Compliance, Data Breaches, Data Security, Exploits, Global Security News, Network Security, Risk Management

The silent security gap in enterprise AI adoption

Most security leaders believe they know where their sensitive data lives and how it is protected. That confidence is increasingly misplaced. As enterprises deploy AI across customer support, software development, legal analysis and internal operations, a new data exposure surface has quietly emerged. It does not sit in databases, file systems or network links. It…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, API security, Apps, Cloud Security, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams – and that’s a problem.  This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim…

Read more →

AI, china, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy, Venture

How to scam someone in seven days

Romance scammers have apparently discovered astrology… and Taurus is their secret weapon. In episode 449 of “Smashing Security”, we take a look inside an actual romance-fraud handbook – complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto. Then Lesley “hacks4pancakes” Carhart delivers a…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, privacy

The hack that brought back the zombie apocalypse

America’s airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts. Meanwhile, we look at how a worker at a cybersecurity firm allegedly…

Read more →