Collecting Cyber-News from over 60 sources

Tag: backup

Passport numbers for more than 300,000 leaked during December Eurail data breach

Apr 8, 2026 8:52 PM

Tags: attack, backup, breach, data, data-breach, hacker

In February, a hacker claimed the attack and said they stole 1.3 TB of data that included source code, database backups and Zendesk support tickets. First seen on therecord.media Jump to article: therecord.media/eurail-reports-data-breach-impacting-over-300000
DORA in der Praxis – Wie die isländische RB Bank ihre Backup- und Security-Architektur modernisiert

Apr 8, 2026 12:52 PM

Tags: backup, dora, finance

First seen on security-insider.de Jump to article: www.security-insider.de/wie-die-islaendische-rb-bank-ihre-backup-und-security-architektur-modernisiert-a-946af1e02f2ef1ad19c7674cf16e1764/
Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw

Apr 7, 2026 11:54 PM

Tags: access, api, backup, compliance, control, data, endpoint, firewall, flaw, fortinet, malicious, mitigation, vpn, zero-day

Mitigation and response: In addition to the hotfix, organizations should review their available logs for any suspicious API requests and activity. Unfortunately, there are no published indicators of compromise for this malicious activity yet, so watchTowr recommends auditing all recent changes made to endpoint security policies, VPN configuration profiles, application firewall rules, administrator accounts and…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 steps to strengthen supply chain security and improve cyber resilience

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, control, credentials, cyber, data, defense, detection, dns, edr, email, endpoint, exploit, framework, governance, identity, infrastructure, mfa, monitoring, msp, network, radius, resilience, risk, saas, service, siem, soc, software, strategy, supply-chain, threat, tool, update, vulnerability, zero-trust

All software vendors and SaaS platformsOpen”‘source components embedded in your applicationsMSP or IT service providersCloud infrastructure and authentication servicesAPI integrations and automation workflowsOnce documented, classify each supplier by the impact they would have if compromised. A remote monitoring tool or authentication platform represents far greater risk than a basic productivity app. This prioritization helps you…
5 steps to strengthen supply chain security and improve cyber resilience

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, control, credentials, cyber, data, defense, detection, dns, edr, email, endpoint, exploit, framework, governance, identity, infrastructure, mfa, monitoring, msp, network, radius, resilience, risk, saas, service, siem, soc, software, strategy, supply-chain, threat, tool, update, vulnerability, zero-trust

All software vendors and SaaS platformsOpen”‘source components embedded in your applicationsMSP or IT service providersCloud infrastructure and authentication servicesAPI integrations and automation workflowsOnce documented, classify each supplier by the impact they would have if compromised. A remote monitoring tool or authentication platform represents far greater risk than a basic productivity app. This prioritization helps you…
The Value of Immutability with Object First

Apr 6, 2026 8:52 PM

Tags: backup, hacker, ransomware

IT security teams today must have the feeling of a target on their back. It is not paranoia. Hackers target backup storage in nearly every single ransomware incident because they know that if they kill your safety net, you are likely to pay up. I have seen too many smart admins lose sleep wondering if..…
Protecting Your Data with Veeam

Apr 6, 2026 8:52 PM

Tags: backup, data, insurance, veeam

The days of using backup as a simple >>set it and forget it<< insurance policy are officially over. If you're still treating your secondary storage like a digital attic where you shove old boxes and hope for the best, you are operating on borrowed time. Veeam's 2026 strategic shift makes one thing very clear: they've..…
Authentication is broken: Here’s how security leaders can actually fix it

Apr 6, 2026 12:51 PM

Tags: access, attack, authentication, backup, business, communications, control, credentials, cryptography, data, exploit, fido, firmware, Hardware, healthcare, identity, login, mfa, microsoft, okta, passkey, privacy, resilience, risk, soc, technology, update, windows

Sector snapshots: Where it breaks (and why that matters): Healthcare. Clinicians need tap and go speed with zero tolerance for downtime. One large hospital attempted to pair advanced HID SEOS credentials, which use privacy-preserving randomized IDs, with a clinical SSO platform that expects static IDs for user recognition. This architectural mismatch forced a choice between…
7 ways to improve your business resilience with backup and recovery

Apr 3, 2026 10:52 PM

Tags: attack, automation, backup, business, cloud, compliance, control, cyber, data, dns, HIPAA, identity, malware, metric, network, PCI, ransomware, resilience, risk, service, soc, threat, vulnerability

2. Ensure off-site backup copies : Local backups are fast, but they are also vulnerable to the same physical disasters and ransomware attacks that hit your primary servers. If your production environment and your backups are on the same network segment without air-gapping, a single compromise becomes a total extinction event. The Fix: Adopt a 3-2-1 strategy (3 total copies of data, 2 different media…
5 Steps to break free from alert fatigue and build resilient security operations

Apr 3, 2026 10:52 PM

Tags: ai, attack, automation, backup, business, ceo, cloud, control, defense, detection, edr, endpoint, identity, metric, network, password, ransomware, resilience, soc, strategy, threat, tool

2. Prioritize outcomes over ticket volume : Stop focusing on how many alerts are cleared. This may be a metric for a better understanding of where automation or headcount are necessary but prioritize outcomes. Instead, the right questions are: How quickly did you contain a threat? Did we disrupt business operations or keep recovery swift and effective? A practical, outcome-driven SOC measures: Dwell time: How long before a threat was neutralized? Mean Time to Contain: How quickly…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
6 critical mistakes that undermine cyber resilience (and how to fix them)

Apr 3, 2026 10:52 PM

Tags: attack, automation, backup, best-practice, business, compliance, cyber, cybersecurity, data, detection, edr, endpoint, guide, identity, intelligence, malware, metric, network, ransomware, resilience, risk, soc, strategy, threat, tool, update, vulnerability

Guide to Managing Strong Personalities During a Cybercrisis. Mistake 2: Fragmented asset and risk views: Fragmented asset and risk views make it difficult for teams to understand what is actually in their environment and where the most pressing exposures reside. When devices, configurations, and identity data live in separate tools or are maintained inconsistently, gaps…
6 metrics IT leaders can’t afford to ignore for business resilience

Apr 3, 2026 10:52 PM

Tags: access, attack, automation, awareness, backup, business, cloud, compliance, credentials, cyber, cybersecurity, data, detection, endpoint, identity, incident response, metric, monitoring, network, resilience, risk, soar, soc, theft, threat, tool, update, vulnerability

2. Mean time to respond (MTTR): From triage to containment : It’s not enough to spot threats”, you have to contain them fast. MTTR tracks how quickly your team can isolate and neutralize incidents. Integrated SOAR (Security Orchestration, Automation, and Response) workflows now drive a 500% year-over-year increase in orchestrated alert response actions, according to our latest SOC report. The difference? Teams leveraging automation have moved from after-the-fact…
5 critical steps to achieve business resilience in cybersecurity

Apr 3, 2026 10:52 PM

Tags: access, ai, attack, authentication, automation, backup, breach, business, communications, control, credentials, cybersecurity, data, defense, detection, endpoint, identity, malicious, mfa, msp, password, ransomware, resilience, soc, threat, tool, update

Looking for end-to-end coverage of your environment? Check out N-able Unified Security Solutions. 2. Transition from manual to automated response : SOC teams can’t keep up with the flood of alerts”, N-able handled 2 alerts per minute on average in 2025. That’s why automation and Security Orchestration, Automation and Response (SOAR) saw a 500% YoY surge”, almost one in four responses are now…
Clean vs fast recovery: why MTCR matters

Apr 3, 2026 3:50 PM

Tags: backup, ransomware

Learn how MTCR (Mean Time to Clean Recovery) differs from MTTR, why attackers target backups, and how to build a ransomware-resilient recovery strategy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/clean-vs-fast-recovery-why-mtcr-matters/
Neue Anforderungen an digitale Resilienz – Geopolitische Risiken und der Druck auf Backup-Strategien

Apr 3, 2026 12:52 PM

Tags: backup, resilience, risk

First seen on security-insider.de Jump to article: www.security-insider.de/geopolitische-risiken-und-der-druck-auf-backup-strategien-a-3607fdbab5f6d3592bd942807541530e/
The $250K Single Point of Failure Hiding in Every SOC

Apr 2, 2026 11:53 PM

Tags: backup, soc, tool

One architect, 200 static playbooks, zero backup plan. The real consolidation problem isn’t tool count, it’s architectural dependency. Here’s what replaces it. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-250k-single-point-of-failure-hiding-in-every-soc/
OT Cyber Resilience: Strategic Data Protection for IEC 62443 and NIS2 Compliance

Apr 2, 2026 2:51 PM

Tags: backup, compliance, cyber, data, infrastructure, nis-2, ransomware, resilience, strategy

Learn how to protect OT systems, ICS, and SCADA infrastructure from ransomware with backup strategies built for legacy, air-gapped industrial environments. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ot-cyber-resilience-strategic-data-protection-for-iec-62443-and-nis2-compliance/
World Backup Day 2026 – Strategische Neuausrichtung am Tag des Backups

Apr 2, 2026 12:52 PM

Tags: backup

First seen on security-insider.de Jump to article: www.security-insider.de/strategische-neuausrichtung-am-tag-des-backups-a-6187ea14e04a83486708aa68c772ebf4/
World Backup Day 2026 – ‘Backup kann jeder. Recovery ist die Kunst!”

Apr 2, 2026 9:51 AM

Tags: backup

First seen on security-insider.de Jump to article: www.security-insider.de/backup-kann-jeder-recovery-ist-die-kunst-a-8d051ac2a3a7f1248257772dc51cd741/
Ohne regelmäßigen Test ihrer Backups wandeln Unternehmen am Abgrund

Apr 1, 2026 2:29 PM

Tags: backup

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/test-backup-unternehmen-abgrund
PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw

Apr 1, 2026 11:29 AM

Tags: backup, cve, cyber, exploit, flaw, update, vulnerability

A critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and execute arbitrary commands. Proof-of-Concept (PoC) exploit code has been publicly released, prompting an urgent need for administrators to update to version 2.3.4. Backup Integrity Bypass Flaw The vulnerability stems from a circular trust model where…
World Backup Day: Backups verhindern, dass aus einem schlechten Tag ein katastrophaler wird

Apr 1, 2026 1:30 AM

Tags: backup

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/world-backup-day-verhinderung-katastrophe
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

Mar 31, 2026 10:30 PM

Tags: api, backup, data, dos, exploit, malicious, rce, remote-code-execution, threat, tool, update, vulnerability

/run/bigtlog.pipe and /run/bigstart.ltm and makes changes to system binaries, including /usr/bin/umount and /usr/sbin/httpd. Attackers have also been observed modifying the sys-eicheck utility, which relies on RPM integrity checks to verify on-disk executables.Log analysis can reveal patterns related to the attack. The user “f5hubblelcdadmin” accessing the iControl REST API from localhost, SELinux disable commands in auditd…
Backup Day puts the focus on data protection

Mar 31, 2026 4:30 PM

Tags: ai, backup, data

World Backup Day provides the channel with a chance to encourage customers to get on top of problems around storing their data correctly and safely, especially in the age of AI First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366640805/Backup-Day-puts-the-focus-on-data-protection
WorldDay Studie von Veeam enthüllt Vertrauenskrise bei Daten und KI

Mar 31, 2026 3:29 PM

Tags: ai, backup, data, risk, software, veeam

Die Mehrheit der Vorstände ignoriert die Risiken in Verbindung mit KI. Gleichsam geben Führungskräfte zu, dass sie einen dreitägigen vollständigen Datenausfall nicht überstehen würden was eine Vertrauenskrise innerhalb digitaler Prozesse von Unternehmen offenbart. Anlässlich des heutigen World-Backup-Days stellt Veeam Software, das Unternehmen für Data- und AI-Trust, die Ergebnisse seiner jüngsten Umfrage zur Datenresilienz vor, […]…