Geek-Guy.com

Tag: years

AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Cloud Security Alliance Report Highlights Growing Patch Gap Risks 

Despite years of investment in vulnerability scanning and shift-left security practices, known vulnerabilities continue to drive production security incidents, according to the Cloud Security Alliance’s 2026 State of Modern Application & AI Security Report.   As AI accelerates both vulnerability discovery and exploit development, organizations are facing increasing pressure to reduce exposure windows before attackers can…

Read more →

AI, Europe, Global Security News, Network Security, Russia

Ransomware Operators Keep Business Hours. The Data Proves It

16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 groups over two years and asked the question most threat intelligence reports dance around: when does this actually happen? The answer is mundane and useful. Ransomware runs on…

Read more →

AI, Europe, Global Security News, Network Security, Russia

Ransomware Operators Keep Business Hours. The Data Proves It

16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 groups over two years and asked the question most threat intelligence reports dance around: when does this actually happen? The answer is mundane and useful. Ransomware runs on…

Read more →

Apps, Global Security News

Websites can spy on user activity by analyzing SSD behavior

Websites have spent years collecting information about visitors through browser fingerprinting, tracking scripts, and other techniques designed to identify devices and monitor behavior. Researchers have demonstrated another method that relies on something most users would never expect a website to observe: activity on their SSD (Solid-State Drive), the storage device where applications and files are…

Read more →

AI, Data Breaches, Europe, Global Security News, malware, Network Security, Risk Management

The Gentlemen are coming for your files, and then your network

Ransomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first. Microsoft’s recent warning of the Gentlemen ransomware revealed its operators using a self-propagating Go-based encryptor capable of moving laterally through compromised environments and deploying itself across additional systems. “Modern ransomware…

Read more →

Global Security News, AI, Risk Management, Apps

Developers on H-1B face a tighter job market as AI shifts hiring priorities

For years, software developers on H-1B visas benefited from steady demand among US technology employers. That market is becoming more selective as companies redirect spending toward AI and rely more heavily on coding assistants. Recent layoffs at companies including Meta and Amazon have added to the uncertainty, with engineering and software roles affected even as…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management

Another IT governance headache: AI-enabled sanction evasion

Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns. The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management

Another IT governance headache: AI-enabled sanction evasion

Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns. The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United…

Read more →

AI, china, Compliance, Global Security News, Network Security, Risk Management

Stop treating AI governance as a review layer. Make it release infrastructure

I’ve spent years building compliance into security products. FedRAMP and Department of War Impact Level authorizations, vulnerability management pipelines: They all follow the same pattern. Build the product, then prove it meets requirements. The compliance layer sits outside the engineering workflow. It reviews what already exists. That model worked when the product stayed static between…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Risk Management

The readiness paradox: Why a false sense of cyber confidence is becoming a liability

There’s this old proverb that’s stuck with me over the years: “Dig the well before you are thirsty.” It really means you should prepare for the crisis before it arrives. In cybersecurity, it’s a mentality that’s long underpinned investment, strategy and board-level conversations. And by many measures, organizations appear to have already ‘dug’ that well.…

Read more →

AI, Global Security News

AI red teaming agents change how LLMs get tested

Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source frameworks including Microsoft’s PyRIT, NVIDIA’s Garak, and Promptfoo. The catalog has grown faster than any…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Are Attackers Hiding Inside Your Network Traffic?

I believe one of the important shifts in cybersecurity over the past several years is how attackers are hiding in plain sight.  According to the 2026 IP Intelligence Study released by Spur Intelligence, anonymizing infrastructure, such as virtual private networks (VPNs) and residential proxies, are now involved in nearly every modern cyberattack.  These tools allow…

Read more →

AI, Compliance, Cybersecurity, Global Security News, malware, privacy, Risk Management

ANY.RUN Turns 10: Special Offers for Stronger Security Operations

Ten years in cybersecurity is a long journey. Threats have changed, attacks have become harder to spot, and security teams now need answers faster than ever.  ANY.RUN has grown with those teams.  What started as an interactive sandbox is now a trusted company with threat analysis and intelligence solution used by 15,000+ organizations, 600,000 security professionals, and teams at Fortune…

Read more →

AI, Global Security News

Fedora Hummingbird brings the container security model to a Linux host OS

Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The Fedora Project is now applying that same approach to the host operating system. At Red Hat Summit 2026, Fedora announced Fedora Hummingbird, a container-based rolling Linux distribution delivered as an OCI image. “The Linux…

Read more →

AI, APAC, Cybersecurity, Endpoint, Funding, Global Security News, Network Security, Risk Management, Venture

AI is separating the companies built to scale from the ones built to sell

If you had time to walk the expo floor at this year’s RSA Conference, it was impossible to miss the shift in our industry. Artificial intelligence has moved from an emerging layer to the foundation of what powers cybersecurity companies. But from our vantage point as investors who work closely with founders and operators, the bigger…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Risk Management

AI Agents Are Creating a New Cybersecurity Blind Spot

The cybersecurity industry has spent years focusing on visibility. Dashboards expanded. Detection tooling improved. Telemetry volumes exploded. Yet one of the biggest emerging risks in 2026 is not hidden malware or an unknown zero-day. It is the rapid deployment of AI agents that organisations barely understand, cannot fully inventory, and often cannot meaningfully govern. AI…

Read more →

AI, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

U.S. court sentences Karakurt ransomware negotiator to 8.5 years

Deniss Zolotarjovs was sentenced to 8.5 years in the U.S. after pleading guilty to money laundering and fraud tied to ransomware. Deniss Zolotarjovs, a Latvian national linked to the Karakurt ransomware gang, has been sentenced to 8.5 years in U.S. prison, marking a significant step in efforts to combat global ransomware operations. “A Latvian national…

Read more →

Cybersecurity, Global Security News

Stronger Cybersecurity, Stronger Business: NIST Celebrates 2026 National Small Business Week

Happy National Small Business Week! For over 60 years, the U.S. Small Business Administration has led this initiative to acknowledge the critical contributions of America’s entrepreneurs and small business owners. Part of the U.S. Department of Commerce, NIST’s mission is to drive U.S. innovation and global competitiveness, and the small business community is central to…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

The fake IT worker problem CISOs can’t ignore

Hiring fake IT workers has been a growing problem in recent years — but it’s often a problem very few want to admit to. From Fortune 500 companies down to smaller organizations, remote hiring practices have been exploited to grant trusted access to individuals who are not who they claim to be creating an insider…

Read more →

AI, Global Security News

ChatGPT advanced account security adds passkeys and hardware keys

Journalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. ChatGPT now joins that list. OpenAI has introduced Advanced Account Security, an opt-in setting that strips password-based sign-in from ChatGPT and Codex accounts and replaces it with passkeys or physical security keys. What enrollment changes Enrolled…

Read more →

AI, Cybersecurity, Global Security News, malware, Network Security

Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling

Two US security experts were sentenced to 4 years for helping ransomware attacks. A third accomplice pleaded guilty and awaits sentencing. Two US cybersecurity professionals, Ryan Goldberg and Kevin Martin, were sentenced to four years in prison for their role in supporting ransomware attacks. Both pleaded guilty to conspiracy involving extortion. A third individual, Angelo…

Read more →

AI, Cybersecurity, Global Security News

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S.…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Security, Global Security News, Network Security, Risk Management

Netskope, Rubrik, Commvault Expand Google Cloud Security

At this year’s Google Cloud Next 2026 conference in Las Vegas, tech and cybersecurity companies across the channel unveiled their latest announcements spanning AI, security, infrastructure, and more. While artificial intelligence was firmly front and center, themes around enhanced cybersecurity, particularly AI guardrails and cyber resilience, emerged as equally important priorities. In this recap, we…

Read more →

AI, Cybersecurity, Global Security News, malware

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). “The malware disguises itself as a Minecraft hack called ‘Slinky,’” Brazil-based cybersecurity company ZenoX said in a technical report. “It uses the official game icon to…

Read more →

AI, Apps, Compliance, Global Security News, Network Security, Risk Management

Stopping AiTM attacks: The defenses that actually work after authentication succeeds

The security industry has spent years building better authentication. Longer passwords, second factors, hardware tokens. And attackers responded by moving past authentication entirely. Adversary-in-the-middle (AiTM) phishing does not steal credentials and replay them. It sits between the user and the legitimate service, watches a real authentication succeed in real time, and walks away with the…

Read more →

AI, Global Security News

The Future of Data Platforms: From Pipelines to Intelligent Orchestration

GUEST OPINION:  For years, organisations have invested heavily in building data pipelines — structured flows that move data from source systems into warehouses, lakes, and dashboards. These pipelines have been the backbone of reporting and analytics. But as enterprises accelerate their adoption of AI, digital platforms, and real-time decision-making, pipelines alone are no longer enough.

Read more →

AI, Cybersecurity, Global Security News, malware

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium enrichment centrifuges. According to a new report published by SentinelOne, the previously undocumented cyber sabotage framework dates back to 2005, primarily targeting high-precision calculation software to tamper

Read more →

AI, Global Security News

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers

Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, codenamed Resolute Raccoon, pulls most of those threads together into a single release that will receive standard security support until April 2031. Rust moves into the system layer One of the more…

Read more →

AI, Exploits, Global Security News, malware

With AI’s help, North Korean hackers stumbled into a near-undetectable attack

For many years, state-sponsored hacking was defined by human expertise in finding security holes, writing malware and exploits, pulling off social engineering and phishing attacks, and much more. Since the advent of LLM-powered AI assistants and tools, less skilled attackers have been able to carry out attacks and compromises that might otherwise have been out…

Read more →

AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management, Venture

The AI era demands a different kind of CISO

Many security leaders are still operating with frameworks built for a different era. For years, success was measured by fixed checkpoints, such as passing audits, closing vulnerabilities, and maintaining compliance. Those markers still have value, but they were designed for a threat landscape that moved in predictable, linear ways. Today, that landscape is shifting in…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials. Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing

Read more →

Global Security News, Network Security

Exhibit at or Sponsor the 2026 Community Meetings

  Don’t miss your chance to join the excitement at this year’s highly anticipated PCI SSC Community Meetings in Vancouver, BC, Canada; Edinburgh, Scotland; and Kuala Lumpur, Malaysia. Secure sponsorship or exhibitor opportunities to connect with payment security leaders, network with peers, and meet prospective customers—all while celebrating PCI SSC’s 20th anniversary with the global…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

The deepfake dilemma: From financial fraud to reputational crisis

Deepfake technology has crossed a critical threshold. What was impossible 10 years ago and required specific expertise only a few years ago is now cheap and accessible. Worse, it’s now good enough to fool a wide range of employees and executives. In fact, a 2025 Gartner survey found that 43% of cybersecurity leaders experienced at…

Read more →

AI, Apps, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags

For years, quantum risk was easy for most institutions to treat as premature: real in theory, urgent someday, but not yet an operational problem. That is no longer tenable. Related: AI spawns semantic attacks Two developments this month brought the shift into focus. Google Quantum AI published research suggesting the computing resources needed to break…

Read more →

Global Security News

iTWire TV: After three years steering Australia’s robotics peak body, Nicci Rossouw hands over the controls with a packed expo, a gala night, and one clear message: buy Australian

Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.

Read more →

Global Security News

After three years steering Australia’s robotics peak body, Nicci Rossouw hands over the controls with a packed expo, a gala night, and one clear message: buy Australian

Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.

Read more →

AI, Global Security News

iTWire TV: HPE’s April Neoh on AI Bias, Trust, and Why the Scales Still Aren’t Balanced

GUEST INTERVIEW: April has spent roughly 20 years in tech. She’s watched the suits get replaced by suits wearing sneakers. She’s seen decisions go from months-long deliberation cycles to minimum viable products shipped at pace. And now, as Account Executive for High Performance Computing and AI at Hewlett Packard Enterprise, she’s watching AI reshape the…

Read more →

Global Security News

iTWire TV: Zoho and ManageEngine plant their flag in Parramatta, betting big on Sydney’s second CBD

LAUNCH EVENT, GUEST INTERVIEWS: 22 years in Australia, and they’re only just getting started – see the full video of the Zoho and ManageEngine launch of the new Sydney office, hosted by ManageEngine’s marketing maven Jeremy Spence, plus exclusive video interviews with Vinayak Sreedhar, ANZ Country Manager of ManageEngine, and Rakesh Prabhkar, head of Zoho ANZ. 

Read more →

Global Security News

Zoho and ManageEngine plant their flag in Parramatta, betting big on Sydney’s second CBD

LAUNCH EVENT, GUEST INTERVIEWS: 22 years in Australia, and they’re only just getting started – see the full video of the Zoho and ManageEngine launch of the new Sydney office, hosted by ManageEngine’s marketing maven Jeremy Spence, plus exclusive video interviews with Vinayak Sreedhar, ANZ Country Manager of ManageEngine, and Rakesh Prabhkar, head of Zoho ANZ. 

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management

ClickFix Meets AI: A Multi-Platform Attack Targeting macOS in the Wild

For years, macOS environments carried an aura of relative safety. Not immunity, but lower priority in the threat landscape. That perception has aged about as well as an unpatched server.  The reality in 2026 is very different. Apple devices now make up a significant share of corporate endpoints. And they sit in the hands of the people attackers most want…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management

ClickFix Meets AI: A Multi-Platform Attack Targeting macOS in the Wild

For years, macOS environments carried an aura of relative safety. Not immunity, but lower priority in the threat landscape. That perception has aged about as well as an unpatched server.  The reality in 2026 is very different. Apple devices now make up a significant share of corporate endpoints. And they sit in the hands of the people attackers most want…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Risk Management

Supply chain security is now a board-level issue: Here’s what CSOs need to know

For many years, supply chain security was viewed purely as a technical concern. However, with high-profile vulnerabilities and regulations, it is now a board-level issue that requires organizations to rethink how to build resiliency and insulate their operations. The changing regulatory landscape has been a key driver of the C-suite’s focus, as legislation such as…

Read more →

AI, Cybersecurity, Global Security News, Network Security, Risk Management

Escaping the COTS trap

Over the years, enterprise cybersecurity environments have accumulated staggering numbers of commercial tools. Industry research converges on a consistent picture of tool proliferation that drives complexity, cost, and risk. The global cybersecurity market is valued at approximately $243 billion in 2024 and projected to surpass $520 billion annually by 2026. Commercial off-the-shelf (COTS) software promises…

Read more →

AI, china, Europe, Global Security News, Government & Policy, malware, Russia

European-Chinese geopolitical issues drive renewed cyberespionage campaign

A Chinese cyberespionage group has shifted its gaze back to Europe after years of focusing on other parts of the world, Proofpoint research published Wednesday found. The surge began in mid-2025, with a bevy of issues bubbling up between China and Europe, the company said. Proofpoint labels the government-linked group TA416, but other companies track…

Read more →

AI, Cybersecurity, Global Security News, malware

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next. Threat actors now use malware less frequently in favor of what’s already inside your environment, including abusing trusted tools, native binaries, and legitimate admin utilities to move laterally, escalate privileges, and persist without raising…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Politics, Risk Management

The external pressures redefining cybersecurity risk

Over the last four years, I’ve watched organizations get blindsided by threats that originated in a third-party network. More than 35% of data breaches are caused by a compromised vendor or partner, not by any failure in the organization’s controls. While many organizations know that the biggest threats to their security come from forces entirely…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Risk Management

RSAC 2026: AI Leads Security Shift Across Vendors & MSPs

At this year’s RSA Conference 2026, cybersecurity companies across the board took the opportunity to announce new partnerships and capabilities. Unsurprisingly, AI was a central theme across vendors. Whether focused on AI-powered defense, addressing shadow AI, or embedding AI into security operations, the technology is now more than ever a cornerstone of how cybersecurity companies…

Read more →

AI, Apps, Compliance, Endpoint, Exploits, Global Security News, malware, Network Security

Why Kubernetes controllers are the perfect backdoor

In my years securing cloud-native environments, I’ve noticed a recurring blind spot. We obsess over the “front doors” such as exposed dashboards, misconfigured RBAC, or unpatched container vulnerabilities. We harden the perimeter, but we often ignore the machinery humming inside.  Sophisticated adversaries have moved beyond simple smash-and-grab tactics. They don’t just want to run a…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Government & Policy, Risk Management

AI regulations are already out of date — IT leaders need to think ahead

Most AI regulations passed in the last few years are already irrelevant, but enterprises should think ahead with rudimentary governance plans for quicker compliance, said legal experts in two panel discussions at Nvidia’s GTC trade show last week. Current AI regulations target frontier models, high-risk models, and transparency. They typically focus on LLMs and the…

Read more →