Authentication, Backups and Technology - Cyber Security Informer

NIST Releases First Post-Quantum Encryption Algorithms

Schneier on Security

AUGUST 15, 2024

The other two –- ML-DSA [PDF] (originally known as CRYSTALS-Dilithium) and SLH-DSA [PDF] (initially submitted as Sphincs+)—secure digital signatures, which are used to authenticate online identity. NIST continued to evaluate two other sets of algorithms that could potentially serve as backup standards in the future.

Encryption

Encryption Backups Authentication Technology

Critical flaws affect Veeam Data Backup software

Security Affairs

MARCH 15, 2022

Veeam addressed two critical vulnerabilities impacting the Backup & Replication product for virtual environments. Veeam has released security patches to fix two critical vulnerabilities, tracked as CVE-2022-26500 and CVE-2022-26501 (CVSS score of 9.8), impacting the Backup & Replication solution for virtual environments.

Backups

Backups Software Authentication Hacking

Best Backup Solutions for Ransomware Protection

eSecurity Planet

SEPTEMBER 22, 2021

Backup has in some sense always been about the security of data. In the event of a data loss or disaster, you could turn to your backup to retrieve the data. But these days, backup must do much more. “Or worse, what if your multiple copies or backups are also all bad?” Key Features of Ransomware Backup.

Backups

Backups Ransomware Encryption Architecture

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

SecureWorld News

JANUARY 16, 2025

With the increasing reliance on digital technologies for operational efficiency, this sector has become a prime target for sophisticated cyber and physical threats. Multi-factor authentication (MFA): MFA ensures that access to critical systems is granted only after verifying user credentials through multiple channels.

Energy and Utilities

Energy and Utilities IoT Artificial Intelligence Backups

Your Phone May Soon Replace Many of Your Passwords

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. “I worry about forgotten password recovery for cloud accounts.”

Passwords

Passwords Authentication Accountability Mobile

Okta: Breach Affected All Customer Support Users

Krebs on Security

NOVEMBER 29, 2023

20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. For this reason, they can’t be locked down with multifactor authentication the way user accounts can.

Authentication

Authentication Accountability Passwords Antivirus

Protecting Yourself from Identity Theft

Schneier on Security

MAY 6, 2019

Enable two-factor authentication for all important accounts whenever possible. Do your best to disable the "secret questions" and other backup authentication mechanisms companies use when you forget your password -- those are invariably insecure.

Identity Theft

Identity Theft Passwords Password Management Authentication

Cybersecurity Mesh, Decentralized Identity Lead Emerging Security Technology: Gartner

eSecurity Planet

NOVEMBER 18, 2021

Gartner analyst Ruggero Contu noted that security risks are becoming external: the software supply chain , the public cloud , the trading of breached data, and IoT and operational technology (OT) are all threats outside of traditional perimeter security. Security analytics, intelligence and triggers. A distributed identity fabric.

Technology

Technology Cybersecurity Architecture Ransomware

Google Authenticator now supports Google Account synchronization

Google Security

APRIL 24, 2023

Christiaan Brand, Group Product Manager We are excited to announce an update to Google Authenticator , across both iOS and Android, which adds the ability to safely backup your one-time codes (also known as one-time passwords or OTPs) to your Google Account. Making technology for everyone means protecting everyone who uses it.

Authentication

Authentication Accountability Password Management Passwords

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware

Ransomware Encryption Backups Manufacturing

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Tripwire’s tips for all organizations on avoiding ransomware attacks include: Making secure offsite backups. Using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication. Encrypting sensitive data wherever possible. ” . ”

Healthcare

Healthcare Backups Ransomware Insurance

CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog

Security Affairs

DECEMBER 16, 2022

US CISA added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities impacting Veeam Backup & Replication software, tracked as CVE-2022-26500 and CVE-2022-26501 (CVSS 3.1

Backups

Backups Authentication Software Risk

Microsoft Patch Tuesday, June 2020 Edition

Krebs on Security

JUNE 9, 2020

A chief concern among the panoply of patches is a trio of vulnerabilities in the Windows file-sharing technology (a.k.a. One mitigating factor with this flaw is that an attacker would need to be already authenticated on the network to exploit it, according to security experts at Tenable.

Authentication

Authentication Software Backups Accountability

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

Since its emergence in 2021, Medusa has targeted over 300 victims across various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing. Maintain offline backups: Store critical data backups offline to ensure recovery in case of an attack, preventing data loss and reducing downtime.

Ransomware

Ransomware Backups Firmware Insurance

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

The Last Watchdog

SEPTEMBER 25, 2023

Taking an active role Your cybersecurity policy should address your employees and technology systems. Taurins It’s also essential your business evaluates its technology and keeps it regularly updated to the latest security standards. Security places a crucial role in your technology. Employee training is crucial.

Small Business

Small Business Cybersecurity Technology Accountability

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

The Last Watchdog

NOVEMBER 18, 2019

Encrypted flash drives, essentially secure storage on a stick, are a proven technology that has been readily available for at least 15 years. Kim: Yes, companies want assurance that they have an offline backup, yet they also want to be able to monitor what people are doing with those backups, as well.

Backups

Backups Encryption Data privacy Digital transformation

Guest Blog: Ox Security on learning from the Recent GitHub Extortion Campaigns

IT Security Guru

JUNE 13, 2024

This is an urgent notice to inform you that your data has been compromised, and we have secured a backup.” These attackers appear to be using the stolen GitHub credentials of users who have not enabled two-factor authentication (2FA). Over recent months, GitHub-related security incidents have increased.

Backups

Backups Authentication Data breaches Social Engineering

GUEST ESSAY: A roadmap for wisely tightening cybersecurity in the modern workplace

The Last Watchdog

MAY 24, 2023

This problem, called ransomware , explains why keeping backups is so important. Hijackers’ demands lose power when you can just recover your operations from backups. Cyberattacks can also lead to a loss of productivity. Quite simply, investing in cybersecurity is a standard cost of doing business today.

Cybersecurity

Cybersecurity Backups Data breaches Technology

How to Evaluate the True Costs of Multi-Factor Authentication

Duo's Security Blog

JANUARY 27, 2022

Not all multi-factor authentication (MFA) solutions are equal. For a two-factor authentication solution, that may include hidden costs, such as upfront, capital, licensing, support, maintenance, and operating costs. John Bryant, Chief Technology Officer, Options Technology Ltd.

Authentication

Authentication Software Mobile Passwords

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

The Hacker News

AUGUST 27, 2021

technology firm Kaseya has released security patches to address two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity solution that could result in privilege escalation and authenticated remote code execution.

Backups

Backups Authentication Technology

Upgrading your iPhone? Read this first

Malwarebytes

SEPTEMBER 13, 2023

If you see iCloud Backup is Turned Off , tap Turn On Backup to Transfer. Wait for the backup to complete. You have 21 days to restore your temporary backup to your new iPhone or iPad before your temporary iCloud storage expires and your backup is permanently deleted. Choose your most recent iCloud backup.

Backups

Backups Accountability VPN Scams

How Spoutible’s Leaky API Spurted out a Deluge of Personal Data

Troy Hunt

FEBRUARY 4, 2024

Online security, technology and “The Cloud” Australian.", But fortunately these days many people make use of 2 factor authentication to protect against account takeover attacks where the adversary knows the password. And the 2FA backup code? Microsoft Regional Director. Pluralsight author.

Passwords

Passwords Accountability Backups Data breaches

Best Disaster Recovery Solutions for 2022

eSecurity Planet

JULY 8, 2022

Ransomware has now emerged as one of the key reasons to have a DR plan and DR technology in place. But it also requires software to orchestrate data movement, backup and restore technology to ensure a current copy of data is available, and the ability to recover systems and data rapidly.

Backups

Backups Ransomware Technology Marketing

Lockscreen and Authentication Improvements in Android 11

Google Security

SEPTEMBER 22, 2020

This blog post outlines recent improvements around how users interact with the lockscreen on Android devices and more generally with authentication. In particular, we focus on two categories of authentication that present both immense potential as well as potentially immense risk if not designed well: biometrics and environmental modalities.

Authentication

Authentication Passwords Backups Architecture

Passkeys: The future of secure and seamless authentication

Webroot

FEBRUARY 5, 2025

But what exactly are passkeys, and why are they considered the future of authentication? With Password Day coming up this Saturday, it’s the perfect time to discuss the future of authentication. Passkeys leverage public-key cryptography to authenticate users without requiring them to remember or type in a password.

Authentication

Authentication Password Management Passwords Backups

DCAP Systems: Protecting Your Data with Advanced Technology

SecureWorld News

APRIL 30, 2023

DCAP can be seen as an intelligent security instrument that provides off-the-shelf data protection technologies, implementing a new approach to solving an important and necessary task. Finally, DCAP can also help you quickly recover data from backups in case of ransomware. In particular.

Technology

Technology Unstructured Data Data breaches Information Security

FTC shares guidance for small businesses to prevent ransomware attacks

Security Affairs

NOVEMBER 14, 2021

The first step consists of recommending organizations to follow best practices to neutralize ransomware attack such as set up offline, off-site, encrypted backups. FTC also recommends to implement practices described in the Ransomware Guide and the Fact Sheet on Rising Ransomware Threat to Operational Technology Assets.

Small Business

Small Business Ransomware Backups Passwords

Prevention Maintenance: Strategies To Bolster Your Organisation’s Cybersecurity

IT Security Guru

MAY 20, 2024

Regular updates: Keep your policy current by regularly updating it to address new threats and technological changes. Implement Multi-Factor Authentication Multi-factor authentication (MFA) requires multiple verification methods to access an account online, significantly enhancing protection.

Cybersecurity

Cybersecurity Backups Cyber threats Mobile

How to use a physical security key on Twitter and where to get it from

CyberSecurity Insiders

JULY 1, 2021

Now the Tweeting giant has clarified that users will be allowed to use their security keys as the only form of two factor authentication, if they will do so. Twitter allows Two factor authentication in three ways- Text Message, authentication via App and through a physical security key.

Authentication

Authentication Backups Accountability Phishing

Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach

Malwarebytes

JULY 27, 2021

MSPs are companies that facilitate the remote management of a business’s technology and network. Unitrends is a Kaseya company and a provider of all-in-one enterprise backup and continuity solutions. But the DIVD opened a new case file for Kaseya Unitrends.

Backups

Backups Authentication Internet Internet

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

MARCH 6, 2021

Technology advancements have made it relatively easy for many employees to carry out their regular job duties from the comfort of their home. Set-up 2-factor authentication. Two-factor authentication or two-step verification involves adding a step to add an extra layer of protection to accounts. It is vital to back-up your data.

VPN

VPN Passwords Firewall Risk

FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations

Security Affairs

OCTOBER 19, 2021

The experts noticed that BlackMatter operators wipe or reformat backup data stores and appliances instead of encrypting backup systems. Consider disabling or limiting New Technology Local Area Network Manager (NTLM) and WDigest Authentication. Scanning backups. Minimize the AD attack surface.

Ransomware

Ransomware Backups Encryption Cybercrime

Is Your Small Business Safe Against Cyber Attacks?

CyberSecurity Insiders

MARCH 21, 2021

Most small business owners consider IP infrastructure as a one-time expense and dont bother replacing it with new technology. Modern technology comes with improved network security offering higher protection. . In this age of technology and digitalization, a cyber security plan is not an option anymore but a necessity.

Small Business

Small Business Cyber Attacks VPN Backups

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Back up your data and secure your backups in an offline location. Enable multi-factor authentication (MFA) to access your applications and services, especially for admin access to platforms and backend systems. If the data is online, then it’s accessible to bad actors and just waiting to be encrypted for ransom. Food for thought, eh!

Ransomware

Ransomware Risk Internet Internet

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

Focus on implementing robust backup and disaster recovery plans, user training, and the sharing of threat intelligence. John Gunn , CEO, Token Gunn The carnage from 2023 reveals that legacy mutifactor authentication was the most frequent point of failure. Businesses can no longer afford to leave any layer unprotected.

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

From Supply Chain Breach to Global Disruption: The AnyDesk Hack’s Silent Shockwave

SecureWorld News

APRIL 10, 2025

However, behind its polished interface and "safe-by-design" assurance lay a systemic fragility: an overreliance on digital signatures to vouch for integrity and authenticity. However, when the underlying trust model is compromised, that interconnected web of technology can quickly unravel.

Software

Software Authentication Backups Technology

CISA and FBI issue alert about Zeppelin ransomware

Malwarebytes

AUGUST 16, 2022

While anyone can fall victim to these threat actors, the FBI noted that this malware has been used to target a wide range of businesses and critical infrastructure organizations, including defense contractors, educational institutions, manufacturers, technology companies, and especially organizations in the healthcare and medical industries.

Ransomware

Ransomware Backups Passwords Authentication

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” ” reads the joint advisory. Attackers use Mimikatz to steal credentials.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

MAY 8, 2019

Key takeaways: Protected backup Even with increased adoption of cloud computing, external storage devices, like USB thumb drives and external hard drives, still have a major role in organizations of all sizes. That’s why DataLocker built encryption into the storage device and made it accessible with password authentication.

Encryption

Encryption Backups Internet Internet

Recapping Cisco Secure at Black Hat USA 2021

Cisco Security

AUGUST 11, 2021

Backups… Let’s Get This Out of the Way. A challenge with outsourcing backup responsibilities is that companies often have no say in how often or the level at which third parties back up their information. “With ransomware being as big as it is right now, one of the first answers that everyone goes to is backups.”

Backups

Backups CISO Ransomware Cyber Attacks

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware

Spyware Firewall Artificial Intelligence Malware

Apple announces 3 new security features

Malwarebytes

DECEMBER 8, 2022

A hardware security key uses public-key encryption to authenticate a user, and is much harder to defeat than other forms of authentication, such as passwords, or codes sent by SMS or generated by apps. For those users that choose to enable Advanced Data Protection, this will rise to 23, including iCloud Backup, Notes, and Photos.

Backups

Backups Encryption Authentication Data breaches

Recognising Scam Patterns and Preventing Data Loss: A Unified Approach

IT Security Guru

NOVEMBER 20, 2023

Hybrid work models and broadly adopted cloud technology create highly dispersed environments that assist bad actors in remaining covered in the shadow and accomplishing malicious acts against businesses of any size and sector. Multi-Factor Authentication (MFA): MFA requires users to provide two or more verification methods to gain access.

Scams

Scams Phishing Backups Education

What Is Hybrid Cloud Security? How it Works & Best Practices

eSecurity Planet

OCTOBER 20, 2023

Role-based access control (RBAC) and multi-factor authentication ( MFA ) regulate resource access. Backup and disaster recovery procedures ensure that data is always available. Complex Hybrid Cloud Environments Businesses may mix various public cloud providers, private clouds, and on-premises technology in more complex setups.

Backups

Backups Firewall Encryption Architecture

NIST Releases First Post-Quantum Encryption Algorithms

Critical flaws affect Veeam Data Backup software

Trending Sources

Best Backup Solutions for Ransomware Protection

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

Your Phone May Soon Replace Many of Your Passwords

Okta: Breach Affected All Customer Support Users

Protecting Yourself from Identity Theft

Cybersecurity Mesh, Decentralized Identity Lead Emerging Security Technology: Gartner

Google Authenticator now supports Google Account synchronization

Researchers Quietly Cracked Zeppelin Ransomware Keys

New Ransom Payment Schemes Target Executives, Telemedicine

CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog

Microsoft Patch Tuesday, June 2020 Edition

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

Guest Blog: Ox Security on learning from the Recent GitHub Extortion Campaigns

GUEST ESSAY: A roadmap for wisely tightening cybersecurity in the modern workplace

How to Evaluate the True Costs of Multi-Factor Authentication

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

Upgrading your iPhone? Read this first

How Spoutible’s Leaky API Spurted out a Deluge of Personal Data

Best Disaster Recovery Solutions for 2022

Lockscreen and Authentication Improvements in Android 11

Passkeys: The future of secure and seamless authentication

DCAP Systems: Protecting Your Data with Advanced Technology

FTC shares guidance for small businesses to prevent ransomware attacks

Prevention Maintenance: Strategies To Bolster Your Organisation’s Cybersecurity

How to use a physical security key on Twitter and where to get it from

Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations

Is Your Small Business Safe Against Cyber Attacks?

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

From Supply Chain Breach to Global Disruption: The AnyDesk Hack’s Silent Shockwave

CISA and FBI issue alert about Zeppelin ransomware

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

Recapping Cisco Secure at Black Hat USA 2021

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

Apple announces 3 new security features

Recognising Scam Patterns and Preventing Data Loss: A Unified Approach

What Is Hybrid Cloud Security? How it Works & Best Practices

Stay Connected