Galactic Research: Articles & Insights
Part 1: The AI Implementation Question Is Coming. Are You Ready to Answer?
I had lunch a few weeks ago with an executive at a financial services firm, the kind of client every security advisor quietly hopes for: growing, regulated, complex enough to need real security help and profitable enough to pay for ...
AI Security
Part 1: The AI Implementation Question Is Coming. Are You Ready to Answer?
I had lunch a few weeks ago with an executive at a financial services firm, the kind of client every security advisor quietly hopes for: growing, regulated, complex enough to need real security help and profitable enough to pay for ...
OpenClaw's Marketplace Got Stuffed With Malware. Here's Why That Was Always Going to Happen.
What a Malware-Filled AI Agent Marketplace Tells Us About How the Industry Keeps Making the Same Mistake I've spent the better part of my career watching organizations adopt new technology faster than they can secure it, and documenting what happens ...
The Deepfake Was Convincing. So Was My Backpack.
Why Social Engineering Still Works, Why AI is Making it Sharper, and the One Habit that Stops it In early 2024, an employee at Arup, a global engineering firm, joined a video call with several colleagues, including someone who appeared ...
Threat Intelligence
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
Threat Thursday: June 11th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories share one theme: the gap between a vulnerability becoming public and a working exploit existing is collapsing toward hours, and the coordinated disclosure process meant to give defenders ...
Threat Thursday: June 4th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories have a clear pattern: attackers didn't find obscure entry points or novel techniques but instead went after the things you were already using and already trusting. As always, ...
Security Education
Vulnerabilities Are Now the #1 Way In. The Window to Fix Them Is Closing.
Most of the time, I didn't break into a network so much as let myself in through something with a fix already out (just not installed yet): the VPN concentrator three versions behind, the firewall with a known vulnerability fixed ...
Your OSINT Reality Check: Here’s What an Attacker Is Finding in 30 Minutes or Less
Today’s connected, AI-driven digital ecosystem has made it easier than ever to build a professional brand, network with peers, and share ideas with a wider audience. It’s opened doors for businesses that simply didn't exist before: new customers, new partnerships, ...
Part 2: Threat Actors Don't Pick You. You Just Happen to Be There.
In Part 1, we established that Handala didn't pick Stryker off a strategic target list and then figure out how to break in. They found access, recognized the value, and used it. That's still a deliberate, damaging attack—it just means ...
Strategy & Leadership
Building Trust in Executive Relationships: Lessons from King Lear
A Framework for Establishing the Kind of Trust that Survives Budget Season Imagine the curtain going up and a group of players act out the opening scenes of Shakespeare's King Lear, just for you. An aging king sits in his ...
Your Jokes Were Funny. They Still Didn't Renew.
How MSPs Build the Kind of Client Rapport That Survives a Budget Review You walked out of the meeting feeling good. The handshake was firm, the small talk landed, and you even got a laugh with the printer joke. You ...
Value That Converts: Why Your vCSO Pitch Keeps Getting Pushed to IT
You walked out of that meeting feeling like a closer. Your credentials were on point. You covered the whole stack: EDR, SIEM, MDR, quarterly risk assessments, tabletop exercises, NIST alignment. Your vCSO offering was solid. You even had a phased ...
All Articles
JCrew Retailer Customers May Have Had Information Accessed
Another week, another data breach. This time, the target being US clothing retailer J. Crew. The company announced that sometime in April of 2019, an unknown group of hackers utilized a credential ...
New Android Malware Can Get Past Two-Factor Authentication
Since 2010, Google has been doing its part to help keep its massive user base safe. They introduced a small but critical service called Google Authenticator, which is used by a number ...
Mobile Internet Usage Continues To Rise According To Study
A few years ago, the people who track such things announced that the PC had been dethroned. They said a slight majority of people were turning to their phones as their primary ...
Facial Recognition Company Hacked, Leaking Billions Of Photos
Photos are a new kind of currency, and gaining in value. Clearview AI is a facial recognition startup used by hundreds of law enforcement agencies around the country. The company was hacked, ...
Google Translate Adds More Languages To Assist Communication
Every kid who grew up watching sci-fi has dreamed of the day when a Universal Translator would be available, making seamless communication possible and eliminating the language barrier entirely. That day hasn't ...
Emails Pretending To Be Secret Admirers Could Be Ransomware
Nemty Ransomware isn't an especially well-known threat, but it's dangerous and should not be discounted. Recently, researchers have discovered an ongoing spam-email driven campaign that's attempting to spread the ransomware far and ...
New Edge Browser Coming To Windows 10 Through Updates
Microsoft Edge has been changed and improved many times. It is now Chromium-based, and is one important step closer to widespread release. At present, the new browser is available to Windows 10 ...
Tax Information Theft Is On The Rise This Year
It's tax season, and if you're like many people, you make use of one of the numerous e-file platforms offered by TurboTax, TaxAct, and similar companies. Unfortunately, tax season also presents a ...
The New Microsoft Office App Looks Like A Winner
In November of 2019, Microsoft made an announcement and gave users an early look at a new unified Office app designed specifically for Android and iOS devices. The purpose, of course, was ...
Mobile Flash Storage Getting Faster To Accommodate 5G Rollout
Are you ready for the world of 5G? Even if you are, the available storage you have on your favorite devices may not be as robust as you'd like it to be. ...
Mandatory Two Factor Authentication Coming To Ring Devices
Finally, a smart device manufacturer is taking device security seriously, and that's great news indeed. You may recall reading about a serious issue with Ring security systems recently. The news was that ...
Google Docs Gets Smarter With Smart Compose Feature
Google continues to increase the versatility and usefulness of the G-Suite. This time they are adding the much anticipated Smart Compose feature to Google Docs, and it is now available to all ...
