Galactic Research: Articles & Insights
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
AI Security
OpenClaw's Marketplace Got Stuffed With Malware. Here's Why That Was Always Going to Happen.
What a Malware-Filled AI Agent Marketplace Tells Us About How the Industry Keeps Making the Same Mistake I've spent the better part of my career watching organizations adopt new technology faster than they can secure it, and documenting what happens ...
The Deepfake Was Convincing. So Was My Backpack.
Why Social Engineering Still Works, Why AI is Making it Sharper, and the One Habit that Stops it In early 2024, an employee at Arup, a global engineering firm, joined a video call with several colleagues, including someone who appeared ...
The Invisible Workforce
The Shadow AI Running Inside Your Clients' Environments and How MSPs Can Get Ahead of It It's Monday morning. A client's controller is on the phone. She spent Friday afternoon cleaning up the vendor list inside their accounting platform's new ...
Threat Intelligence
Threat Thursday: June 18th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. Every Thursday we break down the cybersecurity stories that matter most for protecting your organization, with each item split into what happened, what it could mean for you, and what to ...
Threat Thursday: June 11th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories share one theme: the gap between a vulnerability becoming public and a working exploit existing is collapsing toward hours, and the coordinated disclosure process meant to give defenders ...
Threat Thursday: June 4th, 2026
Welcome to Threat Thursday, Galactic's weekly threat intelligence roundup. This week's stories have a clear pattern: attackers didn't find obscure entry points or novel techniques but instead went after the things you were already using and already trusting. As always, ...
Security Education
Vulnerabilities Are Now the #1 Way In. The Window to Fix Them Is Closing.
Most of the time, I didn't break into a network so much as let myself in through something with a fix already out (just not installed yet): the VPN concentrator three versions behind, the firewall with a known vulnerability fixed ...
Your OSINT Reality Check: Here’s What an Attacker Is Finding in 30 Minutes or Less
Today’s connected, AI-driven digital ecosystem has made it easier than ever to build a professional brand, network with peers, and share ideas with a wider audience. It’s opened doors for businesses that simply didn't exist before: new customers, new partnerships, ...
Part 2: Threat Actors Don't Pick You. You Just Happen to Be There.
In Part 1, we established that Handala didn't pick Stryker off a strategic target list and then figure out how to break in. They found access, recognized the value, and used it. That's still a deliberate, damaging attack—it just means ...
Strategy & Leadership
Building Trust in Executive Relationships: Lessons from King Lear
A Framework for Establishing the Kind of Trust that Survives Budget Season Imagine the curtain going up and a group of players act out the opening scenes of Shakespeare's King Lear, just for you. An aging king sits in his ...
Your Jokes Were Funny. They Still Didn't Renew.
How MSPs Build the Kind of Client Rapport That Survives a Budget Review You walked out of the meeting feeling good. The handshake was firm, the small talk landed, and you even got a laugh with the printer joke. You ...
Value That Converts: Why Your vCSO Pitch Keeps Getting Pushed to IT
You walked out of that meeting feeling like a closer. Your credentials were on point. You covered the whole stack: EDR, SIEM, MDR, quarterly risk assessments, tabletop exercises, NIST alignment. Your vCSO offering was solid. You even had a phased ...
All Articles
Support For Many Microsoft Apps Will Stop In 2020
The year 2020 looks to be interesting and exciting in a variety of ways, but it also will usher in a tremendous amount of change. If you're an IT manager, be aware ...
ISO Files Are Being Used To Deliver Malware
Researchers at Trustwave have observed a notable increase in the use of .ISO files to deliver malware. Hackers have relied on poisoned disk image files for years to deliver malware to their ...
Message Recall Feature May Be Added To Office 365
For a while now, Microsoft Outlook users have enjoyed a highly popular addition to their email service. In a nutshell, it allows them to recall messages that have been sent using Outlook, ...
Kids Can Bypass Communication Limit Feature On iOS 13.3
If you have children that own Apple devices, be aware that the latest update for iOS 13.3 included a feature called Communications Limits. It is designed to allow parents to set up ...
Windows 10 Update Caused Issues With File Explorer
Have you already installed Windows 10, build 1909? If so, then you've probably noticed that the latest build update introduced a few bugs to Windows File Explorer. After installing the latest build, ...
Citrix Applications Need Patch To Address Vulnerability
Researchers at Positive Technologies recently discovered a serious vulnerability in Citrix Enterprise products that threatens the security of more than 80,000 companies in 158 countries around the world. The issue is being ...
FBI Sheds New Light On Ransomware Tactics
According to a recent FBI alert marked "TLP: AMBER," businesses should be on high alert for ransomware attacks. The alert reads, in part, as follows: "Since January 2019, LockerGoga ransomware has targeted ...
Data Breaches Continue With Three New High Profile Cases
As 2019 draws to a close, we can say definitively that the year has been another record-breaking one where data breaches are concerned. Hackers around the world have been busy in recent ...
Cashless Shopping Could Get Easier In the Future
For decades, futurists have been promising a cashless society and all the convenience that comes with it. So far though, the technology we have available hasn't lived up to the promise. Sure, ...
Apply Security Update To Protect Against Nvidia Vulnerability
Have you downloaded the NVIDIA GeForce Experience (GFE) app? It's a helper app designed to work in tandem with GeForce GTX graphics cards. It is designed to automate the process of keeping ...
The End Of Windows 7 Support Is Almost Here
Do you still have a few machines in your company that are running Windows 7? If so, be aware that Microsoft is formally ending Windows 7 support in a matter of weeks. ...
New Orleans Shuts Down After Ransomware Attack
Things aren't so easy in the Big Easy right now. The city of New Orleans has suffered a ransomware attack. As a result, most of the city's servers and computers are currently ...
