Geek-Guy.com

Category: Global Security News

Open source companies that go proprietary: A timeline

Open source might be the building blocks of the modern software stack, but companies building businesses off the back of open source software face a perennial struggle between keeping their community happy and ensuring that third parties don’t abuse the permissions afforded by the license. Many companies have launched with lofty open source ambitions, only…

Trump’s Silicon Valley advisers have AI ‘censorship’ in their crosshairs

President-elect Donald Trump has surrounded himself with Silicon Valley entrepreneurs — including Elon Musk, Marc Andreessen, and David Sacks — who are now advising him on technology and other issues. When it comes to AI, this crew of technologists is fairly aligned on the need for rapid development and adoption of AI throughout the U.S.…

Weekly Update 430

I’m back in Oslo! Writing this the day after recording, it feels like I couldn’t be further from Dubai; the temperature starts with a minus, it’s snowing and there’s not a supercar in sight. Back on business, this week I’m talking about the challenge of loading breaches and managing costs. A breach load immediately takes…

Rhode Island says personal data likely breached in social services cyberattack

State officials said hundreds of thousands of Rhode Island residents could be affected by a cyberattack on the state’s online portal for social services, with a “high probability” that  personally identifiable information was breached. According to an update from Governor Dan McKee’s office, the attack targeted RIBridges, which Rhode Island residents use to apply for…

Gaining Confidence Through Effective Secrets Vaulting

Why is Secrets Vaulting Crucial in Today’s Cybersecurity Landscape? In a world increasingly dependent on cloud-based services, how do organizations ensure maximum security while maintaining operational efficiency? The answer might just lie in an under-explored area of cybersecurity: Non-Human Identities (NHIs) and secrets management. A Deeper Dive into Non-Human Identities and Secrets Vaulting NHIs are…

Innovating with Secure Secrets Rotation Techniques

How Are We Innovating with Secure Secrets Rotation Techniques? With the rapid expansion of digitized environments, the demand for effective and secure identity management has surged. Organizations are increasingly relying on machine identities or Non-Human Identities (NHIs) to safeguard their data and ensure smooth operations. However, how are we, as data management experts, innovating secure…

Proactive Approaches to Identity and Access Management

Why is Proactive Security Crucial in IAM? Have you ever weighed the impact of security breaches and data leaks on your business? Increasingly, organizations are finding tremendous value in adopting a proactive security approach, particularly in the realm of Identity and Access Management (IAM). This is the first and often most crucial line of defence…

Navigating Cloud Security for Future Proofing Your Assets

Why is Cloud Security Imperative for Asset Protection? As businesses increasingly migrate their operations to the cloud, the demand for effective cloud security strategies gains precedence. The criticality of this requirement becomes glaringly obvious when one considers asset protection. But how does cloud security play into the grand scheme of asset protection? And how does…

GM ‘blindsides’ Cruise by giving up on robotaxis

Welcome back to Week in Review. This week, we’re looking at GM’s decision to pull out of the robotaxi business, Google alluding to the existence of multiple universes, and how you can make some serious cash by getting an AI bot to fall in love with you. Let’s get into it. General Motors will no…

Meta asks California AG to block OpenAI’s conversion to for-profit

Facebook’s parent company Meta is supporting Elon Musk’s effort to block OpenAI’s conversion from a non-profit company into a for-profit one. As reported by The Wall Street Journal, Meta sent a letter to California Attorney General Rob Bonta arguing that allowing the shift would have “seismic implications for Silicon Valley.” And while the company asked…

What are AI ‘world models,’ and why do they matter?

World models, also known as world simulators, are being touted by some as the next big thing in AI. AI pioneer Fei-Fei Li’s World Labs has raised $230 million to build “large world models,” and DeepMind hired one of the creators of OpenAI’s video generator, Sora, to work on “world simulators.” (Sora was released on…

HPE El Capitan supercomputer confirmed as world’s fastest

Global computer manufacturer Hewlett Packard Enterprise (HPE) is no stranger to supercomputers, being behind seven out of the current top 10 already. HPE’s most recent, El Capitan, and built in conjunction with AMD, has been confirmed as the world’s number one performing supercomputer that exists today. It’s also energy-efficient through innovative water cooling.

Arlan Hamilton announces changes at Backstage Capital, will step into advisory role

Arlan Hamilton, founder of Backstage Capital, announced Friday that her role at the firm she started in 2015 will evolve.  “After 12 years of being deeply involved in the day-to-day operations, I’ve decided to transition into a chairperson and advisory position,” she wrote in a statement released online. She was previously a managing partner at…

DEF CON 32 – MobileMesh RF Network Exploitation Getting the Tea from goTenna

Authors/Presenters: Erwin Karincic, Woody Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – MobileMesh RF Network Exploitation Getting the Tea from goTenna…

Klarna’s CEO says it stopped hiring thanks to AI but still advertises many open positions

Klarna CEO Sebastian Siemiatkowski recently told Bloomberg TV that his company essentially stopped hiring a year ago and credited generative AI for enabling this massive workforce reduction. However, despite Siemiatkowski’s bullishness on AI, the company is not relying entirely on AI to replace human workers who leave, as open job listings — for more humans…

‘Reasoning’ AI models have become a trend, for better or worse

Call it a reasoning renaissance. In the wake of the release of OpenAI’s o1, a so-called reasoning model, there’s been an explosion of reasoning models from rival AI labs. In early November, DeepSeek, an AI research company funded by quantitative traders, launched a preview of its first reasoning algorithm, DeepSeek-R1. That same month, Alibaba’s Qwen…

Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action

Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and their command-and-control (C2) servers by sinkholing the…

Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques

Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. “The target of the threat actors were Thailand officials based on the nature of the lures,” Nikhil Hegde, senior engineer for Netskope’s Security Efficacy team, told The Hacker…

OpenAI co-founder Ilya Sutskever believes superintelligent AI will be ‘unpredictable’

OpenAI co-founder Ilya Sutskever spoke on a range of topics at NeurIPS, the annual AI conference, Friday afternoon before accepting an award for his contributions to the field. Sutskever gave his predictions for “superintelligent” AI, AI more capable than humans at many tasks, which he believes will be achieved at some point. Superintelligent AI will…

Kalshi CEO admits enlisting influencers to dis Polymarket in a now-deleted podcast segment

Kalshi’s CEO, Tarek Mansour, confirmed on a podcast interview that his employees did ask social media influencers to promote memes about the FBI’s raid on the home of his arch rival, the CEO of Polymarket.  Both of these companies offer competing events-betting markets, a new kind of betting industry where people wager about the outcomes…

Unauthenticated Webpages: Hidden HIPAA Risks on Public-Facing Websites

When we think about HIPAA compliance and websites, the focus often shifts to patient portals, online scheduling systems, and other secure areas requiring user authentication. However, it’s crucial to recognize that even unauthenticated webpages, those accessible to the public without logging in, can present hidden HIPAA risks. Let’s explore these often-overlooked vulnerabilities and discuss how…

Databricks is on track to raise a record $9.5+ billion round at $60B valuation

Databricks is close to finalizing a $9.5 billion round at a $60 billion valuation, including a secondary sale for employees that could climb even higher before it closes, Reuters reports. Just 17 days ago, Reuters reported that the deal was at $8 billion and a $55 billion valuation. Thrive Capital is leading the deal with…

Why the Recent Telecom Hack Underscores the Need for End-to-End Encryption

The recent massive telecom hack by the Chinese state-sponsored group Salt Typhoon has highlighted critical vulnerabilities in traditional communication systems. The breach targeted major U.S. telecom providers, including Verizon, AT&T, and T-Mobile, compromising sensitive communications of government officials, political entities, and businesses. Attackers accessed call records, unencrypted text messages, and even live call audio by…

What failed before might succeed now — or fail again — and other startup bets

Welcome to Startups Weekly — your weekly recap of everything you can’t miss from the world of startups. Want it in your inbox every Friday? Sign up here. This week in startup news, we have some contrarian bets, funding rounds from all around the world, new VC funds, and a final word of warning. Most…

Arizona man arrested for alleged involvement in violent online terror networks

Baron Martin, a 20-year-old resident of Tucson, Arizona, was arrested Wednesday on charges of producing child sexual abuse material and cyberstalking. His arrest is connected to his involvement in online terror networks, specifically 764 and CVLT, which are known for violent extremist activities. Martin, also known under the alias “Convict,” is charged with significant involvement…

390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits

A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to “mysterious unattributed threat”) by…

DEF CON 32 – Cultivating M4D SK1LLZ In the DEF CON Community

Authors/Presenters: Yan Shoshitaishvili, Perri Adams Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Cultivating M4D SK1LLZ In the DEF CON Community…

See what Google’s Project Astra AR glasses can do (for a select few beta testers)

Google has released a prototype of Project Astra’s AR glasses for testing in the real world. The glasses are part of Googles long-term plan to one day have hardware with augmented reality and multimodal AI capabilities. In the meantime, they will be releasing demos to get the attention of consumers, developers, and their competition. Along…

Addressing BYOD Vulnerabilities in the Workplace

Secure the workplace of today by exploring how to address BYOD vulnerabilities Bring Your Own Device (BYOD) policies have become commonplace in many workplaces. Employees use personal smartphones, tablets, and laptops to access corporate resources, blending work and personal activities on the same device. While BYOD offers several benefits, it also introduces significant cybersecurity vulnerabilities……

The 3 Most Common Misconceptions About Workplace Violence

Learn how to overcome C-suite resistance to investing in workplace violence prevention programs — keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.”……

The 3 Most Common Misconceptions About Workplace Violence

Learn how to overcome C-suite resistance to investing in workplace violence prevention programs — keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.”……

The 3 Most Common Misconceptions About Workplace Violence

Learn how to overcome C-suite resistance to investing in workplace violence prevention programs — keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.”……

Breaking the Air Gap Through Hardware Implants

IoT security assessments expose diverse technologies, use cases, and protocols. While wireless components like WiFi and Bluetooth enhance functionality and enable features like OTA updates, they also increase the attack surface. This blog explores the challenges of assessing non-wireless IoT devices and considers the potential of adding wireless capabilities for comprehensive security testing. The post…

Biden administration races to approve clean energy loans before Trump takes over — here’s who is benefiting

The Department of Energy (DOE) is on a loan-approval spree in the lead-up to President-elect Donald Trump’s inauguration, and the winners are all companies manufacturing clean energy solutions on U.S. soil. Companies like Stellantis and Samsung, Rivian, and most recently, EVgo. Trump has promised to cancel any unspent federal dollars under President Joe Biden’s Inflation…

EVgo secures $1.25 billion loan amid Biden’s rush to approve clean energy loans

Electric vehicle charging startup EVgo is the latest company to secure funds from the U.S. Department of Energy as the Biden administration races to approve clean energy loans before Donald Trump takes over.  Trump has promised to cancel any unspent funds from Biden’s bipartisan Inflation Reduction Act, including the $7,500 tax credit for new EV…

Google’s NotebookLM now lets you to talk to its AI podcast hosts

A few months ago, Google’s NotebookLM note-taking app debuted an Audio Overviews feature that generates a podcast with AI virtual hosts based on information you have shared with the app. Now, NotebookLM is rolling out the ability for users to interact with the AI podcast hosts. The idea behind Audio Overviews and the AI hosts…

Researchers expose a surge in hacker interest in SAP systems

A review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer, a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the end of 2023. The vast majority (87%) of the…

The federal crash-reporting rule Tesla opposes could be on the chopping block

The Trump transition team wants to end a federal rule requiring automakers to report crashes when advanced driver-assistance or autonomous driving technology is engaged, Reuters reports. Federal safety agencies would lose the ability to investigate and regulate the safety of vehicles with automated-driving systems should the rule — which went into effect in 2021 —…

Podcast Episode 21: Interview with the University of Richmond’s CTF Winning Team

What happens when passion, talent, and opportunity collide in the university’s tech scene? Meet David Nathanson and Daniel Garay, the freshmen duo who took the University of Richmond’s Capture the Flag (CTF) competition by storm. With David bringing his coding journey from Nicaragua and Daniel harnessing his self-taught skills in AI and machine learning, they……

Time of Reckoning – Reviewing My 2024 Cybersecurity Predictions

The brutal reality is that cybersecurity predictions are only as valuable as their accuracy.  As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…

WordPress Appliance - Powered by TurnKey Linux