Geek-Guy.com

Tag: trust

AI, Global Security News, Network Security

Versa extends zero trust principles to AI agents and MCP workflows

Versa has introduced a patent-pending zero trust architecture for the Model Context Protocol (MCP), applying zero trust principles to AI execution. The company said every AI-generated action is validated against user identity, role-based access controls, and system policies before execution, with human approval required when defined by administrators. The launch addresses a growing challenge as…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses.  Researchers at SentinelOne have detailed a new variant of the SHub malware family, dubbed “Reaper,” that impersonates Apple, Google, and Microsoft at different stages of a single attack chain targeting Mac users. The…

Read more →

Global Security News, malware, Risk Management

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your IT team uses every day are also the preferred…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

Dubai-founded OTT Cybersecurity LLC also unveils the Agent Trust Protocol (ATP), the first open cryptographic standard for AI agent identity, scope, and action verification — slated for IETF submission. OTT Cybersecurity LLC, the company behind Lyrie.ai, today announced two milestones that together position the company as foundational infrastructure for the agentic AI era: acceptance into…

Read more →

AI, Apps, Cloud Security, Compliance, Endpoint, Global Security News, Network Security

Why most zero-trust architectures fail at the traffic layer

Zero trust has become one of the most widely adopted security models in enterprise environments. Organizations invest heavily in identity systems, access policies and modern security tooling. On paper, these environments look well-protected. Yet during incidents, a different reality often emerges. I have worked with organizations where zero-trust initiatives were fully implemented from an identity…

Read more →

Cybersecurity, Europe, Global Security News

Microchip expands Trust Shield with PQC-ready root of trust and secure boot controllers

Microchip Technology is expanding its portfolio of Trust Shield, PQC‑ready devices with the TS1800 Platform Root of Trust controller and the TS50x secure boot controller. The devices are designed to help system architects address emerging cybersecurity mandates, including the European Cyber Resilience Act (CRA) and Commercial National Security Algorithm Suite 2.0 (CNSA 2.0), while supporting…

Read more →

AI, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Russia

Signal Phishing Campaign Targets German Officials in Suspected Russian Operation

Suspected Russian phishing via Signal targeted German officials, exploiting trust to access accounts and sensitive political communications. A new wave of cyber operations targeting European political leadership is once again highlighting how modern espionage increasingly relies on deception rather than technical exploits. Recent investigations by German authorities point to a large-scale phishing campaign conducted via…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management

Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE

Admins who use Cisco Webex Services configured to use trust anchors within the SSO integration with Control Hub must install a new identity provider certificate to close a critical vulnerability, or risk losing access control. Cisco said in an advisory this week that admins must upload a new identity provider (IdP) SAML certificate to Webex…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management

Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE

Admins who use Cisco Webex Services configured to use trust anchors within the SSO integration with Control Hub must install a new identity provider certificate to close a critical vulnerability, or risk losing access control. Cisco said in an advisory this week that admins must upload a new identity provider (IdP) SAML certificate to Webex…

Read more →

AI, Apps, Cloud Security, Compliance, Endpoint, Global Security News, Network Security

Why most zero-trust architectures fail at the traffic layer

Zero trust has become one of the most widely adopted security models in enterprise environments. Organizations invest heavily in identity systems, access policies, and modern security tooling. On paper, these environments look well-protected. Yet during incidents, a different reality often emerges. I have worked with organizations where zero-trust initiatives were fully implemented from an identity…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Security leaders say the next two years are going to be ‘insane’

SAN FRANCISCO — Every RSA Conference has its buzzwords. Cloud. Ransomware. Zero trust. Plastered across the 87-acre Moscone Center complex on every booth, banner and bar. This year was AI, with vendors pitching AI-powered solutions to every security problem imaginable. But 2026 stood out for a different reason: Industry leaders spent the conference warning about…

Read more →

AI, Compliance, Global Security News

DigiCert Document Trust Manager enhancements improve document security and compliance

DigiCert has announced enhancements to its Document Trust Manager solution to help organisations combat rising document fraud, simplify global compliance, and strengthen trust in digital transactions in the age of AI. Unlike traditional signing tools that require separate regional or departmental infrastructure to meet standards such as AATL and eIDAS, Document Trust Manager centralises signing…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security

Can Zero Trust survive the AI era?

For the past decade, cybersecurity experts in the federal government have argued that trust, or a lack of it, was key to developing effective security policies for agency systems and data. But today, cybercriminals and state-sponsored hackers are using artificial intelligence to develop and launch cyberattacks more quickly and efficiently. Governments and businesses are facing…

Read more →

AI, Global Security News, Risk Management

SCW Trust Agent: AI tracks AI influence in code to reduce software risk

Secure Code Warrior has announced SCW Trust Agent: AI, a governance solution designed to make AI influence in software development visible, attributable, and enforceable at the point of commit, enabling enterprises to scale AI coding tools with measurable control over software risk. Organizations can trace which AI models influenced specific commits, correlate that influence with…

Read more →

AI, Global Security News

Workiva Bolsters APJ Investment with Strategic Executive Appointment Amid Period of Sustained Growth

Workiva Inc. (NYSE: WK), a leading, AI-powered platform for trust, transparency, and accountability, is fueling its investment in Asia-Pacific and Japan (APJ), announcing the appointment of Kristen “KP” Pimpini as Vice President of Sales and General Manager, APJ. The appointment comes on the heels of a sustained period of Workiva customer and employee momentum across APJ. 

Read more →

Cloud Security, Compliance, Global Security News

Zscaler enhances data sovereignty controls with regional processing and logging

Zscaler has expanded its data sovereignty capabilities globally, powered by the Zscaler Zero Trust Exchange cloud security platform. For global enterprises, the conflict between protecting data and enabling cross-border collaboration is a major compliance and business challenge to growth. Zscaler already operates 160+ data centers and is present in most countries. Its architecture is based…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Why zero trust breaks down in IoT and OT environments

Zero trust solves the wrong problem in OT Zero trust has become the dominant security narrative of the past decade, and rightly so. Its core principles, never trust, always verify; assume breach; enforce least privilege, have reshaped how organizations think about identity, access and lateral movement. In enterprise IT environments, these principles have produced measurable…

Read more →

AI, Compliance, Cybersecurity, Global Security News

Codenotary Trust delivers autonomous AI security for Linux and Kubernetes

Codenotary has announced Codenotary Trust, a unified SaaS platform that uses AI to instantly detect, prioritize, and autonomously fix security, configuration, and performance issues, while also providing rollback capabilities. Importantly, the product is designed with the talent shortage in mind so that expert-level security management is made accessible to junior and mid-level administrators. Codenotary helps…

Read more →

AI, Apps, Global Security News, Risk Management

Cork Cyber Unveils Software Installer Scripts

At ThreatLocker Zero Trust World, Cork Cyber announced the launch of Software Installer Scripts within the Cork Vantage Platform, a new capability that enables MSPs to generate dynamic installer scripts for vulnerable and outdated software across Windows environments. Aligning operational security with financial continuity According to Cork Cyber, the release addresses the longstanding problem of…

Read more →

AI, Global Security News, Network Security

Enigma AI enables internal trust governance to asset-to-asset communications

Enigma Networks has announced the general availability of its Internal Trust Governance platform, Enigma AI, which continuously determines and validates which communications are necessary and safe across enterprise networks. Just as identity and access management (IAM) governs trust for users, Enigma AI governs trust between internal systems and assets, introducing a new control plane for…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Booking.com Phishing Campaign Hijacks Hotel Accounts to Defraud Guests

A new phishing campaign is exploiting trust in Booking[.]com to steal credentials from hotel partners and then defraud unsuspecting travelers.  The multi-stage operation begins with convincing “complaint” emails sent to hotel staff and can end with fraudulent payment requests sent directly to guests via WhatsApp. “The primary motivation driving this incident is financial fraud, targeting…

Read more →

AI, Apps, Data Breaches, Global Security News, Industry News, Network Security, Portnox

Portnox expands ZTNA with passwordless access for RDP, SSH, and enterprise consoles

Portnox has unveiled a major expansion of its zero trust network access (ZTNA) solution, extending credential-free access beyond web and on-premises applications to include enterprise console-based applications. Organizations can eliminate passwords and credentials from administrative access via Remote Desktop Protocol (RDP), Secure Shell (SSH), Virtual Network Computing (VNC), and Teletype Network (Telnet). This removes the…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, News, Risk Management, Threats, trends

Hundreds of Malicious Skills Found in OpenClaw’s ClawHub

A routine question about trust exposed a far more serious problem when researchers discovered hundreds of malicious skills hidden inside a widely used AI agent marketplace.  Koi researchers analyzed ClawHub, the third-party skill repository for OpenClaw, and found that threat actors had quietly turned the ecosystem into a large-scale malware distribution channel. We found “……

Read more →