Tag Archive for: Acronis

Acronis Clarifies Hack Impact Following Data Leak

/in


Swiss data protection firm Acronis has clarified that a single customer’s account has been compromised after a hacker leaked gigabytes of information allegedly stolen from the company. 

A hacker announced on a popular cybercrime forum on Thursday that they were “leaking data of a cybersecurity company called Acronis”, claiming that they hacked the company because they were bored and wanted to humiliate them. 

The hacker is the same who recently offered to sell 160 Gb of data stolen from computer giant Acer. The company immediately confirmed that one of its document servers had been hacked, but said no customer data was stored on the compromised machine.

In the case of Acronis, the cybercriminal published a 12 Gb archive file allegedly containing certificate files, command logs, system configurations and information logs, filesystem archives, scripts, and backup configuration data.

Acronis hack
Acronis hack

Acronis offers backup, disaster recovery, antivirus, and endpoint protection management solutions. After the incident came to light, the company’s CISO, Kevin Reed, clarified in a post on LinkedIn that the leaked data appears to come entirely from a single customer’s account. 

“Based on our investigation so far, the credentials used by a single specific customer to upload diagnostic data to Acronis support have been compromised. We are working with that customer and have suspended account access as we resolve the issue. We also shared IOCs with our industry partners and work with law enforcement,” Reed said.

He added, “No other system or credential has been affected. There is no evidence of any other successful attack, nor there is any data in the leak that is not in the folder of that one customer. Our security team is obviously on high alert and the investigation continues.”

Acronis has also separately clarified that none of its products are impacted by the breach.

Related: 25k Nissan Customers Affected by Data Breach at Third-Party Software Developer

Related: Atlassian Investigating Security Breach After Hackers Leak Data

Related: 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder

Source…

5 email security tips you should know | #cybersecurity #cyberprotection

/in



Hammers sign Acronis as backup and security in one

/in


West Ham United Football Club is deploying Acronis Cyber Protect in a move that will see it replace a number of backup and security products and provide a single platform for backup, data protection, and file sync and share, including with third parties.

West Ham runs Nutanix hyperconverged nodes across several locations, including the London Stadium, academy and training ground sites, and community outreach projects. It also runs a number of HPE physical servers as domain controllers and for CCTV, for example.

Most day-to-day staff work is done on Microsoft Office 365, with accounting on Sage and Adobe graphics for marketing. Football analytics uses Catapult and Game-On video tracking.

Backup has mostly been done via Veeam, but there is also endpoint security from CrowdStrike and network security monitoring from Darktrace. Meanwhile, file sharing has been via Microsoft OneDrive.

The key limitation of the existing setup has been that managing security and data protection has been spread across this wide variety of products, said network security manager Lee Cummings.

“There are lots of systems to focus on and learn, and having everything on a platform that’s familiar, with increased control and the ability to manage and gather information, was attractive,” said Cummings.

“Having everything in one place fits with our ideas,” he added. “Veeam keeps everything together and has cloud options, but we also have endpoint security, file sync and share, etc.”

West Ham is currently implementing Acronis Cyber Protect, which integrates backup with anti-virus and cyber-protection, plus file sync and share functionality. Backup targets will be on-site and in the cloud, with the ability to spin up servers in the cloud if the need arises.

Cummings’ team also protects data on Nutanix via built-in snapshots. Critical data is snapshotted every 30 minutes, with less important data updated once an hour. Snapshots are retained for at least six months. A hoped-for benefit of moving to Acronis will be to lessen reliance on snapshots, said Cummings.

Because West Ham is currently in the process of deploying Acronis, Cummings is unable to talk about benefits…

Source…

The Acronis cyberthreats report 2022 reveals ongoing malware pandemic – Middle East & Gulf News

/in


Acronis, a global leader in cyber protection, recently released its annual Acronis Cyberthreats Report, the 2022 version, providing an in-depth review of cybersecurity trends and threats worldwide.

The report warns that managed service providers (MSPs) are particularly at risk, with more of their own management tools, such as PSA or RMM, used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks.

Supply-chain attacks on MSPs are particularly devastating since attackers gain access to both their business and clients, as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021.

The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked, as opposed to 32% last year.

Key trends of 2021 and predictions for 2022

Beyond the growing efficiency of cybercriminals and the impact on MSPs and small businesses, the Acronis Cyberthreats Report 2022 shows:

  • Phishing remains the main attack vector. 94% of malware gets delivered by email, using social engineering techniques to trick users into opening malicious attachments or links. just this year, Acronis reported blocking 23% more phishing emails and 40% more malware emails in Q3, as compared with Q2 of the same year.
  • Phishing actors develop new tricks, move to messengers. Now targeting OAuth and multifactor authentication tools (MFA), these new tricks allow criminals to take over accounts. To bypass common anti-phishing tools, they will use text messages, Slack, Teams chats and other tools for attacks such as business email compromise (BEC).
  • Ransomware is still the #1 threat. High-value targets include the public sector, healthcare, manufacturing, and other critical organizations. Ransomware continues to be one of the most profitable cyber attacks these days. Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
  • Cryptocurrency among the attackers’ favorite playing cards. Info stealers and malware that swaps digital wallet addresses are the reality today. We can expect more such attacks waged directly against smart contracts in 2022. Attacks against Web 3.0 apps will also occur more…

Source…