Backup
Japanese energy firm loses drive with data of 10.9 million clients
Kyushu Electric Power Co., Inc. has disclosed a physical security incident that affects private data of more than 10 million customers. In an official announcement, the company explains that the IT staff regularly performs backups to manage server storage. Due to capacity constraints, on April 27 an external storage device was used for the task. The drive […]
New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup servers. The vulnerability (tracked as CVE-2026-44963 and reported by WatchTowr security researcher Sina Kheirkhah) affects Veeam Backup & Replication (VBR) 12.3.2.4465 and all earlier version 12 builds, and […]
Microsoft confirms April Windows updates cause backup failures
Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. As GeekFeed reported last week, this issue affects software using VSS (Volume Shadow Copy Service) snapshots and causes failures due to a VSS service timeout. Software impacted by this includes, but is not limited to, products from Macrium (Reflect), Acronis (Cyber […]
April KB5083769 Windows 11 update causes backup software failures
The April 2026 KB5083769 security update breaks third-party backup applications from multiple vendors on systems running Windows 11 24H2 and 25H2. According to user reports, first spotted by Microsoft MVP Susan Bradley, this issue affects software using VSS (Volume Shadow Copy Service) snapshots and causes failures due to a VSS service timeout. Microsoft VSS was introduced in Windows […]
Veeam warns of critical flaws exposing backup servers to RCE attacks
Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. VBR is enterprise data backup and recovery software that helps IT administrators to create copies of critical data for quick restoration following cyberattacks and hardware failures. Three RCE security flaws patched today (tracked as CVE-2026-21666, CVE-2026-21667, […]
Microsoft 365 Backup to add file-level restore for faster recovery
Microsoft will soon begin rolling out a significant upgrade to Microsoft 365 Backup to speed up recovery by allowing administrators to restore individual files and folders. Microsoft 365 Backup is a SharePoint, OneDrive, and Exchange backup and restore service designed to protect against data loss from ransomware, accidental deletion, or data corruption. Until now, Microsoft 365 […]
Marquis sues SonicWall over backup breach that led to ransomware attack
Marquis Software Solutions has filed a lawsuit against SonicWall, accusing the cybersecurity company of gross negligence and misrepresentation that allegedly led to a ransomware attack disrupting operations at 74 U.S. banks. On August 14, 2025, hackers breached Marqui’s network in a ransomware attack after compromising a SonicWall firewall. The attacker stole files containing personal information received from business […]
INC ransomware opsec fail allowed data recovery for 12 US orgs
An operational security failure allowed researchers to recover data that the INC ransomware gang stole from a dozen U.S. organizations. A deep forensic examination of the artifacts left behind uncovered tooling that had not been used in the investigated attack, but exposed attacker infrastructure that stored data exfiltrated from multiple victims. The operation was conducted […]
Fake Lastpass emails pose as password vault backup alerts
LastPass is warning of a new phishing campaign disguised as a maintenance notification from the service, asking users to back up their vaults in the next 24 hours. The malicious emails include a link that allegedly takes users to a site where they can create an encrypted backup, where the attacker likely tries to hijack accounts or […]
New Veeam vulnerabilities expose backup servers to RCE attacks
Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability. Tracked as CVE-2025-59470, this RCE security flaw affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds. “This vulnerability allows a Backup or Tape Operator to perform remote code execution […]