Geek-Guy.com

Month: January 2025

Apps, congestion pricing, Global IT News, Global Security News, Government & Policy, Lyft

Lyft will credit NYC riders for congestion fee throughout January

New York City’s congestion pricing is scheduled to take effect Sunday — but for the first month, Lyft said it will be crediting riders who pay the fee. New York’s program, which is supposed to reduce traffic in lower Manhattan while also raising funding for mass transit, was paused by Governor Kathy Hochul in June,…

Read more →

cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infoecurity Education, Security Bloggers Network

DEF CON 32 – The Interplay between Safety and Security in Aviation Systems3

Author/Presenter: Lillian Ash Baker Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – The Interplay between Safety and Security in Aviation Systems3…

Read more →

Exploits, Global Security News

Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than…

Read more →

Global Security News

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source

Read more →

Global Security News

U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims. These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or

Read more →

Active Directory, Vulnerabilities, Windows Security, Exploits, Global Security News

Critical Windows LDAP flaw could lead to crashed servers, RCE attacks

Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers. “Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach,…

Read more →

Global IT News, Global Security News, Space, SpaceX, Starlink, Starship, TC

New ship, new year: SpaceX to deploy model Starlink satellites on next Starship launch

SpaceX is significantly upping the ante of its Starship test flight program, with the next rocket launch expected to demonstrate payload deployment for the first time.  The payload in question will be 10 Starlink “simulators” that will be similar in size and weight to the next-gen satellites SpaceX plans to use Starship to deploy in…

Read more →

Cybersecurity, Global Security News, Secrets Management, secrets scanning, Security Bloggers Network

Feel Relieved: Advanced Secrets Management Techniques

Could Advanced Secrets Management be Your Way to Feeling Relieved? Think about it. If you could significantly decrease the likelihood of security breaches and data leaks in your organization, wouldn’t that be a massive weight lifted off your shoulders? But how to systematically fortify your cybersecurity? The answer lies in Non-Human Identities (NHIs) and Secrets…

Read more →

Cloud Compliance, Cloud Security, Data Security, Global Security News, Security Bloggers Network

Ensure Your Data’s Safety: Best Practices in Cloud Security

Where Does Your Cloud Security Stand? Does your organization’s data management strategy consider non-human identities (NHIs) and secret security management? In the intricate dance of safeguarding data, ensuring the security of machine identities, or NHIs, and their corresponding secrets is pivotal. This practice remains an essential element of best cloud security practices and an effective…

Read more →

Aurora Innovation, Global IT News, Global Security News, Startups, Transportation, Uber, uber freight

Uber CEO Dara Khosrowshahi resigns from self-driving truck startup Aurora’s board

Dara Khosrowshahi is resigning from the board of autonomous vehicle technology company Aurora Innovation, citing a desire to focus on his ongoing responsibilities as CEO of Uber and reduce external board commitments, according to a Friday regulatory filing. Khosrowshahi’s resignation was effective as of Tuesday. Aurora says Khosrowshahi’s decision to leave the board was not…

Read more →

accounting, AI, bain capital ventures, bench, Exclusive, Fintech, Global IT News, Global Security News, Shopify, Startups

Inside the wild fall and last-minute revival of Bench, the VC-backed accounting startup that imploded over the holidays

Friday, December 27, was supposed to be the start of a relaxing holiday weekend. But it was chaos for thousands of small business owners who use Bench, an accounting and tax startup based in Canada that raised $113 million from investors like Bain Capital Ventures and Shopify. That morning, they found themselves unable to log…

Read more →

AI, API security, Application Security, AppSec, GenAI, Global Security News, predictions, Security Bloggers Network, software supply chain attacks

Imperva’s Wildest 2025 AppSec Predictions

Humans are spectacularly bad at predicting the future. Which is why, when someone appears to be able to do it on a regular basis, they are hailed as visionaries, luminaries and celebrated with cool names like Nostradamus and The Amazing Kreskin. Nostradamus made his fame on predictions about the distant future, but that technique has…

Read more →

CES, electric vehicles, Global IT News, Global Security News, Scout Motors, Transportation

Scout Motors EVs will have satellite connectivity

Volkswagen offshoot Scout Motors is getting a jump start on CES 2025 next week, with some good news for people who plan to take the company’s EVs way, way outdoors: The forthcoming Traveler SUV and Terra pickup will have a built-in satellite connection. Scout Motors isn’t saying where it’s sourcing the satellite link-up hardware from,…

Read more →

AI, Exclusive, Funding, Fundraising, generative ai, Global IT News, Global Security News, pitchbook, Startups, trends, VC, Venture

Generative AI funding reached new heights in 2024

If there was any doubt, the generative AI bubble didn’t burst in 2024. Investments in generative AI, which encompasses a range of AI-powered apps, tools, and services to generate text, images, videos, speech, music, and more, reached new heights last year. According to data from financial tracker PitchBook compiled for TechCrunch, generative AI companies worldwide…

Read more →

Advanced Persistent Threats, Government, Hacker Groups, Asia Pacific, Global Security News

US government sanctions Chinese cybersecurity company linked to APT group

The US Department of Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against a Beijing cybersecurity company for its role in attacks attributed to a Chinese cyberespionage group known as Flax Typhoon. The company, called Integrity Technology Group (Integrity Tech), is accused of providing the computer infrastructure that Flax Typhoon used in its…

Read more →

cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network

DEF CON 32 – The Past, Present, and Future of Bioweapons

Authors/Presenters: Lucas Potter, Meow-Ludo Disco Gamma Meow-Meow, Xavier Palmer Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – The Past, Present, and…

Read more →

Asia Pacific, china, Christopher Wray, Department of Treasury, fbi, Federal Bureau of Investigation (FBI), Financial, Flax Typhoon, Geopolitics, Global Security News, Integrity Technology Group, internet of things, Internet of Things (IoT), State Department, Technology, Treasury Department

U.S. sanctions take aim at Chinese company said to aid hackers’ massive botnet

The U.S. government on Friday sanctioned a Chinese company that Western nations had connected to a Beijing-sponsored hacking group’s botnet, which had compromised hundreds of thousands of devices before a joint takedown operation last year. Flax Typhoon hackers made use of infrastructure at Integrity Technology Group to exploit victims, according to the Treasury Department’s Office…

Read more →

AI, Global IT News, Global Security News, Microsoft

Microsoft to spend $80 billion in FY’25 on data centers for AI

Microsoft has earmarked $80 billion in fiscal 2025 to build data centers designed to handle artificial intelligence workloads, according to a company blog post. Specifically, the tech giant plans to build out AI-enabled data centers “to train AI models and deploy AI and cloud-based applications around the world.” Of that $80 billion allocation, more than…

Read more →

Global IT News, Global Security News, Tesla Cybertruck, Transportation, turo

Turo CEO: Attackers had clean records, so background checks wouldn’t have stopped them

Two individuals rented cars from Turo, a peer-to-peer car-sharing platform, and used them to perform acts of violence earlier this week. First, a military veteran driving a Ford F-150 Lightning drove into a crowd of people, killing at least 15. Then, an active-duty Green Beret rented a Tesla Cybertruck, parked it in front of the…

Read more →

Emerging Tech, Federal Communications Commission, Global Security News, Government, Policy, robocalls, Salt Typhoon, telecoms, voice cloning

Exit interview: FCC’s Jessica Rosenworcel discusses her legacy on cybersecurity, AI and regulation

On Jan. 20, Jessica Rosenworcel will leave the Federal Communications Commission, capping off a 12-year tenure that saw her rise from commissioner to chairwoman in 2021. Under her leadership, the agency has taken an aggressive approach to regulating cybersecurity, data privacy and emergent artificial intelligence use in the communications sector. Over the past four years,…

Read more →

accessibe, accessibility, AI, Apps, blind, complaint, disabled, FTC, Global IT News, Global Security News, Government & Policy, order, startup, Startups, web accessibility

FTC orders AI accessibility startup accessiBe to pay $1M for misleading advertising

The U.S. Federal Trade Commission (FTC) has fined accessiBe, a startup that claims to make websites more compatible with the screen readers blind people rely on to access the internet, for false advertising and compensating reviewers without disclosing that it sponsored the reviews. In a proposed order, the FTC would require accessiBe to pay $1 million…

Read more →

Global IT News, Global Security News, In Brief, Tesla Cybertruck, Transportation, turo

Turo taps national security and counterterrorism experts after Cybertruck explosion

Two individuals rented cars from Turo, a peer-to-peer car-sharing platform, and used them to perform acts of violence earlier this week. First, a military veteran driving a Ford F-150 Lightning drove into a crowd of people, killing at least 15. Then, an active-duty Green Beret rented a Tesla Cybertruck, parked it in front of the…

Read more →

Fundraising, Global IT News, Global Security News, newsletter, Startups, Startups Weekly, venture capital

Bench saved by the bell, and other last-minute deals that closed 2024

Welcome to Startups Weekly — your weekly recap of everything you can’t miss from the world of startups. Want it in your inbox every Friday? Sign up here. Welcome to 2025! The first half of the week was relatively quiet in terms of startup announcements, but activity is already starting to pick up. We’re also…

Read more →

Climate, Global IT News, Global Security News, Government & Policy, green hydrogen, Hydrogen, inflation reduction act, tax credits

Hydrogen tax credit rules give startups clarity while boosting nuclear and carbon capture

Hydrogen startups are widely seen as a promising way to eliminate fossil fuels from heavy industry and long-haul transportation. But they have been stuck in limbo for the last couple years, waiting for official guidance from the U.S. Treasury on lucrative tax credits. The wait ended today, with the Treasury announcing final rules for hydrogen…

Read more →

Apple, Apple tv+, Global IT News, Global Security News, Media & Entertainment

Apple TV+ is free to stream this weekend

Apple is allowing anyone to access its Apple TV+ streaming service for free from Friday through Sunday. The company announced the weekend of free streaming earlier this week alongside a short video featuring its most popular TV shows, including “Severance,” “Slow Horses,” “Shrinking,” and more. It’s worth noting that this is the first time that…

Read more →

artronic, CES, earbuds, Gadgets, Global IT News, Global Security News, Hardware, komutr

These MagSafe earbuds snap on to the back of an iPhone

We’ve seen a handful of AirPod-charging iPhone battery cases come and go over the years. Artronic’s new earbuds take a different approach, with a slim charging case that snaps directly to the back of MagSafe-compatible phones. The Komutr buds were announced on Friday, a few days ahead of their CES 2025 debut. In a sea…

Read more →

Climate, electra, Exclusive, Fundraising, Global IT News, Global Security News, scoop, steel

Electra found a cheap, clean way to purify iron, and it’s raising $257M to make it happen

Electra has raised $76.3 million to clean up the dirty ironmaking industry, TechCrunch has learned. The startup has developed a novel method of using electricity to coax pure iron out of low-grade ores, opening the door to cleaner steel. The new funding round, which was disclosed in a regulatory filing, seeks to raise a total…

Read more →

electric vehicles, EVs, Global IT News, Global Security News, Rivian, Transportation

Rivian wraps 2024 with more than 50,000 EVs delivered

Rivian finished last year having delivered 51,579 electric SUVs, trucks, and vans, more than triple the number it shipped to customers in 2023. The company announced Friday that it also built 49,476 EVs in 2024. That’s about 8,000 fewer than it expected to manufacture as recently as July. Rivian was forced to lower its expectations,…

Read more →

Cybersecurity, Global IT News, Global Security News, identity, Identity & Access, infosec, phishing, SaaS, Security Bloggers Network

Consent Phishing: The New, Smarter Way to Phish

What is consent phishing? Most people are familiar with the two most common types of phishing — credential phishing and phishing payloads, where attackers trick users into revealing credentials and downloading malicious software respectively. However, there is a third type of phishing on the rise: consent phishing. Consent phishing deceives users into granting a third-party SaaS application…

Read more →

Commerce, consumer goods, Global IT News, Global Security News, Hindustan Unilever, India, minimalist, Startups, Unilever Ventures

Hindustan Unilever in talks to acquire Peak XV-backed Minimalist for up to $350M

Consumer goods giant Hindustan Unilever is in advanced talks to acquire four-year-old direct-to-consumer startup Minimalist for up to $350 million, according to two people familiar with the matter. An acquisition would add to the Unilever subsidiary’s buying spree in India, where it expanded into the health and wellbeing category by acquiring Oziva and Wellbeing Nutrition…

Read more →

Global Security News

New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%

Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack strategy has been codenamed Bad Likert Judge by Palo Alto Networks Unit 42 researchers Yongzhe Huang, Yang Ji, Wenjun…

Read more →

Exploits, Global Security News

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (

Read more →

Global Security News

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. “We expect that most users will not be directly affected, however, it is critical that you validate if you are affected and to watch for downtime or other…

Read more →

Cybersecurity, Global Security News, Payment gateway, Security Bloggers Network

The Critical Risk of Using Dummy Email Domains in Payment Gateways

During our recent security assessments across multiple clients, we discovered a concerning pattern: many companies are unknowingly exposing their customers’ sensitive payment information through a simple yet critical misconfiguration in… The post The Critical Risk of Using Dummy Email Domains in Payment Gateways appeared first on Strobes Security. The post The Critical Risk of Using…

Read more →

Development Approaches, DevSecOps, Security Practices, Security Software, Software Development, Exploits, Global Security News

Secure by design vs by default – which software development concept is better?

As cybersecurity professionals, we need to know that the software products we acquire are safe and able to support or accommodate the procedures and tools we use to keep attackers at bay while performing their given functions. With attacks perennially on the rise and the software supply chain remaining as vulnerable as ever, there is…

Read more →

Apps, Cloudflare Apps, Global IT News, Global Security News, India, Security, VPN

Cloudflare’s VPN app among half-dozen pulled from Indian app stores

More than half-a-dozen VPN apps, including Cloudflare’s widely-used 1.1.1.1, have been pulled from India’s Apple App Store and Google Play Store following intervention from government authorities, TechCrunch has learned.  The Indian Ministry of Home Affairs issued removal orders for the apps, according to a document reviewed by TechCrunch and a disclosure made by Google to…

Read more →

Global Security News

Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations

Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users’ privacy using its voice-activated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential…

Read more →

Global Security News

Federal vs. State Regulations: Their Role in Delivery Truck Crashes

GUEST OPINION: When delivery trucks hit the road, they carry more than just packages—they also carry significant responsibility. With the rise of e-commerce, delivery vehicles are increasingly a common sight on highways and local streets. While these trucks keep commerce flowing, their presence also raises safety concerns, particularly when accidents occur. The role of federal…

Read more →

Global Security News

Federal vs. State Regulations: Their Role in Delivery Truck Crashes

GUEST OPINION: When delivery trucks hit the road, they carry more than just packages—they also carry significant responsibility. With the rise of e-commerce, delivery vehicles are increasingly a common sight on highways and local streets. While these trucks keep commerce flowing, their presence also raises safety concerns, particularly when accidents occur. The role of federal…

Read more →

Global Security News

Federal vs. State Regulations: Their Role in Delivery Truck Crashes

GUEST OPINION: When delivery trucks hit the road, they carry more than just packages—they also carry significant responsibility. With the rise of e-commerce, delivery vehicles are increasingly a common sight on highways and local streets. While these trucks keep commerce flowing, their presence also raises safety concerns, particularly when accidents occur. The role of federal…

Read more →

AI, amd, CES, ces 2025, Global IT News, Global Security News, Hardware, nvidia, Samsung, Sony, Transportation

How to watch CES 2025’s press conferences

CES 2025 kicks off January 7. The annual Las Vegas event sets the tone for the year’s consumer electronics and automotive industries. As always, TechCrunch will be there, sniffing stories from the most exciting startups and tech giants. If you really want a piece of the action without paying for the hotel and flight, many…

Read more →

AI, Elon Musk, generative ai, Global IT News, Global Security News, Grok, grok 3, musk, scaling. laws, xAI

xAI’s next-gen AI model didn’t arrive on time, adding to a trend

The list of flagship AI models that missed their promised launch windows continues to grow. Last summer, billionaire Elon Musk, the founder and CEO of AI company xAI, said that Grok 3, xAI’s next major AI model, would arrive by “end of year” 2024. Grok, xAI’s answer to models like OpenAI’s GPT-4o and Google’s Gemini,…

Read more →

Best of 2024, Blog, Global Security News, identity breach, national public data breach, NPD breach

Best of 2024: National Public Data (NPD) Breach: Essential Guide to Protecting Your Identity

Following the publication of our in-depth analysis on the National Public Data (NPD) breach last week, Constella Intelligence received several inquiries about how to safeguard against identity attacks using the exposed SSNs.  The recent National Public Data (NPD) breach stands as the largest social security number (SSN) exposures in history. With 292 million individuals exposed,…

Read more →

cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network

DEF CON 32 – War Games Red Team for OT Based on Real World Case Studies

Author/Presenter: Shishir Gupta Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – War Games Red Team for OT Based on Real World…

Read more →

WordPress Appliance - Powered by TurnKey Linux