Geek-Guy.com

Category: Global Security News

Global Security News

U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe

The U.S. Treasury Department has announced that it’s removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds. “Based on the Administration’s review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial…

Read more →

GDPR, Global Security News, Meta, privacy, Social

Meta settles UK ‘right to object to ad-tracking’ lawsuit by agreeing not to track plaintiff

A human rights campaigner, Tanya O’Carroll, has succeeded in forcing social media giant Meta not to use her data for targeted advertising. The agreement is contained in a settlement to an individual challenge she lodged against Meta’s tracking and profiling back in 2022. O’Carroll had argued that a legal right to object to the use…

Read more →

API security, API Security - Analysis, News and Insights, Global Security News, Healthcare, mobile app security, Mobile Health, Security Bloggers Network

HIPAA Security Rule Amendment: Key Public Comments and Next Steps

Major cybersecurity breaches continue to plague the US healthcare industry, and on December 27, 2024, the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (NPRM) to amend the HIPAA Security Rule, titled “The HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information”. Comments were requested and…

Read more →

Global Security News, Identity and Access Management (IAM), least privilege, Non-Human Identity Security, Security Bloggers Network

How do I ensure secure authentication for NHIs in an IAM system?

Is Your IAM System Adequately Protecting Non-Human Identities? Non-Human Identities (NHIs) are one such intricacy that has increasingly made its way into IAM (Identity Access Management) systems. However, the question remains: How do we ensure secure authentication for NHIs in an IAM system? Peeling Back the Layers of NHI NHIs, essentially, are machine identities used…

Read more →

Global Security News, Identity and Access Management (IAM), NHI Lifecycle Management, Non-Human Identity Security, Security Bloggers Network

How can legacy IAM systems be updated to support NHIs?

Could Your Legacy IAM Be The Achilles Heel of Your Cybersecurity? When security breaches and data leaks proliferate, organizations grapple with the rising challenge of protecting their digital assets. This is particularly true for organizations with legacy Identity and Access Management (IAM) systems. While these systems have served us well in the past, could they…

Read more →

Global Security News, Identity and Access Management (IAM), NHI Lifecycle Management, Non-Human Identity Security, Security Bloggers Network

What role do NHIs play in modern identity and access management?

How Vital is the Role of Non-Human Identities in Identity and Access Management (IAM)? Have you ever wondered how digital machinery and applications gain access to our systems? The answer lies in Non-Human Identities (NHIs), a critical, yet often overlooked aspect of Identity and Access Management (IAM). But how significant is the role of NHIs…

Read more →

AI, Global Security News, Llama, Meta

Meta has revenue sharing agreements with Llama AI model hosts, filing reveals

In a blog post last July, Meta CEO Mark Zuckerberg said that “selling access” to Meta’s openly available Llama AI models “isn’t [Meta’s] business model.” Yet Meta does make at least some money from Llama through revenue-sharing agreements, according to a newly unredacted court filing. The filing, submitted by attorneys for the plaintiffs in the…

Read more →

A Little Sunshine, Android, Apple Pay, Asia Pacific, Bernie Lyon, CSIS Security Group, Ford Merrill, Global Security News, Google Apple, Ne'er-Do-Well News, SecAlliance, tap-to-pay fraud, The Coming Storm, Z-NFC

Arrests in Tap-to-Pay Scheme Powered by Phishing

Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on…

Read more →

Asia Pacific, china, FCC, Geopolitics, Global Security News, Government, Huawei, Technology, telecommunications, ZTE

FCC’s Carr alleges Chinese companies are making ‘end run’ around Chinese telecom bans, announces investigation 

The first initiative from The Federal Communications Commission’s newly-created Council on National Security will be a “sweeping” investigation of Chinese-made equipment in America’s telecommunications infrastructure, the agency announced Friday. In particular, FCC Commissioner Brendan Carr said the focus will be on equipment and services from Chinese companies already barred from U.S. networks under the Secure…

Read more →

Cybersecurity Conference, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, OSINT Education, Security Bloggers Network

DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning

Speaker: Jasper Insinger Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite []DEF CON 32]2 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Recon Village – Pushing the Limits of Mass DNS Scanning…

Read more →

Exploits, Global Security News, Network Security, Vulnerabilities

Attackers probing backdoor flaw in popular Cisco Smart Licensing Utility, warns SANS

Organizations running Cisco’s Smart Licensing Utility (CSLU) should update their software as soon as possible to fix two serious vulnerabilities, the SANS Technology Institute has urged. The CSLU is a tool used primarily in smaller, on-premises and air-gapped networks as a way to manage Cisco licenses without having to resort to the more complex cloud-based…

Read more →

AI, deepseek, DeepSeek v3, evergreens, Explainer, generative ai, Global Security News, r1

DeepSeek: Everything you need to know about the AI chatbot app

DeepSeek has gone viral. Chinese AI lab DeepSeek broke into the mainstream consciousness this week after its chatbot app rose to the top of the Apple App Store charts (and Google Play, as well). DeepSeek’s AI models, which were trained using compute-efficient techniques, have led Wall Street analysts — and technologists — to question whether the U.S. can maintain its…

Read more →

Global IT News, Global Security News, techcrunch mobility, Transportation

TechCrunch Mobility: Inside Waymo’s deal with SFO, Elon’s moment of truth, and BYD’s breakthrough

Welcome back to TechCrunch Mobility — your central hub for news and insights on the future of transportation. Sign up here for free — just click TechCrunch Mobility! Before we jump into the news, just a quick bit of housekeeping. I’m putting “This week’s wheels” on hiatus for a few weeks as I get into…

Read more →

AI, ChatGPT, evergreens, generative ai, Global Security News, openai

ChatGPT: Everything you need to know about the AI-powered chatbot

ChatGPT, OpenAI’s text-generating AI chatbot, has taken the world by storm since its launch in November 2022. What started as a tool to supercharge productivity through writing essays and code with short text prompts has evolved into a behemoth with 300 million weekly active users. 2024 was a big year for OpenAI, from its partnership…

Read more →

AI, avs, Global Security News, nvidia gtc, Startups, Transportation, wayve

Wayve CEO shares his key ingredients for scaling autonomous driving tech 

Wayve co-founder and CEO Alex Kendall sees promise in bringing his autonomous vehicle startup’s tech to market. That is, if Wayve sticks to its strategy of ensuring its automated driving software is cheap to run, hardware agnostic, and can be applied to advanced driver assistance systems, robotaxis, and even robotics.  The strategy, which Kendall laid…

Read more →

AI, Global Security News, Media & Entertainment, Microsoft

Microsoft is exploring a way to credit contributors to AI training data

Microsoft is launching a research project to estimate the influence of specific training examples on the text, images, and other types of media that generative AI models create. That’s per a job listing dating back to December that was recently recirculated on LinkedIn. According to the listing, which seeks a research intern, the project will…

Read more →

AI, Apps, Global Security News, Instagram, Meta, Social, social media

Meta spotted testing AI-generated comments on Instagram

In recent years, Meta has introduced many AI features and capabilities to its apps, even going so far as experimenting with AI-generated characters complete with unique profiles and personalities, before scraping them after they were deemed creepy and unnecessary. In yet another move that may not be received well among users, Meta wants to use…

Read more →

1x, AI, Global IT News, Global Security News, humanoid robots, robotics, Startups

1X will test humanoid robots in ‘a few hundred’ homes in 2025

Norwegian robotics startup 1X plans to start early tests of its humanoid robot, Neo Gamma, in “a few hundred to a few thousand” homes by the end of 2025, according to the company’s CEO, Bernt Børnich. “Neo Gamma is going into homes this year,” Børnich told TechCrunch in an interview at Nvidia GTC 2025. “We…

Read more →

Global Security News

UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools

Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. “UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in…

Read more →

BuildOps, Fundraising, Global Security News

Commercial services platform BuildOps becomes a unicorn, raises $127M

Commercial services tech hasn’t historically been considered “sexy,” but the need for innovation in the space is enormous. That need has translated into a large fundraise for a company focused on streamlining commercial contracting processes. On Friday, BuildOps, which develops software for commercial services contractors, announced that it has raised $127 million in a Series…

Read more →

business, channel, Global Security News, News and Trends, services

Dashlane Now Available on AWS Marketplace

Credential security provider Dashlane recently announced that its platform will be available through the AWS Marketplace. Credential security platform now available for marketplace customers Through its inclusion in the AWS Marketplace, the procurement and deployment of Dashlane’s credential security platform will be expedited for AWS customers to boost their credential threat detection, response, and protection.…

Read more →

Global Security News

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools. Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using…

Read more →

Global Security News, Incident Response

Für Cyberattacken gewappnet – Krisenkommunikation nach Plan

width=”2472″ height=”1391″ sizes=”(max-width: 2472px) 100vw, 2472px”>Lesen Sie, welche Aspekte für einen Krisenkommunikationsplan entscheidend sind. Gorodenkoff – shutterstock.com Cyberangriffe fordern nicht nur CISOs in punkto Prävention und Krisenbewältigung heraus. Auch die Unternehmenskommunikation ist mit im Boot. Sie ist verantwortlich für den Krisenkommunikationsplan, den sie mit dem CISO entwickelt und bei Cybersicherheitsvorfällen umsetzt. Eine gute Krisenprävention hat…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

CISA marks NAKIVO’s critical backup vulnerability as actively exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a patched, high-severity vulnerability affecting NAKIVO’s backup and replication software to its known exploited vulnerability (KEV) catalog. The flaw, tracked as CVE-2024-48248, is a path traversal issue that received a high severity rating with CVSS 8.6 out of 10 and was marked “critical” by NAKIVO in…

Read more →

Europe, Global Security News, google copyright directive, google search news test, Government & Policy, In Brief, Media & Entertainment

Google claims news is worthless to its ad business after test involving 1% of search results in eight EU markets

Google has reported the results of an experiment it ran which removed news from search results for 1% of users for 2.5 months in eight* markets in Europe — claiming the results show that news is essentially worthless to Google’s ad business. The search giant conducted the test because European copyright law requires it to…

Read more →

Global Security News

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a “global espionage campaign” that took place in 2022 targeting seven organizations. These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place

Read more →

Global Security News

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. “Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests

Read more →

Careers, Certifications, IT Skills, IT Training , Security, Exploits, Global Security News

11 hottest IT security certs for higher pay today

With change a constant, IT professionals looking to improve their careers can benefit from the latest insights into employers’ needs. Data from Foote Partners on the skills and certification most in demand today may provide helpful signposts. Analyzing more than 640 certifications as part of its 4Q 2024 “IT Skills Demand and Pay Trends Report,” Foote Partners…

Read more →

Exploits, Global Security News

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below –  CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in…

Read more →

Application Security, Global Security News

Teams, Slack & Co. absichern: So wird das Collaboration-Tool kein Security-Albtraum

Collaboration Tools wie Microsoft Teams und Slack erleichtern die Zusammenarbeit mit internen und externen Partnern enorm, bergen jedoch auch Risiken. Foto: Ascannio – shutterstock.com Schnelle und effiziente Zusammenarbeit ist in der heutigen Geschäftswelt unerlässlich, aber die Plattformen, über die wir mit Kollegen, Lieferanten, Kunden und Auftraggebern kommunizieren, können auch ernsthafte Risiken bergen. Ein Blick auf…

Read more →

Devops, Software Development, Threat and Vulnerability Management, Global Security News

Developers: apply these 10 mitigations first to prevent supply chain attacks

DevOps leaders hoping to find a single cybersecurity risk framework that will prevent their work from experiencing the kinds of compromises that lead to supply chain attacks will have a hard time, according to a new research paper. In a paper submitted to Cornell University’s arXiv site for academic manuscripts, the six researchers — four…

Read more →

Data and Information Security, Remote Access Security, Vulnerabilities, Exploits, Global Security News

Critical remote code execution flaw patched in Veeam backup servers

Data resilience solutions provider Veeam Software released a critical patch for its Veeam Backup & Replication product. The update fixes a deserialization issue that can result in remote code execution as the SYSTEM user on the underlying Windows server. The issue can be exploited by any authenticated account that’s part of the local users group…

Read more →

Exploits, Global Security News, Security Bloggers Network

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Artificial intelligence (AI) has rapidly shifted from buzz to business necessity over the past year—something Zscaler has seen firsthand while pioneering AI-powered solutions and tracking enterprise AI/ML activity in the world’s largest security cloud.As enterprises embrace AI to boost productivity, accelerate decision-making, and automate workflows, to name a few benefits, cybercriminals are using the same…

Read more →

AI, Apple, Apple Intelligence, Global IT News, Global Security News, Hardware

Apple faces lawsuit over Apple Intelligence delays

Apple has been sued in federal court over what plaintiffs allege is false advertising of several Apple Intelligence features. Filed Wednesday in U.S. District Court in San Jose, the suit seeks class-action status and damages on behalf of those who purchased Apple Intelligence-capable iPhones and other devices. Plaintiffs claim that device owners haven’t received the…

Read more →

Apple, Apple tv+, Global IT News, Global Security News, Media & Entertainment, streaming services

Apple is reportedly losing $1B per year on its streaming service

Apple is losing more than $1 billion per year on its streaming service, Apple TV+, according to a new report from The Information. Apple TV+ is the only service in Apple’s portfolio that isn’t profitable, the report reveals. The company has spent around $5 billion on content each year since the streaming service launched in…

Read more →

Data and Information Security, Data Privacy, Encryption, Global Security News

Signal threatens to leave France if encryption backdoor required

Signal is standing its ground to protect its app’s security, threatening on Wednesday to leave France if encryption backdoor requirements are enacted, just as it said it would do in Sweden. “Those hyping this bad law have rushed to assure French politicians that the proposal isn’t breaking encryption. Their arguments are as tedious as they…

Read more →

AI, Global IT News, Global Security News, Media & Entertainment, Minecraft

A high schooler built a website that lets you challenge AI models to a Minecraft build-off

As conventional AI benchmarking techniques prove inadequate, AI builders are turning to more creative ways to assess the capabilities of generative AI models. For one group of developers, that’s Minecraft, the Microsoft-owned sandbox-building game. The website Minecraft Benchmark (or MC-Bench) was developed collaboratively to pit AI models against each other in head-to-head challenges to respond…

Read more →

business, channel, Global Security News, News and Trends, services

NVIDIA GTC 2025 Roundup: AI Innovation Highlights Conference

GPU giant and AI leader NVIDIA just concluded its GTC 2025 conference, during which it made a flurry of announcements to drive business growth and innovation. Joined by many IT leaders and organizations across the ecosystem, NVIDIA’s conference brought them together to break down how AI and accelerated computing can help solve complex business challenges.…

Read more →

Global Security News, Security Bloggers Network

Frost & Sullivan Report: Independent Security Efficacy Testing of Cato SASE Platform Using SafeBreach

See how independent analyst firm Frost & Sullivan used the SafeBreach exposure validation platform to test the efficacy of the Cato SASE Cloud Platform. The post Frost & Sullivan Report: Independent Security Efficacy Testing of Cato SASE Platform Using SafeBreach appeared first on SafeBreach. The post Frost & Sullivan Report: Independent Security Efficacy Testing of…

Read more →

AI, Global IT News, Global Security News, Perplexity

Perplexity is reportedly in talks to raise up to $1B at an $18B valuation

AI-powered search startup Perplexity is said to be in early talks to raise up to $1 billion in a new funding round valuing the startup at $18 billion. Bloomberg, citing a person familiar with the matter, reported on Thursday that Perplexity’s annual recurring revenue has now reached $100 million. Perplexity’s valuation has soared in recent…

Read more →

acquisition, Fintech, Fundraising, Global IT News, Global Security News, Munich Re, Next Insurance, Startups

Next Insurance gets scooped up by Munich Re for $2.6B

Germany’s Munich Re has signed a definitive agreement to acquire digital insurance company Next Insurance for $2.6 billion, the firms announced on Thursday. Founded in 2016, Palo Alto-based Next Insurance is focused on providing insurance to small-to-medium-sized businesses. It was last valued at $2.5 billion in late 2023 when it raised $265 million. Next Insurance’s…

Read more →

AI, Asia Pacific, china, Global Security News, Government & Policy

AI’s answers on China differ depending on the language, analysis finds

It’s well-established that AI models developed by Chinese AI labs like DeepSeek censor certain politically sensitive topics. A 2023 measure passed by China’s ruling party forbids models from generating content that “damages the unity of the country and social harmony.” According to one study, DeepSeek’s R1 refuses to answer 85% of questions about subjects deemed…

Read more →

acura, acura ZDX, Global Security News, honda, honda prologue ev, North America, Tesla Supercharger, Transportation

Honda and Acura EV owners to gain access to Tesla Superchargers this June

Honda and its luxury brand, Acura, are set to join the growing list of automakers providing EV owners access to Tesla’s Supercharger network in North America. Starting in June, owners of the Honda Prologue and Acura ZDX electric vehicles will be able to charge at Tesla’s stations. Those EVs are built with CCS charging ports…

Read more →

Apps, Global IT News, Global Security News, gmail, Google

Gmail’s new AI search now sorts emails by relevance instead of chronological order 

Google is rolling out a new Gmail update that is designed to help you find the email you’re looking for more quickly. The company announced on Thursday that it will now use AI to consider factors like recency, most-clicked emails, and frequent contacts when surfacing emails based on your search query. Up until now, Gmail…

Read more →

WordPress Appliance - Powered by TurnKey Linux