Geek-Guy.com

Tag: they

AI, Exploits, Global Security News

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a vulnerability being disclosed and indiscriminate exploitation observed across the internet is now measured in hours, not days. The…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Russia

DIL Observatory: when the World Escalates, the Underground Responds

Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the connection between real-world events and cyber activity is no longer a theoretical framework. It is a documented pattern, traceable across months and geographies. This new…

Read more →

AI, Global Security News

Microsoft Access VBA, (Mon, May 25th)

Microsoft Access files (Microsoft Office’s Database) can contain VBA code. But they are not ole or OOXML files. You can’t analyze them with oledump.py: Neither do they contain an embedded OLE file: Microsoft does not publish official documentation for the Microsoft Access file format, like it does for CFB (ole) and OOXML. That inspired me…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Identity as the primary attack surface: What modern breaches are really exploiting

The “retro” way “The thing about the old days is… they are the old days” – Slim Charles, The Wire Protecting a specified network perimeter was the main focus of enterprise security strategy for several decades. Businesses made significant investments in firewalls, intrusion detection systems, endpoint security and segmentation controls, all of which were built…

Read more →

AI, Apps, Compliance, Global Security News, Network Security, Risk Management

Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows

Agents have agency: they adapt and find multiple ways to solve problems. This autonomy creates a fundamental security challenge: the large language model (LLM) at the heart of the agent is non-deterministic, and its decisions can’t be predicted or guaranteed in advance. It can hallucinate harmful actions with complete confidence. It’s vulnerable to prompt injection…

Read more →

AI, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management

Top 5 Phishing-Driven Social Engineering Attacks on Companies in 2026

Your employees are not falling for “bad grammar” phishing anymore. They are being pulled into fake Microsoft logins, banking pages, AI tool instructions, real OAuth flows, and event invitations that look close enough to daily work to pass without alarm.  For CISOs, that is the real social engineering problem in 2026: attacks are no longer…

Read more →

AI, Exploits, Global Security News

CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE

Web infrastructure bugs remain especially dangerous when they sit in widely deployed request-handling logic for years without detection. Among the latest vulnerabilities impacting NGINX Plus and NGINX Open, the CVE-2026-42945 vulnerability stands out as an 18-year-old heap buffer overflow in ngx_http_rewrite_module that can be reached by an unauthenticated attacker through crafted HTTP requests and may…

Read more →

AI, Exploits, Global Security News, Network Security

CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption

Local privilege-escalation bugs remain especially dangerous when they turn an ordinary user foothold into immediate root access. The CVE-2026-46300 vulnerability, nicknamed Fragnesia, is a high-severity Linux kernel flaw in the XFRM ESP-in-TCP subsystem that allows an unprivileged local attacker to write arbitrary bytes into the page cache of read-only files and escalate privileges. Public reporting…

Read more →

AI, Exploits, Global Security News, malware

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla and Oracle — fixing near…

Read more →

AI, Cybersecurity, Europe, Global Security News, Government & Policy, Risk Management

Major world economies spell out key elements of AI ‘ingredients list’

A group of international government agencies released guidance Tuesday on what they believe any artificial intelligence “ingredients list” tool should include to make AI more secure. The concept of such a list, known as a “software bill of materials (SBOM),” is to know everything that goes into a particular piece of software so that any…

Read more →

AI, Cloud Security, Cybersecurity, Endpoint, Global Security News, malware, Risk Management

ANY.RUN & Elastic Security: Bring Threat Intelligence into Detection and Investigation Workflows      

Security teams don’t lack data. They lack timely, usable intelligence. Analysts spend too much time validating indicators, switching between tools, and figuring out what actually matters. This introduces delays and puts organizations at risk of a missed incident.   ANY.RUN solves this by bringing real-time, behavior-validated threat intelligence from ANY.RUN integrated into Elastic Security, where SOC and MSSP teams detect emerging cyberattacks earlier and respond faster without…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security, Risk Management

CVE-2026-43500 and CVE-2026-43284: Dirty Frag Linux Privilege Escalation Flaw Raises Post-Compromise Risk

Linux local privilege escalation bugs remain especially dangerous when they turn a limited foothold into full root access. The CVE-2026-43500 vulnerability is the RxRPC half of the Dirty Frag exploit chain, which Microsoft says is already linked to limited in-the-wild post-compromise abuse, while Qualys describes it as a page-cache write issue that can let an…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy

Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. Meanwhile, there’s a 1980s phone protocol called…

Read more →

Global Security News, privacy

A study of 1,000 Android apps finds a privacy policy logging gap

Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in production. Legal and privacy teams, working from templates and regulatory checklists, draft policies describing what the app collects from users. These two workflows rarely intersect inside the same company. A new study…

Read more →

AI, Compliance, Global Security News

Employment Hero AI unlocks new employment model targeting $12.6 billion in duplicated employment admin holding Australia back

New modelling shows businesses are paying $12.6 billion more than they should in employment administration Complex, manual HR processes are driving duplication, costing up to a quarter of an employee’s salary and dragging down productivity  Despite Australian businesses spending $160 billion annually on compliance, hundreds of thousands of workers remain underpaid and over half of…

Read more →

AI, Exploits, Global Security News, Network Security

Network ‘background noise’ may predict the next big edge-device vulnerability

Attackers rarely exploit an edge-device vulnerability indiscriminately. Typically, they first test how widely the flaw can be used and how much access it can provide, then move on to steal data or disrupt operations. Pre-attack surveillance and planning leaves a lot of noise in its wake. These signals — particularly spikes in traffic that are…

Read more →

AI, Global Security News

29 million leaked secrets in 2025: Why AI agents credentials are out of control

AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most organizations are handling this badly, and the evidence is in the code. GitGuardian’s State of Secrets Sprawl Report found 28,649,024 new…

Read more →

AI, Apps, Cybersecurity, Global Security News, Risk Management

A framework for securely collecting forensic artifacts into S3 buckets

When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and validate remediation efforts. NIST 800-86, Guide to Integrating Forensic Techniques into Incident Response, defines digital forensics as a process comprised of four basic phases: collection, examination, analysis, and reporting. This blog post focuses…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Risk Management

‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace

Security researchers at Noma Security have disclosed a new vulnerability they are calling GrafanaGhost, an exploit capable of silently stealing sensitive data from Grafana environments by chaining multiple security bypasses, including a method that circumvents the platform’s AI model guardrails without requiring any user interaction. Grafana is widely deployed across enterprise organizations as a central…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management

6 ways attackers abuse AI services to hack your business

Attackers are starting to exploit AI systems to mount attacks in the same way they once relied on built-in enterprise tools such as PowerShell. Instead of relying on malware, cybercriminals are increasingly abusing AI tools enterprises depend on — a trend some experts describe as living off the AI land. “We’re seeing it in things…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, privacy, Risk Management

California to bar AI vendors that can’t prove bias safeguards

AI vendors selling to the California state government must prove they have safeguards against algorithmic bias, civil rights violations, and illegal content, or risk being barred from state contracts, under an executive order signed by Governor Gavin Newsom. The order directs the Department of General Services and the California Department of Technology to develop new…

Read more →

AI, Apps, Compliance, Cybersecurity, Europe, Global Security News, Government & Policy, malware, Network Security, Risk Management

Kamasers Analysis: A Multi-Vector DDoS Botnet Targeting Organizations Worldwide 

DDoS attacks are no longer only an infrastructure problem. They can quickly turn into a business issue, affecting uptime, customer experience, and operational stability. Kamasers is a strong example of this new reality, with broad attack capabilities and resilient command-and-control mechanisms that allow it to remain active under pressure. Let’s explore the Kamasers botnet through…

Read more →

AI, Apps, Compliance, Cybersecurity, Europe, Global Security News, Government & Policy, malware, Network Security, Risk Management

Kamasers Analysis: A Multi-Vector DDoS Botnet Targeting Organizations Worldwide 

DDoS attacks are no longer only an infrastructure problem. They can quickly turn into a business issue, affecting uptime, customer experience, and operational stability. Kamasers is a strong example of this new reality, with broad attack capabilities and resilient command-and-control mechanisms that allow it to remain active under pressure. Let’s explore the Kamasers botnet through…

Read more →

AI, Global Security News, Government & Policy

Trio sentenced for facilitating North Korean IT worker scheme from their homes

Three American men were sentenced Friday for crimes they committed in furtherance of North Korea’s vast scheme to get operatives hired at U.S. companies, the Justice Department said. The trio — Audricus Phagnasay, 25, Jason Salazar, 30, and Alexander Paul Travis, 35 — pleaded guilty in November to wire fraud conspiracy for providing U.S. identities…

Read more →

AI, APAC, Apps, Exploits, Global Security News, Network Security, privacy, Risk Management, Venture

The dark side of chatbots with ‘personality’

They say you can find anything on Amazon. Now, you can even get a personality.  Not for yourself, but for your AI “friend,” Alexa.  Amazon has announced four new “conversation styles” or “personalities” for its voice-interaction Alexa+ AI chatbot.  Users can now choose between “Brief,” “Chill,” “Sweet,” and “Sassy” styles and pick from a range…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Risk Management

Ready for macOS Threats: Expanding Your SOC’s Cross-Platform Analysis with ANY.RUN 

Enterprise security teams are no longer defending a single-platform environment. They are expected to investigate threats across multiple platforms every day, often under constant pressure to move faster and make the right call early. When analysis workflows are split across different tools and environments, triage slows down, investigations take longer, and business risks grow.  To help SOC and MSSP teams handle cross-platform threats…

Read more →

AI, Global Security News

Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

Security teams today are not short on tools or data. They are overwhelmed by both.  Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understand context:  Q: Which exposures, misconfigurations, and vulnerabilities chain together to create viable attack paths to crown jewels? Even the most mature security teams can’t…

Read more →

AI, Cybersecurity, Global Security News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a “significant escalation” in how it propagates through the Open VSX registry. “Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and extensionDependencies to turn initially standalone-looking extensions into transitive

Read more →

AI, Global Security News

Meta turns to AI to sniff out scams on Facebook, Messenger and WhatsApp

Meta’s new tools on Facebook, Messenger, and WhatsApp protect users from scams. They use advanced AI systems to analyze text, images, and surrounding context and identify sophisticated scam patterns. Facebook alerts for suspicious friend requests (Source: Meta) The systems detect impersonation of celebrities, public figures, and brands. They also identify deceptive links and domain impersonation…

Read more →

AI, APAC, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security

SIEM vs Log Management: Observability, Telemetry, and Detection

Security teams are no longer short on data. They are drowning in it. Cloud control plane logs, endpoint telemetry, identity events, SaaS audit trails, application logs, and network signals keep expanding, while the SOC is still expected to deliver faster detection and cleaner investigations. That is why SIEM vs log management is not just a…

Read more →

AI, Global Security News, privacy, Risk Management

Workers reviewing Meta Ray-Ban footage encounter users’ intimate moments

Bank details and intimate moments captured without people realizing they are being recorded are the new privacy nightmare behind the latest tech fashion hit, Meta Ray-Ban smart glasses. A joint investigation by Svenska Dagbladet and Göteborgs-Posten found that footage and audio recorded by Meta’s Ray-Ban smart glasses are reviewed by human contractors in Kenya, including…

Read more →

Data Breaches, Global Security News

Why workforce identity is still a vulnerability, and what to do about it

Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secured.” But the problem can be traced back to the fact that identity verification, provisioning, authentication, and recovery operate as separate…

Read more →

AI, Global Security News

Facebook is experiencing a global outage

Facebook is experiencing a global outage since 4:15 PM ET, with users reporting they cannot access their accounts. Facebook users worldwide report problems while attempting to access their accounts. The outage started around 4:15 PM ET. Upon attempting to access their account, users are presented the following message: “Account Temporarily Unavailable. Your account is currently unavailable due…

Read more →

AI, Apps, Cloud Security, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Identity Security Blind Spots Fuel Modern Attacks

Many organizations believe they have identity security under control.  New data from Permiso’s State of Identity Security Report suggests that confidence is increasingly misplaced — right as identity becomes the dominant attack vector in cloud environments. “92% percent of organizations have AI agents in production accessing sensitive data, and those agents are creating identities without…

Read more →

AI, Europe, Global Security News, Network Security

$100 radio equipment can track cars through their tire sensors

When people consider what might track their movements, they think of smartphone apps, GPS services, or roadside cameras. The tires of a new car rarely enter that equation. Researchers at IMDEA Networks Institute, together with European partners, found that Tire Pressure Monitoring System (TPMS) sensors inside each wheel broadcast unencrypted wireless signals containing persistent identifiers.…

Read more →

AI, Exploits, Global Security News, Government & Policy, Russia

US authorities punish sellers of malware and spyware

The US authorities have made it clear that they will have no truck with any individuals trying to by-pass regulations on trading cyberweapons with hostile powers. Selling sensitive cyber-exploit components to a Russian company landed Australian citizen Peter Williams with an 87-month prison sentence from the US District Court for the District of Columbia on…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Inside AWS Security Agent: A multi-agent architecture for automated penetration testing

AI agents have traditionally faced three core limitations: they can’t retain learned information or operate autonomously beyond short periods, and they require constant supervision. AWS addresses these limitations with frontier agents—a new category of AI that performs complex reasoning, multi-step planning, and autonomous execution for hours or days. Multi-agent collaboration has emerged as a powerful…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, Risk Management

ANY.RUN & Splunk Enterprise: Stronger Detection, Faster Response in Your SOC

Security teams don’t lack alerts, they lack fast, reliable context for decision-making. When threat analysis and intelligence are not an integrated part of the SOC workflow, investigations slow down, MTTR grows, and the risk of missed incidents increases. Adding behavioral analysis and live intelligence directly into SIEM closes this gap, turning monitoring, triage, and response…

Read more →

AI, Global Security News, Risk Management

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, hygiene, business context, and intent. Any one of…

Read more →

Apps, Endpoint, Global Security News, Risk Management

How Exposed Endpoints Increase Risk Across LLM Infrastructure

As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that serves, connects and automates the model. Each new LLM endpoint expands the…

Read more →