Accountability, Backups and Information Security

Critical Veeam Backup Enterprise Manager authentication bypass bug

Security Affairs

MAY 22, 2024

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in Veeam Backup Enterprise Manager could allow attackers to bypass authentication. ” reads the advisory published by the vendor.

Backups

Backups Authentication Accountability Software

GUEST ESSAY: The key differences between ‘information privacy’ vs. ‘information security’

The Last Watchdog

JUNE 12, 2023

Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. still available for you to use.

Information Security

Information Security Data breaches CISO Encryption

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Security Affairs

APRIL 4, 2023

An ALPHV/BlackCat ransomware affiliate was spotted exploiting vulnerabilities in the Veritas Backup solution. An affiliate of the ALPHV/BlackCat ransomware gang, tracked as UNC4466, was observed exploiting three vulnerabilities in the Veritas Backup solution to gain initial access to the target network. CVSS score: 8.1).

Backups

Backups Ransomware Authentication Penetration Testing

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 8, 2023

US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. Unlike other ALPHV affiliates, UNC4466 doesn’t rely on stolen credentials for initial access to victim environments.

Backups

Backups Spyware Ransomware Education

GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. “Upon learning of the incident, we immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement. . ” continues the notice.

Backups

Backups Encryption Data breaches Passwords

Facebook announces WhatsApp end-to-end encrypted (E2EE) backups

Security Affairs

SEPTEMBER 13, 2021

Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to work to protect the privacy of WhatsApp users and announced that it will allow users to encrypt their message history backups in the cloud. ” reads the announcement published by WhatsApp.

Backups

Backups Encryption Passwords Accountability

Twilio breach let attackers access Authy two-factor accounts of 93 users

Security Affairs

AUGUST 29, 2022

Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. Twilio last week announced that that the threat actors also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service.

Accountability

Accountability Authentication Phishing Data breaches

The Top Cloud Office 365 Email Backup Solution: Spinbackup

Spinone

OCTOBER 8, 2019

All of cloud backup services for Office 365 admins perform the same primary function – they automatically backup your data. And this difference in “not what but how” is crucial for data security. And of course, read about how to use it to backup office 365 emails easily !

Backups

Backups Accountability Encryption Cybersecurity

Data leak at fintech giant Direct Trading Technologies

Security Affairs

JANUARY 31, 2024

Direct Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk of an account takeover. The leak poses a variety of risks, expanding from identity theft to takeover and cashing-out accounts of traders. Account data.

Technology

Technology Identity Theft Backups Passwords

Secure Cloud-to-cloud Backup

Spinone

AUGUST 25, 2018

Spinbackup is a cloud-to-cloud backup and cloud G Suite security solution provider. Our unique market value proposition is to remove human factor for data security and use machine learning algorithms to fully automate G Suite data protection and we do it all in one very well designed dashboard.

Backups

Backups Threat Detection Ransomware Accountability

Kodi discloses data breach after its forum was compromised

Security Affairs

APRIL 14, 2023

. “MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February. The account was used to create database backups which were then downloaded and deleted.

Data breaches

Data breaches Backups Passwords Accountability

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Security Affairs

NOVEMBER 8, 2023

The threat actors sent victims a phone number in a phishing attempt, often related to pending charges on their accounts. The FBI also published recommendations for organizations to improve their security posture in response to these new activity trends. The FBI also recommends reviewing the security posture of third-party vendors.

Ransomware

Ransomware Backups Encryption Phishing

Veeam fixed multiple flaws in Veeam ONE, including critical issues

Security Affairs

NOVEMBER 7, 2023

The second critical flaw, tracked as CVE-2023-38548 (CVSS score 9.8), can be exploited by an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. The vulnerability only affects Veeam ONE 12.

Backups

Backups Hacking Accountability Software

Data Encryption for Cloud Backup Security

Spinone

NOVEMBER 20, 2018

In traditional on-site backup systems security is mainly a physical concern – ensuring data is backed up in more than one location in case of hardware loss or failure and restricting access to the physical backup media to only trusted employees. In cloud backup, security concerns are different.

Backups

Backups Encryption Computers and Electronics Accountability

Microsoft AI research division accidentally exposed 38TB of sensitive data

Security Affairs

SEPTEMBER 18, 2023

The exposed data exposed a disk backup of two employees’ workstations containing secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages. “The researchers shared their files using an Azure feature called SAS tokens, which allows you to share data from Azure Storage accounts.”

Accountability

Accountability Backups Risk Passwords

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

Early this month, Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet that multiple ransomware gangs are cold-calling victims if they don’t pay the ransom and attempt to restore from backups. Patch operating systems, software, firmware, and endpoints. Pierluigi Paganini.

Ransomware

Ransomware Backups Firmware Accountability

UpdraftPlus WordPress plugin update forced for million sites?

Security Affairs

FEBRUARY 19, 2022

that can allow website subscribers to download the latest database backups, which could potentially contain sensitive data. “The plugin uses custom “nonces” and timestamps to securely identify backups. This info could allow attackers to receive the backup via mail by manipulating the request. score of 8.5)

Backups

Backups Authentication Hacking Accountability

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The report also includes a list of mitigation measures to increase the resilience of company networks: Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (i.e., Regularly back up data, password protect backup copies offline.

Ransomware

Ransomware DDOS Passwords Backups

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

The Talos researchers discovered a number of features implemented by Phobos allowing operators to establish persistence in a targeted system, perform speedy encryption, and remove backups. Disable system recovery, backup and shadow copies and the Windows firewall. Embedded configuration with more than 70 options available.

Ransomware

Ransomware Encryption Backups Manufacturing

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! billion rubles. billion rubles.

Computers and Electronics

Computers and Electronics Backups Cybercrime Marketing

Google disrupts the Glupteba botnet

Security Affairs

DECEMBER 7, 2021

The IT giant also removed 1,183 Google accounts, 908 cloud projects, and 870 Google Ads accounts used by the operators. Glupteba disruption over last year: 63M Google Docs 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts. users were warned via Safe Browsing. Pierluigi Paganini.

Backups

Backups Advertising Accountability Malware

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The good news is in the latter attack the victims restored its backups. The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Avoid reusing passwords for multiple accounts. Focus on cyber security awareness and training.

Ransomware

Ransomware Passwords Backups Firmware

CISA, FBI, NSA warn of the increased globalized threat of ransomware

Security Affairs

FEBRUARY 12, 2022

service account, admin accounts, and domain admin accounts) to have strong, unique passwords. If using Linux, use a Linux security module (such as SELinux, AppArmor, or SecComp) for defense in depth. The agencies urge victims of ransomware to report incidents and never pay the ransom. ” concludes the advisory.

Ransomware

Ransomware Backups Encryption Accountability

The team behind the Joomla CMS discloses a data breach

Security Affairs

JUNE 1, 2020

Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site ( resources.joomla.org ) on an unsecured Amazon Web Services S3 bucket operated by the company. “JRD full site backups (unencrypted) were stored in a third-party company Amazon Web Services S3 bucket.

Data breaches

Data breaches Backups Passwords Advertising

Canadian government impacted by data breaches of two of its contractors

Security Affairs

NOVEMBER 20, 2023

“Sirva.com says that all their information worth only $1m. We have over 1.5TB of documents leaked + 3 full backups of CRM for branches (eu, na and au) Sirva Worldwide, Inc. The LockBit ransomware gang has claimed responsibility for the attack on SIRVA, the group has stolen 1.5TB of data and already leaked it.

Data breaches

Data breaches Government Hacking Backups

Multiple Brocade SANnav SAN Management SW flaws allow device compromise

Security Affairs

APRIL 28, 2024

The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker.

Firewall

Firewall Authentication Architecture Backups

France Télévisions group hit by a cyber attack, its antennas were not impacted

Security Affairs

JUNE 27, 2020

The group confirmed that the broadcasting of France 3 will be transferred to the headquarters of France Televisions, the company also activated the backup site in response to the incident. The attackers also hijacked the Channel TV5Monde website and social media accounts of the French broadcaster.

Cyber Attacks

Cyber Attacks Backups Advertising Media

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

As an example of compromised accounts, Resecurity outlined exposed access credentials belonging to a major data center and one of the largest vendors providing international-scale network telephony connectivity to governmental and national telecom providers in Africa.

Engineering

Engineering Passwords Telecommunications Accountability

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Security Affairs

AUGUST 12, 2020

The City of Lafayette, Colorado, USA, has been forced to pay $45,000 because they were unable to restore necessary files from backup. The City also added that credit card data was not stored on its systems, anyway it invited residents and employees to monitor their bank accounts for suspicious activity.

Backups

Backups Advertising Ransomware Hacking

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

-based cyber intelligence firm Hold Security , KrebsOnSecurity in March told Gunnebo about a financial transaction between a malicious hacker and a cybercriminal group which specializes in deploying ransomware. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking

Hacking Ransomware Banking Accountability

City of Tulsa, is the last US city hit by ransomware attack

Security Affairs

MAY 10, 2021

“As for utility billing, Tulsa police say new account registration is currently unavailable. Tulsans can make a payment on their account and view their bill as a guest as long as they have their new account number and customer ID, plus the name on their account exactly as it appears on their bill.”

Ransomware

Ransomware Accountability Backups Hacking

Western Digital notifies customers of data breach after March cyberattack

Security Affairs

MAY 8, 2023

According to an Update on Network Security Incident the company states that account access to Western Digital’s online store also was impacted and that it plans to restore the service by the week of May 15, 2023. “We are writing to notify you about a network security incident involving your Western Digital online store account.

Data breaches

Data breaches Backups Ransomware Wireless

FBI issued a flash alert on Lockbit ransomware operation

Security Affairs

FEBRUARY 5, 2022

. “By reporting any related information to FBI Cyber Squads, you are assisting in sharing information that allows the FBI to track malicious actors and coordinate with private industry and the United States Government to prevent future intrusions and attacks.”

Ransomware

Ransomware Backups Encryption Accountability

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs

JUNE 29, 2019

The total size is uncertain, but the researcher downloaded a sample of about a terabyte in size, including 750 gigabytes of compressed email backups.” Researchers also found credentials for Attunity systems and its official Twitter account, and an employee personal information (names, salary, date of birth, and employee ID numbers).

Banking

Banking Backups Big data Advertising

Trusted relationship attacks: trust, but verify

SecureList

MAY 28, 2024

But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. Having compromised the service provider’s infrastructure, intruders can obtain user accounts or certificates issued by the target organization, and thereby connect to their systems.

VPN

VPN Accountability Passwords Antivirus

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

“The actors have leveraged privileged accounts to gain access to VMware vCenter Server and reset account passwords [ T1098 ] for ESXi servers in the environment. If you use Remote Desktop Protocol (RDP), secure and monitor it. Use standard user accounts on internal systems instead of?administrative?accounts,

Ransomware

Ransomware VPN Cybercrime Accountability

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts. Do not give all users administrative privileges.

Ransomware

Ransomware Firmware Antivirus Accountability

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Security Affairs

JUNE 17, 2022

. “Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker.”

Encryption

Encryption Backups Ransomware Accountability

10 Holiday Cybersecurity Tips for CISOs

Security Boulevard

NOVEMBER 22, 2023

Chief information security officers (CISOs) should proactively implement strategies and protect their infrastructures against hacking months and weeks leading up to this busy time of the year.  Yet, the holiday period is critical for many businesses. Automate digital certificate renewals Expired digital certificates  (e.g.,

CISO

CISO Cybersecurity Phishing Backups

Five Eyes agencies warn of attacks on MSPs

Security Affairs

MAY 12, 2022

. “The CSA—created in response to reports of increased activity against MSPs and their customers—provides specific guidance for both MSPs and customers aimed at enabling transparent discussions on securing sensitive data.” Deprecate obsolete accounts and infrastructure. Backup systems and data. Apply updates.

Authentication

Authentication Accountability Architecture Backups

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches

Data breaches DDOS Backups Ransomware

University of California Employees, Students, Threatened After Breach

SecureWorld News

APRIL 7, 2021

At the University of California Berkeley, Chief Information Security Officer Allison Henry and school CIO, Jenn Stringer, posted about what is going on within the UC community: "Beginning Monday, March 29, many UC Berkeley email accounts started receiving messages stating that their personal data had been stolen and would be released.

Data breaches

Data breaches Information Security Passwords Backups

QNAP users are recommended to disable UPnP port forwarding on routers

Security Affairs

APRIL 19, 2022

Set up a new administrator account, and disable the default admin account. Enforce a strong password policy for all NAS users, including the new administrator account you’ve just created. You can schedule updates to avoid interrupting backup/sync or other tasks. Configure MFA (2-Step Verification) on QNAP NAS.

VPN

VPN Internet Internet Firewall

Critical Veeam Backup Enterprise Manager authentication bypass bug

GUEST ESSAY: The key differences between ‘information privacy’ vs. ‘information security’

Webinars

Trending Sources

Updated Android spyware GravityRAT steals WhatsApp Backups

Webinars

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

Facebook announces WhatsApp end-to-end encrypted (E2EE) backups

Twilio breach let attackers access Authy two-factor accounts of 93 users

The Top Cloud Office 365 Email Backup Solution: Spinbackup

Data leak at fintech giant Direct Trading Technologies

Secure Cloud-to-cloud Backup

Kodi discloses data breach after its forum was compromised

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Veeam fixed multiple flaws in Veeam ONE, including critical issues

Data Encryption for Cloud Backup Security

Microsoft AI research division accidentally exposed 38TB of sensitive data

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

UpdraftPlus WordPress plugin update forced for million sites?

Avoslocker ransomware gang targets US critical infrastructure

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Google disrupts the Glupteba botnet

FBI warns of ransomware attacks targeting the food and agriculture sector

CISA, FBI, NSA warn of the increased globalized threat of ransomware

The team behind the Joomla CMS discloses a data breach

Canadian government impacted by data breaches of two of its contractors

Multiple Brocade SANnav SAN Management SW flaws allow device compromise

France Télévisions group hit by a cyber attack, its antennas were not impacted

Hundreds of network operators’ credentials found circulating in Dark Web

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

City of Tulsa, is the last US city hit by ransomware attack

Western Digital notifies customers of data breach after March cyberattack

FBI issued a flash alert on Lockbit ransomware operation

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Trusted relationship attacks: trust, but verify

Daixin Team targets health organizations with ransomware, US agencies warn

Ranzy Locker ransomware hit tens of US companies in 2021

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

10 Holiday Cybersecurity Tips for CISOs

Five Eyes agencies warn of attacks on MSPs

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

University of California Employees, Students, Threatened After Breach

QNAP users are recommended to disable UPnP port forwarding on routers

Stay Connected