Tag: backup

Ed tech company fined $5.1 million for poor data security practices leading to hack

Nov 6, 2025 10:19 PM

Tags: backup, data

The ed tech firm also allegedly failed to monitor its systems for suspicious activity and did not separately secure backup and active databases. First seen on therecord.media Jump to article: therecord.media/ed-tech-company-fined-5-million-data-breach-security-practices
Ed tech company fined $5.1 million for poor data security practices leading to hack

Nov 6, 2025 10:19 PM

Tags: backup, data

The ed tech firm also allegedly failed to monitor its systems for suspicious activity and did not separately secure backup and active databases. First seen on therecord.media Jump to article: therecord.media/ed-tech-company-fined-5-million-data-breach-security-practices
SonicWall Firewall Backups Stolen by Nation-State Actor

Nov 6, 2025 10:19 PM

Tags: attack, backup, breach, firewall, network, ransomware

The network security vendor said the MySonicWall breach was unrelated to the recent wave of Akira ransomware attacks targeting the company’s devices. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/sonicwall-firewall-backups-nation-state-actor
Report: Nevada State Hackers Evaded Detection for Months

Nov 6, 2025 9:19 PM

Tags: backup, breach, detection, hacker, infrastructure, ransomware, threat

Statewide Breach Hit 60 Agencies Before Ransomware Was Deployed. A threat actor infiltrated Nevada’s statewide systems undetected for months, ultimately disrupting at least 60 agencies by deleting backups and launching ransomware that forced a full rebuild of core infrastructure and triggered a multimillion-dollar emergency response. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/report-nevada-state-hackers-evaded-detection-for-months-a-29948
SonicWall says state-linked actor behind attacks against cloud backup service

Nov 6, 2025 5:19 PM

Tags: attack, backup, ceo, cloud, governance, service

CEO announces security and governance reforms inside the company, including the adoption of secure by design practices. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sonicwall-state-linked-actor-attacks-cloud-backup/804867/
SonicWall says state-linked actor behind attacks against cloud backup service

Nov 6, 2025 5:19 PM

Tags: attack, backup, ceo, cloud, governance, service

CEO announces security and governance reforms inside the company, including the adoption of secure by design practices. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sonicwall-state-linked-actor-attacks-cloud-backup/804867/
SonicWall cloud backup hack was the work of a state actor

Nov 6, 2025 3:19 PM

Tags: backup, cloud, mandiant, service

Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/06/sonicwall-cloud-backup-hack-was-the-work-of-a-state-actor/
SonicWall fingers state-backed cyber crew for September firewall breach

Nov 6, 2025 2:19 PM

Tags: backup, breach, cyber, firewall

Spies, not crooks, were behind digital heist damage stopped at the backups, says US cybersec biz First seen on theregister.com Jump to article: www.theregister.com/2025/11/06/sonicwall_fingers_statebacked_cyber_crew/
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach

Nov 6, 2025 7:19 AM

Tags: access, api, backup, breach, cloud, firewall, hacker, malicious, threat, unauthorized

SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files.”The malicious activity carried out by a state-sponsored threat actor – was isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call,” the company…
SonicWall blames state-sponsored hackers for September security breach

Nov 6, 2025 12:19 AM

Tags: access, backup, breach, credentials, cybersecurity, firewall, hacker, law

Cybersecurity firm SonicWall attributed the September security breach exposing firewall configuration files to state-sponsored hackers. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts were exposed. The company announced it had blocked attackers’ access and was working with cybersecurity experts and law enforcement agencies to determine the scope…
SonicWall says state-sponsored hackers behind September security breach

Nov 5, 2025 7:20 PM

Tags: backup, breach, data-breach, hacker

SonicWall’s investigation into the September security breach that exposed customers’ firewall configuration backup files concludes that state-sponsored hackers were behind the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-says-state-sponsored-hackers-behind-security-breach-in-september/
Nie wieder das Backup-Passwort vergessen: Diese neue Whatsapp-Funktion müsst ihr kennen

Nov 5, 2025 1:19 PM

Tags: backup, password

First seen on t3n.de Jump to article: t3n.de/news/nie-wieder-das-backup-passwort-vergessen-diese-neue-whatsapp-funktion-muesst-ihr-kennen-1714642/
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Nov 3, 2025 2:19 PM

Tags: attack, backup, cyberattack, dark-web, hacker, jobs, lazarus, leak, phishing, ransomware, scam, tool

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Nov 3, 2025 2:19 PM

Tags: attack, backup, cyberattack, dark-web, hacker, jobs, lazarus, leak, phishing, ransomware, scam, tool

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World Lessons

Nov 3, 2025 5:19 AM

Tags: access, ai, attack, authentication, awareness, backup, breach, business, ceo, ciso, computer, country, crime, cyber, cybersecurity, data, deep-fake, email, exploit, extortion, finance, firewall, framework, fraud, government, group, guide, healthcare, ibm, incident, incident response, infrastructure, insurance, intelligence, law, mfa, microsoft, penetration-testing, phone, powershell, ransom, ransomware, risk, russia, scam, service, social-engineering, strategy, tactics, technology, theft, threat, tool, training, vpn, vulnerability, zero-day

Summary In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape. Rau notes that the past summer was exceptionally busy for IR, driven largely by zero-day firewall vulnerabilities. He highlights that threat actors are innovating, even using AI chatbots for…
TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World Lessons

Nov 3, 2025 5:19 AM

Tags: access, ai, attack, authentication, awareness, backup, breach, business, ceo, ciso, computer, country, crime, cyber, cybersecurity, data, deep-fake, email, exploit, extortion, finance, firewall, framework, fraud, government, group, guide, healthcare, ibm, incident, incident response, infrastructure, insurance, intelligence, law, mfa, microsoft, penetration-testing, phone, powershell, ransom, ransomware, risk, russia, scam, service, social-engineering, strategy, tactics, technology, theft, threat, tool, training, vpn, vulnerability, zero-day

Summary In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape. Rau notes that the past summer was exceptionally busy for IR, driven largely by zero-day firewall vulnerabilities. He highlights that threat actors are innovating, even using AI chatbots for…
Ernst Young (EY): 4TB DB-Backup im Internet gefunden

Nov 3, 2025 12:19 AM

Tags: backup, Internet, security-incident, sql

Kleiner Nachtrag von voriger Woche. Bei Ernst & Young (kurz EY) hat es mutmaßlich einen veritablen Datenschutz- und Sicherheitsvorfall gegeben. Sicherheitsforscher sind im Internet auf eine Backup-Datei für einen SQL-Server gestoßen, die unverschlüsselt und ungeschützt erreichbar war. Die über 4 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/03/ernst-young-ey-4tb-db-backup-im-internet-gefunden/
EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

Oct 31, 2025 1:19 PM

Tags: backup, cybersecurity, microsoft, sql

A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible onMicrosoft Azure. Cybersecurity firm Neo Security discovered a 4TB SQL Server backup belonging to accounting giant Ernst & Young (EY) publicly accessible on Microsoft Azure during a routine scan. Neo Security’s lead researcher identified a…
QNAP-Warnung von ASP.NET-Schwachstelle in Backup-Software

Oct 31, 2025 12:19 PM

Tags: backup, software, vulnerability, windows

QNAP warnt Kunden vor einer kritischen ASP.NET-Schwachstelle die auch seinen NetBak PC Agent-Software für Windows betrifft. Das ist ein Windows-Dienstprogramm zum Sichern von Daten auf einem QNAP-Netzwerkspeichergerät (NAS). Es handelt sich um die Schwachstelle CVE-2025-55315 im Core von ASP.NET, die mit … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/31/qnap-warnung-von-asp-net-schwachstelle-in-backup-software/
WhatsApp Implements Passkey System to Boost Backup Privacy

Oct 31, 2025 12:19 PM

Tags: backup, cyber, encryption, passkey, password, privacy

WhatsApp has announced a significant security upgrade that makes protecting your chat backups simpler and more secure than ever before. The messaging platform is introducing passkey-encrypted backups, a new feature that eliminates the need for complicated passwords or lengthy encryption keys. Instead, users can now protect their backups using their fingerprint, face recognition, or screen…
WhatsApp Implements Passkey System to Boost Backup Privacy

Oct 31, 2025 12:19 PM

Tags: backup, cyber, encryption, passkey, password, privacy

WhatsApp has announced a significant security upgrade that makes protecting your chat backups simpler and more secure than ever before. The messaging platform is introducing passkey-encrypted backups, a new feature that eliminates the need for complicated passwords or lengthy encryption keys. Instead, users can now protect their backups using their fingerprint, face recognition, or screen…
WhatsApp adds passkey protection to endend encrypted backups

Oct 30, 2025 7:20 PM

Tags: access, backup, passkey

This means if you lose your device, you can use methods like fingerprint, face, or the screen lock code of your previous device to access WhatsApp’s backup. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/30/whatsapp-adds-passkey-protection-to-end-to-end-encrypted-backups/
WhatsApp adds passwordless chat backups on iOS and Android

Oct 30, 2025 7:20 PM

Tags: android, backup, passkey

WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling users to encrypt their chat history using their fingerprint, face, or a screen lock code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whatsapp-adds-passwordless-chat-backups-on-ios-and-android/
Grüne fordern schnellstmögliche Sicherheitsoffensive

Oct 30, 2025 4:19 PM

Tags: backup, cyberattack, cyersecurity, germany, governance, infrastructure, nis-2, risk-analysis

Die Grünen fordern mehr Engagement bei der Abwehr von Sabotage, Spionage und Cyberangriffen.Bei der Abwehr von Sabotage, Spionage und Cyberangriffen kommt die Bundesregierung aus Sicht der Grünen-Fraktion nicht schnell genug voran. Immerhin hätten Bundeskanzler Friedrich Merz (CDU) und Innenminister Alexander Dobrindt (CSU) inzwischen Fortschritte bei der Problembeschreibung gemacht, stellen Fraktionsvize Konstantin von Notz und die…
WhatsApp now lets you secure chat backups with passkeys

Oct 30, 2025 4:19 PM

Tags: android, backup, passkey, service

Messaging service WhatsApp is launching passkey-encrypted chat backups for iOS and Android, allowing users to encrypt their stored message history using their face, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/30/whatsapp-secure-chat-backups-passkeys/
Massive 4TB EY Database Backup Found Publicly Accessible on Azure

Oct 29, 2025 3:26 PM

Tags: backup, cyber, Internet, microsoft, sql, vulnerability

A critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four accounting firms, was found publicly accessible on Microsoft Azure. The exposure was identified by security researchers during routine internet mapping operations and has since been remediated following responsible disclosure protocols.…