Backups and Malware - Cyber Security Informer

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) impacting Veeam Backup & Replication (VBR).

Backups

Backups VPN Ransomware Authentication

Follow the 3-2-1 Rules of Data Backups

Adam Levin

MARCH 31, 2022

Backups are inherently fallible, and can fall prey to malware, ransomware, power surges, and hardware failure. The only way to make sure your data is truly secured is by having backups of your backups. Any backup strategy needs to keep worst-case scenarios in mind by using at least two different types of storage.

Backups

Backups Media Malware Internet

World Backup Day: Pledge to protect your digital life

Webroot

MARCH 12, 2025

Thats why March 31st is World Backup Day , serving as a reminder that the right backup strategy can save you the frustration, cost, and the heartache of losing information thats dear to you. Hard drives are a great way to backup, but these devices can and do suffer data loss. Hard drive failure: It happens!

Backups

Backups Encryption Antivirus Data preservation

New Linux Cryptomining Malware

Schneier on Security

SEPTEMBER 12, 2022

It’s pretty nasty : The malware was dubbed “ Shikitega ” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid detection. Bottom line: Shikitega is a nasty piece of code. Another article. Slashdot thread.

Malware

Malware Backups IoT Software

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. You are then guided to execute PowerShell code designed to “fix” the supposed problem, unwittingly allowing malware to infiltrate their systems.

Scams

Scams Malware Phishing Social Engineering

Another Malware with Persistence

Schneier on Security

MARCH 9, 2023

Here’s a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates. On Thursday, security firm Mandiant published a report that said threat actors with a suspected nexus to China were engaged in a campaign to maintain long-term persistence by running malware on unpatched SonicWall SMA appliances.

Malware

Malware Firmware Backups

Nastiest Malware 2024

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware

Malware Ransomware Passwords Healthcare

Ransomware groups target Veeam Backup & Replication bug

Security Affairs

JULY 15, 2024

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. impacts the Veeam Backup & Replication component. Once inside the network, the attacker created a user named “backup” and added it to the Administrator group to secure elevated privileges.

Backups

Backups Ransomware Antivirus DNS

Operation Triangulation: Zero-Click iPhone Malware

Schneier on Security

JUNE 9, 2023

Kaspersky is reporting a zero-click iOS exploit in the wild: Mobile device backups contain a partial copy of the filesystem, including some of the user data and service databases. The timestamps of the files, folders and the database records allow to roughly reconstruct the events happening to the device.

Malware

Malware Backups Mobile

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. re abruptly announced it was permanently closing after a cybersecurity breach allowed unknown intruders to trash its servers and delete customer data and backups.

Malware

Malware Cybercrime Internet Internet

Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks

Security Affairs

OCTOBER 11, 2024

Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. reads the advisory.

Backups

Backups Ransomware VPN Authentication

Ransomware: 8 Things That You Must Know

Joseph Steinberg

APRIL 6, 2021

Remember to keep backups disconnected from your computer and network so that if any ransomware (or other malware) gets onto the network it cannot infect the backups. Also, keep in mind that if you are unsure if you backup often enough, you probably do not.

Ransomware

Ransomware Computers and Electronics Backups Artificial Intelligence

Microsoft Patch Tuesday, August 2020 Edition

Krebs on Security

AUGUST 11, 2020

Yes, good people of the Windows world, it’s time once again to backup and patch up! A reliable backup means you’re less likely to pull your hair out when the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.

Backups

Backups Internet Internet Malware

Beware the Cyber Ghouls: Spooky Threats Lurking in Digital Shadows

SecureWorld News

OCTOBER 31, 2024

Vampire malware: draining systems dry This malware creeps in undetected, draining resources and stealing data in the dark. Like vampires, malware strains can operate quietly, leeching data or encrypting files without warning, making ransomware and spyware infections incredibly haunting.

IoT

IoT Phishing DDOS Backups

No company too small for Phobos ransomware gang, indictment reveals

Malwarebytes

DECEMBER 2, 2024

” How to protect your small business from ransomware As is true with all malware infections, the best defense to a ransomware attack is to never allow an attack to occur in the first place. Use always-on cybersecurity software that can prevent exploits and malware used to deliver ransomware. Create offsite, offline backups.

Ransomware

Ransomware Backups Small Business Malware

Android GravityRAT malware now steals your WhatsApp backups

Bleeping Computer

JUNE 15, 2023

A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices with a trojanized chat app named 'BingeChat,' which attempts to steal data from victims' devices. [.]

Backups

Backups Malware Mobile

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

With adversaries destroying backups to increase extortion payouts, recovery will grow harder and slower, emphasizing the need for stronger security controls and architecture. Complex DevSecOps, APIs, and cloud integrations will become leading attack vectors, while insider threats and accidental disclosures drive data leakage risks.

Cyber threats

Cyber threats CISO IoT Phishing

“Can you try a game I made?” Fake game sites lead to information stealers

Malwarebytes

JANUARY 3, 2025

The Nova Stealer and the Ageo Stealer are a Malware-as-a-Service (MaaS) stealer where criminals rent out the malware and the infrastructure to other criminals. Another campaign uses blogspot to host their malware. So they don’t have to check regularly for information, they will be alerted as soon as it gets in.

Scams

Scams Identity Theft Media Accountability

Veeam addressed critical Service Provider Console (VSPC) bug

Security Affairs

DECEMBER 4, 2024

Veeam Service Provider Console (VSPC) is a management and monitoring solution designed for service providers offering backup, disaster recovery, and cloud services. In November, researchers reported that a critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was exploited to deploy Frag ransomware.

Backups

Backups Ransomware Accountability Hacking

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

JUNE 2, 2020

Over the past 24 hours, the crooks responsible for spreading the ransom malware “REvil” (a.k.a. “Others have gotten the message about the need for good backups, and probably don’t need to pay. But maybe if the victim is seeing their data being actively bid on, they may be more inclined to pay the ransom.”

Ransomware

Ransomware Backups Encryption Internet

GUEST ESSAY: Best practices checklists each individual computer user still needs to follow

The Last Watchdog

MAY 9, 2022

The rise of attacks is unavoidable and with the everyday announcement of a new strain of malware, ransomware and now data wipers, consumers find themselves asking: where do I start? Backup checklist. Backup is essential in case of data loss caused by malware attacks or malfunctions. How do I do this?

Backups

Backups Firewall Software Mobile

Future-Proof Your WordPress Site: Essential Plugins for 2025

IT Security Guru

JANUARY 22, 2025

If you are looking to improve your cybersecurity, consider these plugins to build a more robust defence: Wordfence: A comprehensive security solution with a firewall, malware scanner, and login security features like two-factor authentication. Performance Website speed is critical for user experience and SEO.

Artificial Intelligence

Artificial Intelligence Backups Mobile Firewall

Why Paying to Delete Stolen Data is Bonkers

Krebs on Security

NOVEMBER 4, 2020

“Previously, when a victim of ransomware had adequate backups, they would just restore and go on with life; there was zero reason to even engage with the threat actor,” the report observes. Coveware says nearly half of all ransomware cases now include the threat to release exfiltrated data.

Ransomware

Ransomware Backups Data breaches Encryption

Microsoft Patch Tuesday, October 2020 Edition

Krebs on Security

OCTOBER 13, 2020

That means it’s once again time to backup and patch up. Eleven of the vulnerabilities earned Microsoft’s most-dire “critical” rating, which means bad guys or malware could use them to gain complete control over an unpatched system with little or no help from users. CVE-2020-16898 earned a CVSS Score of 9.8 (10

Backups

Backups Malware Engineering Hacking

Technical Report of the Bezos Phone Hack

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking

Hacking Backups Spyware Encryption

What makes a ransomware attack eight times as costly? Compromised backups

Graham Cluley

APRIL 4, 2024

New research has found that ransomware remediation costs can explode when backups have been compromised by malicious hackers - with overall recovery costs eight times higher than for those whose backups are not impacted. Read more in my article on th Exponential-e blog.

Backups

Backups Ransomware Data breaches Malware

Operation Triangulation: iOS devices targeted with previously unknown malware

SecureList

JUNE 1, 2023

Since it is impossible to inspect modern iOS devices from the inside, we created offline backups of the devices in question, inspected them using the Mobile Verification Toolkit’s mvt-ios and discovered traces of compromise. Install MVT Once the backup is ready, it has to be processed by the Mobile Verification Toolkit.

Malware

Malware Backups Mobile DNS

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

“This group is known for frequently changing malware and driving global trends in criminal malware distribution,” MITRE assessed. Tripwire’s tips for all organizations on avoiding ransomware attacks include: Making secure offsite backups. As noted in last year’s story Don’t Wanna Pay Ransom Gangs?

Healthcare

Healthcare Backups Ransomware Insurance

Attacks Aimed at Disrupting the Trickbot Botnet

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Ransomware

Ransomware Malware Healthcare Internet

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

‘Wormable’ Flaw Leads July Microsoft Patches

Krebs on Security

JULY 14, 2020

” “We consider this to be a wormable vulnerability, meaning that it has the potential to spread via malware between vulnerable computers without user interaction,” Microsoft wrote in its documentation of CVE-2020-1350. Thankfully, I was able to restore from a recent backup.

DNS

DNS Backups Software System Administration

Don’t Leave Your Digital Security to Chance: Get Norton 360

Tech Republic Security

AUGUST 29, 2024

Norton 360 Standard offers award-winning protection for your digital life — malware defense, cloud backup, and a VPN — for just $17.99 for a 15-month plan.

Backups

Backups VPN Malware Password Management

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The attack brought all 87,000 sensors offline, threat actors also wiped databases, backups, and email servers, a total of 30TB of data. The group also disrupted the central command-dispatcher and database.

Malware

Malware Firmware IoT Hacking

What to Do If and When Zoom Goes Down Again

Adam Levin

AUGUST 26, 2020

Online classes for some 25,000 students in Rialto, California were cancelled following a malware attack and still remain offline as of this writing while school administrators are left to figure out how to collect and inspect several thousand laptops. . Competing services such as Skype and Google Meet offer free versions.

Education

Education Backups Social Engineering Engineering

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020.

Ransomware

Ransomware Encryption Backups Manufacturing

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware

Malware Antivirus Software Passwords

A lightweight method to detect potential iOS malware

SecureList

JANUARY 16, 2024

Introduction In the ever-evolving landscape of mobile security, hunting for malware in the iOS ecosystem is akin to navigating a labyrinth with invisible walls. Imagine having a digital compass that not only guides you through this maze, but also reveals the hidden mechanisms of iOS malware previously shrouded in mystery.

Malware

Malware Mobile Backups Spyware

12 Online Resolutions for 2021

Adam Levin

DECEMBER 16, 2020

Here are 12 New Year Resolutions for a safer and more secure digital you in 2021: Think before you click that email link: 2020 was a record-breaking year for ransomware, malware, and phishing , and many, if not most of these attacks were launched with the click on a link in an email. That’s always the case when it comes to cybersecurity.

VPN

VPN Antivirus Passwords Backups

Microsoft Patch Tuesday, February 2020 Edition

Krebs on Security

FEBRUARY 11, 2020

A dozen of the vulnerabilities Microsoft patched today are rated “critical,” meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.

Backups

Backups Malware Internet Internet

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

This includes pivoting from or converting a single compromised Microsoft Windows user account to an administrator account with greater privileges on the target network; the ability to sidestep and/or disable any security software; and gaining the access needed to disrupt or corrupt any data backup systems the victim firm may have.

Cybercrime

Cybercrime VPN Malware Ransomware

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

The malware then disables default protections to prevent accidental encryption and uses the ‘-UsedSpaceOnly’ flag for faster encryption of only occupied disk space. Bitdefender observed an attack on a healthcare organization, where threat actors encrypted Windows 10, Windows 11, and Windows Server devices, including backups.

Ransomware

Ransomware Encryption Passwords Backups

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. Disable system recovery, backup and shadow copies and the Windows firewall. ” reported the website Nation Thailand.

Ransomware

Ransomware Encryption Backups Malware

Microsoft Patch Tuesday, March 2020 Edition

Krebs on Security

MARCH 10, 2020

If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs. Twenty-six of those earned Microsoft’s most-dire “critical” rating, meaning malware or miscreants could exploit them to gain complete, remote control over vulnerable computers without any help from users.

Backups

Backups Hacking Software Malware

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Follow the 3-2-1 Rules of Data Backups

Trending Sources

World Backup Day: Pledge to protect your digital life

New Linux Cryptomining Malware

Deceptive Google Meet Invites Lures Users Into Malware Scams

Another Malware with Persistence

Nastiest Malware 2024

Ransomware groups target Veeam Backup & Replication bug

Operation Triangulation: Zero-Click iPhone Malware

No SOCKS, No Shoes, No Malware Proxy Services!

Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks

Ransomware: 8 Things That You Must Know

Microsoft Patch Tuesday, August 2020 Edition

Beware the Cyber Ghouls: Spooky Threats Lurking in Digital Shadows

No company too small for Phobos ransomware gang, indictment reveals

Android GravityRAT malware now steals your WhatsApp backups

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

“Can you try a game I made?” Fake game sites lead to information stealers

Veeam addressed critical Service Provider Console (VSPC) bug

REvil Ransomware Gang Starts Auctioning Victim Data

GUEST ESSAY: Best practices checklists each individual computer user still needs to follow

Future-Proof Your WordPress Site: Essential Plugins for 2025

Why Paying to Delete Stolen Data is Bonkers

Microsoft Patch Tuesday, October 2020 Edition

Technical Report of the Bezos Phone Hack

What makes a ransomware attack eight times as costly? Compromised backups

Operation Triangulation: iOS devices targeted with previously unknown malware

New Ransom Payment Schemes Target Executives, Telemedicine

Attacks Aimed at Disrupting the Trickbot Botnet

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

‘Wormable’ Flaw Leads July Microsoft Patches

Don’t Leave Your Digital Security to Chance: Get Norton 360

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

What to Do If and When Zoom Goes Down Again

Researchers Quietly Cracked Zeppelin Ransomware Keys

How to Prevent Malware: 15 Best Practices for Malware Prevention

A lightweight method to detect potential iOS malware

12 Online Resolutions for 2021

Microsoft Patch Tuesday, February 2020 Edition

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Bitdefender released a decryptor for the ShrinkLocker ransomware

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Microsoft Patch Tuesday, March 2020 Edition

Stay Connected