Tag: data-breach
-
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Suite. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cox-enterprises-discloses-oracle-e-business-suite-data-breach/
-
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Suite. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cox-enterprises-discloses-oracle-e-business-suite-data-breach/
-
Salesforce: Some Customer Data Accessed via Gainsight Breach
An attack on the app of CRM platform-provider Gainsight led to the data of hundreds of Salesforce customers being compromised, highlighting the ongoing threats posed by third-party software in SaaS environments and illustrating how one data breach can lead to others, cybersecurity pros say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/salesforce-some-customer-data-accessed-via-gainsight-breach/
-
Salesforce: Some Customer Data Accessed via Gainsight Breach
An attack on the app of CRM platform-provider Gainsight led to the data of hundreds of Salesforce customers being compromised, highlighting the ongoing threats posed by third-party software in SaaS environments and illustrating how one data breach can lead to others, cybersecurity pros say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/salesforce-some-customer-data-accessed-via-gainsight-breach/
-
CrowdStrike Fires Employee for Leaking Internal System Info to Hackers
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The incident involved the leak of internal screenshots posted on a public Telegram channel operated by the threat group known as >>Scattered Lapsus$ Hunters>>. Insider Threat Detected Through Screen Sharing The leaked images displayed internal dashboards,…
-
CrowdStrike denies breach after insider sent internal screenshots to hackers
CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider shared internal system screenshots with hackers, after Scattered Lapsus$ Hunters leaked them on Telegram. The company stresses that no systems were breached and no customer data was exposed.…
-
WhatsApp API Could Bulk Leak User Telephone Numbers
Researchers Were Able to Query 3.5 Billion Accounts. Security researchers were able to scoop up the telephone numbers of billions of WhatsApp users through an enumeration tool provided by app owner Meta. The sheer quantity of leaked numbers – 3.5 billion in total – would amount to the largest data leak in history. First seen…
-
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings
Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/
-
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings
Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/
-
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings
Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/
-
CrowdStrike fires ‘suspicious insider’ who passed information to hackers
Cybersecurity giant CrowdStrike denied it had been hacked following claims from a hacker group, which leaked screenshots from inside CrowdStrike’s network. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/21/crowdstrike-fires-suspicious-insider-who-passed-information-to-hackers/
-
‘Scattered Spider’ teens plead not guilty to UK transport hack
Two British teenagers have denied charges related to an investigation into the breach of Transport for London (TfL) in August 2024, which caused millions of pounds in damage and exposed customer data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scattered-spider-teens-plead-not-guilty-to-uk-transport-hack/
-
How to turn threat intel into real security wins
Tags: access, api, attack, automation, awareness, business, ciso, cloud, communications, control, credentials, csf, data, data-breach, detection, dns, edr, email, endpoint, exploit, finance, framework, governance, guide, identity, intelligence, lessons-learned, mail, malware, mitre, nist, phishing, ransomware, resilience, risk, saas, siem, soar, soc, switch, tactics, theft, threat, tool, update, vulnerabilityThe CISO mandate: Risk, efficiency, investment, response: Reduce operational risk and financial loss Intelligence-led detection and response aim to prevent or minimise data loss and business disruption. The downstream effects, smaller blast radii, fewer regulatory headaches and lower recovery bills, are what boards recognise. Maximise staff efficiency Manual validation and correlation drive alert fatigue. Automating…
-
How to turn threat intel into real security wins
Tags: access, api, attack, automation, awareness, business, ciso, cloud, communications, control, credentials, csf, data, data-breach, detection, dns, edr, email, endpoint, exploit, finance, framework, governance, guide, identity, intelligence, lessons-learned, mail, malware, mitre, nist, phishing, ransomware, resilience, risk, saas, siem, soar, soc, switch, tactics, theft, threat, tool, update, vulnerabilityThe CISO mandate: Risk, efficiency, investment, response: Reduce operational risk and financial loss Intelligence-led detection and response aim to prevent or minimise data loss and business disruption. The downstream effects, smaller blast radii, fewer regulatory headaches and lower recovery bills, are what boards recognise. Maximise staff efficiency Manual validation and correlation drive alert fatigue. Automating…
-
Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR
Tags: access, attack, automation, breach, cloud, communications, computer, cyber, cybersecurity, data, data-breach, defense, detection, edr, endpoint, firewall, intelligence, iot, malware, microsoft, monitoring, network, siem, software, sql, strategy, technology, threat, tool, windowsEDR identifies noticeable changes at the endpoint EDR, the oldest of the three detection technologies, monitors endpoints to mitigate attacks on them. Endpoints are network devices such as PCs, file servers, smartphones and IoT devices that connect to the network to communicate. A software agent is used to inventory EDR malware and suspicious activity detected…
-
Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR
Tags: access, attack, automation, breach, cloud, communications, computer, cyber, cybersecurity, data, data-breach, defense, detection, edr, endpoint, firewall, intelligence, iot, malware, microsoft, monitoring, network, siem, software, sql, strategy, technology, threat, tool, windowsEDR identifies noticeable changes at the endpoint EDR, the oldest of the three detection technologies, monitors endpoints to mitigate attacks on them. Endpoints are network devices such as PCs, file servers, smartphones and IoT devices that connect to the network to communicate. A software agent is used to inventory EDR malware and suspicious activity detected…
-
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data breach at IT provider Almaviva. FS Italiane Group is Italy’s state-owned railway company, managing passenger…
-
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data breach at IT provider Almaviva. FS Italiane Group is Italy’s state-owned railway company, managing passenger…
-
Salesforce Confirms New Breach Linked to Gainsight Apps
Salesforce is probing unusual activity in Gainsight apps that may have exposed customer data, while ShinyHunters claims a new OAuth-based attack. The post Salesforce Confirms New Breach Linked to Gainsight Apps appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-salesforce-breach-gainsight-apps/
-
CrowdStrike catches insider feeding information to hackers
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crowdstrike-catches-insider-feeding-information-to-hackers/
-
Hacker claims to steal 2.3TB data from Italian rail group, Almaviva
Data from Italy’s national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization’s IT services provider, Almaviva. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-claims-to-steal-23tb-data-from-italian-rail-group-almaviva/
-
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles
Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a WhatsApp flaw that could scrape 3.5 billion accounts. Meta has since patched the vulnerability to block this enumeration technique. Users discover contacts by querying WhatsApp servers…
-
Critics Say White House’s Draft AI Order Is a Power Grab
Leaked Executive Order Would Strip States of Power to Regulate AI Tech Firms. A leaked draft executive order would empower federal agencies to override state AI laws, threatening federal funds for noncompliance and creating a litigation task force – drawing sharp backlash over executive overreach and potential harm to consumers. First seen on govinfosecurity.com Jump…
-
Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it
They keep coming back for more First seen on theregister.com Jump to article: www.theregister.com/2025/11/20/salesforce_gainsight_breach/
-
$5M Settlement in Geisinger Health, Nuance Insider Breach
Class Action Litigation and Criminal Case Focus on Actions of an Ex-Tech Worker. A federal court has granted preliminary approval of a $5 million settlement in class action litigation filed against Pennsylvania-based Geisinger Health and Nuance Communications – now part of Microsoft – involving a 2023 insider data breach affecting more than 1 million Geisinger…
-
Breach Roundup: Cloudflare Outage Root Cause
Also: Fortinet Flaws, Aisuru Botnet and Dutch Police Seize Bulletproof Host Servers. This week, the root cause of the Cloudflare outage, active exploitation of Fortinet flaws, Logitech disclosed a data breach, Microsoft headed off a record-breaking botnet attack, Dutch police seized bulletproof hosting servers and Princeton University disclosed a data breach after a phishing attack.…