Geek-Guy.com

Month: February 2025

cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network

DEF CON 32 – Manufacturing Lessons Learned, Lessons Taught

Authors/Presenters: Tim Chase Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Manufacturing Lessons Learned, Lessons Taught appeared first on Security Boulevard.

Read more →

business, channel, Global IT News, Global Security News, Managed Services, services

AvePoint Launches Next-Gen Platform to Drive MSP Revenue

Data security, governance, and resilience leader AvePoint recently announced the launch of its AvePoint Elements platform to modernize MSPs’ client, cloud, and tenant management. Recurring revenue in security essentials through Elements now available The next generation of AvePoint Elements will equip partners with new security-centric recurring revenue streams through a seamless, all-in-one platform. MSPs can…

Read more →

Exploits, Global Security News

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below – CVE-2025-26465 – The OpenSSH client

Read more →

Exploits, File Integrity Monitoring, Global Security News, Security Bloggers Network

Learn & Avoid Social Engineering Scams in 2025

In the past decade, social engineering attacks have become more sophisticated and prevalent than ever. From AI voice impersonation to deepfake video calls, cybercriminals are leveraging the latest technology to make their scams increasingly convincing. Despite growing awareness of these threats, social engineering remains one of the most successful attack methods because it exploits something…

Read more →

Global Security News

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor’s malicious payload into an external process, waitfor.exe,

Read more →

AI, ChatGPT, Global Security News, openai, Podcast, The AI Fix, time travel

The AI Fix #38: AI proves time travel is impossible (but still can’t draw fingers)

In episode 38 of “The AI Fix”, our hosts discover a robot they actually like, Sam Altman teases GPT-5 and trolls Elon Musk, a robot dog grows arms, an AI compliments Graham, Mark worries about “gradual disempowerment”, an octopus pretends to be a glove, and a listener reveals an entirely new reason to worry about…

Read more →

fetii, Fundraising, Global IT News, Global Security News, Mark Cuban, ridehail, Startups, Transportation, Y Combinator

Fetii’s group rideshare app for young people attracts funding from Mark Cuban, YC

When he was a senior studying at Texas A&M University, Matthew Iommi realized that there were no good options for transporting groups of people. Fellow college students heading out for the night together didn’t have access to on-demand rides with the same convenience, accessibility, and affordability of typical ride-hail platforms, like Uber and Lyft.  “Once…

Read more →

Artificial Intelligence, Global Security News

Ransomware-Banden geben Opfern immer weniger Zeit

width=”2494″ height=”1402″ sizes=”(max-width: 2494px) 100vw, 2494px”> Ransomware-Gruppen haben den Zeitraum bis zur Lösegeldübergabe immer mehr verkürzt. Zephyr_p – shutterstock.com Laut einer Analyse des Managed-Detection-and-Response-Unternehmens Huntress von Ransomware-Vorfällen im vergangenen Jahr beträgt die durchschnittliche Zeit bis zur Lösegeldforderung (TTR) etwa 17 Stunden. Bei einigen Gruppen sind es sogar nur vier bis sechs Stunden. Dieses Tempo steht…

Read more →

AI, CRM, Customer Data Platform, data warehousing, Enterprise, Fundraising, Global IT News, Global Security News, Hightouch, Marketing, martech

Hightouch raises $80M on a $1.2B valuation for marketing tools powered by AI

Last decade, companies like Segment rewrote the book on how organizations used APIs to merge data from disparate apps to improve marketing strategies. Today, a startup called Hightouch — co-founded by a former engineering manager at Segment — is announcing $80 million in funding for the next chapter: a platform that lets sales, marketing, and…

Read more →

Cybersecurity, cybersecurity technology, Global Security News, GRIT, GRIT Blog, Ransomware, report, Resources, Security Awareness & Education, Security Bloggers Network

GRIT’s 2025 Report: Ransomware Group Dynamics and Case Studies

Ransomware threats continue evolving, with the most successful groups refining their tactics to maximize impact over the last year. Understanding […] The post GRIT’s 2025 Report: Ransomware Group Dynamics and Case Studies appeared first on Security Boulevard.

Read more →

AI, Apps, Enterprise, Global Security News, Lingo.dev, Y Combinator, yc

Lingo.dev is an app localization engine for developers

Monolinguists wanting to communicate with the global masses have never had it so easy. Trusty old Google Translate can convert the content of images, audio, and entire websites across hundreds of languages, while newer tools such as ChatGPT also serve as handy pocket translators. On the back end, DeepL and ElevenLabs have have reached lofty…

Read more →

business, channel, Global IT News, Global Security News, Managed Services, services

Consortium’s Metrics That Matter Deal: A New Era for VARs

Cybersecurity provider Consortium has bought Metrics That Matter, a startup that helps companies measure their cyber risks. The aim is for Consortium to give its customers a clearer and more up-to-date understanding of their cybersecurity vulnerabilities. Even though companies are spending a fortune on cybersecurity – over $200 billion last year, according to the company’s…

Read more →

business, channel, Global IT News, Global Security News, Managed Services, services

Consortium’s Metrics That Matter Deal: A New Era for VARs

Cybersecurity provider Consortium has bought Metrics That Matter, a startup that helps companies measure their cyber risks. The aim is for Consortium to give its customers a clearer and more up-to-date understanding of their cybersecurity vulnerabilities. Even though companies are spending a fortune on cybersecurity – over $200 billion last year, according to the company’s…

Read more →

business, channel, Global IT News, Global Security News, Managed Services, services

Consortium’s Metrics That Matter Deal: A New Era for VARs

Cybersecurity provider Consortium has bought Metrics That Matter, a startup that helps companies measure their cyber risks. The aim is for Consortium to give its customers a clearer and more up-to-date understanding of their cybersecurity vulnerabilities. Even though companies are spending a fortune on cybersecurity – over $200 billion last year, according to the company’s…

Read more →

Exploits, Global Security News

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. “An Authentication…

Read more →

Global Security News, Guest blog, Microsoft, Microsoft Teams, North America, phishing, WhatsApp

Got a Microsoft Teams invite? Storm-2372 gang exploit device codes in global phishing attacks

Security experts have warned that a cybercriminal group has been running a malicious and inventive phishing campaign since August 2024 to break into organizations across Europe, North America, Africa, and the Middle East. Read more in my article on the Tripwire State of Security blog.

Read more →

APIs, Malware, Security, Global Security News

Russian malware discovered with Telegram hacks for C2 operations

Hackers have been found deploying an unfinished Russian malware, written in Golang, that leverages Telegram as its command-and-control (C2) channel. Netskope Threat Labs, the research wing of the cybersecurity firm Netskope, discovered the malware. “As part of Netskope Threat Labs hunting activities, we came across an IoC being shared by other researchers and decided to…

Read more →

AI, Enterprise, Fundraising, Global IT News, Global Security News, law, lawtech, Legal, legaltech

Legal AI-startup Luminance, backed by the late Mike Lynch, raises $75M

Given Generative AI is very good at interpreting dense texts, it’s been a boon for startups attacking one of the most complex sets of texts there is: the law. We’ve thus seen an explosion of legal tech, supercharged by AI, in the last year or so.  Lawtech startup Eudia bagged $105 million only last week. …

Read more →

Exploits, Global Security News, MacOS Security, Malware, Security

XCSSET macOS malware reappears with new attack strategies, Microsoft sounds alarm

Microsoft has warned that a new variant of XCSSET malware is actively targeting macOS users, marking the first update to the malware since 2022. This latest version has been observed in limited attacks but introduces stronger evasion tactics, updated persistence mechanisms, and new infection strategies that make it more difficult to detect and remove. The…

Read more →

Biotech & Health, continuous hormone monitoring, Gadgets, Global IT News, Global Security News, Hardware, hormone testing, Level Zero Health, Startups

Level Zero Health banks $6.9M to prove wearable medtech can take the strain out of hormone testing

Level Zero Health, a female-founded medical device startup that’s aiming to break new ground by developing a device for continuous hormone monitoring, has closed an oversubscribed $6.9 million pre-seed funding round despite being only a little over a year old. The startup wants to do away with the need for invasive blood draws and support…

Read more →

Asia Pacific, Global Security News

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign

The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster tracked by Trend Micro as Earth Freybug, which has been assessed to…

Read more →

Elon Musk, Global IT News, Global Security News, grok 3, Social, X Premium+, xAI

X doubles its Premium+ plan prices after xAI releases Grok 3

Hours after Elon Musk’s AI company, xAI released the latest version of its AI model, Grok 3, X has significantly hiked the price for its top Premium+ subscription plan, which gives users access to the latest model, to almost $50 per month. On the support page that lists X’s premium plans, the monthly subscription price…

Read more →

Business IT Alignment, CSO and CISO, Incident Response, IT Leadership, Risk Management, Global Security News

How CISOs can rebuild trust after a security incident

When incident response plans cover the aftermath, they typically focus solely on technical matters, such as root cause analysis or upgrading systems. The problem with this approach is that breaches are not only technical in nature — they can also undermine trust among various internal and external stakeholders of the business. This loss of trust…

Read more →

Global Security News

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. “This pass-back style attack leverages a vulnerability that allows a malicious actor to alter the MFP’s configuration and cause the MFP

Read more →

Authentication, Data and Information Security, Malware, Password Managers, Exploits, Global Security News

Password managers under increasing threat as infostealers triple and adapt

Security watchers warn of a three-fold increase in malware that targets credential stores, such as password managers and browser-stored login data. The study by Picus Security, which was based on analysis of 1 million real-world malware samples, also found that 93% of all malicious actions mapped to just 10 MITRE ATT&CK techniques. Password store security…

Read more →

Global Security News

Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that’s capable of stealing sensitive payment information from online shopping…

Read more →

AI, Apps, Elon Musk, Global IT News, Global Security News, grok 3, xAI

Elon Musk’s AI company, xAI, releases its latest flagship model, Grok 3

Elon Musk’s AI company, xAI, released its latest flagship AI model, Grok 3, late Monday night, along with new capabilities in the Grok apps for iOS and the web. Grok, xAI’s answer to models like OpenAI’s GPT-4o and Google’s Gemini, can analyze images and respond to questions, and powers a number of features on Musk’s social network, X.…

Read more →

AI, Global IT News, Global Security News, nextdoor, nirav tolia, Social, TC

Nextdoor’s Nirav Tolia thinks he can turn things around with AI; he has a lot riding on it

Social media is often about scale, but Nextdoor bet long ago on something different: that it could grow a big business off smaller, local communities. For years, the plan worked. The 15-year-old company has long been a dominant platform for neighborhood-based conversations, connecting users for everything from lost pet alerts to local business recommendations. Then…

Read more →

APIs, Data and Information Security, Malware, Global Security News

New family of data-stealing malware leverages Microsoft Outlook

CISOs have yet another attack vector to worry about with the discovery of a new family of data-stealing malware that uses Microsoft Outlook as a communications channel through abusing the Graph API, and includes a way to get around hashed passwords. Researchers from Elastic Security say the malware was created by an unnamed group targeting…

Read more →

Blog, Global Security News, Security Bloggers Network

Cybersecurity as a Business Imperative: Embracing a Risk Management Approach

Cybersecurity is much more than just a technical challenge. It’s now a critical business imperative that requires a strategic risk management approach. By integrating cybersecurity into broader risk management frameworks, you can proactively address threats, improve resilience, and align your security efforts with your core business objectives. Shifting your organization’s collective mindset around this concept…

Read more →

Biotech & Health, Emerging Tech, Gadgets, Global Security News, headphones hearing issues, In Brief, noise cancelling headphones

Are your noise-canceling headphones messing with your head?

We all know headphones can be bad for your hearing if you listen to sounds too loudly in such close proximity to your ears. But a BBC report suggests that a new health scare could be emerging around the noise-canceling feature that’s hugely popular in modern earphones. The article considers whether the technology could essentially…

Read more →

doge, Elon Musk, FAA, Global IT News, Global Security News, Government & Policy, SpaceX, Transportation, Trump

Trump fires hundreds of air traffic support staff as SpaceX visits FAA command center

The Trump Administration has begun firing hundreds of Federal Aviation Administration employees who maintain critical air traffic control infrastructure, reports CNN. The firings, which began late Friday night, come as Elon Musk’s SpaceX has been tapped to help create a new air traffic control system. It’s not yet clear how many workers were fired, but the…

Read more →

Global Security News

Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. “Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,” the Microsoft Threat Intelligence team said in a post shared…

Read more →

cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network

DEF CON 32 – Evading Modern Defenses When Phishing With Pixels

Authors/Presenters: Melvin Langvik Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Evading Modern Defenses When Phishing With Pixels appeared first on…

Read more →

AI, ai copyright lawsuits, copyright, evergreens, Global IT News, Global Security News, Government & Policy, lawsuit, thomson reuters

What the US’ first major AI copyright ruling might mean for IP law

Copyright claims against AI companies just got a potential boost. A U.S. federal judge last week handed down a summary judgment in a case brought by tech conglomerate Thomson Reuters against legal tech firm Ross Intelligence. The judge found that Ross’ use of Reuters’ content to train its AI legal research platform infringed on Reuters’…

Read more →

doge, Elon Musk, Global IT News, Global Security News, Government & Policy, privacy, signal, Social, X

X is blocking links to Signal, a secure messaging platform used by federal workers

Elon Musk’s X (formerly Twitter) is blocking links to Signal.me, a URL shortener used by the private messaging app Signal that allows users to send out a link that’s used to contact them directly through the service. The blocks, which impact direct messages, public posts, and profile pages, were first spotted by the blog Disruptionist. …

Read more →

2304, Asia Pacific, Global Security News

Nico Lange: „Cybersicherheit ist eine Frage der Verteidigung“

Munich Security Conference Live Studio powered by APCO in Munich, Germany on February 15, 2025. (Photo by Christopher Pike / christopherpike.com) APCO. Welches sind laut dem Münchner Sicherheitsindex die größten Risiken für Europa im Jahr 2025? Nun, ich denke, das größte Risiko besteht in der sogenannten Multipolarisierung. Europa wird Schwierigkeiten haben, sein Geschäftsmodell fortzuführen, das…

Read more →

Global IT News, Global Security News

Sparx Solutions to join Victorian government cyber panel to enhance third-party risk management

COMPANY NEWS: Leading technology company partners with ProcessUnity to provide third-party data risk assessment for Victorian government entities. The Five-year contract forms part of the Victorian Government’s Cyber Strategy to improve efficiency and data security; it includes provision for identifying third parties with inadequate security controls.

Read more →

business, channel, Global IT News, Global Security News, services, Tech Companies

Twilio CRO on How the Channel Fits Into Company’s Growth Strategy

Twilio is a vendor delivering customer engagement solutions through a platform experience. The company’s tools include capabilities across multi-channel digital communications, identity verification, call centers, and other use cases. Now, the company is addressing new market demands for AI-enabled solutions and the overall shift towards unified customer experience technologies. As Twilio announced at its Investor…

Read more →

Apps, evergreens, Global IT News, Global Security News, Government & Policy, social media, TikTok, TikTok Ban

What to know about TikTok’s uncertain future in the US and the people who want to buy it

TikTok, owned by the Chinese company ByteDance, has been at the center of controversy in the U.S. for four years now due to concerns about user data potentially being accessed by the Chinese government. Just this past month, the app experienced a temporary outage in the U.S. that left millions of users in suspense before…

Read more →

blackbird ventures, EdTech, Funding, Gaming, Global IT News, Global Security News, Startups

Gamemaker Polymath aims to make learning math as enjoyable as Roblox

As gaming platforms like Roblox and Minecraft continue to grow in popularity among young children, and with platforms like YouTube consuming hours of their daily screen time, edtech companies face challenges in capturing their attention.  Polymath aims to tackle this by combining gamified mechanics inspired by these popular games with adaptive math lessons to make…

Read more →

business, channel, Global IT News, Global Security News, News and Trends, services, US Channel News

Rocket Software Launches DataEdge to Address Complexities in Market

Rocket Software, a vendor of various IT modernization capabilities, recently announced the availability of its new DataEdge suite of solutions tailored to address the growing complexities around data management as AI and analytics projects fuel demand. Channel Insider spoke with Michael Curry, Rocket Software’s president of data modernization, to learn more about the new DataEdge…

Read more →

cyber risk management, cyber risk quantification, FAIR, Global Security News, Security Bloggers Network

Bridging the Gap Between Security and Risk with CRQ

Cybersecurity and risk management are often treated as separate disciplines within organizations. Security teams focus on identifying and mitigating technical threats, while risk teams take a broader approach to evaluating business exposure. However, this disconnect creates a challenge: security teams struggle to communicate risk in a way that resonates with executives, while risk managers lack…

Read more →

Cyberattacks, DDoS, Global Security News

Websites der Bayerischen Staatsregierung angegriffen

Bayern: Staatskanzlei und das Staatsministerium für Digitales waren das Ziel einer DDoS-Attacke. Vlyaks – shutterstock.com Die Staatsregierung in Bayern ist Ziel eines Hackerangriffs geworden. Man gehe mit hoher Sicherheit davon aus, dass die Attacke im Zusammenhang mit “prorussischem Hacktivismus” stehe, teilte das Landesamt für Sicherheit in der Informationstechnik mit. Betroffen gewesen seien am Donnerstag die…

Read more →

Global IT News, Global Security News, Media & Entertainment, Netflix, olyn, streaming platforms

Olyn secures Beatles biopic for its ‘Shopify for filmmakers’

The recent Brian Epstein biopic “Midas Man,” a film about the manager of The Beatles, debuted not on a platform like Netflix or Amazon, but on a startup that bills itself as “Shopify for filmmakers.” So what, you might ask? The answer is that the new platform, Olyn, claims to offer a new model for…

Read more →

Exploits, Global Security News

⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More

Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. ⚡ Threat of the Week Russian Threat Actors Leverage…

Read more →

WordPress Appliance - Powered by TurnKey Linux