Geek-Guy.com

Tag: incident

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

ShinyHunters Alleges 42M Records Stolen from Charter Communications  

Charter Communications confirmed a cybersecurity incident after the ShinyHunters extortion group claimed it stole customer data and threatened to leak the information unless a ransom was paid.   The company, which operates under the Spectrum brand, said it is investigating the incident and coordinating with authorities.   “The Charter breach is a reminder that the most sophisticated…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Global Security News, Risk Management

CIRT insights: How to help prevent unauthorized account removals from AWS Organizations

The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often uncovers new or trending tactics used by various threat actors that take advantage of specific customer configurations and designs. Understanding these tactics can help inform your architecture decisions, improve your…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News

Identity security firm SailPoint discloses GitHub repository breach

SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organizations manage and control user access to systems, applications, and sensitive data. SailPoint revealed a cybersecurity…

Read more →

AI, Cybersecurity, Data Breaches, Data Security, Global Security News, Government & Policy

Educational tech firm Instructure data breach may have impacted 9,000 schools

Instructure, maker of the Canvas learning platform, is investigating a cyber incident that exposed users’ personal data. Instructure is a U.S.-based educational technology company best known for developing Canvas, one of the world’s most widely used learning management systems (LMS).  The U.S. firm confirrmed a cybersecurity incident that exposed users’ personal information. The company is working with external…

Read more →

AI, Endpoint, Global Security News, Risk Management

Owl IRD enables one-way forensic data transfer for incident response teams

Owl Cyber Defense has announced the launch of its Incident Response Diode (IRD), a pocket-sized protocol filtering diode (PFD) designed for incident response and forensics teams. The Owl IRD was developed to help users securely move evidence from compromised endpoints into trusted analysis environments without adding risk. The Owl IRD will be made available to…

Read more →

AI, Apps, Cloud Security, Exploits, Global Security News, Risk Management

What the March 2026 Threat Technique Catalog update means for your AWS environment

The AWS Customer Incident Response Team (AWS CIRT) regularly encounters patterns that repeat across their engagements when helping customers respond to security incidents. We’re passionate about making sure that information is widely accessible so that everyone can improve their security posture and their organization’s resilience to disruption. The primary method we use to share this…

Read more →

AI, Global Security News

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. “Based on current evidence, we believe this data originated from Checkmarx’s GitHub repository, and that access to that repository was facilitated through the initial supply…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

U.S. utility giant Itron discloses a security breach

Itron detected unauthorized access to part of its IT environment on April 13, 2026, and launched incident response and notified authorities. Itron disclosed a cyber incident involving unauthorized access to part of its internal IT systems, detected on April 13, 2026. The company activated its incident response plan, engaged external cybersecurity experts, and notified law…

Read more →

AI, Apps, Data Breaches, Global Security News, Network Security, Risk Management

Vercel Confirms Security Incident as Threat Actor Claims Stolen Data for Sale

Cloud development platform Vercel has confirmed a security incident involving unauthorized access to internal systems, after a threat actor claimed to be selling stolen company data online.  “We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems,” said the company in its advisory. Threat Actor Claims Access to Vercel Systems  Vercel…

Read more →

Europe, Funding, Global Security News

Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time

In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what it exposed about the fragility of global vulnerability disclosure infrastructure. He outlines how EU regulations, including the Cyber Resilience Act and NIS2, are creating stronger accountability for vendors…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

This Booking.com Breach Could Expose Your Travel Plans

Booking.com has disclosed a security incident involving unauthorized access to customer reservation data, prompting the company to reset reservation PINs tied to affected bookings. The activity, described as “suspicious access” to a subset of reservation records, did not expose payment card data but surfaced a category of information that, from an operational security standpoint, is…

Read more →

AI, Apps, Cybersecurity, Global Security News, Risk Management

A framework for securely collecting forensic artifacts into S3 buckets

When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and validate remediation efforts. NIST 800-86, Guide to Integrating Forensic Techniques into Incident Response, defines digital forensics as a process comprised of four basic phases: collection, examination, analysis, and reporting. This blog post focuses…

Read more →

AI, Data Security, Global Security News

Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident

Lloyds Banking Group data incident exposed transactions of ~450,000 mobile banking users due to a faulty update. A faulty software update at Lloyds Banking Group exposed transaction details of nearly 450,000 mobile banking users on March 12. The issue caused some customers to see other users’ account activity within the app, prompting the bank to…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security

Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)

In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of control of the stolen data with all the consequences (PII, CC numbers, …). While performing a security assessment of a…

Read more →

AI, Global Security News

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools

Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00 with a new long-term supported kernel, updated storage tools, and several additions to its command-line toolset. Kernel and storage…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

How to Reduce MTTR in Your SOC with Better Threat Intelligence

MTTR is where strategy meets reality. In security operations, it is the margin between a contained incident and a catastrophic breach.  You can have perfect detection coverage, cutting-edge telemetry, and a wall of dashboards glowing like a spaceship cockpit. But if your team takes too long to respond, the attacker still wins the clock. Reducing Mean Time to Respond is not about shaving seconds for vanity metrics. It is about compressing the window in which damage happens. And the fastest way to do that is not more alerts, but better intelligence.  Key Takeaways  MTTR is…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security

The ransomware economy is shifting toward straight-up data extortion

Ransomware remains a scourge that shows some signs of relenting, but incident responders and threat hunters are busier than ever as more financially-motivated attackers lean exclusively on data theft for extortion. Attacks that only involve data theft for extortion may not be more prevalent than traditional ransomware when attackers encrypt systems, but momentum is moving…

Read more →

AI, Global Security News

FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been compromised to establish a foothold into the targeted environment. Each incident was detected and stopped during the lateral movement phase of the attack.

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics

FBI wiretap system tapped by hackers

The US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported. The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to…

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics

FBI wiretap system tapped by hackers

The US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported. The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Politics

FBI targeted with ‘suspicious’ activity on its networks

The FBI found evidence that its networks had been targeted in a suspected cybersecurity incident, the bureau confirmed on Thursday, without sharing any further details. “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to respond,” the agency said in a statement. “We have nothing additional to…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Risk Management

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

AI accelerates incident response by correlating alerts and generating reports in minutes, helping teams scale beyond manual limits. Incident response has always been a race against the clock. It starts ticking the moment an alert is triggered, and each minute thereafter can lead to lost revenue, regulatory exposure, reputational damage, or customer churn. Traditionally, incident…

Read more →

AI, Global Security News, malware, Network Security

Wireshark 4.6.4 resolves dissector flaws, plugin compatibility issue

Packet inspection remains a routine activity across enterprise networks, incident response workflows, and malware investigations. Continuous use places long-term stability and parsing accuracy at the center of daily operations. Wireshark version 4.6.4 addresses two vulnerabilities affecting protocol dissectors and resolves a plugin compatibility issue within the 4.6 release series. Dissector vulnerabilities resolved The update fixes…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

Turn Your SOC Into a Detection Engine: Rethinking Threat Monitoring

Threat monitoring is treated as one capability among many. Something that sits alongside incident response and threat hunting on an org chart. That framing undersells how central it actually is.  Monitoring is the connective tissue of the entire security operation. Every other SOC function depends on it working well.  For SOC and MSSP leaders, building effective threat monitoring is not about “more alerts.” It…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

1.2 Million Accounts Exposed in French Bank Registry Breach

An incident disclosed by the French Ministry of Finance involved unauthorized access to the national bank account registry and may have exposed data tied to approximately 1.2 million accounts.  This case highlights the continued effectiveness of credential theft as an attack vector. The attacker “… was able to consult part of this file which lists…

Read more →

Global Security News

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins. Cloud forensics…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management, Venture

10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons

Ten years on, the Bangladesh Bank cyberheist — a landmark cybersecurity incident that rewrote the rules of nation state–sponsored hacking — continues to offer lessons for the cybersecurity community. Cyberspies hacked into Bangladesh Bank internal network and SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging environment before sending 35 fraudulent SWIFT payment instructions that attempted…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

Read more →

AI, Cybersecurity, Don't miss, Europe, Global Security News, Hot stuff, News

European Commission hit by cyberattackers targeting mobile management platform

The European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, EU’s executive branch announced on Friday. The intrusion was detected on January 30, 2026, by CERT-EU, the cybersecurity team protecting all European Union institutions, bodies, and agencies. “The Commission’s swift response ensured…

Read more →

AI, Cybersecurity, Don't miss, Europe, Global Security News, Hot stuff, News

European Commission hit by cyberattackers targeting mobile management platform

The European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, EU’s executive branch announced on Friday. The intrusion was detected on January 30, 2026, by CERT-EU, the cybersecurity team protecting all European Union institutions, bodies, and agencies. “The Commission’s swift response ensured…

Read more →

AI, Endpoint, Endpoint Protection, Security, Vulnerabilities, Windows Security, Exploits, Global Security News, malware

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

In a recent incident, attackers abused a legitimate but vulnerable Windows kernel driver to shut down endpoint security tools during an ongoing incident response. According to a Huntress report, the activity was observed during a customer investigation in early 2026 and involved the use of an old EnCase forensic driver (by Guidance Software) as part…

Read more →

AI, Artificial Intelligence, Cloud, Cloud Security, Cybersecurity, Data Breaches, Global Security News, Network Security, News, Risk Management

AI-Driven Attack Gains AWS Admin Privileges in Under 10 Minutes

Threat actors are using artificial intelligence (AI) to accelerate cloud intrusions.  In a recent incident observed by Sysdig researchers, attackers escalated from stolen credentials to full administrative access in an AWS environment in under 10 minutes, illustrating how AI can shorten cloud attack timelines. “The threat actor achieved administrative privileges in under 10 minutes, compromised…

Read more →

AI, Apps, Best Practices, Cloud Security, Compliance, Cybersecurity, Exploits, Foundational (100), Global Security News, malware, Network Security, Security, Identity, & Compliance

What AWS Security learned from responding to recent npm supply chain threat campaigns

AWS incident response operates around the clock to protect our customers, the AWS Cloud, and the AWS global infrastructure. Through that work, we learn from a variety of issues and spot unique trends. Over the past few months, high-profile software supply chain threat campaigns involving third party software repositories have highlighted the importance of protecting…

Read more →