Geek-Guy.com

Tag: breach

AI, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

Attackers exploit FortiGate devices to access sensitive network information

Attackers are exploiting FortiGate devices to breach networks and steal configuration data containing service account credentials and network details. SentinelOne researchers warn that attackers are exploiting vulnerabilities or weak credentials in FortiGate devices to gain initial access to corporate networks. Once inside, they extract configuration files that may contain service account credentials and information about…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Ericsson US confirms breach after third-party provider attack

Ericsson US reports a data breach after attackers hacked a service provider, exposing employee and customer information. Ericsson Inc., the U.S. branch of the Swedish telecom giant, disclosed a data breach after a service provider was hacked. The attack compromised the personal information of an unspecified number of employees and customers. “On April 28, 2025,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

A breach at Cognizant’s TriZetto Provider Solutions exposed sensitive health data belonging to more than 3.4 million patients. A data breach at Cognizant’s TriZetto Provider Solutions exposed sensitive information belonging to more than 3.4 million patients. At this time, no ransomware group has claimed responsibility for the attack yet. TriZetto Provider Solutions is a healthcare…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News

Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked

Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

APT37 combines cloud storage and USB implants to infiltrate air-gapped systems

North Korea-linked APT 37 used Zoho WorkDrive and USB malware to breach air-gapped networks in the Ruby Jumper campaign. North Korean group ScarCruft (aka APT37, Reaper, and Group123) deployed new tools in a campaign dubbed Ruby Jumper, using a backdoor that leverages Zoho WorkDrive for C2 and a USB-based implant to breach air-gapped systems. Zscaler ThreatLabz…

Read more →

AI, Data Breaches, Endpoint, Global Security News, Network Security

Illumio Insights brings agentless visibility and breach containment to hybrid environments

Illumio unveiled its solution to deliver agentless visibility and breach containment across both data center and cloud environments. Illumio Insights ingests real-time telemetry and policy data from Check Point and Fortinet firewalls, converting existing firewall information into real-time traffic maps to provide agentless visibility across the hybrid environment. This extends Illumio Insights into data center…

Read more →

AI, Data Breaches, Europe, Global Security News

ManoMano data breach impacted 38 Million customer accounts

European DIY platform ManoMano suffered a data breach via a third-party provider, exposing personal data of 38 million customers. European DIY e-commerce platform ManoMano disclosed a major data breach affecting 38 million customers. Hackers accessed personal information by compromising a third-party service provider, prompting notifications and potential security measures for impacted users across multiple countries.…

Read more →

AI, Apps, Data Breaches, Global Security News

PayPal discloses extended data leak linked to Loan App glitch

PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug in its PayPal Working Capital loan app. The flaw exposed sensitive customer information, including customers’ business contact details (name, email, phone number, address), along…

Read more →

AI, Data Breaches, Global Security News

Adidas investigates alleged data breach affecting 815,000 records

Adidas confirmed it is investigating a possible data breach involving one of its third-party customer service providers. The company stated that there is no indication its IT infrastructure, e-commerce platforms, or consumer data were impacted by the incident. An individual claiming to belong to the Lapsus$ Group posted on BreachForums alleging they had compromised the…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Europe, Global Security News, malware, Network Security, Risk Management

One Process, Every Metric: How Better Alert Enrichment Transforms SOC Performance

Every security alert represents a decision point. Act too slowly, and a threat becomes a breach. Act without context, and analysts drown in noise. At the center of both failure modes is a single, often underestimated process: alert enrichment.  Key Takeaways Alert enrichment is the operational multiplier. Its quality determines the effectiveness of every other SOC investment — detection tools, SIEM…

Read more →

AI, Data Breaches, Global Security News, Risk Management

Fintech firm Figure disclosed data breach after employee phishing attack

Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a data breach after an employee fell victim to a social engineering attack. According to a company spokesperson, the incident allowed hackers to access and steal a…

Read more →

AI, Breaking News, cyber crime, data breach, Data Breaches, Global Security News, Government & Policy, Network Security, Security

Volvo Group hit in massive Conduent data breach

A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacted at least 25 million people, far more than initially reported. Volvo Group North America confirmed that the security breach exposed data of nearly […]

Read more →

AI, Cybercrime, data breach, Data Breaches, Global Security News, hacking, hacking news, Uncategorized

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email‑based newsletters and blogs, with built‑in paid subscriptions and basic analytics. It’s free to start; creators pay a fee on paid plans. In 2026 it’s estimated to serve…

Read more →

AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It

The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact.  What Happened During…

Read more →

AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It

The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact.  What Happened During…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy

We’re sorry. Wait, did a company actually say that?

Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. In episode 444 of “Smashing Security” we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that…

Read more →