Browse our collection of latest insights, essential new research, and practical tips.
Critical security vulnerability has been identified in IBM’s Backup, Recovery, and Media Services (BRMS), potentially exposing enterprise environments to privilege escalation attacks.
Threat actor #LongNight is selling remote code execution (RCE) access to Burger King’s backup system for $4,000—a serious risk, as backups often run with high privileges
Critical vulnerabilities in Brocade FOS (CVE-2025-1976) and Commvault (CVE-2025-3928) are actively exploited — putting core storage and backup systems at serious risk.
The breach was caused by a misconfigured AWS storage system managed by a third-party vendor, leaving personal and location data exposed online for months.
Personal data of 16,000 subscribers to major Australian newspapers was exposed through a third-party supplier’s misconfigured AWS S3 bucket.
In this whitepaper, we outline four best practices to help you set secure configuration baselines for your storage & backup systems.
CISA urges agencies to secure backups after a critical NAKIVO vulnerability was flagged as actively exploited, risking exposure of sensitive data, backups, and credentials.
Ghost ransomware group is attacking 70 countries, and the FBI and CISA recommend four immediate steps—including regular, isolated backups and patching vulnerabilities.
Let’s Secure Insurance’s Amazon storage bucket has been unsecured for two months, flagged by an indexing service and exploited by the ransomware group KillSec, which listed
In a survey we ran throughout May-August 2024, we compiled feedback from Storage, Backup, and IT Infrastructure leaders.
It was originally identified in August. Four months later, the backup is still misconfigured and exposing patient data. Some of this data goes back more than a decade.
Microsoft Azure–hosted storage bucket was accidentally configured to be public instead of private due to misconfiguration, revealing private keys and internal data.
The two vulnerabilities impact PowerFlex appliances, custom nodes, and InsightIQ. With a CVSS score of 10.0, this is a critical threat to system security.
The misconfigured storage bucket indicates that organizations don’t fully understand the shared-responsibility model between cloud providers and their customers.
The National Health Service (NHS) noted that enterprise backup applications are valuable targets for cyber threat groups. Veeam noted that unsupported product versions are not tested
After paying a ransom of $22 million, UnitedHealth had to perform a complete rebuild on its systems, even after decrypting files. Its backups weren’t sequestered with
With a significant increase in ransomware attacks on storage and backup systems, we interviewed 4 CISOs to get their perspectives of the new threats to storage & data protection systems, how adversaries abuse them, and steps other CISOs can take to strengthen their security posture.
The security defect allows threat actors to execute arbitrary code remotely due to the use of default passwords, which could have dire consequences for the victims.
Yet another new ransomware gang, EstateRansomware, is exploiting a Veeam vulnerability that was patched more than a year ago to drop file-encrypting malware, a LockBit variant,
In the ransomware attack on National Health Laboratory Service (NHLS), hackers deleted sections of their system, including backup servers, meaning they will have to rebuild many
In this guide, discover the most critical security requirements for storage & backup systems, learn who should care about the new ISO 27040, and find out
18 vulnerabilities were identified in Brocade storage appliances, including unauthenticated flaws allowing remote attackers to log in to vulnerable devices as root
According to a new study from Sophos, those whose backups are compromised will pay 98% of the demanded sum, on average.
The FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint CSA about Phobos Ransomware, which hunts for backups after the exfiltration phase. In 2024,
Sacramento law firm, Mastagni Holstedt, revealed that access credentials may have been compromised, and used to delete the firm’s backups and execute a ransomware attack. The
In recent weeks, threat actors have performed logins to NAS systems, by using administrator accounts through valid user credentials, exploiting vulnerabilities in the NAS systems, and
The release of ISO/IEC 27040:2024 provides an overview, analysis, and guidance for the security of storage & backup systems.
The Finish National Cybersecurity Center (NCSC-FI) detected increased Akira Ransomware activity, targeting companies’ network-attached storage (NAS), while wiping their backups. The agency says that the threat actor’s
In a news release on Dec. 12, Norton Healthcare said their investigation found the unauthorized access occurred to “certain network storage devices.” The storage devices were
Efforts to combat ransomware are a major focus for Audit teams. 54% of auditors have reviewed a ransomware attack response plan, and 51% have assessed backup
The global law firm confirmed it had experienced a cyber security incident, from hacking group Lockbit, which impacted a number of storage servers. Lockbit has been
DBS and Citibank experienced outages on October 14, 2023. Both banks immediately activated IT disaster recovery and business continuity plans. However, they encountered technical issues which
In the ransom note sent by Dark Angels, the ransomware group, it included the following details: “Files are encrypted. Backups are deleted”.
Hackers are exploiting two recent vulnerabilities on MinIO, an Amazon S3 cloud storage service, to breach object storage systems and access private information, execute arbitrary code, and potentially
A known ransomware gang – knows as Cuba – is exploiting a high-severity vulnerability in Veeam to deploy malware to their targets and steal login credentials.
Download this short infographic to discover 4 major reasons why you need to harden your storage & backups.
NoEscape is an emerging ransomware group that executes commands to delete shadow copies and system backups, to hinder recovery efforts, eliminating potential restoration options.
The US Cybersecurity and Infrastructure Security Agency (CISA) warns that a recently patched critical vulnerability CVE-2023-27992 affecting network-attached storage (NAS) products made by Zyxel has been
Attackers are successful in debilitating their victims’ ability to recover in 75% of those events, reinforcing the criticality of security posture management to ensure backup repositories
The assailants gained access to the Windows domain controllers, encrypting VMware ESXi servers and backups, causing a massive outage… Dish has since been slapped with multiple class-action lawsuits alleging their poor cybersecurity and IT infrastructure.
Federal authorities are warning the healthcare sector of a rise in cyberattacks against Veeam backup application. The attacks appear tied to exploitation of a high-severity vulnerability
The threat actors behind RTM Locker have developed a ransomware strain that’s capable of targeting Linux machines, infecting NAS and ESXi Hosts
The high-severity vulnerability was first published in March 2023. It enables an unauthenticated user who has accessed the Veeam backup network perimeter to get their hands
Newly discovered “By-Design” flaw in Microsoft Azure could expose storage accounts to Hackers
U.S. Cybersecurity and Infrastructure Security Agency (CISA) increased its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware.
The Play Ransomware group’s tool, called Grixba, checks for the presence of backup software. Another tool they created, called VSS Copying Tool, creates system snapshots and
The security breach appears to have been linked to ransomware, but so far, no major ransomware group has claimed responsibility for the attack.
Veeam this week announced patches for a severe vulnerability in its Backup & Replication solution. CVE-2023-27532 allows an unauthenticated user to request encrypted credentials
GoTo (formerly LogMeIn) is warning customers that threat actors stole encrypted backups containing customer information and an encryption key for a portion of that data. GoTo chief executive Paddy Srinivasan confirmed the security breach was far worse than originally reported.
Several threat actors were seen advertising the fully weaponized tool to exploit several critical and high-severity vulnerabilities affecting Veeam
Noberus ransomware affiliates Noberus (also known as BlackCat, ALPHV) are using data-stealing malware to steal passwords held by Veeam backup software. This is being used by the Colonial Pipeline ransomware group.
The storage solutions of HPE and NetApp are also affected by these vulnerabilities
Any attacker with control over the system can read, modify and potentially destroy the entire virtual backup tapes, which could be used as an initial stage
More than 1,000 QNAP devices have been infected with the Deadbolt ransomware in the last week
Storage solutions provider issued a warning to alert users of Deadbolt ransomware attacks targeting its NAS appliances. This is the second NAS devices firm targeted by
The security holes could be exploited to execute code remotely, without authentication.
Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.
Western Digital had updated its SanDisk SecureAccess product to address vulnerabilities that can be exploited to gain access to user data.
Cyber attackers are making a ‘beeline’ for backup servers to disable or corrupt files.
The ransomware gang is known to seek out and delete any backups, preventing them from being used by the victim to recover their data.
The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software.
Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage (NAS) devices.
You must secure the network, the endpoints, and the data. You also need to keep your storage units secure and updated.
“If you can’t access backup, you aren’t going to be able to restore files and you’re more likely to pay the ransom.”
Ransomware attacks are proving more lucrative for cyber criminals as even organizations that can restore from backups are paying ransom demands.
Don’t wait for a ransomware attack to expose backup flaws. These eight steps will put you on the path for reliable data restores.
The third edition of The 2025 Security Maturity of Storage & Data Protection Systems assessed 323 environments with 11,435 storage and backup devices from leading providers including Dell, NetApp, Rubrik, Cohesity, Veritas, Hitachi Vantara, Pure, IBM and others.
It’s time to automate the secure configuration of your storage & backup systems.
