Tag: backup
-
Operation Endgame 2.0: DanaBusted
Tags: access, attack, backup, banking, breach, business, cloud, communications, control, crypto, cybercrime, data, defense, detection, email, espionage, firewall, fraud, government, group, Hardware, infection, intelligence, international, law, malicious, malware, middle-east, network, programming, ransomware, russia, service, supply-chain, switch, threat, tool, ukraine, update, windowsIntroductionOn May 22, 2025, international law enforcement agencies released information about additional actions that were taken in conjunction with Operation Endgame, an ongoing, coordinated effort to dismantle and prosecute cybercriminal organizations, including those behind DanaBot. This action mirrors the original Operation Endgame, launched in May 2024, which disrupted SmokeLoader, IcedID, SystemBC, Pikabot, and Bumblebee. Zscaler…
-
CISA Alerts on Threat Actors Targeting Commvault Azure App to Steal Secrets
Tags: advisory, backup, cisa, cloud, cyber, cybersecurity, data, exploit, infrastructure, microsoft, service, software, threat, vulnerability, zero-dayOn May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, which is hosted in the Microsoft Azure cloud environment. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that threat actors exploited a zero-day vulnerability (CVE-2025-3928) in Commvault’s web…
-
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
Tags: attack, backup, cisa, cloud, cyber, cybersecurity, exploit, infrastructure, microsoft, monitoring, saas, service, software, threatThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment.”Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure,” the agency said.”This First seen on thehackernews.com Jump to…
-
Trust becomes an attack vector in the new campaign using trojanized KeePass
Tags: access, api, attack, authentication, backup, breach, ceo, control, credentials, defense, edr, identity, open-source, password, ransomware, risk, service, software, veeam, vmware, zero-trustIdentity is the new perimeter: Once KeeLoader stole vault credentials-often including domain admin, vSphere, and backup service accountattackers moved fast. Using SSH, RDP, and SMB protocols, they quietly seized control of jump servers, escalated privileges, disabled multifactor authentication, and pushed ransomware payloads directly to VMware ESXi hypervisors.Jason Soroko of Sectigo called it a “textbook identity…
-
Keepit to expand SaaS backup footprint and intelligent automation
Danish cloud backup provider will add Atlassian and Okta support and has plans for intelligent automated restores to customer RPOs and TROs as well a threat library First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623908/Keepit-to-expand-SaaS-backup-footprint-and-intelligent-automation
-
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
Tags: access, api, apt, attack, authentication, backdoor, backup, breach, business, china, cloud, control, cve, cyber, data, data-breach, detection, dns, encryption, endpoint, espionage, exploit, finance, firewall, fortinet, google, government, group, infection, infrastructure, intelligence, Internet, ivanti, linux, malicious, malware, mandiant, military, network, open-source, programming, rat, remote-code-execution, reverse-engineering, risk, rust, sap, service, strategy, tactics, threat, tool, update, vmware, vpn, vulnerability, windows, zero-dayExecutive Summary EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs (advanced persistent threat) launched high-temp exploitation campaigns against critical infrastructure networks by targeting SAP NetWeaver Visual Composer. Actors leveraged CVE-2025-31324 [1], an unauthenticated file upload vulnerability that enables remote code execution (RCE). This assessment is based on a publicly…
-
Backups im Unternehmen richtig planen – Effektive Backup-Strategien für moderne IT-Infrastrukturen
Tags: backupFirst seen on security-insider.de Jump to article: www.security-insider.de/effektive-backup-strategien-fuer-moderne-it-infrastrukturen-a-32d219b463feb7290583a99469b1c35b/
-
Windows flaw exploited as zero-day by more groups than previously thought
Attackers managed to deploy infostealer: In this attack, the Balloonfly group didn’t get to the stage of deploying the Play ransomware, as that is usually one of the final stages when attackers have control over significant parts of the network for maximum damage. However, the group did deploy an infostealer called Grixba that’s usually part…
-
Quantum supremacy: Cybersecurity’s ultimate arms race has China way in front
Tags: ai, authentication, automation, backup, banking, breach, business, china, ciso, computing, control, crypto, cryptography, cybersecurity, data, encryption, finance, government, healthcare, identity, infrastructure, jobs, military, ml, nist, risk, service, skills, technology, threat, update, vulnerability, zero-dayThe DeepSeek/Qwen factor: What we learned from recent AI advances, such as DeepSeek and Qwen, that caught the world by surprise is that China’s technology is much more advanced than anyone anticipated. I’d argue that this is a leading indicator that China’s quantum computing capabilities are also in absolute stealth-mode development and ahead of the…
-
Ransomware-Attacke auf AWO Gießen
Cyberkriminelle haben die Server der AWO Gießen verschlüsselt.Nach eigenen Angaben stellte die AWO Gießen am 27. April 2025 fest, dass Cyberkriminelle in die IT-Systeme eingedrungen sind und Dateien verschlüsselt haben. ‘Dank umfassender Sicherheitsmaßnahmen und funktionierender Backups konnte die Versorgung der Bewohner und Kunden jederzeit aufrechterhalten werden. Der Betrieb in den Pflegeheimen, Kitas und anderen Einrichtungen…
-
Sicherheit für Unternehmensdaten, Teil 4 – Storage-Security: Air-Gap, unveränderliche Backups & WORM-Funktion
First seen on security-insider.de Jump to article: www.security-insider.de/storage-security-air-gap-unveraenderliche-backups-worm-funktion-a-83f05f859ab58765055440afd3ec4c40/
-
Backup Roles Key to Cyber Resilience Success
Mickey Bresman Discusses Gaps in Preparedness and Tabletop Execution. Security leaders are placing more focus on cyber resilience as regulations tighten worldwide. Mickey Bresman, CEO at Semperis, said frameworks such as the SEC’s cybersecurity disclosure rule and Europe’s DORA regulation are forcing organizations to build and test disaster recovery plans. First seen on govinfosecurity.com Jump…
-
Commvault customer backups spared from Azure breach
First seen on scworld.com Jump to article: www.scworld.com/brief/commvault-customer-backups-spared-from-azure-breach
-
Commvault says recent breach didn’t impact customer backup data
Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn’t gain access to customer backup data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/commvault-says-recent-breach-didnt-impact-customer-backup-data/
-
Critical Commvault Flaw Rated 10/10: CSA Urges Immediate Patching
The Cyber Security Agency of Singapore (CSA) has warned users about a critical vulnerability affecting the Commvault Command Center. This Commvault vulnerability, identified as CVE-2025-34028, has been rated with a severity score of 10 out of 10 on the Common Vulnerability Scoring System (CVSS v3.1). It allows unauthenticated remote code execution, posing a direct risk…
-
6 types of risk every organization must manage, and 4 strategies for doing it
Tags: ai, attack, backup, best-practice, breach, business, compliance, control, cyber, cybersecurity, data, finance, framework, fraud, GDPR, governance, government, grc, hacker, healthcare, infrastructure, insurance, intelligence, law, mitigation, office, phishing, ransom, ransomware, regulation, risk, risk-assessment, risk-management, service, startup, strategy, technology, threat, training, vulnerabilityCybersecurity risks Threats such as data breaches, phishing attacks, system intrusions, and broader digital vulnerabilities fall under the umbrella of security risks. The definition of cybersecurity risk is constantly evolving, now encompassing threats related to artificial intelligence and AI-driven systems.If you’re trying to mitigate risks in this area, you need to think not just about…
-
Max-Severity Commvault Bug Alarms Researchers
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/max-severity-commvault-bug-researchers
-
Beyond Backups: Building a Ransomware Response Playbook That Works
Organizations must avoid relying solely on traditional backups because ransomware attacks are occurring more often and becoming more expensive and complex. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/beyond-backups-building-a-ransomware-response-playbook-that-works/
-
Highest-Risk Security Flaw Found in Commvault Backup Solutions
A critical path traversal vulnerability in Commvault’s backup and replication solutions has been reported First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/critical-vulnerability-commvault/
-
Trotz Back-Up: 86 Prozent der Unternehmen zahlen Lösegeld
Tags: alphv, api, backup, cyber, cyberattack, germany, hacker, microsoft, phishing, ransomware, resilience, risk, tool, update, usa, vulnerability, zero-trust80 Prozent der Cyberangriffe beginnen mit kompromittierten Zugangsdaten und einem Active Directory.Cybertools um sich gegen Angriffe zu wappnen, werden genauso wie Kampagnen zur Sensibilisierung gegen Phishing und Ähnliches immer zahlreicher. Dennoch kapitulieren Unternehmen auf der ganzen Welt immer noch häufig vor Ransomware-Angreifern.Eine neue Studie von Rubrik Zero Labs, an der mehr als 1.600 IT- und…
-
Commvault RCE Vulnerability Exploited”, PoC Released
Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure of a major pre-authenticated remote code execution (RCE) vulnerability in Commvault’s on-premise backup and recovery software. The issue, tracked as CVE-2025-34028, has rocked the cybersecurity world, particularly after researchers published a fully working proof-of-concept (PoC) exploit. With attackers actively probing…
-
Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)
If your organization is using Commvault Command Center for your data protection, backup creation, configuration and restoration needs, you should check whether your on-premise … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/24/critical-commvault-rce-vulnerability-fixed-poc-available-cve-2025-34028/
-
Quellcode und Backups ebenfalls erbeutet – Daten von bis zu 200.000 Europcar-Kunden aus Repositories gestohlen
Tags: backupFirst seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminalitaet-europcar-datenverlust-drohung-a-104f617ad78f3f1e1e7bad4029df9188/
-
The Hidden Cost of Backup Recovery in Ransomware Events
Ransomware preparedness isn’t just about having backups it’s about how quickly you can use them to recover. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/the-hidden-cost-of-backup-recovery-in-ransomware-events/
-
World Backup Day 2025 mahnt zu besserer Datensicherheit – ‘Mehr Resilienz und Agilität!”
First seen on security-insider.de Jump to article: www.security-insider.de/mehr-resilienz-und-agilitaet-a-4677db3e1bff21d227de6f9acaf07106/
-
Why Codefinger represents a new stage in the evolution of ransomware
Tags: access, advisory, attack, backup, best-practice, breach, business, cisco, cloud, computer, credentials, cybersecurity, data, defense, exploit, malicious, network, password, ransom, ransomware, risk, strategy, technology, threat, vmwareA new type of ransomware attack: The fundamentals of the Codefinger attack are the same as those in most ransomware attacks: The bad guys encrypted victims’ data and demanded payment to restore it.However, several aspects of the breach make it stand out from most other ransomware incidents:Attack vector: In traditional ransomware attacks, the attack vector…
-
Was bei einer Backup-Lösung zu beachten ist – 5 Tipps für die erfolgreiche Datensicherung
Tags: backupFirst seen on security-insider.de Jump to article: www.security-insider.de/5-tipps-fuer-die-erfolgreiche-datensicherung-a-f0480de9afd950a40438f8879201ff06/
-
Four Tips for Optimizing Data Backup and Recovery Costs
By taking simple steps like choosing a cost-effective backup storage strategy and minimizing recovery infrastructure costs, you can protect your business without bloating your budget. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/four-tips-for-optimizing-data-backup-and-recovery-costs/
-
Welt Backup Tag 6 Wege, wie du deine Daten sichern kannst
Tags: backupEinigen von euch ist es vermutlich nicht bewusst, aber heute ist der ‘Welt Backup Tag”. Man kann nicht oft genug betonen, wie wichtig es ist, seine Daten abzusichern und diesen Tag können wir alle nutzen, um uns zu fragen, wie wir es mit unseren Backups halten. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/03/31/welt-backup-tag-6-wege-wie-du-deine-daten-sichern-kannst/