Security Affairs

DECEMBER 16, 2022

US CISA added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities impacting Veeam Backup & Replication software, tracked as CVE-2022-26500 and CVE-2022-26501 (CVSS 3.1

Backups 98

Backups Authentication Software Risk 98

Security Affairs

OCTOBER 14, 2021

WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats. WhatsApp is rolling out end-to-end encrypted chat backups on both iOS and Android devices, the move aims at implementing an optional layer of security to protect backups stored on Google Drive or iCloud cloud storage.

Backups 89

Backups Encryption Passwords Hacking 89

Security Affairs

SEPTEMBER 13, 2021

Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to work to protect the privacy of WhatsApp users and announced that it will allow users to encrypt their message history backups in the cloud. ” reads the announcement published by WhatsApp.

Backups 87

Backups Encryption Passwords Accountability 87

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. “Upon learning of the incident, we immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement. .

Backups 94

Backups Encryption Data breaches Passwords 94

Notice Bored

OCTOBER 19, 2021

when I read the recommendation for a topic-specific policy on backup. If you already have a backup policy (or something with a vaguely similar title), I urge you to dig it out at this point and study it (again!) Is your backup policy exclusively about backing up computer data , most likely digital data from corporate IT systems?

Backups 56

Backups Risk Internet Internet 56

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. Threat actors are wiping NAS and backup devices. They also explained that organizations can protect against the destruction of backups taking offline backups.

Ransomware 116

Ransomware Backups VPN Authentication 116

Security Affairs

AUGUST 30, 2019

PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe. DDS Safe, is a HIPAA Compliant 3 layered online dental backup system that provides dental offices triple the protection of traditional online back-up solutions. Pierluigi Paganini.

Backups 96

Backups Ransomware Advertising Encryption 96

Spinone

OCTOBER 8, 2019

All of cloud backup services for Office 365 admins perform the same primary function – they automatically backup your data. And this difference in “not what but how” is crucial for data security. And of course, read about how to use it to backup office 365 emails easily !

Backups 40

Backups Accountability Encryption Cybersecurity 40

Spinone

AUGUST 25, 2018

Spinbackup is a cloud-to-cloud backup and cloud G Suite security solution provider. Our unique market value proposition is to remove human factor for data security and use machine learning algorithms to fully automate G Suite data protection and we do it all in one very well designed dashboard.

Backups 40

Backups Threat Detection Ransomware Accountability 40

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. Threat actors are wiping NAS and backup devices. They also explained that organizations can protect against the destruction of backups taking offline backups.

Ransomware 92

Ransomware Backups VPN Authentication 92

Malwarebytes

FEBRUARY 5, 2024

Add to that the suspicion that the ransom was paid, and we can conclude that backups were perhaps insufficient or not readily deployable. Another indication that things may not have been up to par was the chief information security officer (CISO) leaving in November, while the company was still recovering from the cyberattack.

Backups 110

Backups Ransomware CISO Malware 110

Spinone

NOVEMBER 20, 2018

In traditional on-site backup systems security is mainly a physical concern – ensuring data is backed up in more than one location in case of hardware loss or failure and restricting access to the physical backup media to only trusted employees. In cloud backup, security concerns are different.

Backups 40

Backups Encryption Computers and Electronics Accountability 40

Security Affairs

NOVEMBER 8, 2023

The FBI also published recommendations for organizations to improve their security posture in response to these new activity trends. The FBI also recommends reviewing the security posture of third-party vendors.

Ransomware 113

Ransomware Backups Encryption Phishing 113

Security Affairs

JUNE 29, 2023

Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as CVE-2023-26258, in its Unified Data Protection (UDP) backup software. Arcserve released UDP 9.1

Authentication 94

Authentication Backups Ransomware Software 94

Security Affairs

NOVEMBER 7, 2023

The issue affects Veeam ONE versions 11, 11a, 12 In March, Veeam addressed a high-severity flaw, tracked as CVE-2023-27532 , in Veeam Backup and Replication (VBR) software. An unauthenticated user with access to the Veeam backup service (TCP 9401 by default) can exploit the flaw to request cleartext credentials.

Backups 120

Backups Hacking Accountability Software 120

Krebs on Security

JUNE 8, 2021

“This can be hugely damaging in the event of ransomware attacks, where high privileges can enable the attackers to stop or destroy backups and other security tools,” Breen said. So do yourself a favor and backup before installing any patches.

Backups 299

Backups Cyber threats Ransomware Phishing 299

Security Affairs

FEBRUARY 19, 2022

that can allow website subscribers to download the latest database backups, which could potentially contain sensitive data. “The plugin uses custom “nonces” and timestamps to securely identify backups. This info could allow attackers to receive the backup via mail by manipulating the request. score of 8.5)

Backups 93

Backups Authentication Hacking Accountability 93

Security Affairs

FEBRUARY 13, 2024

Stopping it will remove the evidence stored in the volatile memory (RAM) Collect and keep all relevant log information, from the affected equipment, but also from network equipment, firewall Examine the system logs to identify the mechanism by which IT infrastructure has been compromised Immediately inform all employees and notify affected customers (..)

Ransomware 118

Ransomware Backups Encryption Healthcare 118

Security Affairs

APRIL 14, 2023

The account was used to create database backups which were then downloaded and deleted. It also downloaded existing nightly full-backups of the database. The account owner has confirmed they did not access the admin console to perform these actions.”

Data breaches 96

Data breaches Backups Passwords Accountability 96

Security Affairs

MAY 11, 2021

Maintain offline, encrypted backups of data and regularly test your backups. Regularly conduct backup procedures and keep backups offline or in separated networks. Scan emails and attachments to detect and block malware, and implement training and processes to identify phishing and externally-sourced emails.

Ransomware 129

Ransomware Backups Antivirus DDOS 129

Security Affairs

JANUARY 31, 2024

On October 27th, the Cybernews research team discovered a misconfigured web server with backups and development code references allegedly belonging to the fintech company Direct Trading Technologies. The leak poses a variety of risks, expanding from identity theft to takeover and cashing-out accounts of traders.

Technology 122

Technology Identity Theft Backups Passwords 122

Joseph Steinberg

APRIL 21, 2022

Data that must remain private simply cannot be readable by unauthorized parties – and that rule applies both when the relevant information is at rest on an internal server, in the cloud, or on some backup media, as well as when it is in transit over any form of network or other means of communication.

Encryption 316

Encryption Cybersecurity Artificial Intelligence Backups 316

Security Affairs

APRIL 25, 2024

SCMagazine reported that Systembolaget, in response to Skanlog’s uncertainty about restoring its operations, plans to implement a backup procedure to address potential delays in deliveries. Skanlog spokesman warned that certain alcoholic beverages could be sold out within a few days.

Ransomware 111

Ransomware Retail Cyber Attacks Backups 111

Security Affairs

FEBRUARY 28, 2023

This flaw impacts multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager. “During a recent incident response case, we found traces of an adversary leveraging ConnectWise R1Soft Server Backup Manager software (hereinafter: R1Soft server software). and 8.6.4.1.

Backups 95

Backups Software Authentication Hacking 95

Security Affairs

MAY 12, 2024

Recommendations provided in the report include installing updates promptly, using phishing-resistant multi-factor authentication (MFA), securing remote access software, making backups, and applying mitigations from the #StopRansomware Guide.

Ransomware 116

Ransomware Hacking Healthcare Retail 116

CyberSecurity Insiders

JUNE 29, 2023

As per the details available to our Cybersecurity Insiders, a noted ransomware group targeted Drug maker on May 25th and the information security incident brought in financial loss that could hit the profit margin to a great extent this year.

Ransomware 83

Ransomware Backups Manufacturing Encryption 83

Security Affairs

SEPTEMBER 9, 2022

The plugin allows storing backup files in multiple locations (Destinations) including Google Drive, OneDrive, and AWS. The plugin also allows storing backups via the ‘Local Directory Copy’ option, but experts discovered that this feature isn’t secure and allows unauthenticated users to download any file stored on the server.

Backups 140

Backups Media Authentication Hacking 140

Security Affairs

JUNE 24, 2020

firm Frost & Sullivan suffered a data breach, data from an unsecured backup that were exposed on the Internet was sold by a threat actor on a hacker forum. “The breach occurred to a misconfigured backup directory on one of Frost and Sullivan public-facing servers. ” reported BleepingComputer.

Data breaches 136

Data breaches Backups Advertising Hacking 136

Security Affairs

NOVEMBER 19, 2023

The Talos researchers discovered a number of features implemented by Phobos allowing operators to establish persistence in a targeted system, perform speedy encryption, and remove backups. Disable system recovery, backup and shadow copies and the Windows firewall. Embedded configuration with more than 70 options available.

Ransomware 129

Ransomware Encryption Backups Manufacturing 129

Security Affairs

SEPTEMBER 1, 2023

The Key Group ransomware deletes volume shadow copies using living-off-the-land binaries (LOLBINs) and backups made with the Windows Server Backup tool. The ransomware also disables updates from multiple anti-malware solutions (i.e Avast, ESET, and Kaspersky) by modifying the hosts file inside the Windows OS.

Ransomware 116

Ransomware Encryption Backups Malware 116

BH Consulting

JUNE 2, 2022

As part of our continued expansion, we wish to appoint a Technical Cybersecurity Consultant who can conduct security assessments of clients technical infrastructure (M365/Azure/AWS/Backups/Networks etc.) M365/Azure/AWS/Backups/Networks etc.). A strong familiarity with web application security vulnerabilities and controls.

Cybersecurity 75

Cybersecurity Backups Penetration Testing Risk 75

Threatpost

DECEMBER 1, 2020

An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.

Banking 113

Banking Backups Information Security 113

Security Affairs

JULY 27, 2021

Kaseya Unitrends is a cloud-based enterprise solution that provides affordable, low-maintenance data protection offering to complement existing client backup and recovery solutions. “A DIVD researcher has identified several vulnerabilities in the Kaseya Unitrends backup product version < 10.5.2.”

Backups 107

Backups Financial Services Internet Internet 107

Security Affairs

JUNE 1, 2020

Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site ( resources.joomla.org ) on an unsecured Amazon Web Services S3 bucket operated by the company. “JRD full site backups (unencrypted) were stored in a third-party company Amazon Web Services S3 bucket.

Data breaches 103

Data breaches Backups Passwords Advertising 103

Security Affairs

DECEMBER 29, 2023

An exposed URL for a Google storage bucket is worrying as it is a link to the system’s storage, which can store practically anything from text files to databases, backups, images, videos, or other sensitive information. The case is a stark example of the risks of using third-party apps.

Risk 113

Risk Backups Hacking Data breaches 113

Security Affairs

AUGUST 21, 2020

The University was able to recover the operations from the backups, but decided to pay the ransom to avoid having ransomware operators leak student information online. The university did not reveal the ransomware family involved in the attack. ” reads a press release published by the University.

Ransomware 144

Ransomware Cyber Insurance Insurance Advertising 144

Security Affairs

DECEMBER 17, 2020

Early this month, Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet that multiple ransomware gangs are cold-calling victims if they don’t pay the ransom and attempt to restore from backups. Patch operating systems, software, firmware, and endpoints.

Ransomware 140

Ransomware Backups Firmware Accountability 140