Geek-Guy.com

Month: January 2025

Blog, eskimming, Global Security News, Magecart, QSA, Resources, Security Bloggers Network

Navigating the New PCI DSS 4.0 Requirements: Key Takeaways from Industry Experts

by Source Defense With the introduction of PCI DSS 4.0, merchants are now grappling with new requirements that aim to enhance the security of cardholder data. At a QSA roundtable hosted by Source Defense, industry veterans gathered to dissect these changes and their implications for businesses of all sizes. Understanding the New Requirements PCI DSS…

Read more →

Asia Pacific, Cyberattacks, Data Breach, Security, Global Security News

More telecom firms were breached by Chinese hackers than previously reported

Chinese hackers linked to the Salt Typhoon cyberespionage operation have breached even more US telecommunications firms than initially reported. New victims — Charter Communications, Consolidated Communications, and Windstream — add to a growing list that already includes AT&T, Verizon, T-Mobile, and Lumen Technologies. Earlier, the US authorities informed that nine telecom firms have been affected…

Read more →

AI, Amazon, Commerce, generative AI videos, Global IT News, Global Security News, Peak XV Partners, tiger global

Avataar releases new tool to create AI-generated videos for products

Generative AI models have reached a baseline capability of producing at least a passable video from a single image or short sentence. Companies building products around these models are claiming that anyone can make a snazzy promo video if they have some images or recordings — and videos usually perform better than static images or…

Read more →

Global Security News, Security, Vulnerabilities

Open source vulnerability scanner found with a serious vulnerability in its own code

A widely popular open-source tool, Nuclei, used for scanning vulnerabilities and weaknesses in websites, cloud applications, and networks is found to have a high-severity flaw that could potentially allow attackers to execute malicious codes on local systems. The flaw tracked as CVE-2024-43405 is assigned a CVSS score of 7.4 out of 10 and is said…

Read more →

Global IT News, Global Security News

Samsung expands ‘AI Home’ ecosystem, bringing its ‘Screens Everywhere’ vision to life across home appliances

New 9” AI Home is coming to Bespoke refrigerators, offering comprehensive functionality to users who prefer compact screens 7” AI Home is expanding to Bespoke AI™ Washer & Dryer set and Wall Oven1 COMPANY NEWS: Samsung Electronics Co., Ltd. has announced that it is bringing its advanced screen technology to a broader range of home…

Read more →

Global Security News

From $22M in Ransom to +100M Stolen Records: 2025’s All-Star SaaS Threat Actors to Watch

In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat…

Read more →

baby products, baby tech, CES, Elvie, Global IT News, Global Security News, Hardware

Elvie unveils an app-controlled smart bouncer that transforms into a bassinet at CES 2025

Elvie, a female-founded hardware startup, has unveiled a new app-controlled smart bouncer that gently transforms into a bassinet — while the baby is still in it. With the new Elvie Rise, announced at CES 2025 on Monday, parents and caregivers don’t have to move their baby between soothing, sleep, and play products.  The startup is…

Read more →

Global Security News

FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. “Disguised as a fake ‘Telegram Premium’ app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore – a popular app store in…

Read more →

Exploits, Global Security News

Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages

Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat tool in order to steal sensitive data from developer systems. “By exploiting trust in open source plugins, attackers have infiltrated these platforms through malicious npm packages, exfiltrating critical data such as private keys, mnemonics,

Read more →

CSO and CISO, IT Leadership, IT Strategy, Regulation, Security, Global Security News

Personal liability sours 70% of CISOs on their role

With legal accountability tightening around those charged with maintaining enterprise cybersecurity, security leaders appear to be increasingly frustrated with their roles, eyeing the exit, and hesitant to pursue CISO gigs in the future.  More than two thirds (70%) of CISOs recently surveyed said that “stories of CISOs being held personally liable for cybersecurity incidents has…

Read more →

Global Security News, Identity and Access Management, Supply Chain

12 cybersecurity resolutions for 2025

As cyber threats continue to evolve, CISOs must prepare for an increasingly complex threat landscape. From dealing with AI-driven attacks to managing changing regulatory requirements, it’s clear that 2025 will be another big year for CISOs. But staying ahead requires more than just implementing the next cutting-edge set of tools or technologies. It demands a…

Read more →

Global Security News, Weekly update

Weekly Update 433

It sounds easy – “just verify people’s age before they access the service” – but whether we’re talking about porn in the US or Australia’s incoming social media laws, the reality is way more complex than that. There’s no unified approach across jurisdictions and even within a single country like Australia, the closest we’ve got…

Read more →

AI, CES, Global IT News, Global Security News, Hardware, live translate, Samsung, translate

Samsung brings live translate to its TVs at CES 2025

At CES 2025, Samsung announced that it’s bringing a popular feature from the company’s phones and tablets to its TVs. Live Translate does what it says on the box, offering users real-time translation for live broadcasts. The feature will work in seven different languages — though it’s not entirely clear which at the time of…

Read more →

Cloud Security, Global Security News

7 fundamentale Cloud-Bedrohungen

Dieser Artikel hilft, Unsicherheiten in Cloud-Umgebungen vorzubeugen. Foto: Roman Samborskyi | shutterstock.com Für jedes Unternehmen, das sich auf die Cloud verlässt, um Services bereitzustellen, steht Cybersicherheit ganz oben auf der Prioritätenliste. Allerdings stellen Anwender in der Regel schnell fest, dass das leichter gesagt als getan ist. Zumindest, wenn Daten und Unternehmens-Assets über die gesamte Online-Infrastruktur…

Read more →

Biotech & Health, CES, ces 2025, Global IT News, Global Security News, Hardware, omnia, withings

Withings’ Omnia is a full-size body-scanning health mirror

The Omnia is still very much in concept mode — a phenomenon popular in the automotive world that has since spilled over into consumer electronics. That is to say that Withings’ splashiest product of CES 2025 may never be a product. Among other things, a body-scanning smart mirror would likely be cost prohibitive for consumers.…

Read more →

AGI, AI, artificial general intelligence, Global IT News, Global Security News, openai, sam altman, superintelligence

OpenAI is beginning to turn its attention to ‘superintelligence’

In a post on his personal blog, OpenAI CEO Sam Altman said that he believes OpenAI “know[s] how to build [artificial general intelligence]” as it has traditionally understood it — and is beginning to turn its aim to “superintelligence.” “We love our current products, but we are here for the glorious future,” Altman wrote in…

Read more →

CES, ces 2025, Gadgets, Global IT News, Global Security News, Hardware, robotics, yukai engineering

This fuzzy, purse-mounted robot is designed to ‘delight bystanders’

Best known for its Qooba cat pillow, Yukai Engineering has made a name for itself with some of the strangest little robots around. Who could forget, for example, Amagami Ham Ham, whose sole purpose is to gnaw on fingers, offering a “somewhat pleasing sensation.” At CES 2025, Yukai unveiled its latest, Mirumi, and it follows…

Read more →

AI, CES, Global IT News, Global Security News, Hardware, Startups, timeKettle, Translation, w4 pro

Timekettle’s new earbuds offer real-time translation on calls

Timekettle unveiled its latest earbuds, the W4 Pro, this week at CES 2025 in Las Vegas. The product aims to up the ante on the startup’s focus by bringing real-time two-way translation to phone and video calls. The earbuds will automatically begin translating calls in 40 different languages, without any input from the user. Predictably, there…

Read more →

CES, ces 2025, circular, Global IT News, Global Security News, Hardware, wearables

Circular unveils its next gen Ring 2 with ECG functionality and AFib detection at CES 2025

Smart ring maker Circular announced its next-gen Ring 2 with ECG (electrocardiogram) functionality and AFib (atrial fibrillation) detection at CES 2025 Unveiled on Sunday in Las Vegas. The wearable is set to go on sale in February or Mach for $380. The ring’s ECG capability and FDA-cleared AFib detection will gives users the ability to…

Read more →

Accel India, Anand Daniel, Global IT News, Global Security News, India, Shekhar Kirani, TC, Venture

Accel could raise billions for India, but it’s sticking to $650 million

Accel has maintained its India fund size at $650 million for its eighth vehicle, even as other venture firms in the region are racing to raise increasingly larger pools of capital. The firm had ample opportunity to raise “multi-billion dollars,” said Shekhar Kirani, partner at Accel, in an interview with TechCrunch. But unlike peers who…

Read more →

AI, controversy, firing, Global IT News, Global Security News, In Brief, interview, openai, sam altman

Sam Altman has choice words for the OpenAI board members who fired him

OpenAI CEO Sam Altman has strong words for the former board members who abruptly fired him late last November. “[A]ll those people that I feel, like, really f—ed me and f—ed the company were gone, and now I had to clean up their mess,” he told Bloomberg in a wide-ranging interview. Just over a year…

Read more →

Akio Toyoda, autonomous vehicles, CES, ces 2025, EVs, Global IT News, Global Security News, robotics, robots, Toyota, Transportation

Toyota’s CES 2025 press conference: How to watch

Five years ago, Toyota Chairman Akio Toyoda went to CES to share with the world his “personal field of dreams” — a plan to build a prototype city on a 175-acre site at the foot of Mount Fuji in Japan, where people would live and work amongst all of Toyota’s projects, including autonomous vehicle technology,…

Read more →

Cloud Security, Data Security, Global Security News, Secrets Management, Security Bloggers Network

How Reliable Secret Storage Enhances Cloud Security

Why is Effective Secret Storage So Crucial to Cloud Security? In an increasingly digitized world where every information is stored in the digital form, it’s crucial to question: how are these confidential secrets stored, and how do they affect our overall cloud security? This question lies at the heart of effective data protection strategies today.…

Read more →

Cybersecurity, Global Security News, machine identity management, Non-Human Identity Security, Security Bloggers Network

Unlocking the Potential of Machine Identity Management

The Untapped Potential of Machine Identity Management Are you aligning your cybersecurity efforts with the contemporary needs and trends? Organizations often overlook the significance and strategic depth of Non-Human Identities (NHIs) and Secrets Security Management. This lapse can expose businesses, particularly those operating in the cloud, to potential security breaches and data leaks. The Concept…

Read more →

Cloud Security, Global Security News, Identity and Access Management (IAM), machine identity management, Security Bloggers Network

Feel Supported by Advanced Machine Identity Management

Why Does Machine Identity Management Matter? Why should advanced machine identity management be a key concern for CISOs? With rapid technological advancements and the increasing dependence on cloud environments, businesses are confronted with a new array of security challenges. One such critical challenge is the safe management of Non-Human Identities (NHIs) along with their corresponding…

Read more →

Commerce, Devin Stone, Global IT News, Global Security News, Government & Policy, honey, PayPal

YouTuber LegalEagle sues PayPal over ‘sleeping leech’ Honey extension

A new lawsuit alleges that the PayPal-owned browser extension Honey is cheating creators out of money. Honey, which PayPal acquired for $4 billion in 2019, works by automatically presenting users with relevant coupon codes as they shop. However, in a video posted last month, YouTuber MegaLag described Honey as a “scam” that’s “stealing money from…

Read more →

CES, ces 2025, Gadgets, Global IT News, Global Security News, Hardware, roborock, Robot Vacuum, robotics

Roborock’s Roomba competitor gets a robot arm

iRobot’s on-going financial crisis aside, the world of robot vacuums is still humming along. At CES Sunday, Roborock announced the Saros Z70. The Roomba competitor showcases what the company believes will be the next big step in robovac evolution: an arm. The idea of mounting a a manipulator is no doubt as old as robot…

Read more →

Global IT News, Global Security News

Seeing Machines secures US$32.8 million ‘strategic investment’ from Mitsubishi Electric Mobility as part of collaboration agreement

Advanced computer vision technology company Seeing Machines has entered into a collaboration agreement with Mitsubishi Electric Mobility Corporation to pursue joint growth opportunities in the supply of driver and occupant monitoring system technology solutions to “enhance safety” in automotive.

Read more →

Global IT News, Global Security News

UBH Group ‘pioneers Australia’s Path’ to nuclear sovereignty

Sovereign technology leader becomes first company in the Southern Hemisphere to earn ISO 19443 Certification for nuclear supply chain excellence COMPANY NEWS: Defence veteran owned and sovereign Australian technology company UBH Group has announced that it has achieved a landmark milestone as the first organisation in the Southern Hemisphere to secure ISO 19443 certification.

Read more →

CES, ces 2025, Global IT News, Global Security News, Hardware, Starlink, TC, United Airlines

United Airlines accelerates its Starlink rollout, with first commercial flight planned for spring

A few months ago, United Airlines announced its deal with Starlink to offer in-flight internet access for its passengers. At the time, the airline said it would start testing the new service in early 2024 and then offer it on passenger flights later in the year. United has now accelerated this timeline a bit, with…

Read more →

Blog, FedRAMP, Global Security News, OMB, OSCAL, Security Bloggers Network

Making FedRAMP ATOs Great with OSCAL and Components

OMB Memo M-24-15 published on July 24, 2024 directed GSA and the FedRAMP PMO to streamline the FedRAMP ATO process using NIST OSCAL. By late 2025 or early 2026 (18 months after the issuance of the memo), GSA must ensure the ability to receive FedRAMP authorization and continuous monitoring artifacts through automated, machine-readable means. Additionally,…

Read more →

Cybersecurity, Global Security News, Secrets Management, Secrets Rotation, Security Bloggers Network

Stay Assured: Critical Insights into Secrets Rotation

Why Is Secrets Rotation a Critical Aspect of Cybersecurity? Isn’t it intriguing how an object as intangible as ‘information’ can hold immense value in today’s digitally connected world? In the realm of cybersecurity, Secrets Rotation plays a key role in safeguarding this valuable asset. Secrets Rotation constitutes a dynamic process of creating, dispensing, and disabling…

Read more →

Cybersecurity, Global Security News, Identity and Access Management (IAM), Privileged Access Management (PAM), Security Bloggers Network

Confidently Secure: Leveraging PAM for Enhanced Protections

Why is Harnessing Non-Human Identities Central to Your Cybersecurity Strategy? In the realm of information security, managing identities – whether human or machine – is critical. This attention escalates further when you delve into the realm of Non-Human Identity (NHI) management. The importance can easily get obscured in the vast sphere of cybersecurity, but why…

Read more →

Global IT News, Global Security News

Taming the heat: lessons from the Death Star, the Human Torch, and sustainable IT

There’s a delightful irony in Star Wars’ infamous Death Star: for all its futuristic might, it was ultimately undone by a good old-fashioned exhaust port. An oversight in waste-heat management (yes, that big hole was basically a vent) led to the most explosive operational failure in galactic history. It’s a classic example of why sustainability…

Read more →

Apps, congestion pricing, Global IT News, Global Security News, Government & Policy, Lyft

Lyft will credit NYC riders for congestion fee throughout January

New York City’s congestion pricing is scheduled to take effect Sunday — but for the first month, Lyft said it will be crediting riders who pay the fee. New York’s program, which is supposed to reduce traffic in lower Manhattan while also raising funding for mass transit, was paused by Governor Kathy Hochul in June,…

Read more →

cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infoecurity Education, Security Bloggers Network

DEF CON 32 – The Interplay between Safety and Security in Aviation Systems3

Author/Presenter: Lillian Ash Baker Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – The Interplay between Safety and Security in Aviation Systems3…

Read more →

Exploits, Global Security News

Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than…

Read more →

Global Security News

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source

Read more →

Global Security News

U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims. These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or

Read more →

Active Directory, Vulnerabilities, Windows Security, Exploits, Global Security News

Critical Windows LDAP flaw could lead to crashed servers, RCE attacks

Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers. “Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach,…

Read more →

Global IT News, Global Security News, Space, SpaceX, Starlink, Starship, TC

New ship, new year: SpaceX to deploy model Starlink satellites on next Starship launch

SpaceX is significantly upping the ante of its Starship test flight program, with the next rocket launch expected to demonstrate payload deployment for the first time.  The payload in question will be 10 Starlink “simulators” that will be similar in size and weight to the next-gen satellites SpaceX plans to use Starship to deploy in…

Read more →

WordPress Appliance - Powered by TurnKey Linux