Tag: backup

Backup, Cloud und Archiv die Säulen einer sicheren Datenstrategie

Oct 22, 2025 3:26 PM

Tags: access, backup, cloud

Eine durchdachte Datenstrategie ist heute unverzichtbar, um Informationen dauerhaft zu schützen und gleichzeitig flexibel verfügbar zu halten. Unternehmen generieren täglich große Datenmengen, von Kundendaten über Projektunterlagen bis hin zu Finanz- und Kommunikations-informationen, ist der richtige Umgang mit digitalen Informationen entscheidend. Datenverlust, unberechtigter Zugriff oder beschädigte Dateien können nicht nur Betriebsabläufe stören, sondern auch rechtliche und…
Backup, Cloud und Archiv die Säulen einer sicheren Datenstrategie

Oct 22, 2025 3:26 PM

Tags: access, backup, cloud

Eine durchdachte Datenstrategie ist heute unverzichtbar, um Informationen dauerhaft zu schützen und gleichzeitig flexibel verfügbar zu halten. Unternehmen generieren täglich große Datenmengen, von Kundendaten über Projektunterlagen bis hin zu Finanz- und Kommunikations-informationen, ist der richtige Umgang mit digitalen Informationen entscheidend. Datenverlust, unberechtigter Zugriff oder beschädigte Dateien können nicht nur Betriebsabläufe stören, sondern auch rechtliche und…
Threat Actors Exploiting Azure Blob Storage to Breach Organizational Repositories

Oct 22, 2025 3:26 PM

Tags: ai, backup, breach, computing, cyber, data, exploit, iot, microsoft, threat

Threat actors are increasingly targeting Azure Blob Storage, Microsoft’s flagship object storage solution, to infiltrate organizational repositories and disrupt critical workloads. With its capacity to handle exabytes of unstructured data for AI, high performance computing, analytics, media streaming, enterprise backup, and IoT ingestion, Blob Storage has become an attractive vector for sophisticated campaigns aiming to…
Self-propagating worm found in marketplaces for Visual Studio Code extensions

Oct 22, 2025 5:26 AM

Tags: access, application-security, attack, backdoor, backup, best-practice, blockchain, breach, ciso, control, credentials, crime, crypto, cyber, data, data-breach, endpoint, framework, github, gitlab, google, government, identity, incident response, infrastructure, intelligence, least-privilege, login, malicious, malware, marketplace, network, open-source, resilience, risk, sans, security-incident, software, supply-chain, threat, tool, update, worm

Marketplaces targeted: The Koi Security report is the latest in a series of warnings that threat actors are increasingly targeting VS Code marketplaces in supply chain attacks. Last week, Koi Security exposed a threat actor dubbed TigerJack spreading malicious extensions. And researchers at Wiz just published research showing the widespread abuse of the OpenVSX and…
Gefahr für Cloud-Backups – Sonicwall-Konten mit gestohlenen Zugangsdaten kompromittiert

Oct 21, 2025 1:26 PM

Tags: backup, cloud

First seen on security-insider.de Jump to article: www.security-insider.de/cyberangriffe-sonicwall-sslvpns-gestohlene-daten-kompromittierte-backups-a-e699a863e5dc0b591c0fe9dcd4ff4174/
Datensicherung – Was ist ein Backup?

Oct 20, 2025 3:40 PM

Tags: backup

First seen on security-insider.de Jump to article: www.security-insider.de/was-ist-backup-a-82bb93b2bed10bb48365d8b3c4068c9e/
Inside the messy reality of Microsoft 365 management

Oct 20, 2025 6:40 AM

Tags: backup, business, microsoft, msp

Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/20/microsoft-365-msp-challenges-report/
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader

Oct 17, 2025 9:07 PM

Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windows

Summary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…
‘Die meisten Unternehmen sind schlecht auf Cyberattacken vorbereitet”

Oct 16, 2025 11:07 AM

Tags: backup, cyberattack, extortion, infrastructure, phishing, ransomware, supply-chain

Markus Weber ist Gründer und Geschäftsführer der IT-Beratungsfirma dokuworks. dokuworks GmbHHerr Weber, als Krisenmanager werden Sie ja oft erst ins Unternehmen geholt, wenn der Angriff schon passiert ist. Was sind die ersten Schritte?Weber: Wir überprüfen zunächst einmal, ob aus technischer Sicht die wichtigsten Maßnahmen getroffen wurden. Dazu gehört zum Beispiel, dass die IT-Systeme vom Netz…
‘Die meisten Unternehmen sind schlecht auf Cyberattacken vorbereitet”

Oct 16, 2025 11:07 AM

Tags: backup, cyberattack, extortion, infrastructure, phishing, ransomware, supply-chain

Markus Weber ist Gründer und Geschäftsführer der IT-Beratungsfirma dokuworks. dokuworks GmbHHerr Weber, als Krisenmanager werden Sie ja oft erst ins Unternehmen geholt, wenn der Angriff schon passiert ist. Was sind die ersten Schritte?Weber: Wir überprüfen zunächst einmal, ob aus technischer Sicht die wichtigsten Maßnahmen getroffen wurden. Dazu gehört zum Beispiel, dass die IT-Systeme vom Netz…
Flax Typhoon exploited ArcGIS to gain long-term access

Oct 15, 2025 3:54 PM

Tags: access, ai, attack, backup, ciso, control, data, data-breach, detection, encryption, endpoint, espionage, exploit, government, group, india, infrastructure, intelligence, kev, least-privilege, macOS, malicious, monitoring, network, password, risk, sbom, service, software, supply-chain, threat, unauthorized, update, windows

Who is at risk?: In the first documented case confirmed by ArcGIS, where the malicious SOE was used, ReliaQuest identified that the password for the ArcGIS portal administrator account was a leet password of unknown origin, suggesting that the attacker had access to the administrative account and was able to reset the password.”Any organization that…
Flax Typhoon exploited ArcGIS to gain long-term access

Oct 15, 2025 3:54 PM

Tags: access, ai, attack, backup, ciso, control, data, data-breach, detection, encryption, endpoint, espionage, exploit, government, group, india, infrastructure, intelligence, kev, least-privilege, macOS, malicious, monitoring, network, password, risk, sbom, service, software, supply-chain, threat, unauthorized, update, windows

Who is at risk?: In the first documented case confirmed by ArcGIS, where the malicious SOE was used, ReliaQuest identified that the password for the ArcGIS portal administrator account was a leet password of unknown origin, suggesting that the attacker had access to the administrative account and was able to reset the password.”Any organization that…
Deutsche Logistik schlecht vor Cyberattacken geschützt

Oct 15, 2025 2:54 PM

Tags: backup, cyberattack, cybersecurity, cyersecurity, germany, risk, software, sophos, strategy, supply-chain

Laut einer Studie waren fast 80 Prozent der Logistikunternehmen in Deutschland Opfer eines Hackerangriffs.Fast 80 Prozent der Logistikbetriebe in Deutschland waren bereits von einer Cyberattacke betroffen.Das hat eine aktuelle Umfrage des Security-Anbieters Sophos ergeben. Demnach finden die Angriffe meist nicht in den eigenen Systemen statt, sondern an den Schnittstellen zu Kunden und Lieferanten.40 Prozent der…
Deutsche Logistik schlecht vor Cyberattacken geschützt

Oct 15, 2025 2:54 PM

Tags: backup, cyberattack, cybersecurity, cyersecurity, germany, risk, software, sophos, strategy, supply-chain

Laut einer Studie waren fast 80 Prozent der Logistikunternehmen in Deutschland Opfer eines Hackerangriffs.Fast 80 Prozent der Logistikbetriebe in Deutschland waren bereits von einer Cyberattacke betroffen.Das hat eine aktuelle Umfrage des Security-Anbieters Sophos ergeben. Demnach finden die Angriffe meist nicht in den eigenen Systemen statt, sondern an den Schnittstellen zu Kunden und Lieferanten.40 Prozent der…
Deutsche Logistik schlecht vor Cyberattacken geschützt

Oct 15, 2025 2:54 PM

Tags: backup, cyberattack, cybersecurity, cyersecurity, germany, risk, software, sophos, strategy, supply-chain

Laut einer Studie waren fast 80 Prozent der Logistikunternehmen in Deutschland Opfer eines Hackerangriffs.Fast 80 Prozent der Logistikbetriebe in Deutschland waren bereits von einer Cyberattacke betroffen.Das hat eine aktuelle Umfrage des Security-Anbieters Sophos ergeben. Demnach finden die Angriffe meist nicht in den eigenen Systemen statt, sondern an den Schnittstellen zu Kunden und Lieferanten.40 Prozent der…
Critical Veeam Backup RCE Flaws Allow Remote Execution of Malicious Code

Oct 15, 2025 12:54 PM

Tags: backup, cyber, flaw, infrastructure, malicious, rce, remote-code-execution, update, veeam, vulnerability

Veeam has released an urgent security patch to address multiple critical remote code execution (RCE) vulnerabilities in Veeam Backup & Replication version 12. These flaws could allow authenticated domain users to run malicious code on backup servers and infrastructure hosts. With attackers likely to reverse-engineer the patch, organizations must apply the update without delay to…
13 cybersecurity myths organizations need to stop believing

Oct 15, 2025 9:54 AM

Tags: access, ai, attack, authentication, backup, banking, breach, business, ceo, compliance, computer, computing, corporate, credentials, cyber, cybersecurity, data, data-breach, deep-fake, defense, encryption, finance, government, group, identity, incident response, infrastructure, jobs, law, malicious, mfa, monitoring, network, nist, openai, passkey, password, phishing, privacy, regulation, risk, service, skills, strategy, technology, theft, threat, tool, vulnerability

Big tech platforms have strong verification that prevents impersonation: Some of the largest tech platforms like to talk about their strong identity checks as a way to stop impersonation. But looking good on paper is one thing, and holding up to the promise in the real world is another.”The truth is that even advanced verification…
Scattered Lapsus$ Hunters extortion site goes dark: What’s next?

Oct 14, 2025 10:24 PM

Tags: access, attack, backup, breach, business, cyber, cybercrime, data, data-breach, extortion, group, infrastructure, intelligence, leak, lockbit, ransom, ransomware, risk, russia, social-engineering, software, supply-chain, technology, threat

Takedowns only slow activity: According to Jeremy Kirk, executive editor for cyber threat intelligence at research company Intel 471, police have been closing in on the individual groups represented in Scattered Lapsus$ Hunters for more than three years. This included arresting alleged members. Whether this damaged the group in the long run remained to be…
Veeam Backup Replication 12.3.2.4165 Patch nicht installierbar?

Oct 14, 2025 7:24 PM

Tags: backup, update, veeam, vulnerability

Veeam hat zum 14. Oktober 2025 den Patch 12.3.2.4165 für sein Produkt Veeam Backup & Replication herausgebracht. Laut Hersteller soll dieser Patch gleich mehrere Schwachstellen beseitigen. Ein Leser informierte mich aber, dass er diesen Patch von der ISO-Datei nicht installieren könne. Maximilian … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/14/veeam-backup-replication-12-3-2-4165-patch-nicht-installierbar/
SonicWall VPNs face a breach of their own after the September cloud-backup fallout

Oct 14, 2025 11:23 AM

Tags: access, advisory, attack, authentication, backdoor, backup, breach, cloud, control, credentials, exploit, flaw, group, login, mfa, ransomware, threat, vpn, windows

What defenders should watch out for: Huntress highlighted that, in a few cases, successful SSLVPN authentication was followed by internal reconnaissance traffic or access attempts to Windows administrative accounts. Additionally, logins originating from a single recurring public IP may suggest a coordinated campaign rather than random credential reuse.On top of the steps outlined in SonicWall’s…
SonicWall Breach Sparks Surge in SSLVPN Attacks

Oct 13, 2025 9:23 PM

Tags: access, attack, backup, breach, credentials, exploit, firewall, risk, threat

Threat actors exploit stolen credentials after SonicWall’s firewall backup breach, exposing risks to remote access and enterprise networks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/sonicwall-sslvpn-attack/
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Oct 13, 2025 4:23 PM

Tags: attack, backup, credentials, cve, cyber, flaw, oracle, ransomware, tool, worm, zero-day

Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Oct 13, 2025 4:23 PM

Tags: attack, backup, credentials, cve, cyber, flaw, oracle, ransomware, tool, worm, zero-day

Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
Dull but dangerous: A guide to 15 overlooked cybersecurity blind spots

Oct 13, 2025 2:24 PM

Tags: access, ai, api, attack, backup, cloud, control, corporate, credentials, crypto, cybersecurity, data, detection, dns, edr, email, encryption, endpoint, exploit, firewall, firmware, governance, guide, iam, identity, iot, leak, least-privilege, linux, malicious, mfa, network, password, phishing, phone, ransomware, resilience, saas, sbom, service, siem, strategy, supply-chain, tool, unauthorized, update, vulnerability

Server time synchronization (NTP drift) Skewed clocks create a perfect cover for attackers. When your servers disagree about when events happened, correlation dies and forensics becomes fiction. Yet most organizations treat NTP like plumbing: set once and forget.Fix this now: Enforce a secure NTP hierarchy with authenticated sources. Monitor offset religiously. Block unauthorized NTP traffic…
Dull but dangerous: A guide to 15 overlooked cybersecurity blind spots

Oct 13, 2025 2:24 PM

Tags: access, ai, api, attack, backup, cloud, control, corporate, credentials, crypto, cybersecurity, data, detection, dns, edr, email, encryption, endpoint, exploit, firewall, firmware, governance, guide, iam, identity, iot, leak, least-privilege, linux, malicious, mfa, network, password, phishing, phone, ransomware, resilience, saas, sbom, service, siem, strategy, supply-chain, tool, unauthorized, update, vulnerability

Server time synchronization (NTP drift) Skewed clocks create a perfect cover for attackers. When your servers disagree about when events happened, correlation dies and forensics becomes fiction. Yet most organizations treat NTP like plumbing: set once and forget.Fix this now: Enforce a secure NTP hierarchy with authenticated sources. Monitor offset religiously. Block unauthorized NTP traffic…
What to look for in a data protection platform for hybrid clouds

Oct 13, 2025 9:23 AM

Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trust

hybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
What to look for in a data protection platform for hybrid clouds

Oct 13, 2025 9:23 AM

Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trust

hybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
What to look for in a data protection platform for hybrid clouds

Oct 13, 2025 9:23 AM

Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trust

hybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups

Oct 13, 2025 8:23 AM

Tags: attack, backup, breach, credentials, cyber, cybersecurity, firewall, hacker, threat, vpn

Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple accounts using what appears to be valid credentials rather than brute-force techniques. Cyber breach alert…
SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups

Oct 13, 2025 8:23 AM

Tags: attack, backup, breach, credentials, cyber, cybersecurity, firewall, hacker, threat, vpn

Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple accounts using what appears to be valid credentials rather than brute-force techniques. Cyber breach alert…