Tag: backup

Windows tips for reducing the ransomware threat

Aug 7, 2025 10:11 AM

Tags: access, attack, authentication, backup, breach, cloud, computer, control, credentials, government, identity, infrastructure, login, mfa, microsoft, monitoring, network, ntlm, passkey, privacy, ransomware, risk, service, threat, windows

Susan Bradley / CSOIdeally you should have no such protocols observed.
Ransomware goes cloud native to target your backup infrastructure

Aug 5, 2025 10:28 AM

Tags: access, api, authentication, backup, cloud, container, control, credentials, cybercrime, data, defense, exploit, google, group, identity, infrastructure, least-privilege, linkedin, linux, malicious, malware, mfa, north-korea, ransomware, social-engineering, strategy, threat, vulnerability, vulnerability-management

Credential compromise and misconfiguration woes: More sophisticated threat groups have developed social engineering techniques to the point where they reliably trick targets into helping them to bypass multi-factor authentication (MFA) controls before ransacking compromised cloud-hosted environments.For example, threat actors are using compromised OAuth tokens to bypass MFA and inject malicious code into developer ecosystems via…
Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
Google Cloud: Threat Actors Increasingly Target Backups Take These Steps Now

Aug 2, 2025 12:28 PM

Tags: backup, best-practice, cloud, google, strategy, threat

Defensive strategy best practices are included in Google’s latest cloud security report. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-cloud-h1-2025-threat-horizons-report/
Summer: Why cybersecurity must be strengthened as vacations abound

Aug 1, 2025 9:28 AM

Tags: access, ai, attack, authentication, automation, awareness, backup, control, corporate, credentials, cybersecurity, data, detection, email, encryption, exploit, infrastructure, malicious, mfa, monitoring, network, office, password, resilience, risk, theft, threat, tool, training, update, usa, vpn, wifi

Guillermo Fernandez, Sales Engineer for Southern Europe at WatchGuard Technologies. WatchGuard Technologies.Another important point is that, during the summer, attackers know that many IT and cybersecurity teams are operating with more limited resources or with staff on vacation. “They take advantage of this to launch phishing campaigns and other targeted attacks, aware that attention and vigilance often…
Mehr Backup-Kontrolle mit integrierten Immutable- und Datenresilienz-Funktionen

Jul 31, 2025 4:28 PM

Tags: backup, cloud, cyber, data, ransomware, resilience

Smarte Ransomware-Abwehr: Neue integrierte Unveränderbarkeit und Data-Resilience-Funktionen von Arcserve bieten mehr Backup-Kontrolle sowohl in der Cloud als auch onpremises. Arcserve-Unified-Data-Protection (UDP) 10.2 und die neuen Funktionen des Arcserve-Cyber-Resilient-Storage helfen Organisationen jeder Größe, die Kontrolle über unveränderbaren Backup-Speicher sowohl in der Cloud als auch vor Ort zu erlangen. Die Softwarelösungen bieten eine integrierte Kontrolle des Immutable…
Ransomware gang tells Ingram Micro, ‘Pay up by August 1’

Jul 31, 2025 5:28 AM

Tags: access, attack, backup, breach, cyber, cyberattack, data, data-breach, encryption, exploit, extortion, government, group, international, Internet, law, leak, organized, ransom, ransomware, technology, tool, vpn, vulnerability

Ransomware attacks increase: In a report on ransomware released this week, researchers at Zscaler ThreatLabz said the number of organizations listed on all ransomware leak sites rose 70% in the 12 month period ending in April.A growing number of ransomware operators are abandoning encryption of data in favour of just data extortion, it noted. For…
Google Cloud Security Threat Horizons Report #12 Is Out!

Jul 30, 2025 10:28 PM

Tags: access, ai, apt, attack, backup, business, cloud, credentials, cyber, cybersecurity, data, data-breach, defense, exploit, finance, google, group, identity, incident response, intelligence, malicious, mfa, ransomware, service, social-engineering, theft, threat, unauthorized, vulnerability

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Threat Horizons Report, #12 (full version) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3, #4, #5, #6, #7, #8, #9, #10 and #11). My favorite quotes from the report…
HYCU erneut als Visionär im Gartner Magic Quadrant for Backup and Data Protection Platforms positioniert

Jul 29, 2025 11:28 AM

Tags: backup, data, gartner

Die Auszeichnung als Visionär spiegelt nicht nur Innovation wider, sondern symbolisiert auch die Ausrichtung auf die dringenden Anforderungen der IT-Führungskräfte von heute First seen on infopoint-security.de Jump to article: www.infopoint-security.de/hycu-erneut-als-visionaer-im-gartner-magic-quadrant-for-backup-and-data-protection-platforms-positioniert/a41521/
The healthcare industry is at a cybersecurity crossroads

Jul 29, 2025 9:28 AM

Tags: access, ai, api, attack, backdoor, backup, breach, business, ciso, cloud, communications, compliance, control, cyber, cybersecurity, data, encryption, firmware, flaw, framework, governance, government, healthcare, infrastructure, intelligence, Internet, monitoring, network, nist, programming, ransomware, risk, risk-management, service, software, tactics, technology, threat, tool, training, unauthorized, vulnerability

Digital transformation of business processes. Examples include telehealth, remote patient monitoring, e-prescribing, and ambient listening/note taking. These systems require new equipment, such as internet of medical things (IoMT), high-speed networks, cloud services, APIs, and tightly integrated applications.Aggressive adoption of AI. AI diagnostics are gaining popularity in areas such as cardiology, oncology, and radiology, especially at…
Werkzeug für automatisierte Datensicherung – BorgBackup: Open-Source-Backup mit Deduplizierung

Jul 28, 2025 9:27 AM

Tags: backup, open-source

First seen on security-insider.de Jump to article: www.security-insider.de/borgbackup-open-source-backup-mit-deduplizierung-a-0f7815c8de218e0b0b7cba64ccd24cc5/
Data resilience critical as ransomware attacks target backups

Jul 28, 2025 8:27 AM

Tags: attack, backup, data, insurance, ransomware, resilience, threat, veeam

With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to threat data resilience as a competitive advantage, not just an insurance policy First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628213/Data-resilience-critical-as-ransomware-attacks-target-backups
Interlock ransomware threat expands across the US and Europe, hits healthcare and smart cities

Jul 23, 2025 9:12 PM

Tags: access, advisory, attack, authentication, backup, ceo, control, credentials, defense, detection, dns, endpoint, finance, firewall, firmware, government, group, healthcare, identity, infrastructure, mfa, mitigation, network, ransom, ransomware, risk, service, social-engineering, technology, threat, training, update, usa, vulnerability

Target sectors and global reach : The advisory did not disclose the names of targeted organizations, but noted that critical infrastructure and other organizations in North America and Europe have been targeted in the past.”Healthcare has been a primary target, with incidents involving DaVita and Kettering Health. Education, technology, manufacturing, and government have also been…
UK proposal would forbid ransom payments by gov’t agencies, but will it meaningfully decrease ransomware attacks?

Jul 23, 2025 9:12 PM

Tags: attack, backup, business, ceo, dark-web, data, finance, government, group, hacker, intelligence, law, ransom, ransomware, threat

Businesses often want to pay ransom: Fred Chagnon, principal research director at Info-Tech Research Group noted that, from a business continuity perspective, it can make sense to pay the ransom.”Paying the ransom can sometimes be the quickest and least damaging path to restoring operations, especially if backups are compromised or recovery is prohibitively slow. While…
UK Signals It Will Back Peddle on Apple Encryption Demand

Jul 23, 2025 9:12 PM

Tags: access, apple, backup, cloud, data, encryption, government, office

Apple, US Took Hard Line Against British Demand. The U.K. government is reportedly set to reverse course on requiring smartphone giant Apple to give police access to device data stored as backups in the California company’s cloud service. The Home Office is basically going to have to back down, a British official said. First seen…
KAWA4096 Ransomware Employs WMI Techniques to Delete Backup Snapshots

Jul 21, 2025 7:40 PM

Tags: backup, cyber, group, monitoring, ransomware, threat

Trustwave SpiderLabs has played a crucial role in monitoring new ransomware variants in the incredibly unstable ransomware threat landscape of 2025, where dozens of new groups have emerged and caused extensive disruptions across multiple sectors. Among these, the KAWA4096 ransomware has been identified as a notable newcomer, first detected in June 2025. This strain has…
Backup tool Rescuezilla resurrects itself across six Ubuntus

Jul 20, 2025 10:40 AM

Tags: backup, browser, tool

2.6.1 adds Plucky Puffin and Firefox actually works this time First seen on theregister.com Jump to article: www.theregister.com/2025/07/18/rescuezilla_261/
New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users

Jul 18, 2025 10:40 PM

Tags: attack, backup, cyber, cybercrime, email, exploit, malware, phishing, social-engineering, software, veeam

Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where attackers weaponize common audio formats like WAV files to bypass traditional email security filters and…
Building scalable secrets management in hybrid cloud environments: Lessons from enterprise adoption

Jul 18, 2025 2:40 PM

Tags: access, backup, cloud, credentials, data, gitlab, group, iam, identity, infrastructure, jobs, kubernetes, leak, radius, service, supply-chain, tool

Lessons from integration: Identity, Kubernetes and CI/CD : Choosing a secrets management tool is the easy part. Integrating it across an enterprise is where the work begins. We started with identity. Manual user provisioning was not an option. We integrated Vault with our SSO platform using OIDC and mapped groups to Vault policies based on least privilege.…
Fehlinterpretation der Verantwortlichkeiten führt zu Backup-Lücke in Microsoft-365

Jul 18, 2025 2:40 PM

Tags: backup, microsoft, risk

Unternehmen nutzen Microsoft-365 als Grundlage für ihre Produktivität. Doch neben den Vorteilen solcher Produktivitätsplattformen wird immer wieder eine Lücke in der Datenschutzstrategie übersehen: das Prinzip der geteilten Verantwortung. Diese Nachlässigkeit setzt wichtige Geschäftsinformationen erheblichen Risiken aus, die sich in Ausfallzeiten und wirtschaftlichen Verlusten niederschlagen können. Ein Risiko bei der Nutzung von Microsoft-365 besteht dann, wenn…
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware

Jul 18, 2025 1:40 PM

Tags: backup, cyber, data, ransomware, resilience, service, threat

With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this shift is the growing threat of ransomware, which continues to evolve in both frequency and complexity. Ransomware-as-a-Service (RaaS) platforms have made it possible for even…
Estimated 96% of EMEA financial services sector not ready for DORA

Jul 17, 2025 7:40 PM

Tags: backup, data, dora, finance, service, veeam

Research from data backup provider Veeam indicates that vast majority of European financial services firms do not feel ready to meet the resiliency requirements of the EU’s DORA act First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627913/Estimated-96-of-EMEA-financial-services-sector-not-ready-for-DORA
Erfahrungsbericht WienIT: Reduzierung des Backup-Datenspeichers um 50 Prozent und NIS-2-Konformität

Jul 15, 2025 3:40 PM

Tags: backup, nis-2

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/erfahrungsbericht-wienit-reduzierung-backup-datenspeicher-nis-2-kpnformitaet
The 10 most common IT security mistakes

Jul 14, 2025 5:40 PM

Tags: access, attack, backup, best-practice, bsi, business, control, cyber, cyberattack, cybercrime, data, detection, group, incident response, infrastructure, Internet, login, mfa, microsoft, monitoring, network, office, password, ransomware, risk, security-incident, service, skills, strategy, technology, threat, tool, vpn

2. Gateway: Weak passwords: The problem: Weak passwords repeatedly make it easier for cybercriminals to gain access to a company network. A domain administrator password with six characters or a local administrator password with only two characters is no obstacle for perpetrators. It is more than clear that this issue is often neglected in practice,…
GPS on the fritz? Britain and France plot a backup plan

Jul 14, 2025 12:40 PM

Tags: backup, threat

Cross-Channel pact aims to bolster navigation and timing tech as satellite signals face growing jamming threats First seen on theregister.com Jump to article: www.theregister.com/2025/07/14/britain_france_navigation_alternatives/
Modernes Backup ohne Tape und Cloud ist möglich

Jul 14, 2025 6:40 AM

Tags: backup, cloud, cyberattack

Ein vollständiges und sicheres Backup sowie ein zuverlässiges und schnelles Restore sind die Grundlagen zum Schutz vor Datenverlust und den Folgen eines Cyberangriffs Tape hat hier ausgedient und auch die Public Cloud ist verzichtbar. Zwei in der Datensicherung eingesetzte Technologien stehen derzeit bei vielen Unternehmen und Behörden auf dem Prüfstand. Bei Tape sind… First seen…
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler

Jul 10, 2025 5:41 AM

Tags: access, advisory, authentication, backdoor, backup, citrix, credentials, cve, data-breach, endpoint, exploit, flaw, leak, mitigation, password, theft, tool, vulnerability, zero-day

Similarities to the original Citrix Bleed: CVE-2025-5777 has been dubbed Citrix Bleed 2 due to its similarities to a zero-day information disclosure vulnerability fixed in October 2023 (CVE-2023-4966) that received the Citrix Bleed moniker because it enabled attackers to leak session tokens from memory, allowing for session takeover with multifactor authentication bypass.Similarly, CVE-2025-5777 can lead…
Microsoft Authenticator on iOS moves backups fully to iCloud

Jul 10, 2025 1:40 AM

Tags: backup, microsoft

Microsoft is rolling out a new backup system in September for its Authenticator app on iOS, removing the requirement to use a Microsoft personal account to back up TOTP secrets and account names. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-authenticator-on-ios-moves-backups-fully-to-icloud/
Bewährtes Open-Source-Tool kombiniert Spiegelung mit inkrementeller Sicherung – Wie rdiff-backup Daten effizient und sicher sichert

Jul 8, 2025 12:34 PM

Tags: backup, open-source, tool

First seen on security-insider.de Jump to article: www.security-insider.de/wie-rdiff-backup-daten-effizient-und-sicher-sichert-a-0168b318bb31514b40b2d1dcc3e4fa43/
Hybride Backup-Strategien Flexibler Balanceakt zwischen Effizienz, Komplexität, Kosten und Sicherheit

Jul 4, 2025 2:35 PM

Tags: backup

Unternehmen stehen heute vor der Herausforderung, stetig wachsende Datenmengen zuverlässig, sicher und wirtschaftlich zu sichern. Hybride Backup-Strategien sind eine Kombination aus lokalen und cloudbasierten Sicherungslösungen und gewinnen in diesem Kontext zunehmend an Bedeutung. Die moderne Geschäftswelt verlangt nach Backup-Lösungen, die sich dynamisch an wechselnde Anforderungen anpassen. Hybride Backup-Konzepte verbinden das Beste aus zwei Welten: Während…