Backups and InfoSec - Cyber Security Informer

How Spoutible’s Leaky API Spurted out a Deluge of Personal Data

Troy Hunt

FEBRUARY 4, 2024

” This one, as far as infosec stories go, had me leaning and muttering like never before. And the 2FA backup code? Then there are periphery issues such as very weak password rules that make cracking bcrypt so much easier, weak 2FA backup codes and pointless bcrypting of them.

Passwords

Passwords Accountability Backups Data breaches

BSidesSF 2023 – Margaret Fero – Backup Plans For Your Backup Plans For Your Backup Plans

Security Boulevard

JUNE 25, 2023

Permalink The post BSidesSF 2023 – Margaret Fero – Backup Plans For Your Backup Plans For Your Backup Plans appeared first on Security Boulevard. Our thanks to BSidesSF for publishing their presenter’s superlative BSidesSF 2023 content on the organizations’ YouTube channel.

Backups

Backups Education InfoSec Cybersecurity

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Security Affairs

JANUARY 25, 2021

The researcher Rajshekhar Rajaharia analyzed the leaked data, it is a MongoDB database of 6GB that contains three backup files with BuyUcoin data. Story – [link] #InfoSec pic.twitter.com/1xFOtLcd8F — Rajshekhar Rajaharia (@rajaharia) January 21, 2021. Trading in #cryptocurrency ? You leaked my own data too.

Cryptocurrency

Cryptocurrency Hacking InfoSec Data breaches

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

I'm Testifying in Front of Congress in Washington DC about Data Breaches - What Should I Say?

Troy Hunt

NOVEMBER 21, 2017

Obviously, the work I've been doing with Have I Been Pwned (HIBP) has given me a heap of insight into this specific area of infosec over the last 4 years and the folks from DC felt my views on things might be helpful. That was all great and I was happy to share my thoughts from the other side of the world.

Data breaches

Data breaches InfoSec Backups IoT

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

I was reminded of this by Phil Cracknell who posted on linkedin that in his opinion the Kevin Costner, Whitney Houston classic, Bodyguard was the best infosec movie. It’s why it’s important to have backups. Don’t believe me? Well read on. Contrast that to how he was at the beginning of the movie.

CISO

CISO InfoSec Banking Ransomware

Supply chain attacks are closing in on MSPs

Webroot

AUGUST 18, 2021

The infosec researcher Matt Tait, who spoke at this year’s Black Hat on the topic of supply chain attacks, called the Codecov compromise an instance of high-volume disruption based on indiscriminate targeting. Test your backup plan. The firm counts among its clients giants like IBM, Hewlett Packard and Atlassian.

InfoSec

InfoSec Backups Software Small Business

Ransomware gang hits 49ers’ network before Super Bowl kick off

Malwarebytes

FEBRUARY 14, 2022

infosec #cybersecurity #threatintel #cyber #NFL pic.twitter.com/tl7OWM2Aqf — CyberKnow (@Cyberknow20) February 12, 2022. Version two of BlackByte does not have this flaw, so the 49ers will likely have to rely on backups to recover its affected systems. Smart marketing tbh. A timely FBI advisory.

Ransomware

Ransomware Backups Encryption InfoSec

The State of Data Breaches, Part 2: The Trilogy of Players

Troy Hunt

JUNE 30, 2024

That's a high-level generalisation, of course, but whether it's exploiting software vulnerabilities, downloading exposed database backups or phishing admin credentials and then grabbing the data, it's all in the same realm of taking something that isn't theirs. And sometimes, they contact me.

Data breaches

Data breaches Government InfoSec Passwords

UK’s Secret Apple Backdoor Request, AI Chatbots Used For Stalking

Security Boulevard

FEBRUARY 16, 2025

In this episode, we discuss the UK governments demand for Apple to create a secret backdoor for accessing encrypted iCloud backups under the Investigatory Powers Act and its potential global implications on privacy.

Backups

Backups Encryption Government Technology

The SQL Server Crypto Detour

Security Boulevard

APRIL 8, 2025

A SQL Server database backup for a ManageEngines ADSelfService Plus product had been recovered and, while the team had walked through the database recovery, SQL Server database encryption was in use. We cross our fingers and look in our target database backup and we find ESKP. So what is this key: just a hardcoded value?

Encryption

Encryption Passwords Backups Engineering

Threat Modeling and Architecture

Adam Shostack

JANUARY 2, 2025

[no description provided] " Threat Modeling and Architecture " is the latest in a series at Infosec Insider. When a decision appears to be obvious to a broad group (Question: should we (or should we not) take backups of critical databases? First appeared on MISTI.com's Infosec Insider. Decision: Yes.)

Architecture

Architecture InfoSec Engineering Backups

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

The Security Ledger

OCTOBER 7, 2021

Related Stories Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson Spotlight: When Ransomware Comes Calling Spotlight: Is There A Cure For InfoSec’s Headcount Headache? The rise of ransomware makes regular on- and off site backups of key systems and data indispensable. Click the icon below to listen.

CISO

CISO InfoSec Ransomware Backups

Ransomware Gang Has Change of Heart, Gives Hospital Free Decryptor

SecureWorld News

JANUARY 4, 2023

The LockBit gang encrypted the hospital's data and demanded a ransom for the decryptor, but the hospital refused to pay and instead worked to restore its systems from backups. sickkids.ca @CBC @globeandmail #cybersecurity #infosec #LockBit @BleepinComputer @TheRecord_Media pic.twitter.com/5k54IkPUIX — Dominic Alvieri (@AlvieriD).

Ransomware

Ransomware Healthcare InfoSec Cybercrime

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM

Security Affairs

OCTOBER 9, 2022

Eskom_SA #cybersecurity #infosec pic.twitter.com/clUC6hKdSN — Dominic Alvieri (@AlvieriD) October 8, 2022. “Administration servers, Databases, backups, employee access to the administration of POS terminals and much more. Everest Ransom Team just posted a claim of a South African state owned electricity company.

Energy and Utilities

Energy and Utilities Ransomware InfoSec Hacking

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

The Security Ledger

OCTOBER 7, 2021

Related Stories Spotlight: When Ransomware Comes Calling Spotlight: Is There A Cure For InfoSec’s Headcount Headache? The rise of ransomware makes regular on- and off site backups of key systems and data indispensable. . Click the icon below to listen. Episode 226: The Cyber Consequences Of Our Throw Away Culture.

CISO

CISO InfoSec Ransomware Backups

Phishing Awareness Training: Best Providers 2020

Spinone

SEPTEMBER 8, 2020

Infosec Infosec offers more than 700 training resources to help your organization to prepare for phishing and other cyber threats. Infosec’s learning materials include videos and assessments that will help you to demonstrate phishing attacks and ways to avoid them to your colleagues.

Phishing

Phishing InfoSec Social Engineering Backups

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

This concealed their attack until the environment was encrypted and backups were sabotaged. Once the threat actor had access to the domain administrator account, they retrieved additional files relating to backups and key network infrastructure. Our investigation uncovered an NTDS.dit file on the attacker’s VM.

Social Engineering

Social Engineering Engineering Accountability Backups

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. For a variety of reasons, I will no longer be sharing these updates on Twitter.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

N-able Technology Alliance Program Primed for Growth into 2022

CyberSecurity Insiders

DECEMBER 29, 2021

The most recent TAP Tank in October, with a focus on cybersecurity, introduced new and growing relationships with several software, hardware, and services companies, including Blackpoint , Vonahi , Corent , Zeguro , Bandura Cyber , Armor and Infosec. View the N-able Technology Alliance Program (TAP) Overview for additional info.

Technology

Technology InfoSec Cybercrime Backups

Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022

McAfee

OCTOBER 31, 2021

In the past, fake social profiles were relatively easy to spot, however in the case of DPRK, the cybercriminals spent time to setting up a profile, get hooked up into the infosec scene, gain followers and connections through LinkedIn, making it more difficult than before to detect a fraudulent account. Techniques & Tactics.

Cybercrime

Cybercrime Government Malware Media

3 Essential Measures to Mitigate the Risk from Follina — A New Windows Zero-Day Actively Exploited in the Wild

CyberSecurity Insiders

JUNE 18, 2022

Last week the infosec community was hit with news about a new Windows 0-day vulnerability, Follina. A reliable and comprehensive backup and recovery strategy. Mike Walters, President and Co-founder of Action1. Although the vulnerability, tracked as CVE-2022-3019 , received a CVSS score of 7.8 Conclusion.

Risk

Risk Phishing InfoSec Antivirus

Taking a Proactive Approach to Mitigating Ransomware Part 1: You Can’t Neglect the Application Layer

Security Boulevard

DECEMBER 6, 2023

This growing threat has required organizations to shift from the reactive mindset of years past (think: backups, endpoint security) to a more proactive approach in hopes of avoiding costly business disruptions and recovery processes.

Ransomware

Ransomware Digital transformation InfoSec Risk

Unleashing the Power of a Security Data Lake

SecureWorld News

APRIL 3, 2023

For example, if a connection to a corporate system originates from an unfamiliar computer or remote location, InfoSec tools may block this operation. Support for various types of backups, including forever incremental hypervisor backups and the full synthetic mode of data storage. What is preventing the rapid adoption of SDL?

Unstructured Data

Unstructured Data Data collection Information Security Backups

Security in software development

Notice Bored

JULY 21, 2022

The customer is apparently seeking guidance on integrating infosec into the development process, which begs the question "Which development process?". Prompted by some valuable customer feedback earlier this week, I've been thinking about how best to update the SecAware policy template on software/systems development.

Software

Software Risk InfoSec Security Awareness

Domain of Thrones: Part I

Security Boulevard

OCTOBER 24, 2023

Execution Several native Windows binaries exist for generating backups of the Active Directory database and copying the deadlocked NTDS.dit file. Once the backup applications begin, a sequential process creation for VSSVC.exe (the Volume Snapshot Service) is executed by services.exe. password hashes) from Active Directory.

Backups

Backups Passwords Authentication Accountability

Can Code Signing Macros Help Your Company Thwart Ransomware Attacks? [Case Study]

Security Boulevard

NOVEMBER 8, 2022

This impact was amplified when the company decided to take down all the virtual servers infected by the ransomware and restore them from previous backups rather than comply with the attacker’s demands of a multimillion-dollar payoff.

Ransomware

Ransomware InfoSec Backups Architecture

Topic-specific policies 12/11: concluding the series

Notice Bored

NOVEMBER 4, 2021

Backup : there's more to information risk management than cyber! Aside from the governance, risk and compliance aspects, it's worth asking how the infosec policies will complement and support other controls - including those in related areas such as HR, ethics and IT. Information transfer : consider the business context for policies.

Information Security

Information Security Risk InfoSec Backups

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

This concealed their attack until the environment was encrypted and backups were sabotaged. Once the threat actor had access to the domain administrator account, they retrieved additional files relating to backups and key network infrastructure. Our investigation uncovered an NTDS.dit file on the attacker’s VM.

Social Engineering

Social Engineering Engineering Accountability Backups

CloudWizard APT: the bad magic story goes on

SecureList

MAY 19, 2023

Over the years, the infosec community has discovered multiple APTs operating in the Russo-Ukrainian conflict region – Gamaredon, CloudAtlas , BlackEnergy and many others. From the WmiPrvSE.exe process, it makes a backup of the VFS file, copying mods.lrc to mods.lrs.

Encryption

Encryption Malware Internet Internet

How Not to Pay the Ransom? No Soup For You, Ransomware!

Thales Cloud Protection & Licensing

AUGUST 11, 2021

Even the most critical damages caused by ransomware are repairable as long as you have a solid backup strategy. To use the funding in the best possible way, involve infosec experts so that they could suggest and implement a robust recovery method. The rule of thumb says that no demands set by ransomware must be satisfied.

Ransomware

Ransomware Insurance Encryption Cyber Insurance

Which Data Do Ransomware Attackers Target for Double Extortion?

Security Boulevard

NOVEMBER 23, 2021

Double extortion is one of the most prevalent ransomware tactics today. The attackers first exfiltrate sensitive information from their target before launching the ransomware encryption routine.

Ransomware

Ransomware Encryption Antivirus Backups

What happened in the Twitch Breach…

Security Boulevard

OCTOBER 12, 2021

You should also prepare for security incidents with regular security employee training and creating reliable backups for all important data. Dev-centric tools that integrate with your CI/CD, like ShiftLeft CORE, can be easily run daily or at each pull request, so that you can focus on releasing innovative software.

Social Engineering

Social Engineering Penetration Testing Authentication Engineering

Ransomware Attacks are Evolving: What You Need to Know

Security Boulevard

JUNE 14, 2021

One look at all the ransomware attacks from the past few years, and it’s clear that crypto-malware actors are attempting to maximize their financial gain. We’ve observed these threat groups using multiple techniques to profit even more off their victims than in years past. Here are a few tactics that stood out to us.

Ransomware

Ransomware Malware Antivirus Backups

Lab Walkthrough?—?The WannaCry Ransomware

Pentester Academy

FEBRUARY 23, 2023

Also, some important actions could save you from this type of advanced attack: Take a backup of all your data Install Antivirus Software & Firewalls Keep All Systems And Software Updated References 1. We must keep the Windows operating system fully updated and never download or execute doubtful/untrusted executables.

Ransomware

Ransomware Encryption Cryptocurrency Banking

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. However, I do keep thinking of that famous infosec quote from Futurama, season 4, episode 8: “When you do things right, people won't be sure you've done anything at all.” Vamosi: Another complication.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. However, I do keep thinking of that famous infosec quote from Futurama, season 4, episode 8: “When you do things right, people won't be sure you've done anything at all.” Vamosi: Another complication.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

He also talks about the future generation of hacking, what motivates young people today to think outside the box in a world where infosec is increasingly becoming vocational and expected. Is it the hospital, which should have had a power backup? They've been showing up at conferences, and in some infosec videos.

Hacking

Hacking Technology InfoSec Media

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. However, I do keep thinking of that famous infosec quote from Futurama, season 4, episode 8: “When you do things right, people won't be sure you've done anything at all.” Vamosi: Another complication.

Hacking

Hacking Mobile Software Technology

The Hacker Mind: Hacking Aerospace

ForAllSecure

MARCH 14, 2022

And so some of the things because of those work on nonprofit side, again, all all around the InfoSec community, but looking at these different villages, and if you remember to 2014 Around that time before that or so, car hacking was starting to be in the news, people were talking about it. That just made things difficult.

Hacking

Hacking Computers and Electronics Government Media

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. Many groups have come to realize that some companies have good backups, so they start by stealing a copy of the data for themselves at the beginning of the attack.

Ransomware

Ransomware Government Social Engineering Small Business

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

ForAllSecure

FEBRUARY 8, 2023

A lot of infosec’s knowledge is either tribal -- passed on from one person to another - or can be found in books. JANUSZKIEWICZ: Absolutely, in many different ways, of course, but one of the ways I was describing was through extracting the certificate, which we call actually a backup private key.

Software

Software Phishing Passwords Malware

Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations

DoublePulsar

DECEMBER 28, 2023

Three of the victims are cybersecurity vendors, and I suspect they may have access to another larger infosec vendor that they haven’t disclosed. Even Wordpress backups, as apparently people build CRMs on Wordpress nowadays (I’m old). They will do light recon on the network for things like backup systems.

Backups

Backups DDOS Accountability Hacking

How CIOs Can Protect Data Against Ransomware Attacks in 2022

Security Boulevard

OCTOBER 27, 2021

Teams will likely discover key gaps, namely that their backup solutions may be insufficient and can actually take a longer period of time to recover than what the business can tolerate. Configuring endpoint management enables infosec teams to protect their data from being accessed from anywhere (internal or external). Improve Your SOC.

Ransomware

Ransomware Backups Mobile InfoSec

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

She is an impressive force within the infosec world. Sometimes the decryption worked, sometimes it didn’t, creating headaches for system admins worldwide who didn’t have good backups in place. I mean if you can’t handle the details, then what do you think working in infosec is all about?

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

How Spoutible’s Leaky API Spurted out a Deluge of Personal Data

BSidesSF 2023 – Margaret Fero – Backup Plans For Your Backup Plans For Your Backup Plans

Webinars

Trending Sources

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Webinars

I'm Testifying in Front of Congress in Washington DC about Data Breaches - What Should I Say?

Why Predator is the ultimate CISO movie

Supply chain attacks are closing in on MSPs

Ransomware gang hits 49ers’ network before Super Bowl kick off

The State of Data Breaches, Part 2: The Trilogy of Players

UK’s Secret Apple Backdoor Request, AI Chatbots Used For Stalking

The SQL Server Crypto Detour

Threat Modeling and Architecture

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

Ransomware Gang Has Change of Heart, Gives Hospital Free Decryptor

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

Phishing Awareness Training: Best Providers 2020

Scattered Spider x RansomHub: A New Partnership

Happy 13th Birthday, KrebsOnSecurity!

N-able Technology Alliance Program Primed for Growth into 2022

Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022

3 Essential Measures to Mitigate the Risk from Follina — A New Windows Zero-Day Actively Exploited in the Wild

Taking a Proactive Approach to Mitigating Ransomware Part 1: You Can’t Neglect the Application Layer

Unleashing the Power of a Security Data Lake

Security in software development

Domain of Thrones: Part I

Can Code Signing Macros Help Your Company Thwart Ransomware Attacks? [Case Study]

Topic-specific policies 12/11: concluding the series

Scattered Spider x RansomHub: A New Partnership

CloudWizard APT: the bad magic story goes on

How Not to Pay the Ransom? No Soup For You, Ransomware!

Which Data Do Ransomware Attackers Target for Double Extortion?

What happened in the Twitch Breach…

Ransomware Attacks are Evolving: What You Need to Know

Lab Walkthrough?—?The WannaCry Ransomware

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Ethical Hacking

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind: Hacking Aerospace

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

The Hacker Mind Podcast: Gaining Persistence On Windows Boxes

Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations

How CIOs Can Protect Data Against Ransomware Attacks in 2022

The Hacker Mind Podcast: So You Want To Be A Pentester

Stay Connected