Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
Stay secure with the latest insights on data backup strategies, solutions, and best practices in information security. Protect your digital assets now.
Search across headline titles and summaries.
Background for this topic.
Backup is the process of creating copies of digital data to restore it if the original is lost, corrupted, or altered. These copies can be stored locally, remotely, or in the cloud and are made using methods like full, incremental, or differential backups to optimize storage and recovery time. Backups ensure data availability after hardware failures, accidental deletions, or malicious events that compromise original files.
From a security perspective, backups must be protected against unauthorized access and tampering, as attackers may target backup systems to disable recovery or steal sensitive information. Effective defenses include encrypting backup data, enforcing strict access controls, and maintaining isolated or immutable backups that cannot be altered or deleted by malware. Regularly testing backup restoration is critical to verify data integrity and ensure reliable recovery during incidents.
Weekly headline count for the current query.
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
A Russian-speaking hacker used generative AI to compromise the FortiGate firewalls, targeting credentials and backups for possible follow-on ransomware attacks.
The network security vendor said the MySonicWall breach was unrelated to the recent wave of Akira ransomware attacks targeting the company's devices.
SonicWall said a breach it disclosed last month affected firewall configuration files for all customers who have used SonicWall’s cloud backup service — up from its previous 5% estimate.
Threat actors breached the MySonicWall service and accessed backup firewall configuration files belonging to "fewer than 5%" of its install base, according to the company.
When ransomware hits hospitals, neighbors absorb patient overflow. Key defenses include backup recovery and multifactor authentication implementation.
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers.
The vendor's products fall in a category that ransomware operators like to target to circumvent victims' ability to recover from a successful attack.
The combination of immutability, indelibility, centralized governance, and user empowerment provides a comprehensive backup strategy, Google said.
The breach was carried out with stolen Citrix credentials for an account that lacked multifactor authentication. Attackers went undetected for days, and Change's backup strategy failed.
Attackers can inject and execute arbitrary PHP code using a flaw in Backup Migration, which has been downloaded more than 90K times.
Shared Access Signature (SAS) link exposed a storage bucket with 38TB of private data, including passwords, Teams messages, and the backups of two Microsoft AI research employees' workstations.
A good backup strategy can be effective at mitigating a ransomware attack, but how many organizations consider that their backup data can also be targeted?
Enterprise storage devices have 14 security weaknesses on average, putting them at risk of compromise by cyberattackers and especially ransomware attacks.
Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom.
Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.
A critical security vulnerability gives attackers a way to compromise thousands of systems at ConnectWise's managed service provider (MSP) customer locations and their downstream clients.
Most backup and security vendors overlook this vital communication channel.
As threat actors' sophistication has grown dramatically in the last few years, organizations haven't kept up with implementing the necessary countermeasure controls.