Backups, Encryption and Phishing - Cyber Security Informer

iNSYNQ Ransom Attack Began With Phishing Email

Krebs on Security

AUGUST 9, 2019

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. “For these infections hackers take sometimes days, weeks, or even months to encrypt your data.”

Phishing

Phishing Backups Ransomware Encryption

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

Cybersecurity training for small businesses is critical, and SMBs should invest in training programs to help employees recognize threats such as phishing attacks, ransomware, and other malicious activities. INE Security advises businesses to secure their network by using firewalls, encrypting data, and regularly updating security software.

Small Business

Small Business Data breaches Backups Passwords

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. This is not an idle concern.

Ransomware

Ransomware Encryption Backups Manufacturing

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

They continue to monitor for potential data misuse and urge vigilance against fraud, phishing, and identity theft. Unlike other extortion group, the gang doesnt encrypt data, but focuses on data theft to speed up its activity. Backups are insufficient; IPS is recommended for protection. Victims include AMD and Keralty.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

SecureWorld News

JANUARY 16, 2025

Conducting regular training sessions on recognizing phishing emails, avoiding suspicious downloads, and following cybersecurity protocols can build a resilient workforce. Develop backup and recovery plans: Data recovery plans are essential to mitigate the impact of cyber incidents.

Energy and Utilities

Energy and Utilities IoT Artificial Intelligence Backups

8 security tips for small businesses

Malwarebytes

NOVEMBER 6, 2024

Train your employees in security awareness, so they can recognize phishing attempts and know what they can and can’t do on company-issued hardware. Very important files and documents can be encrypted or stored in password protected folders to keep them safe from prying eyes. Both can be used to protect your network.

Small Business

Small Business Backups Firewall VPN

LockBit Green and phishing that targets organizations

SecureList

JUNE 22, 2023

For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Phishing and a kit Recently we stumbled upon a Business Email Compromise (BEC) case, active since at least Q3 2022. Adopting the ransom note makes the least sense.

Phishing

Phishing Encryption Cybercrime Ransomware

The 3 biggest cybersecurity threats to small businesses

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business

Small Business Cybersecurity Passwords Scams

LastPass Devs Were Phished for Credentials

Security Boulevard

MARCH 1, 2023

LastPass has followed news of last month’s breach with details on a second attack in which developers were phished for their credentials. In the January incident, the password manager’s parent, GoTo, said that in addition to stealing encrypted backups containing customer data, hackers nicked an encryption key last November. “An

Phishing

Phishing Backups Encryption Passwords

ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD

Security Affairs

OCTOBER 29, 2021

The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. The Hive ransomware adds the.hive extension to the filename of encrypted files. .

Encryption

Encryption Ransomware Spyware Malware

Encryption: How It Works, Types, and the Quantum Future

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption

Encryption Computers and Electronics Password Management Passwords

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

iConnect faced a major disruption of its Exchange services, stemming from a corrupted RAID drive and extending into their backups. Backup strategies. Encrypt sensitive data and maintain regular, secure backups to ensure data integrity and availability, even in the event of system failures or cyber attacks.

Risk

Risk Backups Software Education

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

Attackers employ a double extortion strategy, encrypting victim data and threatening to publicly release it if the ransom is unpaid. Attack vectors and techniques Medusa actors leverage common ransomware tactics, including phishing campaigns and exploiting unpatched software vulnerabilities.

Ransomware

Ransomware Backups Firmware Insurance

Is your whole digital life protected? 4 ways to address common vulnerabilities

Webroot

FEBRUARY 21, 2025

Its a top-end, true all-in-one offering based on a new platform that combines antivirus, password manager, identity protection, VPN, backup, and parental controls. This is where data encryption and automated backups come in. Encryption is one of the most effective and widely used forms of data security available.

Identity Theft

Identity Theft Backups Antivirus Encryption

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Jane Frankland

MAY 3, 2025

While details remain sparse, reports suggest social engineering tactics like phishing, SIM swapping, and multi-factor authentication (MFA) fatigue attacks may have been used to infiltrate systems. These backups must be secured against unauthorised access and tested frequently to ensure they function as intended.

Cyber Attacks

Cyber Attacks Retail Cyber threats Backups

Digital life protection: How Webroot keeps you safe in a constantly changing world

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. Secure backup Keeps your critical files safe from data loss or ransomware attacks. Anti-phishing protection Shields you from phishing attempts.

Antivirus

Antivirus Identity Theft Cyber threats Phishing

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

eSecurity Planet

NOVEMBER 6, 2024

Implement Data Encryption & Backup Protocols Encrypting sensitive data adds a layer of protection by ensuring that even if data is accessed, it remains unreadable without proper decryption keys. Cybersecurity awareness training helps staff recognize phishing scams , social engineering attempts, and other threats.

Ransomware

Ransomware Authentication Identity Theft Penetration Testing

Protect yourself from tax season scams

Webroot

APRIL 11, 2025

Phishing emails and text messages: Phishing schemes can happen through emails, texts or social media. You can learn how to report suspected phishing here. Back up your tax records: Make digital and physical backups of your tax documents. mail only , never by phone, text or email! Carbonite is the perfect solution.

Scams

Scams Identity Theft Backups Phishing

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Security Affairs

NOVEMBER 8, 2023

The attacks frequently targeted small and tribal casinos, encrypting servers and the personally identifying information (PII) of employees and patrons.” The FBI also reported, as of June 2023, that the Silent Ransom Group (SRG), also known as Luna Moth, had been observed conducting callback phishing data theft and extortion attacks.

Ransomware

Ransomware Backups Encryption Phishing

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

The group’s affiliates gain access to victims using phishing campaigns to steal credentials and exploiting unpatched software vulnerabilities. Medusa operators leverage legitimate remote access tools like AnyDesk, Atera, and Splashtop, alongside RDP and PsExec, to move laterally and locate files for exfiltration and encryption.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

Why it might be time to consider using FIDO-based authentication devices

CSO Magazine

JANUARY 4, 2023

Storing passwords in the browser and sending one-time access codes by SMS or authenticator apps can be bypassed by phishing. Password management products are more secure, but they have vulnerabilities as shown by the recent LastPass breach that exposed an encrypted backup of a database of saved passwords.

Authentication

Authentication Password Management Backups Passwords

Taking on the Next Generation of Phishing Scams

Google Security

MAY 11, 2022

Posted by Daniel Margolis, Software Engineer, Google Account Security Team Every year, security technologies improve: browsers get better , encryption becomes ubiquitous on the Web , authentication becomes stronger. But phishing persistently remains a threat (as shown by a recent phishing attack on the U.S.

Phishing

Phishing Scams Authentication Accountability

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

Scan emails and attachments to detect and block malware, and implement training and processes to identify phishing and externally-sourced emails. Maintain offline, encrypted backups of data and regularly test your backups. Regularly conduct backup procedures and keep backups offline or in separated networks.

Ransomware

Ransomware Backups Antivirus DDOS

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 In May, cybersecurity researchers revealed that ransomware attacks are increasing their aggressive approach by destroying data instead of encrypting it.

Backups

Backups Ransomware Malware Firewall

How Ransomware Gangs Weaponize Employee Burnout to Breach Corporate Defenses

SecureWorld News

MAY 5, 2025

Phishing emails get through because people stop reading carefully. They're timing their phishing campaigns around stressful company periods: fiscal year ends, product launches, mergers, layoffs. Backups fail to be properly secured. And once the encryption starts, it's already too late to mount an organized defense.

Ransomware

Ransomware Firewall Encryption Phishing

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

MARCH 6, 2021

A VPN encrypts all internet traffic so that it is unreadable to anyone who intercepts it. You can keep a data backup on hardware or use a cloud-based service. Keep an eye out for phishing emails. Since a VPN tunnels traffic through a server in a location of your choosing. It is vital to back-up your data.

VPN

VPN Passwords Firewall Risk

Are You Vulnerable To Ransomware? 6 Questions to Ask Yourself

Vipre

MAY 5, 2021

For instance, failing to educate users on the dangers of phishing amounts to business malpractice. Your answers should make it obvious in which areas of security you need to invest: Are you training users on the dangers of phishing? 66% of ransomware infections are due to spam and phishing emails.

Ransomware

Ransomware Backups Phishing Education

Guide to ransomware and how to detect it

IT Security Guru

SEPTEMBER 28, 2023

Ransomware attacks are strategically designed to either encrypt or delete critical data and system files, compelling organisations to meet the attackers’ financial demands. By keeping the encryption key on the infected device, ransomware may gradually encrypt files. How are victims of Ransomware exploited?

Ransomware

Ransomware Encryption Backups Social Engineering

Cyber Security Awareness Month: Cyber tune-up checklist

Webroot

OCTOBER 1, 2024

Quality password managers like the one included with Webroot Premium will generate, store and encrypt all your passwords, requiring you to only remember one password. Identifying phishing scams Phishing scams appear in our email inboxes, text messages and even voicemails on a daily basis. noreply@yourbank.com.)

Security Awareness

Security Awareness Passwords Backups Password Management

Is Your Small Business Safe Against Cyber Attacks?

CyberSecurity Insiders

MARCH 21, 2021

With a VPN like Surfshark to encrypt your online traffic and keep it protected against any security breach, your valuable data isn’t going to get compromised easily anytime soon. Backup data on Cloud . Even if you take all the protective measures, you don’t want to be left without any backup or options in case of a cyber attack.

Small Business

Small Business Cyber Attacks VPN Backups

GUEST ESSAY: A roadmap for wisely tightening cybersecurity in the modern workplace

The Last Watchdog

MAY 24, 2023

Related: Tapping hidden pools of security talent Sometimes hackers can encrypt your systems, holding them hostage and asking you to pay money to regain access to them. This problem, called ransomware , explains why keeping backups is so important. Cyberattacks can also lead to a loss of productivity.

Cybersecurity

Cybersecurity Backups Data breaches Technology

Prevention Maintenance: Strategies To Bolster Your Organisation’s Cybersecurity

IT Security Guru

MAY 20, 2024

Today, common cyber threats include phishing, ransomware, and malware attacks, each capable of significantly disrupting operations and compromising sensitive data. These sessions should cover critical topics like phishing, which tricks you into giving out sensitive information, and password security to protect your data.

Cybersecurity

Cybersecurity Backups Cyber threats Mobile

5 ways to strengthen healthcare cybersecurity

Webroot

APRIL 5, 2024

Email encryption makes it hard for attackers to intercept sensitive medical data—just make sure the encryption tool is easy to manage and use. In fact, 16 percent of breaches start with phishing. But SaaS vendors explicitly state that data protection and backup is the customer’s responsibility of the customer.

Healthcare

Healthcare Cybersecurity Backups Data breaches

Threat profile: Ranzy Locker ransomware

Malwarebytes

OCTOBER 28, 2021

Recent targets reported the actors leveraged known Microsoft Exchange Server vulnerabilities and phishing as the means of compromising their networks. . All encrypted files have extension: ranzy - How to restore my files? - Some variants also use file extensions for the encrypted files that show Ranzy Locker was at work.

Ransomware

Ransomware Backups Encryption Accountability

12 Critical SOC 2 Controls to Support Compliance

Centraleyes

MARCH 10, 2025

This category underpins the entire SOC 2 framework and includes essential controls like access management, encryption, and incident response. Encryption, access controls, and secure file-sharing protocols play a key role here. For example, adding the Confidentiality category will include criteria for encrypting sensitive information.

Encryption

Encryption Backups Risk Authentication

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

.” The NCSC also provided info about the initial infection vectors observed in the ransomware attacks: Insecure Remote Desktop Protocol (RDP) configurations Vulnerable Software or Hardware Phishing emails. backup servers, network shares, servers, auditing devices). PowerShell) to easily deploy tooling or ransomware.

Education

Education Ransomware Antivirus Backups

Best Disaster Recovery Solutions for 2022

eSecurity Planet

JULY 8, 2022

But it also requires software to orchestrate data movement, backup and restore technology to ensure a current copy of data is available, and the ability to recover systems and data rapidly. This type of backup and DR technology offers RPOs measured in hours. See the Best Backup Solutions for Ransomware Protection.

Backups

Backups Ransomware Technology Marketing

What to do after a Ransomware Attack?

Hacker Combat

MAY 27, 2021

What actions do you take when it dawns on you that your files have been encrypted with a view of illegally denying you access? This is mainly done through the use of phishing emails as well as drive-by downloading scams which are usually masqueraded as legal and legitimate messages. File Encryption. Ensure Backup Security.

Ransomware

Ransomware Backups Encryption Phishing

Best Ransomware Protection

Hacker Combat

APRIL 6, 2022

You are neither safe on your private nor public network, as ransomware can encrypt your files and hold them hostage. When you open an infected file that seemingly appears safe, ransomware executes its process by encrypting data. You can defeat ransomware through specific preventive measures, including software and encryption.

Ransomware

Ransomware Antivirus Encryption Passwords

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Hornetsecurity Research Reveals Microsoft Teams Security and Backup Flaws With Nearly Half of Users Sharing Business-Critical Information on the Platform

CyberSecurity Insiders

OCTOBER 7, 2022

Most backup and security vendors overlook this vital communication channel. Leading cybersecurity software provider Hornetsecurity has found an urgent need for greater backup for Microsoft Teams with more than half of users (45%) sending confidential and critical information frequently via the platform. Hornetsecurity Inc.

Backups

Backups Risk Cybersecurity Marketing

US CISA releases guidance on how to prevent ransomware data breaches

Security Affairs

AUGUST 21, 2021

Most of the recent ransomware attack resulted in data breaches for the victims, threat actors implemented a double-extortion schema threatening the victims to data stolen before encrypting them on compromised systems. softwa re company Kaseya. .

Data breaches

Data breaches Ransomware Backups Technology

Cyber Security: Work From Home Best Practices

Spinone

APRIL 13, 2020

They include insider threats, phishing, and ransomware. Phishing Phishing is one of the most significant cyber security risks, especially for remote workers or during the transition period between office and remote work. Phishing attacks are tricky, because even one sloppy click can put the whole system in danger.

Backups

Backups Phishing Ransomware Risk

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Back up your data and secure your backups in an offline location. If the data is online, then it’s accessible to bad actors and just waiting to be encrypted for ransom. Fun fact: 80% of these breaches occur at the endpoint , often via phishing or social engineering. It’s quick to deploy and simple to operate. Let’s talk VPNs.

Ransomware

Ransomware Risk Internet Internet

iNSYNQ Ransom Attack Began With Phishing Email

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Trending Sources

Researchers Quietly Cracked Zeppelin Ransomware Keys

South African telecom provider Cell C disclosed a data breach following a cyberattack

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

8 security tips for small businesses

LockBit Green and phishing that targets organizations

The 3 biggest cybersecurity threats to small businesses

LastPass Devs Were Phished for Credentials

ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD

Encryption: How It Works, Types, and the Quantum Future

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Is your whole digital life protected? 4 ways to address common vulnerabilities

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Digital life protection: How Webroot keeps you safe in a constantly changing world

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

Protect yourself from tax season scams

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Why it might be time to consider using FIDO-based authentication devices

Taking on the Next Generation of Phishing Scams

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

What is a Cyberattack? Types and Defenses

How Ransomware Gangs Weaponize Employee Burnout to Breach Corporate Defenses

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

Are You Vulnerable To Ransomware? 6 Questions to Ask Yourself

Guide to ransomware and how to detect it

Cyber Security Awareness Month: Cyber tune-up checklist

Is Your Small Business Safe Against Cyber Attacks?

GUEST ESSAY: A roadmap for wisely tightening cybersecurity in the modern workplace

Prevention Maintenance: Strategies To Bolster Your Organisation’s Cybersecurity

5 ways to strengthen healthcare cybersecurity

Threat profile: Ranzy Locker ransomware

12 Critical SOC 2 Controls to Support Compliance

NCSC warns of a surge in ransomware attacks on education institutions

Best Disaster Recovery Solutions for 2022

What to do after a Ransomware Attack?

Best Ransomware Protection

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Hornetsecurity Research Reveals Microsoft Teams Security and Backup Flaws With Nearly Half of Users Sharing Business-Critical Information on the Platform

US CISA releases guidance on how to prevent ransomware data breaches

Cyber Security: Work From Home Best Practices

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Stay Connected